From 2aecc892fc05f6fe8548155828a27dd5d929297b Mon Sep 17 00:00:00 2001 From: Huabing Zhao Date: Wed, 13 Mar 2024 13:59:21 +0800 Subject: [PATCH] Fix oidc doc (#2905) fix oidc doc Signed-off-by: huabing zhao --- site/content/en/latest/user/security/oidc.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/site/content/en/latest/user/security/oidc.md b/site/content/en/latest/user/security/oidc.md index 259dbbb1d6c..392650640e7 100644 --- a/site/content/en/latest/user/security/oidc.md +++ b/site/content/en/latest/user/security/oidc.md @@ -65,7 +65,7 @@ providers, including Auth0, Azure AD, Keycloak, Okta, OneLogin, Salesforce, UAA, Follow the steps in the [Google OIDC documentation][google-oidc] to register an OIDC application. Please make sure the redirect URL is set to the one you configured in the SecurityPolicy that you will create in the step below. In this example, -the redirect URL is `http://www.example.com:8080/oauth2/myapp/callback`. +the redirect URL is `http://www.example.com:8080/myapp/oauth2/callback`. After registering the application, you should have the following information: * Client ID: The client ID of the OIDC application. @@ -87,7 +87,7 @@ secret "my-app-client-secret" created Please notice that the `redirectURL` and `logoutPath` must match the target HTTPRoute. In this example, the target HTTPRoute is configured to match the host `www.example.com` and the path `/myapp`, so the `redirectURL` must be prefixed -with `https://www.example.com/myapp`, and `logoutPath` must be prefixed with`/myapp`, otherwise the OIDC authentication +with `http://www.example.com:8080/myapp`, and `logoutPath` must be prefixed with`/myapp`, otherwise the OIDC authentication will fail because the redirect and logout requests will not match the target HTTPRoute and therefore can't be processed by the OAuth2 filter on that HTTPRoute. @@ -110,7 +110,7 @@ spec: clientID: "${CLIENT_ID}" clientSecret: name: "my-app-client-secret" - redirectURL: "http://www.example.com:8080/oauth2/myapp/callback" + redirectURL: "http://www.example.com:8080/myapp/oauth2/callback" logoutPath: "/myapp/logout" EOF ```