fix: use hydra-ldap and olm operator to fix example

examples/authenticated-app/patches/hydra-dispatcher-env.yaml

@@ -1,3 +1,9 @@
+- op: replace
+  path: "/data/APP_ENV"
+  value: dev
+- op: replace
+  path: "/data/APP_DEBUG"
+  value: "true"
 - op: replace
   path: "/data/HYDRA_BASE_URL"
   value: http://hydra:4444
@@ -17,14 +23,13 @@
   path: "/data/COOKIE_PATH"
   value: /auth/dispatcher
 
-# Hydra SAML configuration
+# Hydra LDAP configuration
 - op: replace
-  path: "/data/HYDRA_DISPATCHER_SAML_LOGIN_URL"
-  value: https://ssokustom/auth/saml/login
+  path: "/data/HYDRA_DISPATCHER_LDAP_LOGIN_URL"
+  value: https://ssokustom/auth/ldap/auth/login
 - op: replace
-  path: "/data/HYDRA_DISPATCHER_SAML_CONSENT_URL"
-  value: https://ssokustom/auth/saml/consent
+  path: "/data/HYDRA_DISPATCHER_LDAP_CONSENT_URL"
+  value: https://ssokustom/auth/ldap/auth/consent
 - op: replace
-  path: "/data/HYDRA_DISPATCHER_SAML_LOGOUT_URL"
-  value: https://ssokustom/auth/saml/logout
-  
+  path: "/data/HYDRA_DISPATCHER_LDAP_LOGOUT_URL"
+  value: https://ssokustom/auth/ldap/auth/logout

examples/authenticated-app/patches/hydra-env.yaml

@@ -12,4 +12,13 @@
   value: https://ssokustom/auth/dispatcher/consent
 - op: replace
   path: "/data/HYDRA_SERVE_ALL_ARGS"
-  value: "--dev"
+  value: "--dev"
+- op: replace
+  path: "/data/SERVE_COOKIES_SAME_SITE_MODE"
+  value: "Lax"
+- op: replace
+  path: "/data/SERVE_COOKIES_SAME_SITE_LEGACY_WORKAROUND"
+  value: "true"
+- op: replace
+  path: "/data/SERVE_COOKIES_DOMAIN"
+  value: "ssokustom"

examples/authenticated-app/patches/hydra-ldap-env.yaml

@@ -0,0 +1,55 @@
+- op: replace
+  path: "/data/WERTHER_DEV_MODE"
+  value: "true"
+
+- op: replace
+  path: "/data/WERTHER_WEB_BASE_PATH"
+  value: "/auth/ldap/"
+
+- op: replace
+  path: "/data/WERTHER_IDENTP_HYDRA_URL"
+  value: "http://hydra-dispatcher"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_ENDPOINTS"
+  value: "glauth-ldap:389"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_BASEDN"
+  value: "dc=glauth,dc=com"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_ROLE_BASEDN"
+  value: "ou=groups,dc=glauth,dc=com"
+
+- op: replace
+  path: "/data/WERTHER_IDENTP_CLAIM_SCOPES"
+  value: "uid:profile,name:profile,family_name:profile,given_name:profile,email:profile,https%3A%2F%2Fhydra%2Fclaims%2Froles:roles,siret:siret"
+
+- op: replace
+  path: "/data/WERTHER_INSECURE_SKIP_VERIFY"
+  value: "true"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_IS_TLS"
+  value: "false"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_ATTR_CLAIMS"
+  value: "name:name,sn:family_name,givenName:given_name,mail:email,siret:siret"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_CONNECTION_TIMEOUT"
+  value: "30s"
+
+- op: replace
+  path: "/data/WERTHER_LDAP_USER_SEARCH_QUERY"
+  value: "(&(objectClass=*)(|(uid=%[1]s)(mail=%[1]s)(userPrincipalName=%[1]s)(sAMAccountName=%[1]s)))"
+
+- op: replace
+  path: "/data/WERTHER_IDENTP_ACR"
+  value: "eidas1"
+
+- op: replace
+  path: "/data/WERTHER_IDENTP_AMR"
+  value: "pwd"

examples/authenticated-app/patches/hydra-ldap-sc.yaml

@@ -0,0 +1,7 @@
+- op: replace
+  path: "/data/WERTHER_LDAP_BINDDN"
+  value: "Y249c2VydmljZXVzZXIsb3U9c3ZjYWNjdHMsb3U9dXNlcnMsZGM9Z2xhdXRoLGRjPWNvbQ==" # cn=serviceuser,ou=svcaccts,ou=users,dc=glauth,dc=com
+
+- op: replace
+  path: "/data/WERTHER_LDAP_BINDPW"
+  value: "bXlzZWNyZXQ=" # mysecret

examples/authenticated-app/patches/hydra-saml-env.yaml

@@ -1,43 +0,0 @@
-- op: replace
-  path: "/data/HTTP_BASE_URL"
-  value: https://ssokustom/auth/saml
-- op: replace
-  path: "/data/COOKIE_PATH"
-  value: /auth/saml
-- op: replace
-  path: "/data/HYDRA_ADMIN_BASE_URL"
-  value: http://hydra-dispatcher
-- op: replace
-  path: "/data/LOGOUT_REDIRECT_URL_PATTERN"
-  value: https://ssokustom/auth/saml/Shibboleth.sso/Logout?return=%s
-- op: replace
-  path: "/data/PATH_PREFIX"
-  value: "/auth/saml"
-
-- op: replace
-  path: "/data/SP_ENTITY_ID"
-  value: https://ssokustom/auth/saml
-- op: replace
-  path: "/data/IDP_ENTITY_ID"
-  value: https://ssokustom/simplesaml/saml2/idp/metadata.php
-- op: replace
-  path: "/data/IDP_METADATA_URL"
-  value: https://ssokustom/simplesaml/saml2/idp/metadata.php
-- op: replace
-  path: "/data/APACHE_FORCE_HTTPS"
-  value: "true"
-- op: replace
-  path: "/data/SP_HANDLER_BASE_PATH"
-  value: "/auth/saml"
-- op: replace
-  path: "/data/SP_LOG_LEVEL"
-  value: DEBUG
-- op: replace
-  path: "/data/SP_SESSIONS_REDIRECT_LIMIT"
-  value: none
-- op: replace
-  path: "/data/SP_SESSIONS_REDIRECT_ALLOW"
-  value: https://ssokustom
-- op: replace
-  path: "/data/SP_SESSIONS_COOKIE_PROPS"
-  value: https

examples/authenticated-app/patches/oidc-test-oauth2-client.yaml

@@ -3,4 +3,7 @@
   value: https://ssokustom/oauth2/callback
 - op: replace
   path: "/spec/postLogoutRedirectUris/0"
-  value: https://ssokustom
+  value: https://ssokustom
+- op: replace
+  path: "/spec/scope"
+  value: "openid profile roles siret"

examples/authenticated-app/patches/oidc-test.yaml

@@ -4,3 +4,6 @@
 - op: replace
   path: "/data/OIDC_POST_LOGOUT_REDIRECT_URL"
   value: https://ssokustom
+- op: replace
+  path: "/data/OIDC_SCOPES"
+  value: "openid profile roles siret"