[mod] role:mas:auth
This commit is contained in:
parent
0a5acb7907
commit
17354eb042
3 changed files with 42 additions and 46 deletions
|
|
@ -12,13 +12,11 @@
|
|||
"var_mas_matrix_secret": "REPLACE_ME",
|
||||
"var_mas_matrix_endpoint": "http://localhost:8008/",
|
||||
"var_mas_encryption_key": "REPLACE_ME",
|
||||
"var_mas_authentication_upstream_active": false,
|
||||
"var_mas_authentication_upstream_id": "default_upstream",
|
||||
"var_mas_authentication_upstream_issuer": "https://auth.example.org",
|
||||
"var_mas_authentication_upstream_client_id": "mas",
|
||||
"var_mas_authentication_upstream_client_secret": "REPLACE_ME",
|
||||
"var_mas_authentication_upstream_token_endpoint_auth_method": "client_secret_post"
|
||||
"var_mas_authentication_upstream_scope": "openid email profile",
|
||||
"var_mas_authentication_upstream_authorization_endpoint": "https://auth.example.org/authorize",
|
||||
"var_mas_authentication_upstream_token_endpoint": "https://auth.example.org/token"
|
||||
"var_mas_authentication_upstream_kind": "none",
|
||||
"var_mas_authentication_upstream_data_authelia_url_base": "https://authelia.example.org",
|
||||
"var_mas_authentication_upstream_data_authelia_auth_method": "client_secret_post",
|
||||
"var_mas_authentication_upstream_data_authelia_scope": "openid profile email",
|
||||
"var_mas_authentication_upstream_data_authelia_name": "authelia",
|
||||
"var_mas_authentication_upstream_data_authelia_client_id": "mas",
|
||||
"var_mas_authentication_upstream_data_authelia_client_secret": "REPLACE_ME"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -85,18 +85,20 @@
|
|||
],
|
||||
"minimum_complexity": 3
|
||||
},
|
||||
{% if var_mas_authentication_upstream_active %}
|
||||
{% if var_mas_authentication_upstream_kind == 'none' %}
|
||||
{% endif %}
|
||||
{% if var_mas_authentication_upstream_kind == 'authelia' %}
|
||||
"upstream_oauth2": {
|
||||
"providers": [
|
||||
{
|
||||
"id": "{{var_mas_authentication_upstream_id}}",
|
||||
"issuer": "{{var_mas_authentication_upstream_issuer}}",
|
||||
"client_id": "{{var_mas_authentication_upstream_client_id}}",
|
||||
"client_secret": "{{var_mas_authentication_upstream_client_secret}}",
|
||||
"token_endpoint_auth_method": "{{var_mas_authentication_upstream_token_endpoint_auth_method}}",
|
||||
"scope": "{{var_mas_authentication_upstream_scope}}",
|
||||
"authorization_endpoint": "{{var_mas_authentication_upstream_authorization_endpoint}}",
|
||||
"token_endpoint": "{{var_mas_authentication_upstream_token_endpoint}}"
|
||||
"id": "{{var_mas_authentication_upstream_data_authelia_name}}",
|
||||
"issuer": "{{var_mas_authentication_upstream_data_authelia_url_base}}",
|
||||
"authorization_endpoint": "{{var_mas_authentication_upstream_data_authelia_url_base}}/api/oidc/authorization",
|
||||
"token_endpoint": "{{var_mas_authentication_upstream_data_authelia_url_base}}/api/oidc/token",
|
||||
"token_endpoint_auth_method": "{{var_mas_authentication_upstream_data_authelia_auth_method}}",
|
||||
"scope": "{{var_mas_authentication_upstream_data_authelia_scope}}",
|
||||
"client_id": "{{var_mas_authentication_upstream_data_authelia_client_id}}",
|
||||
"client_secret": "{{var_mas_authentication_upstream_data_authelia_client_secret}}"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
|
|||
|
|
@ -43,40 +43,36 @@
|
|||
"type": "string",
|
||||
"mandatory": false
|
||||
},
|
||||
"authentication_upstream_active": {
|
||||
"authentication_upstream_kind": {
|
||||
"nullable": false,
|
||||
"type": "boolean"
|
||||
"type": "string",
|
||||
"options": [
|
||||
"none",
|
||||
"authelia"
|
||||
]
|
||||
},
|
||||
"authentication_upstream_id": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
"authentication_upstream_data_authelia_url_base": {
|
||||
"type": "string",
|
||||
"mandatory": false
|
||||
},
|
||||
"authentication_upstream_issuer": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
"authentication_upstream_data_authelia_auth_method": {
|
||||
"type": "string",
|
||||
"mandatory": false
|
||||
},
|
||||
"authentication_upstream_client_id": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
"authentication_upstream_data_authelia_scope": {
|
||||
"type": "string",
|
||||
"mandatory": false
|
||||
},
|
||||
"authentication_upstream_client_secret": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
"authentication_upstream_data_authelia_name": {
|
||||
"type": "string",
|
||||
"mandatory": false
|
||||
},
|
||||
"authentication_upstream_token_endpoint_auth_method": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
"authentication_upstream_data_authelia_client_id": {
|
||||
"type": "string",
|
||||
"mandatory": false
|
||||
},
|
||||
"authentication_upstream_scope": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
},
|
||||
"authentication_upstream_authorization_endpoint": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
},
|
||||
"authentication_upstream_token_endpoint": {
|
||||
"nullable": false,
|
||||
"type": "string"
|
||||
"authentication_upstream_data_authelia_client_secret": {
|
||||
"type": "string",
|
||||
"mandatory": false
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue