108 lines
4.2 KiB
JSON
108 lines
4.2 KiB
JSON
{
|
|
"$id": "https://forge.cadoles.com/cadoles/bouncer/schemas/authn-oidc-layer-options",
|
|
"title": "Options de configuration du layer 'authn-oidc'",
|
|
"type": "object",
|
|
"properties": {
|
|
"oidc": {
|
|
"title": "Configuration du client OpenID Connect",
|
|
"type": "object",
|
|
"properties": {
|
|
"clientId": {
|
|
"title": "Identifiant du client OpenID Connect",
|
|
"type": "string"
|
|
},
|
|
"clientSecret": {
|
|
"title": "Secret du client OpenID Connect",
|
|
"type": "string"
|
|
},
|
|
"issuerURL": {
|
|
"title": "URL de base du fournisseur OpenID Connect (racine du .well-known/openid-configuration)",
|
|
"type": "string"
|
|
},
|
|
"postLogoutRedirectURL": {
|
|
"title": "URL de redirection après déconnexion",
|
|
"type": "string"
|
|
},
|
|
"scopes": {
|
|
"title": "Scopes associés au client OpenID Connect",
|
|
"default": [
|
|
"openid"
|
|
],
|
|
"type": "array",
|
|
"item": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"authParams": {
|
|
"title": "Paramètres d'URL supplémentaires à ajouter à la requête d'authentification OpenID Connect",
|
|
"default": {},
|
|
"description": "L'ensemble des clés valeurs renseignées seront transformées en variables d'URL lors de la requête d'authentification initiale. Permet par exemple d'ajouter les 'acr_values' requises par certains fournisseurs d'identité OpenID Connect.",
|
|
"type": "object",
|
|
"patternProperties": {
|
|
".*": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"loginCallbackPath": {
|
|
"title": "Chemin associé à l'URL de callback OpenID Connect",
|
|
"default": "/.bouncer/authn/oidc/%s/callback",
|
|
"description": "Le marqueur '%s' peut être utilisé pour injecter l'espace de nom '<proxy>/<layer>'.",
|
|
"type": "string"
|
|
},
|
|
"logoutPath": {
|
|
"title": "Chemin associé à l'URL de déconnexion",
|
|
"default": "/.bouncer/authn/oidc/%s/logout",
|
|
"description": "Le marqueur '%s' peut être utilisé pour injecter l'espace de nom '<proxy>/<layer>'.",
|
|
"type": "string"
|
|
},
|
|
"skipIssuerVerification": {
|
|
"title": "Activer/désactiver la vérification de concordance de l'identifiant du fournisseur d'identité",
|
|
"default": false,
|
|
"type": "boolean"
|
|
}
|
|
},
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"clientId",
|
|
"clientSecret",
|
|
"issuerURL",
|
|
"postLogoutRedirectURL"
|
|
]
|
|
},
|
|
"cookie": {
|
|
"title": "Configuration du cookie porteur de la session utilisateur",
|
|
"type": "object",
|
|
"properties": {
|
|
"name": {
|
|
"title": "Nom du cookie",
|
|
"default": "",
|
|
"type": "string"
|
|
},
|
|
"domain": {
|
|
"type": "string"
|
|
},
|
|
"path": {
|
|
"type": "string"
|
|
},
|
|
"sameSite": {
|
|
"type": "string"
|
|
},
|
|
"httpOnly": {
|
|
"type": "boolean"
|
|
},
|
|
"secure": {
|
|
"type": "boolean"
|
|
},
|
|
"maxAge": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
}
|
|
},
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"oidc"
|
|
]
|
|
} |