Cadoles
/
ansible-role-sso
10
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

feat: add missing default values for templates

This commit is contained in:
wpetit 2023-05-25 14:53:28 +02:00
parent 5bba8b978e
commit 7e0da81478
3 changed files with 38 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
defaults/main.yml
View File

@ -101,8 +101,10 @@ hydra_dispatcher_webhook_rules:
# Hydra Passwordless configuration # Hydra Passwordless configuration
enable_hydra_passwordless: yes enable_hydra_passwordless: yes
hydra_passwordless_app_title: Adresse courriel hydra_passwordless_app_title:
hydra_passwordless_app_description: Authentification via adresse courriel fr: Adresse courriel
hydra_passwordless_app_description:
fr: Authentification via adresse courriel
hydra_passwordless_app_icon_url: https://upload.wikimedia.org/wikipedia/commons/4/48/You%27ve_got_mail.png hydra_passwordless_app_icon_url: https://upload.wikimedia.org/wikipedia/commons/4/48/You%27ve_got_mail.png
hydra_passwordless_identity_provider_id: passwordless hydra_passwordless_identity_provider_id: passwordless
hydra_passwordless_smtp_host: smtp-server hydra_passwordless_smtp_host: smtp-server
@ -136,13 +138,17 @@ hydra_passwordless_attributes_rewrite_rules:
# Hydra SAML configuration # Hydra SAML configuration
enable_hydra_saml: yes enable_hydra_saml: yes
hydra_saml_app_title: {} hydra_saml_app_title:
hydra_saml_app_description: {} fr: SAML
hydra_saml_app_description:
fr: Authentification via SAML
hydra_saml_app_icon_url: hydra_saml_app_icon_url:
hydra_saml_identity_provider_id: saml hydra_saml_identity_provider_id: saml
hydra_saml_idp_entity_id: https://samltest.id/saml/idp hydra_saml_idp_entity_id: https://samltest.id/saml/idp
hydra_saml_idp_metadata_url: https://samltest.id/saml/idp hydra_saml_idp_metadata_url: https://samltest.id/saml/idp
hydra_saml_app_options: {} hydra_saml_app_options:
icon_url:
fr:
# Liste des URLs autorisées pour la redirection post-login/logout sur le service shibboleth-sp # Liste des URLs autorisées pour la redirection post-login/logout sur le service shibboleth-sp
hydra_saml_allowed_redirects: [] hydra_saml_allowed_redirects: []
@ -216,8 +222,10 @@ hydra_oidc_debug: no
hydra_oidc_hydra_url_error: hydra_oidc_hydra_url_error:
hydra_oidc_base_url: hydra_oidc_base_url:
hydra_oidc_cookie_path: "{{ haproxy_hydra_oidc_base_path }}" hydra_oidc_cookie_path: "{{ haproxy_hydra_oidc_base_path }}"
hydra_oidc_app_title: {} hydra_oidc_app_title:
hydra_oidc_app_description: {} fr: OIDC
hydra_oidc_app_description:
fr: Authentification via OIDC
hydra_oidc_app_icon_url: https://openid.net/wordpress-content/uploads/2014/09/openid-r-logo-900x360.png hydra_oidc_app_icon_url: https://openid.net/wordpress-content/uploads/2014/09/openid-r-logo-900x360.png
hydra_oidc_identity_provider_id: oidc hydra_oidc_identity_provider_id: oidc
hydra_oidc_authorize_endpoint: hydra_oidc_authorize_endpoint:
@ -229,7 +237,9 @@ hydra_oidc_scope: openid email
hydra_oidc_client_id: hydra_oidc_client_id:
hydra_oidc_client_secret: hydra_oidc_client_secret:
hydra_oidc_additionnal_env: {} hydra_oidc_additionnal_env: {}
hydra_oidc_app_options: {} hydra_oidc_app_options:
icon_url:
fr:
hydra_oidc_attributes_rewrite_rules: hydra_oidc_attributes_rewrite_rules:
email: email:
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null" - "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
@ -253,8 +263,10 @@ hydra_oidc_attributes_rewrite_rules:
# Hydra LDAP configuration # Hydra LDAP configuration
enable_hydra_ldap: no enable_hydra_ldap: no
hydra_ldap_app_title: LDAP hydra_ldap_app_title:
hydra_ldap_app_description: Authentification via LDAP fr: LDAP
hydra_ldap_app_description:
fr: Authentification via LDAP
hydra_ldap_app_icon_url: hydra_ldap_app_icon_url:
hydra_ldap_dev_mode: false hydra_ldap_dev_mode: false
hydra_ldap_attributes_rewrite_rules: hydra_ldap_attributes_rewrite_rules:

