From e634509b7a0c9445f599ae9b31231df98984b467 Mon Sep 17 00:00:00 2001
From: hummingbard <mail@hummingbard.com>
Date: Sun, 30 Mar 2025 14:08:14 +0600
Subject: [PATCH 1/3] Missing token_endpoint_auth_method field in upstream
 sample config for Github

---
 docs/setup/sso.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/setup/sso.md b/docs/setup/sso.md
index 7593737fa..ba43ff2ba 100644
--- a/docs/setup/sso.md
+++ b/docs/setup/sso.md
@@ -339,6 +339,7 @@ upstream_oauth2:
       human_name: Google
       brand_name: "google"
       issuer: "https://accounts.google.com"
+      token_endpoint_auth_method: "client_secret_post"
       client_id: "<client-id>" # TO BE FILLED
       client_secret: "<client-secret>" # TO BE FILLED
       scope: "openid profile email"

From e4f83892b9564bd3e95c57f741c762bcd6d65809 Mon Sep 17 00:00:00 2001
From: hummingbard <mail@hummingbard.com>
Date: Sun, 30 Mar 2025 15:53:56 +0600
Subject: [PATCH 2/3] Added upstream sample config for Discord, brand logo in
 templates

---
 docs/setup/sso.md                   | 34 +++++++++++++++++++++++++++++
 templates/components/idp_brand.html |  2 ++
 2 files changed, 36 insertions(+)

