Skip to content

Commit

Permalink
Merge pull request #42 from trento-project/add-oauth2-integration
Browse files Browse the repository at this point in the history
Add OAUTH2 integration usage and documentation
  • Loading branch information
arbulu89 authored Sep 12, 2024
2 parents 971b805 + 852c877 commit d8f91e0
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 1 deletion.
10 changes: 9 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -247,10 +247,18 @@ These variables are the defaults of our roles, if you want to override the prope
| smtp_port | Port number of SMTP server | |
| smtp_user | Username for SMTP authentication | |
| smtp_password | Password for SMTP authentication | |
| enable_oidc | Enable OIDC integration, this disables the username/password authentication method | false |
| enable_oidc | Enable OIDC integration, this disables the username/password authentication method (self exclusive SSO type) | false |
| oidc_client_id | OIDC client id, required when enable_oidc is true | |
| oidc_client_secret | OIDC client secret, required when enable_oidc is true | |
| oidc_server_base_url | OIDC identity provider base url, required when enable_oidc is true | |
| enable_oauth2 | Enable OAUTH2 integration, this disables the username/password authentication method (self exclusive SSO type) | false |
| oauth2_client_id | OAUTH2 client id, required when enable_oauth2 is true | |
| oauth2_client_secret | OAUTH2 client secret, required when enable_oauth2 is true | |
| oauth2_server_base_url | OAUTH2 identity provider base url, required when enable_oauth2 is true | |
| oauth2_authorize_url | OAUTH2 authorize url, required when enable_oauth2 is true | |
| oauth2_token_url | OAUTH2 token url, required when enable_oauth2 is true | |
| oauth2_user_url | OAUTH2 user information url, required when enable_oauth2 is true | |
| oauth2_scopes | OAUTH2 scopes, required when enable_oauth2 is true | "profile email" |
| install_nginx | Install nginx | true |
| nginx_ssl_cert_as_base64 | Nginx SSL certificate provided as base64 string | false |
| nginx_ssl_key_as_base64 | Nginx SSL key provided as base64 string | false |
Expand Down
8 changes: 8 additions & 0 deletions roles/app/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,3 +27,11 @@ enable_oidc: "false"
oidc_client_id: ""
oidc_client_secret: ""
oidc_server_base_url: ""
enable_oauth2: "false"
oauth2_client_id: ""
oauth2_client_secret: ""
oauth2_server_base_url: ""
oauth2_authorize_url: ""
oauth2_token_url: ""
oauth2_user_url: ""
oauth2_scopes: "profile email"
8 changes: 8 additions & 0 deletions roles/app/tasks/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -106,3 +106,11 @@
OIDC_CLIENT_ID: "{{ oidc_client_id }}"
OIDC_CLIENT_SECRET: "{{ oidc_client_secret }}"
OIDC_BASE_URL: "{{ oidc_server_base_url }}"
ENABLE_OAUTH2: "{{ enable_oauth2 }}"
OAUTH2_CLIENT_ID: "{{ oauth2_client_id }}"
OAUTH2_CLIENT_SECRET: "{{ oauth2_client_secret }}"
OAUTH2_BASE_URL: "{{ oauth2_server_base_url }}"
OAUTH2_AUTHORIZE_URL: "{{ oauth2_authorize_url }}"
OAUTH2_TOKEN_URL: "{{ oauth2_token_url }}"
OAUTH2_USER_URL: "{{ oauth2_user_url }}"
OAUTH2_SCOPES: "{{ oauth2_scopes }}"
8 changes: 8 additions & 0 deletions roles/app/templates/trento-web.j2
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,11 @@ ENABLE_OIDC={{ enable_oidc }}
OIDC_CLIENT_ID={{ oidc_client_id }}
OIDC_CLIENT_SECRET={{ oidc_client_secret }}
OIDC_BASE_URL={{ oidc_server_base_url }}
ENABLE_OAUTH2={{ enable_oauth2 }}
OAUTH2_CLIENT_ID={{ oauth2_client_id }}
OAUTH2_CLIENT_SECRET={{ oauth2_client_secret }}
OAUTH2_BASE_URL={{ oauth2_server_base_url }}
OAUTH2_AUTHORIZE_URL={{ oauth2_authorize_url }}
OAUTH2_TOKEN_URL={{ oauth2_token_url }}
OAUTH2_USER_URL={{ oauth2_user_url }}
OAUTH2_SCOPES={{ oauth2_scopes }}

0 comments on commit d8f91e0

Please sign in to comment.