On 2/8/25 06:42, Thomas Skinner wrote: > Continues work on adding an option to disable querying the userinfo endpoint > for an > OIDC provider. > > Changes since v2: > - Adjust verify_authorization_code in pve-rs to be backwards compatible > - Fix defaults in wrapper functions > > access-control: > > Thomas Skinner (1): > fix #4234: add library functions for openid optional userinfo request > > src/PVE/API2/OpenId.pm | 6 +++++- > src/PVE/Auth/OpenId.pm | 7 +++++++ > 2 files changed, 12 insertions(+), 1 deletion(-) > > > docs: > > Thomas Skinner (1): > fix #4234: add docs for openid optional userinfo request > > pveum.adoc | 8 ++++++++ > 1 file changed, 8 insertions(+) > > > manager: > > Thomas Skinner (1): > fix #4234: add GUI option for openid optional userinfo request > > www/manager6/dc/AuthEditOpenId.js | 9 +++++++++ > 1 file changed, 9 insertions(+) > > > perl-rs: > > Thomas Skinner (1): > fix #4234: openid: adjust openid verification function for userinfo > option > > pve-rs/src/openid/mod.rs | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > > proxmox-openid: > > Thomas Skinner (1): > fix #4234: openid: add library functions for optional userinfo > endpoint > > proxmox-openid/src/lib.rs | 30 +++++++++++++++++++++++++++++- > 1 file changed, 29 insertions(+), 1 deletion(-) > >
Thank you for the patch series! I've tested it with Authentik, and checked with tcpdump to see if the userinfo endpoint was queried. Works as I would expect. I had to manually apply the pve-rs patch since code was moved around since then. More information as reply to the patch itself. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
