Uploaded image for project: 'Couchbase Documentation'
  1. Couchbase Documentation
  2. DOC-6567

Sync Gateway will not support querying OpenID Provider configuration from non-standard discovery endpoints since Hydrogen due to OIDC library upgrade

    XMLWordPrintable

Details

    Description

      Prior to Hydrogen, the OIDC library "go-oidc v2.0.0" was used in Sync Gateway to support authentication using OpenID Connect authentication protocol and Sync Gateway does support querying OpenID Provider configuration from non-standard discovery endpoints. But a number of compatibility issues have been identified that are related to this ODIC library. We are in the process mitigating these issues and upgrading the OIDC library to latest version "go-oidc v2.2.1" which internally uses native oauth2 library. The latest OIDC library doesn't have any way to specify non-standard discovery endpoints and hence Sync Gateway will not support querying OpenID Provider configuration from non-standard discovery endpoints since Hydrogen.

      Non-standard Discovery Endpoint: As per the OpenID Discovery specification, OpenID Providers supporting Discovery MUST make a JSON document available at the path formed by concatenating the string /.well-known/openid-configuration to the Issuer. A non-standard discovery endpoint is an OpenID Connect discovery endpoint with the path not obtainable by concatenating the string /.well-known/openid-configuration to the Issuer.

      Attachments

        Issue Links

          Activity

            People

              Ian.bridge Ian Bridge
              sarath.kumarsivan Sarath Kumar Sivan (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                PagerDuty