hey @lain @lanodan any of you two could give a quick help with Pleroma and OAuth please?
I try to use Pleroma as a provider for oauth2-proxy but end a weird situation I don't understand
that's how I start oauth2-proxy:
oauth2-proxy --provider oidc \ --provider-display-name 'Udongein.xyz' \ --client-id 'thatstheclientid' \ --client-secret 'thatstheclientsecretdonotleak!' \ --skip-oidc-discovery=true \ --login-url 'https://udongein.xyz/oauth/authorize' \ --oidc-jwks-url 'https://udongein.xyz/oauth/token' \ --redeem-url 'https://udongein.xyz/oauth/token' \ --oidc-issuer-url 'https://udongein.xyz' \ --redirect-url 'https://secretprojecthehecat.udongein.xyz/' \ --cookie-secure=false \ --cookie-secret='asdfasdfasdfasdf' \ --email-domain=*The flow is /really/ weird, when I try to log-in I'm well redirect to Pleroma (attachment 1, URL as alt), but when I approve (authorize) I have an authentication error (attachment 2, URL as alt) and lose the state. Browser's network tab shows me 401 on authorize document.
apps according to Pleroma (DB)
pleroma=# select * from apps where client_id='thatstheclientid'; -[ RECORD 1 ]-+----------------------------------------------- id | 42 client_name | emojiquest redirect_uris | https://secretprojecthehecat.udongein.xyz/oauth/callback scopes | {read} website | client_id | thatstheclientid client_secret | thatstheclientsecretdonotleak inserted_at | 2023-12-18 18:15:13 updated_at | 2023-12-18 18:15:13 trusted | t user_id |my first assumption is the redirect uri being wrong, but I'm lost without insight
if you could help me it would be awesome (and I'll do my best to backport knowledge in documentation) :cirno_please:
076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.
All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.