Is the OIDC Addon a kind of... "instant App Proxy" for packaging apps?
-
Description
How does the OIDC addon work?
(Is there a "packaging" tag? It seems no? So, I'm filing this question under "Support." Should be an easy one.)
Steps to reproduce
https://docs.cloudron.io/packaging/addons/#oidc
I could experiment, but I'd rather ask.
Does this add-on let me do the following:
- Package an app that is (at some level) insecure
- "Wrap" an OIDC/Cloudron login around it
- Choose where to go after authentication
In other words, is this "App Proxy" for arbitrary apps? Can I make it point at my local Cloudron instance, and get "magic" OAuth (with a redirect... to myself?) for an app that I'd rather not modify/extend to have OIDC?
The reason I ask is because I'd like to package something, but it 1) allows user creation in an unrestricted manner, and 2) I don't want to deal with it. I'd rather put it behind Cloudron's OIDC, and (as a first step), and once authenticated, bounce them through to the app. This would still require people to create a second account, but I can live with that. At least I'd know that I can restrict access using Cloudron's groups feature, and therefore get a reasonably secure app with minimal effort.
Logs
I haven't tried anything yet, so there are no logs.
However, another sentence or two in the
Addonssection of the docs for the OIDC add-on might be useful, so we know how it works/how to use it.Troubleshooting Already Performed
None. I looked at the docs, and it is not obvious from the docs what this add-on does.
System Details
I don't know that it matters, at the moment.
Generate Diagnostics Data
Tricorder malfunction.
Cloudron Version
8.x.2, I think. I forget the 'x'. 3?
Ubuntu Version
24.02.
Cloudron installation method
A long time ago, on an SSD far, far away...
Output of
cloudron-support --troubleshootN/A
