fix: oidc roll use pkce

roll-social-network · May 30, 2024 · bb2889b · bb2889b
1 parent 2637415
commit bb2889b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/playbook/templates/config/psono/settings.yaml b/playbook/templates/config/psono/settings.yaml
@@ -38,6 +38,8 @@ OIDC_CONFIGURATIONS:
     OIDC_RP_SIGN_ALGO: 'RS256'
     OIDC_RP_CLIENT_ID: '{{ passwords_oidc_rp_client_id }}'
     OIDC_RP_CLIENT_SECRET: '{{ passwords_oidc_rp_client_secret }}'
+    OIDC_RP_SCOPES: 'openid'
+    OIDC_RP_USE_PKCE: True
     OIDC_OP_JWKS_ENDPOINT: https://{{ roll_subdomain_base }}/oauth2/.well-known/jwks.json
     OIDC_OP_AUTHORIZATION_ENDPOINT: https://{{ roll_subdomain_base }}/oauth2/authorize/
     OIDC_OP_TOKEN_ENDPOINT: https://{{ roll_subdomain_base }}/oauth2/token/