From f2766fcf43837ff5e103c3ebec05d16e7a290d68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Fra=C3=9F?= Date: Sat, 26 Oct 2024 11:54:25 +0200 Subject: [PATCH] [task-183] [mod] authelia-for-owncloud --- roles/authelia-for-owncloud/defaults/main.json | 4 +++- roles/authelia-for-owncloud/tasks/main.json | 8 ++++++++ .../templates/authelia-client-conf-desktop.json.j2 | 4 ++-- roles/authelia-for-owncloud/vardef.json | 10 +++++++++- 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/roles/authelia-for-owncloud/defaults/main.json b/roles/authelia-for-owncloud/defaults/main.json index b12d86f..4daa968 100644 --- a/roles/authelia-for-owncloud/defaults/main.json +++ b/roles/authelia-for-owncloud/defaults/main.json @@ -4,5 +4,7 @@ "var_authelia_for_owncloud_android_client_id": "owncloud_android", "var_authelia_for_owncloud_android_client_secret": "REPLACE_ME", "var_authelia_for_owncloud_ios_client_id": "owncloud_ios", - "var_authelia_for_owncloud_ios_client_secret": "REPLACE_ME" + "var_authelia_for_owncloud_ios_client_secret": "REPLACE_ME", + "var_authelia_for_owncloud_desktop_client_id": "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69", + "var_authelia_for_owncloud_desktop_client_secret": "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh" } diff --git a/roles/authelia-for-owncloud/tasks/main.json b/roles/authelia-for-owncloud/tasks/main.json index 7ddcc45..99c0626 100644 --- a/roles/authelia-for-owncloud/tasks/main.json +++ b/roles/authelia-for-owncloud/tasks/main.json @@ -23,6 +23,14 @@ }, "register": "temp_authelia_for_owncloud_ios_client_secret_hashed" }, + { + "name": "configuration | compute client secret hash | desktop", + "become": true, + "ansible.builtin.shell": { + "cmd": "authelia crypto hash generate bcrypt --password {{var_authelia_for_owncloud_desktop_client_secret}} | cut --delimiter=' ' --fields='2-'" + }, + "register": "temp_authelia_for_owncloud_desktop_client_secret_hashed" + }, { "name": "configuration | emplace", "become": true, diff --git a/roles/authelia-for-owncloud/templates/authelia-client-conf-desktop.json.j2 b/roles/authelia-for-owncloud/templates/authelia-client-conf-desktop.json.j2 index 61b3e43..7558a71 100644 --- a/roles/authelia-for-owncloud/templates/authelia-client-conf-desktop.json.j2 +++ b/roles/authelia-for-owncloud/templates/authelia-client-conf-desktop.json.j2 @@ -1,6 +1,6 @@ { - "client_id": "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69", - "client_secret": "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh", + "client_id": "{{var_authelia_for_owncloud_desktop_client_id}}", + "client_secret": "{{temp_authelia_for_owncloud_desktop_client_secret_hashed.stdout}}", "client_name": "ownCloud | Desktop Client", "authorization_policy": "one_factor", "scopes": [ diff --git a/roles/authelia-for-owncloud/vardef.json b/roles/authelia-for-owncloud/vardef.json index 8bf599d..531604d 100644 --- a/roles/authelia-for-owncloud/vardef.json +++ b/roles/authelia-for-owncloud/vardef.json @@ -13,13 +13,21 @@ }, "android_client_secret": { "type": "string", - "mandatory": false + "mandatory": true }, "ios_client_id": { "type": "string", "mandatory": false }, "ios_client_secret": { + "type": "string", + "mandatory": true + }, + "dektop_client_id": { + "type": "string", + "mandatory": false + }, + "desktop_client_secret": { "type": "string", "mandatory": false }