diff --git a/api/apps/auth/README.md b/api/apps/auth/README.md index 8edab999f82..37df4e83919 100644 --- a/api/apps/auth/README.md +++ b/api/apps/auth/README.md @@ -37,7 +37,7 @@ github_config = { "type": "github" "client_id": "your_client_id", "client_secret": "your_client_secret", - "redirect_uri": "https://your-app.com/v1/user/oauth/callback/" + "redirect_uri": "https://your-app.com/api/v1/auth/oauth//callback" } # Get client instance diff --git a/conf/service_conf.yaml b/conf/service_conf.yaml index d024f1719c0..62023e0c1ca 100644 --- a/conf/service_conf.yaml +++ b/conf/service_conf.yaml @@ -116,21 +116,21 @@ user_default_llm: # authorization_url: "https://your-oauth-provider.com/oauth/authorize" # token_url: "https://your-oauth-provider.com/oauth/token" # userinfo_url: "https://your-oauth-provider.com/oauth/userinfo" -# redirect_uri: "https://your-app.com/v1/user/oauth/callback/oauth2" +# redirect_uri: "https://your-app.com/api/v1/auth/oauth/oauth2/callback" # oidc: # display_name: "OIDC" # client_id: "your_client_id" # client_secret: "your_client_secret" # issuer: "https://your-oauth-provider.com/oidc" # scope: "openid email profile" -# redirect_uri: "https://your-app.com/v1/user/oauth/callback/oidc" +# redirect_uri: "https://your-app.com/api/v1/auth/oauth/oidc/callback" # github: # type: "github" # icon: "github" # display_name: "Github" # client_id: "your_client_id" # client_secret: "your_client_secret" -# redirect_uri: "https://your-app.com/v1/user/oauth/callback/github" +# redirect_uri: "https://your-app.com/api/v1/auth/oauth/github/callback" # authentication: # client: # switch: false diff --git a/docker/README.md b/docker/README.md index 8479b599791..ed31dabc0ef 100644 --- a/docker/README.md +++ b/docker/README.md @@ -180,7 +180,7 @@ The [.env](./.env) file contains important environment variables for Docker. - `userinfo_url`: URL for obtaining user information (username, email, etc.). - `issuer`: Base URL of the identity provider. OIDC clients can dynamically obtain the identity provider's metadata (`authorization_url`, `token_url`, `userinfo_url`) through `issuer`. - `scope`: Requested permission scope, a space-separated string. For example, `openid profile email`. - - `redirect_uri`: Required, URI to which the authorization server redirects during the authentication flow to return results. Must match the callback URI registered with the authentication server. Format: `https://your-app.com/v1/user/oauth/callback/`. For local configuration, you can directly use `http://127.0.0.1:80/v1/user/oauth/callback/`. + - `redirect_uri`: Required, URI to which the authorization server redirects during the authentication flow to return results. Must match the callback URI registered with the authentication server. Format: `https://your-app.com/api/v1/auth/oauth//callback`. For local configuration, you can directly use `http://127.0.0.1:80/api/v1/auth/oauth//callback`. - `user_default_llm` The default LLM to use for a new RAGFlow user. It is disabled by default. To enable this feature, uncomment the corresponding lines in **service_conf.yaml.template**. @@ -268,4 +268,4 @@ If you already have SSL certificates from another provider: 1. Place your certificates in a directory accessible to Docker 2. Update the volume paths in `docker-compose.yml` to point to your certificate files 3. Ensure the certificate file contains the full certificate chain -4. Follow steps 4-5 from the Let's Encrypt guide above \ No newline at end of file +4. Follow steps 4-5 from the Let's Encrypt guide above diff --git a/docker/service_conf.yaml.template b/docker/service_conf.yaml.template index a06e71f9e7f..b7b48ec0ba0 100644 --- a/docker/service_conf.yaml.template +++ b/docker/service_conf.yaml.template @@ -128,21 +128,21 @@ user_default_llm: # authorization_url: "https://your-oauth-provider.com/oauth/authorize" # token_url: "https://your-oauth-provider.com/oauth/token" # userinfo_url: "https://your-oauth-provider.com/oauth/userinfo" -# redirect_uri: "https://your-app.com/v1/user/oauth/callback/oauth2" +# redirect_uri: "https://your-app.com/api/v1/auth/oauth/oauth2/callback" # oidc: # display_name: "OIDC" # client_id: "your_client_id" # client_secret: "your_client_secret" # issuer: "https://your-oauth-provider.com/oidc" # scope: "openid email profile" -# redirect_uri: "https://your-app.com/v1/user/oauth/callback/oidc" +# redirect_uri: "https://your-app.com/api/v1/auth/oauth/oidc/callback" # github: # type: "github" # icon: "github" # display_name: "Github" # client_id: "your_client_id" # client_secret: "your_client_secret" -# redirect_uri: "https://your-app.com/v1/user/oauth/callback/github" +# redirect_uri: "https://your-app.com/api/v1/auth/oauth/github/callback" # authentication: # client: # switch: false diff --git a/docs/administrator/configurations/configurations.md b/docs/administrator/configurations/configurations.md index 4d17d6c8d93..e6ce6c04b06 100644 --- a/docs/administrator/configurations/configurations.md +++ b/docs/administrator/configurations/configurations.md @@ -214,7 +214,7 @@ The OAuth configuration for signing up or signing in to RAGFlow using a third-pa - `userinfo_url`: URL for obtaining user information (username, email, etc.). - `issuer`: Base URL of the identity provider. OIDC clients can dynamically obtain the identity provider's metadata (`authorization_url`, `token_url`, `userinfo_url`) through `issuer`. - `scope`: Requested permission scope, a space-separated string. For example, `openid profile email`. - - `redirect_uri`: Required, URI to which the authorization server redirects during the authentication flow to return results. Must match the callback URI registered with the authentication server. Format: `https://your-app.com/v1/user/oauth/callback/`. For local configuration, you can directly use `http://127.0.0.1:80/v1/user/oauth/callback/`. + - `redirect_uri`: Required, URI to which the authorization server redirects during the authentication flow to return results. Must match the callback URI registered with the authentication server. Format: `https://your-app.com/api/v1/auth/oauth//callback`. For local configuration, you can directly use `http://127.0.0.1:80/api/v1/auth/oauth//callback`. :::tip NOTE The following are best practices for configuring various third-party authentication methods. You can configure one or multiple third-party authentication methods for Ragflow: @@ -227,7 +227,7 @@ oauth: authorization_url: "https://your-oauth-provider.com/oauth/authorize" token_url: "https://your-oauth-provider.com/oauth/token" userinfo_url: "https://your-oauth-provider.com/oauth/userinfo" - redirect_uri: "https://your-app.com/v1/user/oauth/callback/oauth2" + redirect_uri: "https://your-app.com/api/v1/auth/oauth/oauth2/callback" oidc: display_name: "OIDC" @@ -235,7 +235,7 @@ oauth: client_secret: "your_client_secret" issuer: "https://your-oauth-provider.com/oidc" scope: "openid email profile" - redirect_uri: "https://your-app.com/v1/user/oauth/callback/oidc" + redirect_uri: "https://your-app.com/api/v1/auth/oauth/oidc/callback" github: # https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app @@ -244,7 +244,7 @@ oauth: display_name: "Github" client_id: "your_client_id" client_secret: "your_client_secret" - redirect_uri: "https://your-app.com/v1/user/oauth/callback/github" + redirect_uri: "https://your-app.com/api/v1/auth/oauth/github/callback" ``` :::