vibesdk icon indicating copy to clipboard operation
vibesdk copied to clipboard
Published 2 months ago verified publisher icon cloudflare

Feature Request: Configurable Custom OAuth Providers

Open andrii-bodnar opened this issue 6 months ago • 1 comments

Currently, adding new OAuth providers (beyond Google and GitHub) requires code modifications in multiple files. This limits extensibility and makes it difficult for users to integrate with their preferred OAuth providers without forking the codebase.

Proposed Solution

Add support for configurable custom OAuth providers through environment variables, allowing users to add providers like Microsoft, Discord, LinkedIn, etc. without code changes.

Suggested Implementation

Environment Variable Schema

For example:

# Custom OAuth Provider Configuration
CUSTOM_OAUTH_PROVIDER_NAME="microsoft"
CUSTOM_OAUTH_PROVIDER_DISPLAY_NAME="Microsoft"
CUSTOM_OAUTH_PROVIDER_CLIENT_ID="your-client-id"
CUSTOM_OAUTH_PROVIDER_CLIENT_SECRET="your-client-secret"
CUSTOM_OAUTH_PROVIDER_AUTH_URL="https://login.microsoftonline.com/common/oauth2/v2.0/authorize"
CUSTOM_OAUTH_PROVIDER_TOKEN_URL="https://login.microsoftonline.com/common/oauth2/v2.0/token"
CUSTOM_OAUTH_PROVIDER_USER_INFO_URL="https://graph.microsoft.com/v1.0/me"
CUSTOM_OAUTH_PROVIDER_SCOPES="openid,profile,email"
CUSTOM_OAUTH_PROVIDER_USER_ID_FIELD="id"
CUSTOM_OAUTH_PROVIDER_EMAIL_FIELD="mail"
CUSTOM_OAUTH_PROVIDER_NAME_FIELD="displayName"
CUSTOM_OAUTH_PROVIDER_AVATAR_FIELD="photo"

# Support multiple providers with _2, _3, etc.

Perhaps this is not the best approach. For most companies, I guess it would be sufficient to have the option to configure one custom provider. And then limit authorizations only through this provider.

Expected Behavior

  1. Dynamic Provider Registration: Automatically detect and register custom providers from environment variables
  2. Frontend Integration: Custom providers appear in the login UI alongside Google/GitHub
  3. Standard OAuth Flow: Use existing OAuth infrastructure with configurable endpoints

Benefits

  • ✅ No code modification required for new providers
  • ✅ Maintains existing security features (PKCE, CSRF protection)
  • ✅ Backward compatible with current Google/GitHub implementation
  • ✅ Easy deployment and configuration management

Alternative Approaches

  • Configuration file (JSON/YAML) instead of environment variables
  • Admin UI for OAuth provider management
  • Plugin system for OAuth providers

andrii-bodnar avatar Sep 29 '25 14:09 andrii-bodnar

Interesting. There are no plans for admin ui in the platform itself - wouldn't recommend that being on the same worker for security. But a plugin system or config based system definitely makes sense. Let me pick this up next week. Thanks for raising the issue!

AshishKumar4 avatar Oct 02 '25 14:10 AshishKumar4