Skip to content

refactor: generalize OIDC configuration and add documentation#5408

Open
soorya38 wants to merge 3 commits intolitmuschaos:masterfrom
soorya38:master
Open

refactor: generalize OIDC configuration and add documentation#5408
soorya38 wants to merge 3 commits intolitmuschaos:masterfrom
soorya38:master

Conversation

@soorya38
Copy link

@soorya38 soorya38 commented Jan 21, 2026
edited
Loading

This PR refactors the authentication configuration to use generic OIDC naming conventions, moving away from Dex-specific strict naming. This clarifies that Litmus supports any OIDC provider, not just Dex.

Key Changes:

  • Environment Variables: Renamed variables to be generic (e.g., DEX_ENABLEDOIDC_ENABLED, DEX_OAUTH_CLIENT_IDOAUTH_CLIENT_ID).
  • Endpoints: Renamed the callback endpoint from /auth/dex/callback to /auth/oauth2/callback.
  • Documentation: Added a new "OIDC Configuration" guide (experiments/concepts/IAM/oidc-configuration.md) explaining how to set up generic OIDC, with Dex provided as a concrete example.

Related issue: #5391

Types of changes

What types of changes does your code introduce to Litmus? Put an x in the boxes that apply

  • New feature (non-breaking change which adds functionality)
  • Bugfix (non-breaking change which fixes an issue)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation Update (if none of the other choices applies)

Checklist

Put an x in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.

  • I have read the CONTRIBUTING doc
  • I have signed the commit for DCO to be passed.
  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works (if appropriate)
  • I have added necessary documentation (if appropriate)

Dependency

  • Please add the links to the dependent PR need to be merged before this (if any).

Special notes for your reviewer:

BREAKING CHANGE: usage of DEX_* environment variables (e.g. DEX_ENABLED, DEX_OAUTH_CALLBACK_URL) has been replaced by generic OIDC_* and OAUTH_* variables. Users upgrading to this version will need to update their deployment manifests to match the new variable names.

@soorya38
Docs: Add Generic OIDC Configuration with Dex Example
cb715ee 
Signed-off-by: soorya38 <csasoorya@gmail.com>
@soorya38
refactor: generalize OIDC conventions and configuration
868f8bd 
Summary
The authentication system works great with any OIDC provider (we're using Keycloak), but the naming throughout the codebase is Dex-specific which is confusing.

Current Issues
- Callback endpoint: /auth/dex/callback - hardcoded with 'dex' in the path
- Environment variables: DEX_OAUTH_CALLBACK_URL, DEX_OAUTH_CLIENT_ID, DEX_OAUTH_CLIENT_SECRET, DEX_ENABLED
- Documentation: Focuses heavily on Dex setup rather than generic OIDC configuration

Changes
- Rename callback/login endpoint: /auth/dex/callback -> /auth/oauth2/callback
- Rename env variables:
  - DEX_ENABLED -> OIDC_ENABLED
  - DEX_OAUTH_CALLBACK_URL -> OAUTH_CALLBACK_URL
  - DEX_OAUTH_CLIENT_ID -> OAUTH_CLIENT_ID
  - DEX_OAUTH_CLIENT_SECRET -> OAUTH_CLIENT_SECRET
- Update docs to explain generic OIDC setup with Dex as one example

Signed-off-by: soorya38 <csasoorya@gmail.com>
@soorya38 soorya38 mentioned this pull request Jan 22, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@soorya38 @PriteshKiri