@@ -2635,11 +2635,10 @@ pub struct IdentityProvider {
26352635pub issuer_url : Option < Url > ,
26362636
26372637 /// The callback URL configured when registering the OAuth application with
2638- /// the provider. Tuwunel's callback URL must be strictly formatted exactly
2639- /// as instructed. The URL host must point directly at the matrix server and
2640- /// use the following path:
2641- /// `/_matrix/client/unstable/login/sso/callback/<client_id>` where
2642- /// `<client_id>` is the same one configured for this provider above.
2638+ /// the provider. This doesn't need to be set manually, it will be
2639+ /// constructed as:
2640+ /// `<global.well_known.client>/_matrix/client/unstable/login/sso/callback/
2641+ /// <client_id>`
26432642pub callback_url : Option < Url > ,
26442643
26452644 /// When more than one identity_provider has been configured and
@@ -2698,10 +2697,13 @@ pub struct IdentityProvider {
26982697#[ serde( default ) ]
26992698 pub userid_claims : BTreeSet < String > ,
27002699
2701- /// Optional extra path components after the issuer_url leading to the
2702- /// location of the `.well-known` directory used for discovery. This will be
2703- /// empty for specification-compliant providers. We have supplied any known
2704- /// values based on `brand` (e.g. `/login/oauth` for GitHub).
2700+ /// Optionally overwrite the path used for the discovery url. If base_path
2701+ /// starts with a / the issuer path is ignored and the discovery url is
2702+ /// constructed from the host + base_path + well-known path. If base_path is
2703+ /// a relative path, it will be constructed relative to the issuer
2704+ /// path. This should be empty for specification-compliant providers. We
2705+ /// have supplied any known values based on `brand` (e.g. `/login/oauth`
2706+ /// for GitHub).
27052707pub base_path : Option < String > ,
27062708
27072709 /// Overrides the `.well-known` location where the provider's openid
0 commit comments