Merge pull request #68 from heviat/oidc-remove-redirect-url-env

Remove OIDC_REDIRECT_URL
2025-10-29 17:22:20 +00:00 · 2025-04-04 15:57:56 +00:00
parent 27c49c1c57 b43600dfca
commit edd5fd7082
3 changed files with 1 additions and 6 deletions
--- a/README.md
+++ b/README.md
@@ -104,8 +104,6 @@ Here is a snippet for easy copy paste:
 OIDC_ENABLED=True
 # OpenID Connect provider configuration URL
 OIDC_PROVIDER_INFO_URL=https://<host>:<port>/auth/realms/.well-known/openid-configuration
 # OpenID redirect URL if HOSTNAME not matching your login url
 OIDC_REDIRECT_URL=https://mail.example.com
 # OpenID Connect Client ID for Mailu
 OIDC_CLIENT_ID=<CLIENT_ID>
 # OpenID Connect Client secret for Mailu
--- a/core/admin/mailu/configuration.py
+++ b/core/admin/mailu/configuration.py
@@ -57,7 +57,6 @@ DEFAULT_CONFIG = {
    'OIDC_VERIFY_SSL': True,
    'OIDC_CHANGE_PASSWORD_REDIRECT_ENABLED': True,
    'OIDC_CHANGE_PASSWORD_REDIRECT_URL': None,
    'OIDC_REDIRECT_URL': None,
    'OIDC_USERNAME_CLAIM': 'email',
    'OIDC_USER_DOMAIN': None,
    'OIDC_ENABLE_USER_CREATION': True,
--- a/core/admin/mailu/oidc.py
+++ b/core/admin/mailu/oidc.py
@@ -95,9 +95,7 @@ class OicClient:
        redirect_uri = flask.request.host_url + "sso/login"
-        if self.app.config["OIDC_REDIRECT_URL"]:
+        if flask.request.host not in self.allowed_hostnames:
            redirect_uri = self.app.config["OIDC_REDIRECT_URL"]
        elif flask.request.host not in self.allowed_hostnames:
            return None
        args = {