argo-cd
argo-cd copied to clipboard
allow redirecturi configuration
Summary
Currently, it appears that redirectURI
in the dex connectors config is ignored and replaced with a default callback URL. Understandably, this behavior is useful for users as it generates the right callback URL in most cases without requiring any additional configuration.
We have a use case that requires us to configure this particular parameter and hope to change the behavior such that redirectURI
field is replaced only if the field is not specified in the configmap.
Motivation
When registering a new GIthub OAuth app, it requires a callback URL. This callback URL can be overridden by a redirect_uri
parameter with the POST request, subject to some restrictions of course. More info: https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/#redirect-urls
This allows us to register a single Github OAuth app with a more generic callback URL to manage multiple ArgoCD instances. For example, we can register a Github OAuth app with https://all-my-argocd-instances.com
, and specify redirect_uri
with a specific uri like this: https://all-my-argocd-instances.com/instance-A/api/dex/callback
. Of course, we will require some additional routing kung-fu on our side.
Proposal
We can simply check the Go map
for the existence of a redirectURI
key before trying to set the default dexRedirectURL
. I have verified it locally with a fork: https://github.com/argoproj/argo-cd/compare/master...sockmister:redirect-uri-cfg
In addition, the dex server should be updated to v2.24.0 which includes this PR: https://github.com/dexidp/dex/pull/1700
I have pretty much the same need, where I have multiple ArgoCD instances deployed and want to use them all with a single GitHub OAuth app.
Dear developers, do you have any updates?
I would be glad to see this change too.
Any movement on this one?
@sockmister : Is there any reason we can't do a PR with this change? I'm a n00b at this app.
https://github.com/argoproj/argo-cd/compare/master...sockmister:redirect-uri-cfg