sso-kustom/examples/authenticated-app/files/hydra-dispatcher-apps.yaml

hydra:
  apps:
    - id: ldap
      title:
        fr: Connexion LDAP
        en: Login LDAP
      description:
        fr: Authentification avec LDAP
        en: Authentication with LDAP
      login_url: "%env(string:HYDRA_DISPATCHER_LDAP_LOGIN_URL)%"
      consent_url: "%env(string:HYDRA_DISPATCHER_LDAP_CONSENT_URL)%"
      logout_url: "%env(string:HYDRA_DISPATCHER_LDAP_LOGOUT_URL)%"
      attributes_rewrite_configuration:
        siret:
          rules:
            - "property_exists(consent.session.id_token, 'siret') ?  consent.session.id_token.siret : null"
            - "value ?: ( consent.session.id_token.email matches '/.*@example.com$/' ? '0000' : null )"
            - "value ?: ( consent.session.id_token.email matches '/.*@jdoe.com$/' ? '0001' : null )"
        family_name:
          rules:
            - "property_exists(consent.session.id_token, 'family_name') ? consent.session.id_token.family_name : null"
        given_name:
          rules:
            - "property_exists(consent.session.id_token, 'given_name') ? consent.session.id_token.given_name : null"
        email:
          rules:
            - "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
  firewall:
    additional_properties: true
    rules:
      siret:
        required: false
      email:
        required: false
      given_name:
        required: false
      family_name:
        required: false
  webhook:
    enabled: false
  webhook_post_login:
    enabled: false
fix: use hydra-ldap and olm operator to fix example 2025-02-13 17:02:48 +01:00			`hydra:`
			`apps:`
			`- id: ldap`
			`title:`
			`fr: Connexion LDAP`
			`en: Login LDAP`
			`description:`
			`fr: Authentification avec LDAP`
			`en: Authentication with LDAP`
			`login_url: "%env(string:HYDRA_DISPATCHER_LDAP_LOGIN_URL)%"`
			`consent_url: "%env(string:HYDRA_DISPATCHER_LDAP_CONSENT_URL)%"`
			`logout_url: "%env(string:HYDRA_DISPATCHER_LDAP_LOGOUT_URL)%"`
			`attributes_rewrite_configuration:`
			`siret:`
			`rules:`
			`- "property_exists(consent.session.id_token, 'siret') ? consent.session.id_token.siret : null"`
			`- "value ?: ( consent.session.id_token.email matches '/.*@example.com$/' ? '0000' : null )"`
			`- "value ?: ( consent.session.id_token.email matches '/.*@jdoe.com$/' ? '0001' : null )"`
			`family_name:`
			`rules:`
			`- "property_exists(consent.session.id_token, 'family_name') ? consent.session.id_token.family_name : null"`
			`given_name:`
			`rules:`
			`- "property_exists(consent.session.id_token, 'given_name') ? consent.session.id_token.given_name : null"`
			`email:`
			`rules:`
			`- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"`
			`firewall:`
			`additional_properties: true`
			`rules:`
			`siret:`
			`required: false`
			`email:`
			`required: false`
			`given_name:`
			`required: false`
			`family_name:`
			`required: false`
			`webhook:`
			`enabled: false`
			`webhook_post_login:`
			`enabled: false`