Gitea as oauth2 client app

Install/Maintain/Configure
1

Hello everybody
I’m searching through this discourse forum to use Gitea as client application for another oauth2 provider.

This oauth2 provider is a forum app already in use (IPB) and I’d like to allow some users (is IPB allows selecting by groups) to post an issue on Gitea without having to create a new account, which they probably won’t. (They are not tech savvy)

My researches only gave me questions to using it as oauth provider or using Google/Facebook, or questions only and no answers yet, documentation only talks about gitea as provider too https://docs.gitea.io/en-us/oauth2-provider/

Do you have any links to help me ?

2

To clarify, you’d like to be able to login to Gitea using your forum? If yes, then this may be possible. If your forum can act as an OIDC provider, you can create that as an “authentication source” in Gitea. If your forum doesn’t support that, then you can set up Gitea to login with Google/Facebook/Twitter/Github, and many more places.

3

Hello, thank you for your answer

Yes this is what I’d like, using IPB as Oauth2 provider. I didn’t find a documentation explaining configuration on the Gitea side, only doc using it as a provider:
https://docs.gitea.io/en-us/config-cheat-sheet/#oauth2-oauth2
https://docs.gitea.io/en-us/search/?s=oauth2

Do you have any links that could help me ? Thanks !

4

In the administration of your gitea instance, you can configure several sources of authentication : https://gitea.example.org/admin/auths
When you add a new one (https://gitea.example.org/admin/auths/new), you can choose the source type : LDAP, SMTP, etc… and OAuth2.
The others settings are quite easy to understand and enter, and examples are given at the bottom of the page, but there is a closed list of providers, and if you want to use something that is not google/facebook/twitter/…, you need a OpenID server. You could try that one.

Maybe, an other option could be created by gitea dev to open that list to “custom” oauth2 providers. (as for myself, I use my own nextcloud as an oauth provider for all my web projects)

5

Thank you !
I’ll try OpenID server, I’m not sure IPB does OpenID with Oauth2 but it’s worth the try. Custom server should be an option :slight_smile:

Should I open an issue on github to ask for custom oauth app ?

6

If “OpenID” does not work, it could be a good idea, yes :slight_smile:

7

Hi
I’m updating this topic since I managed to try something
In fact, documentation in IPB as Gitea doesn’t explain very much…

In Gitea, to add an oauth2 provider other than the major ones you have to make it in command line

With this https://docs.gitea.io/en-us/command-line/ I tried: gitea add-oauth --name invision-powerboard --provider the-ipb-forum-url --key XXXX --secret XXXX
I now have the “connect with” boutton (without any image or text, I would like to know where it looks for it) and a 500 error when I click on it

Is there a more detailed doc about this ? Did someone managed to make it work ?

Thanks !

8

We use https://github.com/markbates/goth as the oauth2 client, which doesn’t support IPB. You’ll need to create a ticket (or better yet a PR) there first, and then once merged we can support it with Gitea.

9

Thanks for your answer
I won’t be able to make a PR sadly, I’ll try a ticket and hope someone will be interested in solving it

1 Like