diff --git a/src/domain/login/CompleteOIDCLoginViewModel.js b/src/domain/login/CompleteOIDCLoginViewModel.js index a544939a..a42fafce 100644 --- a/src/domain/login/CompleteOIDCLoginViewModel.js +++ b/src/domain/login/CompleteOIDCLoginViewModel.js @@ -63,6 +63,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel { const oidcApi = new OidcApi({ issuer, + clientConfigs: this.platform.config.oidc.clientConfigs, clientId, request: this._request, encoding: this._encoding, diff --git a/src/matrix/Client.js b/src/matrix/Client.js index dd2d5f64..8c1503e0 100644 --- a/src/matrix/Client.js +++ b/src/matrix/Client.js @@ -135,6 +135,7 @@ export class Client { try { const oidcApi = new OidcApi({ issuer, + clientConfigs: this._platform.config.oidc.clientConfigs, request: this._platform.request, encoding: this._platform.encoding, crypto: this._platform.crypto, @@ -265,6 +266,7 @@ export class Client { if (sessionInfo.oidcIssuer) { const oidcApi = new OidcApi({ issuer: sessionInfo.oidcIssuer, + clientConfigs: this._platform.config.oidc.clientConfigs, clientId: sessionInfo.oidcClientId, request: this._platform.request, encoding: this._platform.encoding, @@ -487,6 +489,7 @@ export class Client { await hsApi.logout({log}).response(); const oidcApi = new OidcApi({ issuer: sessionInfo.oidcIssuer, + clientConfigs: this._platform.config.oidc.clientConfigs, clientId: sessionInfo.oidcClientId, request: this._platform.request, encoding: this._platform.encoding, diff --git a/src/matrix/net/OidcApi.ts b/src/matrix/net/OidcApi.ts index d18014ca..b1e196b0 100644 --- a/src/matrix/net/OidcApi.ts +++ b/src/matrix/net/OidcApi.ts @@ -58,17 +58,12 @@ type IssuerUri = string; interface ClientConfig { client_id: string; client_secret?: string; + uris: string[], } -// These are statically configured OIDC client IDs for particular issuers: -const clientIds: Record = { - "https://id.thirdroom.io/realms/thirdroom/": { - client_id: "thirdroom" - }, -}; - export class OidcApi { _issuer: string; + _clientConfigs: Record; _requestFn: RequestFunction; _encoding: any; _crypto: any; @@ -76,8 +71,9 @@ export class OidcApi { _metadataPromise: Promise; _registrationPromise: Promise; - constructor({ issuer, request, encoding, crypto, urlCreator, clientId }) { + constructor({ issuer, request, encoding, crypto, urlCreator, clientId, clientConfigs }) { this._issuer = issuer; + this._clientConfigs = clientConfigs; this._requestFn = request; this._encoding = encoding; this._crypto = crypto; @@ -121,8 +117,8 @@ export class OidcApi { // use static client if available const authority = `${this.issuer}${this.issuer.endsWith('/') ? '' : '/'}`; - if (clientIds[authority]) { - return clientIds[authority]; + if (this._clientConfigs[authority] && this._clientConfigs[authority].uris.includes(this._urlCreator.absoluteAppUrl())) { + return this._clientConfigs[authority]; } const headers = new Map(); diff --git a/src/platform/web/assets/config.json b/src/platform/web/assets/config.json index fd46fcbc..5d6da7fb 100644 --- a/src/platform/web/assets/config.json +++ b/src/platform/web/assets/config.json @@ -5,5 +5,13 @@ "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" }, "defaultHomeServer": "matrix.org", - "bugReportEndpointUrl": "https://element.io/bugreports/submit" + "bugReportEndpointUrl": "https://element.io/bugreports/submit", + "oidc": { + "clientConfigs": { + "https://id.thirdroom.io/realms/thirdroom/": { + "client_id": "thirdroom", + "uris": ["http:localhost:3000", "https://thirdroom.io"] + } + } + } }