ansible-role-sso/templates/hydra-dispatcher-apps.yml.j2

# {{ ansible_managed }}
hydra:
  apps:
{% if enable_hydra_passwordless %}
    - id: {{ hydra_passwordless_identity_provider_id | default("passwordless") }}
      title:
        fr: "{{ hydra_passwordless_app_title }}"
      description:
        fr: "{{ hydra_passwordless_app_description }}"
      login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/login"
      consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/consent"
      logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_passwordless_base_path }}/logout"
      attributes_rewrite_rules: {{ hydra_passwordless_attributes_rewrite_rules | to_json }}
      icon_url: "{{ hydra_passwordless_app_icon_url }}"
{% endif %}
{% if enable_hydra_saml %}
    - id: {{ hydra_saml_identity_provider_id | default("saml") }}
      title:
        fr: "{{ hydra_saml_app_title.fr }}"
        en: "{{ hydra_saml_app_title.en | default("{{ hydra_saml_app_title.fr }}")  }}"
      description:
        fr: "{{ hydra_saml_app_description.fr }}"
        en: "{{ hydra_saml_app_description.en | default("{{ hydra_saml_app_description.fr }}")  }}"
      login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/login"
      consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/consent"
      logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}/logout"
      attributes_rewrite_rules: {{ hydra_saml_attributes_rewrite_rules | to_json }}
      icon_url: "{{ hydra_saml_app_icon_url }}"
      options:
        icon_url:
          fr: "{{ hydra_saml_app_options.icon_url.fr }}"
          en: "{{ hydra_saml_app_options.icon_url.en | default("{{ hydra_saml_app_options.icon_url.fr }}") }}"
{% endif %}
{% if enable_hydra_oidc %}
    - id: {{ hydra_oidc_identity_provider_id | default("oidc") }}
      title:
        fr: "{{ hydra_oidc_app_title.fr }}"
        en: "{{ hydra_oidc_app_title.en | default("{{ hydra_oidc_app_title.fr }}")  }}"
      description:
        fr: "{{ hydra_oidc_app_description.fr }}"
        en: "{{ hydra_oidc_app_description.en | default("{{ hydra_oidc_app_description.fr }}")  }}"
      login_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/login"
      consent_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/consent"
      logout_url: "{{ hydra_oidc_base_url }}{{ haproxy_hydra_oidc_base_path }}/logout"
      attributes_rewrite_rules: {{ hydra_oidc_attributes_rewrite_rules | to_json }}
      icon_url: "{{ hydra_oidc_app_icon_url }}"
      options:
        icon_url:
          fr: "{{ hydra_oidc_app_options.icon_url.fr }}"
          en: "{{ hydra_oidc_app_options.icon_url.en | default("{{ hydra_oidc_app_options.icon_url.fr }}") }}"
{% endif %}
{% if enable_hydra_ldap %}
    - id: ldap
      title:
        fr: "{{ hydra_ldap_app_title }}"
      description:
        fr: "{{ hydra_ldap_app_description }}"
      login_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/login"
      consent_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/consent"
      logout_url: "{{ haproxy_public_base_url }}{{ haproxy_hydra_ldap_base_path }}/auth/logout"
      attributes_rewrite_rules: {{ hydra_ldap_attributes_rewrite_rules | to_json }}
      icon_url: "{{ hydra_ldap_app_icon_url }}"
{% endif %}
  webhook:
    enabled: {{ hydra_dispatcher_webhook }}
    api_url: {{ hydra_dispatcher_webhook_api_url }}
    api_key: {{ hydra_dispatcher_webhook_api_key }}
    api_method: POST
  firewall:
    additional_properties: true
    rules: {{ hydra_dispatcher_webhook_rules | to_json }}
{% endif %}