diff --git a/app/lib/omniauth_tenant_setup.rb b/app/lib/omniauth_tenant_setup.rb index 4a37ae359..cb5ff3ff7 100644 --- a/app/lib/omniauth_tenant_setup.rb +++ b/app/lib/omniauth_tenant_setup.rb @@ -61,15 +61,13 @@ module OmniauthTenantSetup end def oidc_auth(env, client_id, client_secret, issuer, redirect_uri) - unless Tenant.default? - strategy = env["omniauth.strategy"] + strategy = env["omniauth.strategy"] - strategy.options[:issuer] = issuer if issuer.present? - strategy.options[:client_options] ||= {} - strategy.options[:client_options][:identifier] = client_id if client_id.present? - strategy.options[:client_options][:secret] = client_secret if client_secret.present? - strategy.options[:client_options][:redirect_uri] = redirect_uri if redirect_uri.present? - end + strategy.options[:issuer] = issuer if issuer.present? + strategy.options[:client_options] ||= {} + strategy.options[:client_options][:identifier] = client_id if client_id.present? + strategy.options[:client_options][:secret] = client_secret if client_secret.present? + strategy.options[:client_options][:redirect_uri] = redirect_uri if redirect_uri.present? end def secrets diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 44ff33b03..00de7c52c 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -300,14 +300,8 @@ Devise.setup do |config| name: :oidc, scope: [:openid, :email, :profile], response_type: :code, - issuer: Rails.application.secrets.oidc_issuer, discovery: true, client_auth_method: :basic, - client_options: { - identifier: Rails.application.secrets.oidc_client_id, - secret: Rails.application.secrets.oidc_client_secret, - redirect_uri: Rails.application.secrets.oidc_redirect_uri - }, setup: ->(env) { OmniauthTenantSetup.oidc(env) } # ==> Warden configuration