docs(test): add OIDC/MSC3861 test section + local MAS dev loop
LOTUS_TESTING.md section N (N1-N6): OIDC login flow, session-persist-on-reload, token refresh, logout revocation, account-management link, and the non-OIDC regression check. Backed by dev/oidc-test/ — a runnable local Matrix Authentication Service + Synapse(msc3861) loop (compose skeleton, the Synapse experimental_features delta, and the public/config.json override) so the flow can be verified without a mozilla.org tester. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,16 @@
|
||||
# Synapse experimental-features delta to delegate auth to a local MAS (MSC3861).
|
||||
# Merge this into your test homeserver.yaml. The client_secret + admin_token MUST
|
||||
# match the MAS config (clients[].client_secret and matrix.secret respectively).
|
||||
experimental_features:
|
||||
msc3861:
|
||||
enabled: true
|
||||
issuer: http://localhost:8090/
|
||||
client_id: "0000000000000000000SYNAPSE"
|
||||
client_auth_method: client_secret_basic
|
||||
client_secret: "REPLACE_WITH_A_SHARED_CLIENT_SECRET"
|
||||
admin_token: "REPLACE_WITH_A_LONG_SHARED_ADMIN_TOKEN"
|
||||
account_management_url: "http://localhost:8090/account"
|
||||
|
||||
# With msc3861 enabled, Synapse disables its own password/SSO login and advertises
|
||||
# `m.authentication` in /.well-known/matrix/client — which is exactly what the
|
||||
# Lotus client's getOidcIssuer() reads to switch into the OIDC flow.
|
||||
Reference in New Issue
Block a user