diff --git a/deployments/examples/ocis_keycloak/config/keycloak/clients/desktop_client.json b/deployments/examples/ocis_keycloak/config/keycloak/clients/desktop_client.json index c95ff515de..85ead93549 100644 --- a/deployments/examples/ocis_keycloak/config/keycloak/clients/desktop_client.json +++ b/deployments/examples/ocis_keycloak/config/keycloak/clients/desktop_client.json @@ -7,6 +7,7 @@ "clientAuthenticatorType": "client-secret", "secret" : "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh", "redirectUris": [ + "http://127.0.0.1:*", "http://localhost:*" ], "webOrigins": [], diff --git a/deployments/examples/ocis_keycloak/config/keycloak/ocis-realm.dist.json b/deployments/examples/ocis_keycloak/config/keycloak/ocis-realm.dist.json index 3433a7dcf3..afd7c5ecf6 100644 --- a/deployments/examples/ocis_keycloak/config/keycloak/ocis-realm.dist.json +++ b/deployments/examples/ocis_keycloak/config/keycloak/ocis-realm.dist.json @@ -846,7 +846,7 @@ "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "secret" : "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh", - "redirectUris" : [ "http://localhost:*" ], + "redirectUris" : [ "http://127.0.0.1:*", "http://localhost:*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, diff --git a/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml b/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml index 2d82f34079..94483ae611 100644 --- a/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml +++ b/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml @@ -33,17 +33,22 @@ clients: - id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69 secret: UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh + name: ownCloud desktop app application_type: native - insecure: true + redirect_uris: + - http://127.0.0.1 + - http://localhost - id: e4rAsNUSIUs0lF4nbv9FmCeUkTlV9GdgTLDH1b5uie7syb90SzEVrbN7HIpmWJeD secret: dInFYGV33xKzhbRmpqQltYNdfLdJIfJ9L5ISoKhNoT9qZftpdWSP71VrpGR9pmoD + name: ownCloud Android app application_type: native redirect_uris: - oc://android.owncloud.com - id: mxd5OQDk6es5LzOzRvidJNfXLUZS2oN3oUFeXPP8LpPrhx3UroJFduGEYIBOxkY1 secret: KFeFWWEZO9TkisIQzR3fo7hfiMXlOpaqP8CFuTbSHzV1TUuGECglPxpiVKJfOXIx + name: ownCloud iOS app application_type: native redirect_uris: - oc://ios.owncloud.com diff --git a/idp/assets/identifier-registration.yaml b/idp/assets/identifier-registration.yaml index 009cdbdae1..82deaa0441 100644 --- a/idp/assets/identifier-registration.yaml +++ b/idp/assets/identifier-registration.yaml @@ -21,7 +21,9 @@ clients: secret: UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh name: ownCloud desktop app application_type: native - insecure: true + redirect_uris: + - http://127.0.0.1 + - http://localhost - id: e4rAsNUSIUs0lF4nbv9FmCeUkTlV9GdgTLDH1b5uie7syb90SzEVrbN7HIpmWJeD secret: dInFYGV33xKzhbRmpqQltYNdfLdJIfJ9L5ISoKhNoT9qZftpdWSP71VrpGR9pmoD diff --git a/idp/pkg/flagset/flagset.go b/idp/pkg/flagset/flagset.go index aea12c4fe6..c9205a7fcd 100644 --- a/idp/pkg/flagset/flagset.go +++ b/idp/pkg/flagset/flagset.go @@ -384,7 +384,7 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag { Name: "allow-dynamic-client-registration", Usage: "Allow dynamic OAuth2 client registration", EnvVars: []string{"IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION"}, - Value: flags.OverrideDefaultBool(cfg.IDP.AllowDynamicClientRegistration, true), + Value: flags.OverrideDefaultBool(cfg.IDP.AllowDynamicClientRegistration, false), Destination: &cfg.IDP.AllowDynamicClientRegistration, }, &cli.BoolFlag{