优化

2026-04-25 16:36:34 +08:00
commit db90e7579b
1876 changed files with 189777 additions and 0 deletions
--- a/website/docs/advanced-usage/plugins/com.msgbyte.iam.md
+++ b/website/docs/advanced-usage/plugins/com.msgbyte.iam.md
@@ -0,0 +1,40 @@
+---
+sidebar_position: 3
+title: iam - Third party login
+---
+
+`com.msgbyte.iam`
+
+The `IAM` plugin provides third-party login functionality
+
+Currently supported:
+- github
+
+## Configuration Method
+
+### Github
+
+Create an OAuth application in `Github`. Get `Client ID` and `Client secrets`
+
+Configure the authorization callback address `Authorization callback URL` of the `Github` application to `{API_URL}/api/plugin:com.msgbyte.iam/github/redirect`. Note that `API_URL` is the value in the environment variable, and the two should be consistent.
+
+Configure Tailchat environment variables:
+
+- IAM_GITHUB_ID
+- IAM_GITHUB_SECRET
+
+Respectively, `Client ID` and `Client secrets` obtained before
+
+> You also can use env to overwrite uri, for example use proxy:
+>
+> - IAM_GITHUB_URI_AUTHORIZE=https://github.com/login/oauth/authorize
+> - IAM_GITHUB_URI_ACCESS_TOKEN=https://github.com/login/oauth/access_token
+> - IAM_GITHUB_URI_USERINFO=https://api.github.com/user
+
+## Security Protection
+
+In order to prevent tokens from being obtained by malicious applications, it is recommended to add front-end domain name verification.
+
+Just configure `IAM_FE_URL` in the environment variable, and the value is the front-end domain name. Such as: `IAM_FE_URL=http://localhost:11011`
+
+> for `window.opener.postMessage(<data>, "IAM_FE_URL")`