Confusing default OIDC issuer setting
Concerned version
Version: %2.0
Summary
One of the regular install process steps is a big sed
that replaces example.com
by the target domain across all config files.
Yet, when enabling the OIDC issuer, the default URL is still auth.example.com
, requiring manual configuration in the manager before OIDC flows can work.
I think this is needlessly complicated and error-prone.
Are there any situations in which the issuer is NOT the same url as the portal? Especially considering the way routes are configured in 2.0 ?
Possible fixes
I have made the necessary changes so that oidcServiceMetaDataIssuer
no longer has a default value. The OIDC issuer code now falls back to the portal URL in the presence of an empty value for this parameter.
Going farther, maybe we could remove this parameter entirely?