Allow forcing HTTPS in URL generation (#92)

* Force HTTPS feature * Add docs
2025-07-16 12:21:11 +02:00
parent 054f0e4bca
commit e22f960d69
7 changed files with 51 additions and 15 deletions
--- a/custom_components/auth_oidc/config.py
+++ b/custom_components/auth_oidc/config.py
@@ -14,7 +14,8 @@ FEATURES_AUTOMATIC_USER_LINKING = "automatic_user_linking"
 FEATURES_AUTOMATIC_PERSON_CREATION = "automatic_person_creation"
 FEATURES_DISABLE_PKCE = "disable_rfc7636"
 FEATURES_INCLUDE_GROUPS_SCOPE = "include_groups_scope"
-FEATURE_DISABLE_FRONTEND_INJECTION = "disable_frontend_changes"
+FEATURES_DISABLE_FRONTEND_INJECTION = "disable_frontend_changes"
+FEATURES_FORCE_HTTPS = "force_https"
 CLAIMS = "claims"
 CLAIMS_DISPLAY_NAME = "display_name"
 CLAIMS_USERNAME = "username"
@@ -72,8 +73,12 @@ CONFIG_SCHEMA = vol.Schema(
                        ): vol.Coerce(bool),
                        # Disable frontend injection of OIDC login button
                        vol.Optional(
-                            FEATURE_DISABLE_FRONTEND_INJECTION, default=False
+                            FEATURES_DISABLE_FRONTEND_INJECTION, default=False
                        ): vol.Coerce(bool),
+                        # Force HTTPS on all generated URLs (like redirect_uri)
+                        vol.Optional(FEATURES_FORCE_HTTPS, default=False): vol.Coerce(
+                            bool
+                        ),
                    }
                ),
                # Determine which specific claims will be used from the id_token