feat(openid_connect): Allow non-standard .well-known/ URL

pennersr · Nov 7, 2024 · 3f7bc46 · 3f7bc46
1 parent 393f5b2
commit 3f7bc46
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 6 deletions.
diff --git a/ChangeLog.rst b/ChangeLog.rst
@@ -7,6 +7,8 @@ Note worthy changes
 - OIDC: You can now configure whether or not PKCE is enabled per app by
   including ``"oauth_pkce_enabled": True`` in the app settings.
 
+- The OpenStreetMap provider is deprecated. You can set it up as an OpenID Connect provider instead.
+
 
 Fixes
 -----

diff --git a/allauth/socialaccount/providers/openid_connect/provider.py b/allauth/socialaccount/providers/openid_connect/provider.py
@@ -30,7 +30,7 @@ def server_url(self):
 
     def wk_server_url(self, url):
         well_known_uri = "/.well-known/openid-configuration"
-        if not url.endswith(well_known_uri):
+        if "/.well-known/" not in url:
             url += well_known_uri
         return url
 

diff --git a/docs/socialaccount/providers/openstreetmap.rst b/docs/socialaccount/providers/openstreetmap.rst
@@ -1,11 +1,34 @@
 OpenStreetMap
 -------------
 
-Register your client application under `My Settings`/`oauth settings`:
+The builtin OpenStreetMap provider is using the now deprecated OAuth 1.0
+protocol.  You can no longer create OAuth 1.0 clients, meaning this provider is
+there for legacy reasons only.
 
-    https://www.openstreetmap.org/user/{Display Name}/oauth_clients
+In order to make use of the new OSM OAuth 2.0 protocol, you can simply configure an OpenID Connect app.
 
-In this page you will get your key and secret
+First, register your client application here: https://www.openstreetmap.org/oauth2/applications
 
-For more information:
-OpenStreetMap OAuth documentation: https://wiki.openstreetmap.org/wiki/OAuth
+Then, configure the settings (or, setup a ``SocialApp``) using the client ID/secret you received while registering the application:
+
+.. code-block:: python
+
+  SOCIALACCOUNT_PROVIDERS = {
+    "openid_connect": {
+        "APPS": [
+            {
+                "provider_id": "openstreetmap",
+                "name": "OpenStreetMap",
+                "client_id": "<insert-id>",
+                "secret": "<insert-secret>",
+                "settings": {
+                    "server_url": "https://www.openstreetmap.org/.well-known/oauth-authorization-server",
+                    "scope": ["openid", "read_prefs"],
+                },
+            },
+        ]
+    },
+  },
+
+
+For more information, consult the OpenStreetMap OAuth documentation: https://wiki.openstreetmap.org/wiki/OAuth