RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/docs/content/en/integration/openid-connect/komga/index.md

3.5 KiB
Raw Blame History

title description lead date draft images menu weight toc community aliases
Komga Integrating Komga with the Authelia OpenID Connect Provider. 2022-06-15T17:51:47+10:00 false
integration
parent
openid-connect
620 true true
/docs/community/oidc-integrations/komga.html

Tested Versions

Before You Begin

You are required to utilize a unique client id and a unique and random client secret for all OpenID Connect relying parties. You should not use the client secret in this example, you should randomly generate one yourself. You may also choose to utilize a different client id, it's completely up to you.

This example makes the following assumptions:

  • Application Root URL: https://komga.example.com
  • Authelia Root URL: https://auth.example.com
  • Client ID: komga-auth
  • Client Secret: komga_client_secret

Configuration

Application

To configure Komga to utilize Authelia as an OpenID Connect Provider:

  1. Create an Application.yml according to the configuration options
  2. Add a section that describes the spring boot security configuration
  security:
    oauth2:
      client:
        registration:
          authelia:
            client-id: `komga-auth`
            client-secret: `komga_client_secret`
            client-name: Authelia
            scope: openid, email
            authorization-grant-type: authorization_code
            redirect-uri: "{baseScheme}://{baseHost}{basePort}{basePath}/login/oauth2/code/authelia"
        provider:
          authelia:
            issuer-uri: `https:\\auth.example.com`
            user-name-attribute: email

Optional configuration

You can enable some useful additional debug logging to application.yml by adding the logging.level.org.springframework.security attribute:

logging:
  file.name: /config/logs/komga.log
  level:
    org:
      springframework:
        security: info   #when changed to 'TRACE' adds additional spring security logging on top of komga logging.
      gotson:
        komga: info

Automatic creation of accounts (in Komga) by logging in with Authelia can be enabled with:

komga:
  oauth2-account-creation: true

In certain cases it might be necessary to add:

server:
  use-forward-headers: true

Authelia

The following YAML configuration is an example Authelia client configuration for use with [Portainer] which will operate with the above example:

      -
        id: komga-auth
        description: Komga Comics OpenID
        secret: `komga_client_secret`
        public: false
        authorization_policy: two_factor
        audience: []
        scopes:
          - openid
          - email
        redirect_uris:
          - https://komga.example.com/login/oauth2/code/authelia

        grant_types:
          - authorization_code

        userinfo_signing_algorithm: none

Note: make sure that the userinfo_signing_algorithm is set to none, or Komga will throw an application\jwt error.

See Also