@@ -2632,11 +2632,10 @@ pub struct IdentityProvider {
26322632pub issuer_url : Option < Url > ,
26332633
26342634 /// The callback URL configured when registering the OAuth application with
2635- /// the provider. Tuwunel's callback URL must be strictly formatted exactly
2636- /// as instructed. The URL host must point directly at the matrix server and
2637- /// use the following path:
2638- /// `/_matrix/client/unstable/login/sso/callback/<client_id>` where
2639- /// `<client_id>` is the same one configured for this provider above.
2635+ /// the provider. This doesn't need to be set manually, it will be
2636+ /// constructed as:
2637+ /// `<global.well_known.client>/_matrix/client/unstable/login/sso/callback/
2638+ /// <client_id>`
26402639pub callback_url : Option < Url > ,
26412640
26422641 /// When more than one identity_provider has been configured and
@@ -2695,10 +2694,13 @@ pub struct IdentityProvider {
26952694#[ serde( default ) ]
26962695 pub userid_claims : BTreeSet < String > ,
26972696
2698- /// Optional extra path components after the issuer_url leading to the
2699- /// location of the `.well-known` directory used for discovery. This will be
2700- /// empty for specification-compliant providers. We have supplied any known
2701- /// values based on `brand` (e.g. `/login/oauth` for GitHub).
2697+ /// Optionally overwrite the path used for the discovery url. If base_path
2698+ /// starts with a / the issuer path is ignored and the discovery url is
2699+ /// constructed from the host + base_path + well-known path. If base_path is
2700+ /// a relative path, it will be constructed relative to the issuer
2701+ /// path. This should be empty for specification-compliant providers. We
2702+ /// have supplied any known values based on `brand` (e.g. `/login/oauth`
2703+ /// for GitHub).
27022704pub base_path : Option < String > ,
27032705
27042706 /// Overrides the `.well-known` location where the provider's openid
0 commit comments