Support the OIDC authentication.
This commit is contained in:
parent
010b422c42
commit
e10c34ade3
|
@ -74,7 +74,8 @@ shinyproxy_template_path: '{{ shinyproxy_install_dir }}/web_templates'
|
|||
|
||||
shinyproxy_app_title: 'Open Analytics Shiny Proxy'
|
||||
shinyproxy_logo_url: 'http://www.openanalytics.eu/sites/www.openanalytics.eu/themes/oa/logo.png'
|
||||
# ldap, keycloak, none
|
||||
# ldap, keycloak, oidc, none
|
||||
# See https://www.shinyproxy.io/documentation/configuration/
|
||||
shinyproxy_authentication: 'none'
|
||||
shinyproxy_basic_auth: 'false'
|
||||
shinyproxy_admin_group: ''
|
||||
|
@ -97,5 +98,16 @@ shinyproxy_keycloak_ssl_required: 'external'
|
|||
# name, preferred_username, nickname, email
|
||||
shinyproxy_keycloak_name_attribute: 'preferred_username'
|
||||
shinyproxy_keycloak_role_mappings: 'false'
|
||||
shinyproxy_oidc_auth_url: 'https://keycloak.example.org/auth/realms/master/protocol/openid-connect/auth'
|
||||
shinyproxy_oidc_token_url: 'https:/keycloak.example.org/auth/realms/master/protocol/openid-connect/token'
|
||||
shinyproxy_oidc_jwks_url: 'https:/keycloak.example.org/auth/realms/master/protocol/openid-connect/certs'
|
||||
shinyproxy_oidc_logout_url: 'https:/keycloak.example.org/auth/realms/master/protocol/openid-connect/logout'
|
||||
shinyproxy_oidc_client_id: 'shiny_client'
|
||||
shinyproxy_oidc_client_secret: 'use a vault file'
|
||||
# name, preferred_username, nickname, email
|
||||
shinyproxy_oidc_username_attribute: 'email'
|
||||
# See https://www.shinyproxy.io/faq/#authentication-using-openid-does-not-work-because-of-missing-attribute-email-in-attributes-exception
|
||||
shinyproxy_oidc_use_roles_claim: True
|
||||
shinyproxy_oidc_roles_claim: 'groups'
|
||||
|
||||
shinyproxy_max_log_size: 20MB
|
||||
|
|
|
@ -68,6 +68,19 @@ proxy:
|
|||
name-attribute: {{ shinyproxy_keycloak_name_attribute }}
|
||||
use-resource-role-mappings: {{ shinyproxy_keycloak_role_mappings }}
|
||||
{% endif %}
|
||||
{% if shinyproxy_authentication == 'oidc' %}
|
||||
oidc:
|
||||
auth-url: {{ shinyproxy_oidc_auth_url }}
|
||||
token-url: {{ shinyproxy_oidc_token_url }}
|
||||
jwks-url: {{ shinyproxy_oidc_jwks_url }}
|
||||
logout-url: {{ shinyproxy_oidc_logout_url }}
|
||||
client-id: {{ shinyproxy_oidc_client_id }}
|
||||
client-secret: {{ shinyproxy_oidc_client_secret }}
|
||||
username-attribute: {{ shinyproxy_oidc_username_attribute }}
|
||||
{% if shinyproxy_oidc_use_roles_claim %}
|
||||
roles-claim: {{ shinyproxy_oidc_roles_claim }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if shinyproxy_container_backend == 'docker' or shinyproxy_container_backend == 'docker-swarm' %}
|
||||
docker:
|
||||
container-memory-request: {{ shinyproxy_docker_memory_request }}
|
||||
|
|
Loading…
Reference in New Issue