website/integrations: add offline_access scope to DokuWiki #10208
Conversation
Since 2024.2, authentik requires the offline_access scope to be enabled and requested in order for DokuWiki to request a refresh token. Signed-off-by: Peter Kuehne <pkuehne@users.noreply.github.com>
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
rissson
changed the title
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #10208 +/- ##
==========================================
+ Coverage 92.61% 92.63% +0.01%
==========================================
Files 714 714
Lines 35011 35011
==========================================
+ Hits 32426 32432 +6
+ Misses 2585 2579 -6
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
| @@ -60,6 +60,9 @@ In authentik, under _Providers_, create an _OAuth2/OpenID Provider_ with these s | |||
|
|
|||
| Note the _client ID_ and _client secret_, then save the provider. If you need to retrieve these values, you can do so by editing the provider. | |||
|
|
|||
| You will need to include the _offline access_ scope both in authentik and DokuWiki to allow Dokuwiki to use refersh tokens. Otherwise you will need to | |||
There was a problem hiding this comment.
suggested rewrite: "To prevent users from needing to log in again as soon as the access token expires, include the offline access scope in both authentik and DokuWiki. This scope allows Dokuwiki to use refresh tokens."
Also I think there is a line break between lines 63 and 64...?
There was a problem hiding this comment.
I've rewritten it as suggested and remove the line break. 👍
There was a problem hiding this comment.
Hi @pkuehne can you run make website and then push again, so that prettier gets run? The build is failing on that check. Or let us know if you have and it is still failing... thanks!
There was a problem hiding this comment.
Hi @tanberry, I ran it again on my branch, but it succeeded and there is nothing to push.
There was a problem hiding this comment.
This was probably caused due to the branch being created when the CI was failing on main. I've updated the branch, and it should be good to go.
Signed-off-by: Peter Kuehne <pkuehne@users.noreply.github.com>
* main: (179 commits) website/integrations: add offline_access scope to DokuWiki (#10208) api: use custom json renderer for speed (#9977) core: bump github.com/sethvargo/go-envconfig from 1.0.3 to 1.1.0 (#10405) core: bump goauthentik.io/api/v3 from 3.2024060.5 to 3.2024060.6 (#10404) web: bump glob from 10.4.2 to 10.4.3 in /web (#10407) web: bump @swc/core from 1.6.7 to 1.6.13 in /web/sfe (#10408) core: bump ruff from 0.5.0 to 0.5.1 (#10390) web: bump @swc/cli from 0.3.14 to 0.4.0 in /web/sfe (#10394) core: bump certifi from 2024.2.2 to 2024.7.4 (#10398) web: bump @swc/core from 1.6.6 to 1.6.7 in /web/sfe (#10395) web: bump @sentry/browser from 8.14.0 to 8.15.0 in /web in the sentry group across 1 directory (#10388) website/integrations: aws: cleanup (#10355) web: bump API Client version (#10389) web/flows: Simplified flow executor (#10296) website/docs: sources: ldap: remove extra example (#10387) website/docs: add new content from old PR #9524 (#10158) stages/authenticator_validate: fix friendly_name being required (#10382) core: bump go api client (#10383) web: bump API Client version (#10381) outposts: make refresh interval configurable (#10138) ...
* main: core: fix source flow_manager not resuming flow when linking (#10436) ci: fix PR comment k8s snippet (#10433) web/admin: fix access token list calling wrong API (#10434) providers/proxy: bump go-oidc to v3 (#10432) website: bump braces from 3.0.2 to 3.0.3 in /website (#10431) core: bump zipp from 3.18.1 to 3.19.1 (#10425) web: bump country-flag-icons from 1.5.12 to 1.5.13 in /web (#10427) core: bump google-api-python-client from 2.136.0 to 2.137.0 (#10428) core: bump django from 5.0.6 to 5.0.7 (#10420) web: bump rollup from 4.18.0 to 4.18.1 in /web/sfe (#10418) web: bump glob from 10.4.3 to 11.0.0 in /web (#10417) core: bump django-storages from 1.14.3 to 1.14.4 (#10412) core: bump scim2-filter-parser from 0.5.1 to 0.6.0 (#10413) core: bump sentry-sdk from 2.7.1 to 2.8.0 (#10414) web: bump the rollup group across 1 directory with 3 updates (#10416) core: fix migrations missing using db_alias (#10409) website/integrations: add offline_access scope to DokuWiki (#10208)
Since 2024.2, authentik requires the offline_access scope to be enabled and requested in order for DokuWiki to request a refresh token.
Details
Documentation Update Only
With the current guidance on the Integrations page for DokuWiki, authentik won't issue refresh tokens to the application. This results in a) DokuWiki warning about this after every login b) a need to re-authenticate as soon as the access token expires
By adding the offline access scope to the authentik and DokuWiki configurations, DokuWiki can request tokens in the background, allowing you to remain logged in. I would imagine this is what most users would want.
Checklist
ak test authentik/)make lint-fix)If an API change has been made
make gen-build)If changes to the frontend have been made
make web)If applicable
make website)