feat: hydra-oidc deployment
This commit is contained in:
@ -11,6 +11,7 @@ cadoles_pod_hydra_dispatcher_v1_package_version: '*'
|
||||
cadoles_pod_shibboleth_sp_v3_package_version: '*'
|
||||
cadoles_pod_hydra_remote_user_v1_package_version: '*'
|
||||
cadoles_pod_hydra_passwordless_v1_package_version: '*'
|
||||
cadoles_pod_hydra_oidc_v1_package_version: '*'
|
||||
|
||||
# Hydra database configuration
|
||||
hydra_use_external_database: no
|
||||
@ -28,7 +29,8 @@ haproxy_hydra_base_path: /auth
|
||||
haproxy_hydra_dispatcher_base_path: /auth/dispatcher
|
||||
haproxy_hydra_passwordless_base_path: /auth/passwordless
|
||||
haproxy_hydra_saml_base_path: /auth/saml
|
||||
haproxy_oidc_test_base_path: /auth/oidc-test
|
||||
haproxy_hydra_oidc_base_path: /auth/oidc
|
||||
haproxy_oidc_test_base_path: /auth/test
|
||||
|
||||
haproxy_forwarded_proto: https
|
||||
haproxy_forwarded_host: "%[req.hdr(Host)]"
|
||||
@ -57,6 +59,14 @@ hydra_clients:
|
||||
|
||||
hydra_dispatcher_cookie_path: "{{ haproxy_hydra_dispatcher_base_path }}"
|
||||
hydra_dispatcher_debug: no
|
||||
hydra_dispatcher_admin_authorized_hosts:
|
||||
- '10.0.0.0/8'
|
||||
- '172.16.0.0/12'
|
||||
- '192.168.0.0/16'
|
||||
hydra_dispatcher_default_locale: fr
|
||||
hydra_dispatcher_available_locales:
|
||||
- fr
|
||||
- en
|
||||
|
||||
# Hydra Passwordless configuration
|
||||
|
||||
@ -134,4 +144,37 @@ saml_attribute_policies: []
|
||||
enable_oidc_test_app: yes
|
||||
oidc_test_app_client_id: oidc-test
|
||||
oidc_test_app_client_secret: '$oidc-test&123456$'
|
||||
oidc_test_app_public_base_url: "{{ haproxy_public_base_url }}{{ haproxy_oidc_test_base_path }}"
|
||||
oidc_test_app_public_base_url: "{{ haproxy_public_base_url }}{{ haproxy_oidc_test_base_path }}"
|
||||
|
||||
# Hydra OIDC configuration
|
||||
|
||||
enable_hydra_oidc: no
|
||||
hydra_oidc_debug: no
|
||||
hydra_oidc_cookie_path: "{{ haproxy_hydra_oidc_base_path }}"
|
||||
hydra_oidc_app_title: OpenID Connect
|
||||
hydra_oidc_app_description: Authentification via OpenID Connect
|
||||
hydra_oidc_app_icon_url: https://openid.net/wordpress-content/uploads/2014/09/openid-r-logo-900x360.png
|
||||
hydra_oidc_authorize_endpoint:
|
||||
hydra_oidc_token_endpoint:
|
||||
hydra_oidc_userinfo_endpoint:
|
||||
hydra_oidc_logout_url_pattern:
|
||||
hydra_oidc_post_logout_redirect_url:
|
||||
hydra_oidc_scope: openid email
|
||||
hydra_oidc_client_id:
|
||||
hydra_oidc_client_secret:
|
||||
|
||||
hydra_oidc_attributes_rewrite_rules:
|
||||
email:
|
||||
- consent.session.id_token.email
|
||||
family_name:
|
||||
- consent.session.id_token.family_name
|
||||
given_name:
|
||||
- consent.session.id_token.given_name
|
||||
birthdate:
|
||||
- consent.session.id_token.birthdate
|
||||
gender:
|
||||
- consent.session.id_token.gender
|
||||
birthplace:
|
||||
- consent.session.id_token.birthplace
|
||||
birthcountry:
|
||||
- consent.session.id_token.birthcountry
|
||||
Reference in New Issue
Block a user