- [OAuth2 Login on Standalone Wekan](https://github.com/wekan/wekan/wiki/OAuth2). For example, Rocket.Chat can provide OAuth2 login to Wekan.

  Also, if you have Rocket.Chat using LDAP/SAML/Google/etc for logging into Rocket.Chat, then same users can login to Wekan when
  Rocket.Chat is providing OAuth2 login to Wekan.

Thanks to salleman33 and xet7 !

Closes #234

1 files changed, 19 insertions, 15 deletions

diff --git a/server/authentication.js b/server/authentication.js
index a6872376..6310e8df 100644
--- a/server/authentication.js
+++ b/server/authentication.js
@@ -63,23 +63,27 @@ Meteor.startup(() => {
   };
 
   if (Meteor.isServer) {
-    ServiceConfiguration.configurations.upsert(
-      { service: 'oidc' },
-      {
-        $set: {
-          loginStyle: 'redirect',
-          clientId: 'CLIENT_ID',
-          secret: 'SECRET',
-          serverUrl: 'https://my-server',
-          authorizationEndpoint: '/oauth/authorize',
-          userinfoEndpoint: '/oauth/userinfo',
-          tokenEndpoint: '/oauth/token',
-          idTokenWhitelistFields: [],
-          requestPermissions: ['openid']
+
+    if(process.env.OAUTH2_CLIENT_ID !== '') {
+
+      ServiceConfiguration.configurations.upsert( // eslint-disable-line no-undef
+        { service: 'oidc' },
+        {
+          $set: {
+            loginStyle: 'redirect',
+            clientId: process.env.OAUTH2_CLIENT_ID,
+            secret: process.env.OAUTH2_SECRET,
+            serverUrl: process.env.OAUTH2_SERVER_URL,
+            authorizationEndpoint: process.env.OAUTH2_AUTH_ENDPOINT,
+            userinfoEndpoint: process.env.OAUTH2_USERINFO_ENDPOINT,
+            tokenEndpoint: process.env.OAUTH2_TOKEN_ENDPOINT,
+            idTokenWhitelistFields: [],
+            requestPermissions: ['openid'],
+          },
         }
-      }
-    );
+      );
     }
+  }
 
 });