From 7249b2ec9a3bc8c0a181d41b3de036e65d7ea87f Mon Sep 17 00:00:00 2001
From: Tom Teichler <tom.teichler@teckids.org>
Date: Fri, 11 Feb 2022 17:26:34 +0100
Subject: [PATCH] Serve wellknown under root

---
 CHANGELOG.rst            | 5 +++++
 aleksis/core/settings.py | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index cecbf7f2b..dc5a3275c 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -14,6 +14,11 @@ Changed
 
 * Added a `Retry` button to the server error page
 
+Fixed
+~~~~~
+
+* Serve OAuth discovery information under root of domain
+
 `2.7.4`_ - 2022-02-09
 ---------------------
 
diff --git a/aleksis/core/settings.py b/aleksis/core/settings.py
index 087762de8..ce99ff32c 100644
--- a/aleksis/core/settings.py
+++ b/aleksis/core/settings.py
@@ -408,6 +408,10 @@ elif _OIDC_RSA_KEY:
     with open(_OIDC_RSA_KEY, "r") as f:
         OAUTH2_PROVIDER["OIDC_RSA_PRIVATE_KEY"] = f.read()
 
+OAUTH2_PROVIDER["OIDC_ISS_ENDPOINT"] = _settings.get(
+    "http.base_url", "http://localhost:8000" if DEBUG else f"https://{ALLOWED_HOSTS[0]}"
+)
+
 # Configuration for REST framework
 REST_FRAMEWORK = {
     "DEFAULT_AUTHENTICATION_CLASSES": [
-- 
GitLab