feat: allow activation of cors headers for spa clients
This commit is contained in:
parent
f1ad86a80d
commit
08c1bafa68
|
@ -45,7 +45,7 @@ hydra_urls_login: "{{ haproxy_public_base_url }}{{ haproxy_hydra_dispatcher_base
|
|||
hydra_urls_logout: "{{ haproxy_public_base_url }}{{ haproxy_hydra_dispatcher_base_path }}/logout"
|
||||
hydra_url_post_logout: "{{ haproxy_public_base_url }}"
|
||||
hydra_urls_error: "{{ haproxy_public_base_url }}/erreur"
|
||||
|
||||
hydra_public_cors_allowed_origins: []
|
||||
|
||||
hydra_log_level: warn
|
||||
hydra_log_leak_sensitive_values: no
|
||||
|
|
|
@ -18,6 +18,10 @@ PODMAN_ARGS="\
|
|||
-e 'HYDRA_URL_POST_LOGOUT={{ hydra_url_post_logout }}' \
|
||||
-e 'HYDRA_ALLOW_INSECURE=yes' \
|
||||
-e 'HYDRA_LEVEL={{ hydra_log_level }}' \
|
||||
{% if hydra_public_cors_allowed_origins | default([]) | length > 0 %}
|
||||
-e 'SERVE_PUBLIC_CORS_ENABLED=true' \
|
||||
-e 'SERVE_PUBLIC_CORS_ALLOWED_ORIGINS={{ hydra_public_cors_allowed_origins | join(',') }}' \
|
||||
{% endif %}
|
||||
-e 'HYDRA_SECRETS_SYSTEM={{ lookup('ansible.builtin.password', '/dev/null length=32 seed=hydra_secrets_seed') }}' \
|
||||
-e 'HYDRA_OIDC_SUBJECT_IDENTIFIERS_PAIRWISE_SALT={{ lookup('ansible.builtin.password', '/dev/null length=32 seed=hydra_secrets_seed') }}' \
|
||||
-v /etc/hydra/clients.d:/etc/hydra/clients.d \
|
||||
|
|
Loading…
Reference in New Issue