From 2dbefdbfb8906b44e9102cbe365371d49c983b2a Mon Sep 17 00:00:00 2001 From: Silvino Escalona Date: Tue, 1 Dec 2020 12:35:29 -0400 Subject: [PATCH 1/2] Allow multiple redirect urls --- src/IdentityServerConfig.cs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/IdentityServerConfig.cs b/src/IdentityServerConfig.cs index a127b61..fec35aa 100644 --- a/src/IdentityServerConfig.cs +++ b/src/IdentityServerConfig.cs @@ -1,4 +1,6 @@ -using System.Collections.Generic; +using System; +using System.Collections.Generic; +using System.Linq; using IdentityServer4; using IdentityServer4.Models; @@ -20,7 +22,7 @@ namespace SteamOpenIdConnectProvider }, // where to redirect to after login - RedirectUris = { redirectUri }, + RedirectUris = redirectUri.Split(",").Select(x => x.Trim()).ToArray(), // where to redirect to after logout PostLogoutRedirectUris = { logoutRedirectUri }, From b109b12e6213ac98447ed9e3a01ca8b3e38dc27f Mon Sep 17 00:00:00 2001 From: Silvino Escalona Date: Tue, 1 Dec 2020 12:40:36 -0400 Subject: [PATCH 2/2] Update Readme --- README.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 278d817..1ff8d74 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,13 @@ # Steam OpenId Connect Provider + Steam OpenID 2.0 -> OpenID Connect Provider Proxy ## About -This server allows you to use Steam as an OpenID Connect Identity provider (OIDC IDP). This way you can use Steam logins in KeyCloak or any other OpenID Connect based authentication client. + +This server allows you to use Steam as an OpenID Connect Identity provider (OIDC IDP). This way you can use Steam logins in KeyCloak or any other OpenID Connect based authentication client. ## Setup + Add your Steam API Key as user-secrets like this: `dotnet user-secrets set "Authentication:Steam:ApplicationKey" "MySteamApiKey"` @@ -14,19 +17,26 @@ Alternatively you can set it up via environment variables: After that set up your redirect URI, ClientID and ClientSecret in the appsettings.json. +If you need to set up multiple redirect URIs, you can set them separated by a comma. +`OpenID__RedirectUri="http://localhost:8080/auth/realms/master/broker/steam/endpoint, http://localhost:8080/auth/realms/dev/broker/steam/endpoint"` + ## OpenID Configuration + You can access Authorization and Token endpoint details in `http:///.well-known/openid-configuration` ## Supported Scopes + The following scopes are supported: `openid`, `profile`. If you use the `profile` scope, you get access to the `picture`, `given_name`, `website` and `nickname` claims too. ## HTTPS Support + This server does not support https connections. If you want to use https connections please use a reverse proxy like nginx. ## Running behind reverse proxies + Some reverse proxy setups might require additional configuration, like setting the path base or origin. To set the origin, set `Hosting:PublicOrigin` in the appsettings.json or the `Hosting__PublicOrigin` environment variable to your desired origin. If not set, the origin name is inferred from the request. @@ -34,20 +44,24 @@ To set the origin, set `Hosting:PublicOrigin` in the appsettings.json or the `Ho Similary, you can use the `Hosting:PathBase` in the appsettings.json or the `Hosting__PathBase` environment variable to set the path base. If not set, it will default to "/". ## Health checks + This service contains a health check endpoint at `/health`. It checks if the Steam login servers are working. ## Docker + [A docker image](https://hub.docker.com/r/imperialplugins/steam-openid-connect-provider) is also available. ``` docker run -it \ -e OpenID__RedirectUri=http://localhost:8080/auth/realms/master/broker/steam/endpoint \ - -e OpenID__ClientID=steamidp \ + -e OpenID__ClientID=steamidp \ -e OpenID__ClientSecret=mysecret \ -e Authentication__Steam__ApplicationKey=MySteamApiKey \ --restart unless-stopped \ --name steamidp \ imperialplugins/steam-openid-connect-provider ``` + ## License + [MIT](https://github.com/ImperialPlugins/steam-openid-connect-provider/blob/master/LICENSE)