Make OAuth2 issuer configurable (#35915)

The new (correct) behavior breaks the old (incorrect) logins. Add a config option to support legacy "issuer". Fix #35830
2025-11-13 01:38:12 +00:00 · 2025-11-10 23:45:01 +08:00
parent 1c8c56503f
commit e31f224ad2
4 changed files with 35 additions and 13 deletions
--- a/modules/setting/oauth2.go
+++ b/modules/setting/oauth2.go
@@ -96,6 +96,7 @@ var OAuth2 = struct {
 	InvalidateRefreshTokens    bool
 	JWTSigningAlgorithm        string `ini:"JWT_SIGNING_ALGORITHM"`
 	JWTSigningPrivateKeyFile   string `ini:"JWT_SIGNING_PRIVATE_KEY_FILE"`
+	JWTClaimIssuer             string `ini:"JWT_CLAIM_ISSUER"`
 	MaxTokenLength             int
 	DefaultApplications        []string
 }{