sso: support public MCIAS authorize URL for non-Tailnet browsers

Add [sso].public_url: the browser-facing MCIAS base URL for the SSO authorize redirect, kept separate from [mcias].server_url (the internal address used for the server-to-server code exchange). Enables public SSO without routing internal auth through the edge. Bumps mcdsl to v1.9.0. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 11:06:43 -07:00
parent bed563fd20
commit ee31dff01e
7 changed files with 48 additions and 17 deletions
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.25.7

 require (
 	git.wntrmute.dev/kyle/goutils v1.21.0
-	git.wntrmute.dev/mc/mcdsl v1.7.0
+	git.wntrmute.dev/mc/mcdsl v1.9.0
 	github.com/go-chi/chi/v5 v5.2.5
 	github.com/spf13/cobra v1.10.2
 	github.com/spf13/viper v1.21.0