diff --git a/docs/setup/sso.md b/docs/setup/sso.md
index ba43ff2ba..0dafd9045 100644
--- a/docs/setup/sso.md
+++ b/docs/setup/sso.md
@@ -452,6 +452,40 @@ upstream_oauth2:
           template: "{{ user.preferred_username }}"
 ```
 
+### Discord
+
+1. Create a new application in the Discord Developer Portal (see [documentation](https://discord.com/developers/applications))
+2. Add the following "Redirect URI" in the OAuth2 tab under settings: `https://<auth-service-domain>/upstream/callback/<id>`
+
+Authentication service configuration:
+
+```yaml
+upstream_oauth2:
+  providers:
+    - id: 01JQK7DK6VFH62NMW4HS9RKD3R
+      human_name: Discord
+      brand_name: "discord"
+      token_endpoint_auth_method: "client_secret_post"
+      issuer: "https://discord.com"
+      client_id: "<client-id>" # TO BE FILLED
+      client_secret: "<client-secret>" # TO BE FILLED
+      fetch_userinfo: true
+      userinfo_endpoint: "https://discord.com/api/users/@me"
+      scope: "openid identify email"
+      claims_imports:
+        localpart:
+          action: suggest
+          template: "{{ user.username }}"
+        displayname:
+          action: suggest
+          template: "{{ user.global_name }}"
+        email:
+          action: suggest
+          template: "{{ user.email }}"
+        account_name:
+          template: "{{ user.username }}"
+```
+
 
 ### Rauthy
 
diff --git a/templates/components/idp_brand.html b/templates/components/idp_brand.html
index 9781f09da..e0226c053 100644
--- a/templates/components/idp_brand.html
+++ b/templates/components/idp_brand.html
@@ -47,5 +47,7 @@ Please see LICENSE in the repository root for full details.
         <svg class="{{ class }}" xmlns="http://www.w3.org/2000/svg" width="24" height="28" viewBox="0 0 24 28" fill="none">
             <path d="M20.9144 8.1816C20.7752 8.2896 18.3176 9.6744 18.3176 12.7536C18.3176 16.3152 21.4448 17.5752 21.5384 17.6064C21.524 17.6832 21.0416 19.332 19.8896 21.012C18.8624 22.4904 17.7896 23.9664 16.1576 23.9664C14.5256 23.9664 14.1056 23.0184 12.2216 23.0184C10.3856 23.0184 9.7328 23.9976 8.24 23.9976C6.7472 23.9976 5.7056 22.6296 4.508 20.9496C3.1208 18.9768 2 15.912 2 13.0032C2 8.3376 5.0336 5.8632 8.0192 5.8632C9.6056 5.8632 10.928 6.9048 11.924 6.9048C12.872 6.9048 14.3504 5.8008 16.1552 5.8008C16.8392 5.8008 19.2968 5.8632 20.9144 8.1816ZM15.2984 3.8256C16.0448 2.94 16.5728 1.7112 16.5728 0.4824C16.5728 0.312 16.5584 0.1392 16.5272 0C15.3128 0.0456 13.868 0.8088 12.9968 1.8192C12.3128 2.5968 11.6744 3.8256 11.6744 5.0712C11.6744 5.2584 11.7056 5.4456 11.72 5.5056C11.7968 5.52 11.9216 5.5368 12.0464 5.5368C13.136 5.5368 14.5064 4.8072 15.2984 3.8256Z" fill="currentColor"/>
         </svg>
+    {% elif brand == "discord" %}
+        <svg class="{{ class }}" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M19.27 5.33C17.94 4.71 16.5 4.26 15 4a.1.1 0 0 0-.07.03c-.18.33-.39.76-.53 1.09a16.1 16.1 0 0 0-4.8 0c-.14-.34-.35-.76-.54-1.09c-.01-.02-.04-.03-.07-.03c-1.5.26-2.93.71-4.27 1.33c-.01 0-.02.01-.03.02c-2.72 4.07-3.47 8.03-3.1 11.95c0 .02.01.04.03.05c1.8 1.32 3.53 2.12 5.24 2.65c.03.01.06 0 .07-.02c.4-.55.76-1.13 1.07-1.74c.02-.04 0-.08-.04-.09c-.57-.22-1.11-.48-1.64-.78c-.04-.02-.04-.08-.01-.11c.11-.08.22-.17.33-.25c.02-.02.05-.02.07-.01c3.44 1.57 7.15 1.57 10.55 0c.02-.01.05-.01.07.01c.11.09.22.17.33.26c.04.03.04.09-.01.11c-.52.31-1.07.56-1.64.78c-.04.01-.05.06-.04.09c.32.61.68 1.19 1.07 1.74c.03.01.06.02.09.01c1.72-.53 3.45-1.33 5.25-2.65c.02-.01.03-.03.03-.05c.44-4.53-.73-8.46-3.1-11.95c-.01-.01-.02-.02-.04-.02M8.52 14.91c-1.03 0-1.89-.95-1.89-2.12s.84-2.12 1.89-2.12c1.06 0 1.9.96 1.89 2.12c0 1.17-.84 2.12-1.89 2.12m6.97 0c-1.03 0-1.89-.95-1.89-2.12s.84-2.12 1.89-2.12c1.06 0 1.9.96 1.89 2.12c0 1.17-.83 2.12-1.89 2.12"/></svg>
     {% endif %}
 {% endmacro %}

From 204b7c54b50ed90dad82199a5081817a0819d034 Mon Sep 17 00:00:00 2001
From: hummingbard <mail@hummingbard.com>
Date: Sun, 6 Apr 2025 23:21:12 +0600
Subject: [PATCH 3/3] Added Discord to default upstream oauth2 providers,
 regenerated config schema

---
 crates/config/src/sections/upstream_oauth2.rs | 1 +
 docs/config.schema.json                       | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/crates/config/src/sections/upstream_oauth2.rs b/crates/config/src/sections/upstream_oauth2.rs
index 077e8de02..98b5f3c3c 100644
--- a/crates/config/src/sections/upstream_oauth2.rs
+++ b/crates/config/src/sections/upstream_oauth2.rs
@@ -432,6 +432,7 @@ pub struct Provider {
     ///  - `github`
     ///  - `gitlab`
     ///  - `twitter`
+    ///  - `discord`
     #[serde(skip_serializing_if = "Option::is_none")]
     pub brand_name: Option<String>,
 
diff --git a/docs/config.schema.json b/docs/config.schema.json
index 0d8325529..94dcba7ed 100644
--- a/docs/config.schema.json
+++ b/docs/config.schema.json
@@ -1945,7 +1945,7 @@
           "type": "string"
         },
         "brand_name": {
-          "description": "A brand identifier used to customise the UI, e.g. `apple`, `google`, `github`, etc.\n\nValues supported by the default template are:\n\n- `apple` - `google` - `facebook` - `github` - `gitlab` - `twitter`",
+          "description": "A brand identifier used to customise the UI, e.g. `apple`, `google`, `github`, etc.\n\nValues supported by the default template are:\n\n- `apple` - `google` - `facebook` - `github` - `gitlab` - `twitter` - `discord`",
           "type": "string"
         },
         "client_id": {