8
sso.schema.yml
View File

@ -109,9 +109,9 @@ properties:
enable_hydra_passwordless: enable_hydra_passwordless:
type: boolean type: boolean
hydra_passwordless_app_title: hydra_passwordless_app_title:
type: string type: object
hydra_passwordless_app_description: hydra_passwordless_app_description:
type: string type: object
hydra_passwordless_app_icon_url: hydra_passwordless_app_icon_url:
type: string type: string
hydra_passwordless_smtp_host: hydra_passwordless_smtp_host:
@ -134,9 +134,9 @@ properties:
enable_hydra_saml: enable_hydra_saml:
type: boolean type: boolean
hydra_saml_app_title: hydra_saml_app_title:
type: string type: object
hydra_saml_app_description: hydra_saml_app_description:
type: string type: object
hydra_saml_app_icon_url: hydra_saml_app_icon_url:
type: string type: string
hydra_saml_idp_entity_id: hydra_saml_idp_entity_id:

20
templates/hydra-dispatcher-apps.yml.j2
View File

@ -4,13 +4,15 @@ hydra:
{% if enable_hydra_passwordless %} {% if enable_hydra_passwordless %}
- id: {{ hydra_passwordless_identity_provider_id | default("passwordless") }} - id: {{ hydra_passwordless_identity_provider_id | default("passwordless") }}
title: title:
fr: "{{ hydra_passwordless_app_title }}" fr: "{{ hydra_passwordless_app_title.fr }}"
en: "{{ hydra_passwordless_app_title.en | default("{{ hydra_passwordless_app_title.fr }}") }}"
description: description:
fr: "{{ hydra_passwordless_app_description }}" fr: "{{ hydra_passwordless_app_description.fr }}"
en: "{{ hydra_passwordless_app_description.en | default("{{ hydra_passwordless_app_description.fr }}") }}"
login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/login" login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/login"
consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/consent" consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/consent"
logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/logout" logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/logout"
attributes_rewrite_configuration: {{ hydra_passwordless_attributes_rewrite_configuration | to_json }} attributes_rewrite_configuration: {{ hydra_passwordless_attributes_rewrite_configuration | default({}) | to_json }}
icon_url: "{{ hydra_passwordless_app_icon_url }}" icon_url: "{{ hydra_passwordless_app_icon_url }}"
{% endif %} {% endif %}
{% if enable_hydra_saml %} {% if enable_hydra_saml %}
@ -24,7 +26,7 @@ hydra:
login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/login" login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/login"
consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/consent" consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/consent"
logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/logout" logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/logout"
attributes_rewrite_configuration: {{ hydra_saml_attributes_rewrite_configuration | to_json }} attributes_rewrite_configuration: {{ hydra_saml_attributes_rewrite_configuration | default({}) | to_json }}
icon_url: "{{ hydra_saml_app_icon_url }}" icon_url: "{{ hydra_saml_app_icon_url }}"
options: options:
icon_url: icon_url:
@ -42,7 +44,7 @@ hydra:
login_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/login" login_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/login"
consent_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/consent" consent_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/consent"
logout_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/logout" logout_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/logout"
attributes_rewrite_configuration: {{ hydra_oidc_attributes_rewrite_configuration | to_json }} attributes_rewrite_configuration: {{ hydra_oidc_attributes_rewrite_configuration | default({}) | to_json }}
icon_url: "{{ hydra_oidc_app_icon_url }}" icon_url: "{{ hydra_oidc_app_icon_url }}"
options: options:
icon_url: icon_url:
@ -52,13 +54,15 @@ hydra:
{% if enable_hydra_ldap %} {% if enable_hydra_ldap %}
- id: ldap - id: ldap
title: title:
fr: "{{ hydra_ldap_app_title }}" fr: "{{ hydra_ldap_app_title.fr }}"
en: "{{ hydra_ldap_app_title.en | default("{{ hydra_ldap_app_title.fr }}") }}"
description: description:
fr: "{{ hydra_ldap_app_description }}" fr: "{{ hydra_ldap_app_description.fr }}"
en: "{{ hydra_ldap_app_description.en | default("{{ hydra_ldap_app_description.fr }}") }}"
login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/login" login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/login"
consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/consent" consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/consent"
logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/logout" logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/logout"
attributes_rewrite_configuration: {{ hydra_ldap_attributes_rewrite_configuration | to_json }} attributes_rewrite_configuration: {{ hydra_ldap_attributes_rewrite_configuration | default({}) | to_json }}
icon_url: "{{ hydra_ldap_app_icon_url }}" icon_url: "{{ hydra_ldap_app_icon_url }}"
{% endif %} {% endif %}
webhook: webhook: