[mod] role:mas:auth
This commit is contained in:
parent
0a5acb7907
commit
17354eb042
3 changed files with 42 additions and 46 deletions
|
|
@ -12,13 +12,11 @@
|
||||||
"var_mas_matrix_secret": "REPLACE_ME",
|
"var_mas_matrix_secret": "REPLACE_ME",
|
||||||
"var_mas_matrix_endpoint": "http://localhost:8008/",
|
"var_mas_matrix_endpoint": "http://localhost:8008/",
|
||||||
"var_mas_encryption_key": "REPLACE_ME",
|
"var_mas_encryption_key": "REPLACE_ME",
|
||||||
"var_mas_authentication_upstream_active": false,
|
"var_mas_authentication_upstream_kind": "none",
|
||||||
"var_mas_authentication_upstream_id": "default_upstream",
|
"var_mas_authentication_upstream_data_authelia_url_base": "https://authelia.example.org",
|
||||||
"var_mas_authentication_upstream_issuer": "https://auth.example.org",
|
"var_mas_authentication_upstream_data_authelia_auth_method": "client_secret_post",
|
||||||
"var_mas_authentication_upstream_client_id": "mas",
|
"var_mas_authentication_upstream_data_authelia_scope": "openid profile email",
|
||||||
"var_mas_authentication_upstream_client_secret": "REPLACE_ME",
|
"var_mas_authentication_upstream_data_authelia_name": "authelia",
|
||||||
"var_mas_authentication_upstream_token_endpoint_auth_method": "client_secret_post"
|
"var_mas_authentication_upstream_data_authelia_client_id": "mas",
|
||||||
"var_mas_authentication_upstream_scope": "openid email profile",
|
"var_mas_authentication_upstream_data_authelia_client_secret": "REPLACE_ME"
|
||||||
"var_mas_authentication_upstream_authorization_endpoint": "https://auth.example.org/authorize",
|
|
||||||
"var_mas_authentication_upstream_token_endpoint": "https://auth.example.org/token"
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -85,18 +85,20 @@
|
||||||
],
|
],
|
||||||
"minimum_complexity": 3
|
"minimum_complexity": 3
|
||||||
},
|
},
|
||||||
{% if var_mas_authentication_upstream_active %}
|
{% if var_mas_authentication_upstream_kind == 'none' %}
|
||||||
|
{% endif %}
|
||||||
|
{% if var_mas_authentication_upstream_kind == 'authelia' %}
|
||||||
"upstream_oauth2": {
|
"upstream_oauth2": {
|
||||||
"providers": [
|
"providers": [
|
||||||
{
|
{
|
||||||
"id": "{{var_mas_authentication_upstream_id}}",
|
"id": "{{var_mas_authentication_upstream_data_authelia_name}}",
|
||||||
"issuer": "{{var_mas_authentication_upstream_issuer}}",
|
"issuer": "{{var_mas_authentication_upstream_data_authelia_url_base}}",
|
||||||
"client_id": "{{var_mas_authentication_upstream_client_id}}",
|
"authorization_endpoint": "{{var_mas_authentication_upstream_data_authelia_url_base}}/api/oidc/authorization",
|
||||||
"client_secret": "{{var_mas_authentication_upstream_client_secret}}",
|
"token_endpoint": "{{var_mas_authentication_upstream_data_authelia_url_base}}/api/oidc/token",
|
||||||
"token_endpoint_auth_method": "{{var_mas_authentication_upstream_token_endpoint_auth_method}}",
|
"token_endpoint_auth_method": "{{var_mas_authentication_upstream_data_authelia_auth_method}}",
|
||||||
"scope": "{{var_mas_authentication_upstream_scope}}",
|
"scope": "{{var_mas_authentication_upstream_data_authelia_scope}}",
|
||||||
"authorization_endpoint": "{{var_mas_authentication_upstream_authorization_endpoint}}",
|
"client_id": "{{var_mas_authentication_upstream_data_authelia_client_id}}",
|
||||||
"token_endpoint": "{{var_mas_authentication_upstream_token_endpoint}}"
|
"client_secret": "{{var_mas_authentication_upstream_data_authelia_client_secret}}"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -43,40 +43,36 @@
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"mandatory": false
|
"mandatory": false
|
||||||
},
|
},
|
||||||
"authentication_upstream_active": {
|
"authentication_upstream_kind": {
|
||||||
"nullable": false,
|
"nullable": false,
|
||||||
"type": "boolean"
|
"type": "string",
|
||||||
|
"options": [
|
||||||
|
"none",
|
||||||
|
"authelia"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"authentication_upstream_id": {
|
"authentication_upstream_data_authelia_url_base": {
|
||||||
"nullable": false,
|
"type": "string",
|
||||||
"type": "string"
|
"mandatory": false
|
||||||
},
|
},
|
||||||
"authentication_upstream_issuer": {
|
"authentication_upstream_data_authelia_auth_method": {
|
||||||
"nullable": false,
|
"type": "string",
|
||||||
"type": "string"
|
"mandatory": false
|
||||||
},
|
},
|
||||||
"authentication_upstream_client_id": {
|
"authentication_upstream_data_authelia_scope": {
|
||||||
"nullable": false,
|
"type": "string",
|
||||||
"type": "string"
|
"mandatory": false
|
||||||
},
|
},
|
||||||
"authentication_upstream_client_secret": {
|
"authentication_upstream_data_authelia_name": {
|
||||||
"nullable": false,
|
"type": "string",
|
||||||
"type": "string"
|
"mandatory": false
|
||||||
},
|
},
|
||||||
"authentication_upstream_token_endpoint_auth_method": {
|
"authentication_upstream_data_authelia_client_id": {
|
||||||
"nullable": false,
|
"type": "string",
|
||||||
"type": "string"
|
"mandatory": false
|
||||||
},
|
},
|
||||||
"authentication_upstream_scope": {
|
"authentication_upstream_data_authelia_client_secret": {
|
||||||
"nullable": false,
|
"type": "string",
|
||||||
"type": "string"
|
"mandatory": false
|
||||||
},
|
|
||||||
"authentication_upstream_authorization_endpoint": {
|
|
||||||
"nullable": false,
|
|
||||||
"type": "string"
|
|
||||||
},
|
|
||||||
"authentication_upstream_token_endpoint": {
|
|
||||||
"nullable": false,
|
|
||||||
"type": "string"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue