Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(@jitsu/console): add generic OIDC provider SSO #1152

Merged
merged 12 commits into from
Dec 18, 2024

Conversation

pedroyremolo
Copy link
Contributor

@pedroyremolo pedroyremolo commented Dec 10, 2024

This PR includes the possibility of including a generic OIDC-based SSO on the console in addition to the current Github OAuth. Hence, it provides a more generic way to connect to a provider and delegate multi-user authentication via the AUTH_OIDC_PROVIDER.

Why?

Although Github OAuth does its job with a simple configuration, it lacks the capacity to provide an enterprise case delegation for authorization and authentication management like tools like Auth0 and Keycloak, for instance, which might work as a proxy for other providers while also providing features like RBAC.

How?

Through the AUTH_OIDC_PROVIDER environment variable, the jitsu self-hosted admin can pass a JSON object containing at least a valid issuer, clientId, and clientSecret of a provider compliant with the OIDC Discovery spec that provides a /.well-known/openid-configuration endpoint.

The implementation relies on a custom provider implementation of NextAuth.js, while being careful to provide profile that can fill the jitsu UserProfile schema definition and related tables.

Examples

Auth0

Env Config

AUTH_OIDC_PROVIDER='{"issuer":"https://{yourDomain}.us.auth0.com/","clientId":"valid_client_id","clientSecret":"valid_client_secret"}'

Demo

Gravacao.de.Tela.2024-12-10.as.04.10.58.mov

Keycloak

Env Config

AUTH_OIDC_PROVIDER='{"issuer":"http://localhost:8080/realms/dev_realm","clientId":"dev_client","clientSecret":"9bvQ9hgVxekDMfMmCdK8dds3ef4097HX"}'

@pedroyremolo pedroyremolo marked this pull request as ready for review December 10, 2024 07:14
@pedroyremolo pedroyremolo changed the title feat: add generic OIDC provider feat(@jitsu/console): add generic OIDC provider SSO Dec 13, 2024
@absorbb absorbb self-requested a review December 18, 2024 08:58
@absorbb absorbb merged commit 34420de into jitsucom:newjitsu Dec 18, 2024
1 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants