Add more logging and better error messages for openid authentication + clarify docs

2021-05-16 13:23:10 +02:00
parent d695681a0e
commit b76ad8efe2
4 changed files with 52 additions and 11 deletions
--- a/config.yml.sample
+++ b/config.yml.sample
@ -262,10 +262,12 @@ auth:
    enabled: true
  # OpenID configuration will allow users to authenticate through a third-party OpenID Connect compatible provider.<br/>
  # The provider needs to support the `openid`, `profile` and `email` scopes.<br/>
-  # **Note:** The frontend expects to be redirected after authentication by the third party
+  # **Note:** Some openid providers (like gitlab) only make the email of the user available through openid claims if they have set it to be publicly visible.
+  # If the email is not public in those cases, authenticating will fail.
+  # **Note 2:** The frontend expects to be redirected after authentication by the third party
  # to <frontend-url>/auth/openid/<auth key>. Please make sure to configure the redirect url with your third party
  # auth service accordingy if you're using the default vikunja frontend.
-  # Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/master/config.yml.sample) for more information about how to configure openid authentication.
+  # Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/main/config.yml.sample) for more information about how to configure openid authentication.
  openid:
    # Enable or disable OpenID Connect authentication
    enabled: false