Add Discord as a default upstream oauth2 provider, Add missing token_endpoint_auth_method field in Github sample config (#4310)

sandhose · web-flow · commit a4ab2ef1a1c1 · 2025-04-06T19:32:19.000+02:00
diff --git a/crates/config/src/sections/upstream_oauth2.rs b/crates/config/src/sections/upstream_oauth2.rs
@@ -432,6 +432,7 @@ pub struct Provider {
     ///  - `github`
     ///  - `gitlab`
     ///  - `twitter`
+    ///  - `discord`
     #[serde(skip_serializing_if = "Option::is_none")]
     pub brand_name: Option<String>,
 
diff --git a/docs/config.schema.json b/docs/config.schema.json
@@ -1945,7 +1945,7 @@
           "type": "string"
         },
         "brand_name": {
-          "description": "A brand identifier used to customise the UI, e.g. `apple`, `google`, `github`, etc.\n\nValues supported by the default template are:\n\n- `apple` - `google` - `facebook` - `github` - `gitlab` - `twitter`",
+          "description": "A brand identifier used to customise the UI, e.g. `apple`, `google`, `github`, etc.\n\nValues supported by the default template are:\n\n- `apple` - `google` - `facebook` - `github` - `gitlab` - `twitter` - `discord`",
           "type": "string"
         },
         "client_id": {
diff --git a/docs/setup/sso.md b/docs/setup/sso.md
@@ -339,6 +339,7 @@ upstream_oauth2:
       human_name: Google
       brand_name: "google"
       issuer: "https://accounts.google.com"
+      token_endpoint_auth_method: "client_secret_post"
       client_id: "<client-id>" # TO BE FILLED
       client_secret: "<client-secret>" # TO BE FILLED
       scope: "openid profile email"
@@ -451,6 +452,40 @@ upstream_oauth2:
           template: "{{ user.preferred_username }}"
 ```
 
+### Discord
+
+1. Create a new application in the Discord Developer Portal (see [documentation](https://discord.com/developers/applications))
+2. Add the following "Redirect URI" in the OAuth2 tab under settings: `https://<auth-service-domain>/upstream/callback/<id>`
+
+Authentication service configuration:
+
+```yaml
+upstream_oauth2:
+  providers:
+    - id: 01JQK7DK6VFH62NMW4HS9RKD3R
+      human_name: Discord
+      brand_name: "discord"
+      token_endpoint_auth_method: "client_secret_post"
+      issuer: "https://discord.com"
+      client_id: "<client-id>" # TO BE FILLED
+      client_secret: "<client-secret>" # TO BE FILLED
+      fetch_userinfo: true
+      userinfo_endpoint: "https://discord.com/api/users/@me"
+      scope: "openid identify email"
+      claims_imports:
+        localpart:
+          action: suggest
+          template: "{{ user.username }}"
+        displayname:
+          action: suggest
+          template: "{{ user.global_name }}"
+        email:
+          action: suggest
+          template: "{{ user.email }}"
+        account_name:
+          template: "{{ user.username }}"
+```
+
 
 ### Rauthy
 
diff --git a/templates/components/idp_brand.html b/templates/components/idp_brand.html
@@ -47,5 +47,7 @@
         <svg class="{{ class }}" xmlns="http://www.w3.org/2000/svg" width="24" height="28" viewBox="0 0 24 28" fill="none">
             <path d="M20.9144 8.1816C20.7752 8.2896 18.3176 9.6744 18.3176 12.7536C18.3176 16.3152 21.4448 17.5752 21.5384 17.6064C21.524 17.6832 21.0416 19.332 19.8896 21.012C18.8624 22.4904 17.7896 23.9664 16.1576 23.9664C14.5256 23.9664 14.1056 23.0184 12.2216 23.0184C10.3856 23.0184 9.7328 23.9976 8.24 23.9976C6.7472 23.9976 5.7056 22.6296 4.508 20.9496C3.1208 18.9768 2 15.912 2 13.0032C2 8.3376 5.0336 5.8632 8.0192 5.8632C9.6056 5.8632 10.928 6.9048 11.924 6.9048C12.872 6.9048 14.3504 5.8008 16.1552 5.8008C16.8392 5.8008 19.2968 5.8632 20.9144 8.1816ZM15.2984 3.8256C16.0448 2.94 16.5728 1.7112 16.5728 0.4824C16.5728 0.312 16.5584 0.1392 16.5272 0C15.3128 0.0456 13.868 0.8088 12.9968 1.8192C12.3128 2.5968 11.6744 3.8256 11.6744 5.0712C11.6744 5.2584 11.7056 5.4456 11.72 5.5056C11.7968 5.52 11.9216 5.5368 12.0464 5.5368C13.136 5.5368 14.5064 4.8072 15.2984 3.8256Z" fill="currentColor"/>
         </svg>
+    {% elif brand == "discord" %}
+        <svg class="{{ class }}" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M19.27 5.33C17.94 4.71 16.5 4.26 15 4a.1.1 0 0 0-.07.03c-.18.33-.39.76-.53 1.09a16.1 16.1 0 0 0-4.8 0c-.14-.34-.35-.76-.54-1.09c-.01-.02-.04-.03-.07-.03c-1.5.26-2.93.71-4.27 1.33c-.01 0-.02.01-.03.02c-2.72 4.07-3.47 8.03-3.1 11.95c0 .02.01.04.03.05c1.8 1.32 3.53 2.12 5.24 2.65c.03.01.06 0 .07-.02c.4-.55.76-1.13 1.07-1.74c.02-.04 0-.08-.04-.09c-.57-.22-1.11-.48-1.64-.78c-.04-.02-.04-.08-.01-.11c.11-.08.22-.17.33-.25c.02-.02.05-.02.07-.01c3.44 1.57 7.15 1.57 10.55 0c.02-.01.05-.01.07.01c.11.09.22.17.33.26c.04.03.04.09-.01.11c-.52.31-1.07.56-1.64.78c-.04.01-.05.06-.04.09c.32.61.68 1.19 1.07 1.74c.03.01.06.02.09.01c1.72-.53 3.45-1.33 5.25-2.65c.02-.01.03-.03.03-.05c.44-4.53-.73-8.46-3.1-11.95c-.01-.01-.02-.02-.04-.02M8.52 14.91c-1.03 0-1.89-.95-1.89-2.12s.84-2.12 1.89-2.12c1.06 0 1.9.96 1.89 2.12c0 1.17-.84 2.12-1.89 2.12m6.97 0c-1.03 0-1.89-.95-1.89-2.12s.84-2.12 1.89-2.12c1.06 0 1.9.96 1.89 2.12c0 1.17-.83 2.12-1.89 2.12"/></svg>
     {% endif %}
 {% endmacro %}
