mirror of
https://github.com/wekan/wekan.git
synced 2025-04-23 21:47:10 -04:00
Merge branch 'edge' into meteor-1.8
This commit is contained in:
Lauri Ojansivu
commit
526e10865f
15 changed files with 127 additions and 31 deletions
15
CHANGELOG.md
15
CHANGELOG.md
|
|
@ -1,3 +1,18 @@
|
|||
# v2.75 2019-05-22 Wekan release
|
||||
|
||||
This release adds the following new features:
|
||||
|
||||
- [CAS allowed LDAP groups](https://github.com/wekan/meteor-accounts-cas/pull/4).
|
||||
Thanks to ppoulard. Please test. Related [#2356](https://github.com/wekan/wekan/issues/2356).
|
||||
|
||||
and fixes the following bugs:
|
||||
|
||||
- [Fix](https://github.com/wekan/wekan/commit/634df8f6f26a7a7a2df6f87a705d322d88638425):
|
||||
[OAuth2 Requested Scopes are wrong / cannot be configured](https://github.com/wekan/wekan/issues/2412).
|
||||
Thanks to DominikPf and xet7. Please test.
|
||||
|
||||
Thanks to above GitHub users for their contributions and translators for their translations.
|
||||
|
||||
# v2.74 2019-05-14 Wekan release
|
||||
|
||||
This release fixes the following bugs:
|
||||
|
|
|
|||
|
|
@ -40,6 +40,8 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
|
|||
OAUTH2_ID_MAP="" \
|
||||
OAUTH2_USERNAME_MAP="" \
|
||||
OAUTH2_FULLNAME_MAP="" \
|
||||
OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[] \
|
||||
OAUTH2_REQUEST_PERMISSIONS=['openid','profiles','email'] \
|
||||
OAUTH2_EMAIL_MAP="" \
|
||||
LDAP_ENABLE=false \
|
||||
LDAP_PORT=389 \
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
appId: wekan-public/apps/77b94f60-dec9-0136-304e-16ff53095928
|
||||
appVersion: "v2.74.0"
|
||||
appVersion: "v2.75.0"
|
||||
files:
|
||||
userUploads:
|
||||
- README.md
|
||||
|
|
|
|||
|
|
@ -324,6 +324,10 @@ services:
|
|||
#- OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
|
||||
# OAuth2 Token Endpoint.
|
||||
#- OAUTH2_TOKEN_ENDPOINT=/oauth/token
|
||||
# OAUTH2 ID Token Whitelist Fields.
|
||||
#- OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
|
||||
# OAUTH2 Request Permissions.
|
||||
#- OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
|
||||
# OAuth2 ID Mapping
|
||||
#- OAUTH2_ID_MAP=
|
||||
# OAuth2 Username Mapping
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"accept": "Прийняти",
|
||||
"act-activity-notify": "Сповіщення діяльності",
|
||||
"act-activity-notify": "Сповіщення активності",
|
||||
"act-addAttachment": "added attachment __attachment__ to card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"act-deleteAttachment": "deleted attachment __attachment__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"act-addSubtask": "added subtask __subtask__ to card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
|
|
@ -17,7 +17,7 @@
|
|||
"act-completeChecklist": "completed checklist __checklist__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"act-uncompleteChecklist": "uncompleted checklist __checklist__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"act-addComment": "commented on card __card__: __comment__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"act-createBoard": "Створити Коробко",
|
||||
"act-createBoard": "Дошку __board__створено",
|
||||
"act-createSwimlane": "created swimlane __swimlane__ to board __board__",
|
||||
"act-createCard": "created card __card__ to list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"act-createCustomField": "created custom field __customField__ to card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
|
|
@ -39,26 +39,26 @@
|
|||
"act-withBoardTitle": "__board__",
|
||||
"act-withCardTitle": "[__board__] __card__",
|
||||
"actions": "Дії",
|
||||
"activities": "Діяльність",
|
||||
"activity": "Активність",
|
||||
"activity-added": "додав %s до %s",
|
||||
"activities": "Діяльності",
|
||||
"activity": "Діяльність",
|
||||
"activity-added": "%s додано до %s",
|
||||
"activity-archived": "%s перенесено до архіву",
|
||||
"activity-attached": "прикріпив %s до %s",
|
||||
"activity-created": "створив %s",
|
||||
"activity-customfield-created": "створив налаштовуване поле",
|
||||
"activity-excluded": "виключено %s з %s",
|
||||
"activity-imported": "імпортовано %s до %s з %s",
|
||||
"activity-imported-board": "імпортовано %s з %s",
|
||||
"activity-joined": "приєднався %s",
|
||||
"activity-moved": "переміщений %s з %s до %s",
|
||||
"activity-attached": "%s прикріплено до %s",
|
||||
"activity-created": "%sстворено",
|
||||
"activity-customfield-created": "Створено спеціальне поле",
|
||||
"activity-excluded": "%s виключено з %s",
|
||||
"activity-imported": "%s імпортовано до %s з %s",
|
||||
"activity-imported-board": "%s імпортовано з %s",
|
||||
"activity-joined": "%s приєднано",
|
||||
"activity-moved": "%s переміщено з %s до %s",
|
||||
"activity-on": "%s",
|
||||
"activity-removed": "видалив %s з %s",
|
||||
"activity-sent": "відправив %s до %s",
|
||||
"activity-removed": "%s видалено з %s",
|
||||
"activity-sent": "%s відправлено до %s",
|
||||
"activity-unjoined": "unjoined %s",
|
||||
"activity-subtask-added": "додав підзадачу до %s",
|
||||
"activity-subtask-added": "Додано підзадачу до %s",
|
||||
"activity-checked-item": "checked %s in checklist %s of %s",
|
||||
"activity-unchecked-item": "unchecked %s in checklist %s of %s",
|
||||
"activity-checklist-added": "додав список до %s",
|
||||
"activity-checklist-added": "Додано контрольний список до %s",
|
||||
"activity-checklist-removed": "removed a checklist from %s",
|
||||
"activity-checklist-completed": "completed checklist __checklist__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
|
||||
"activity-checklist-uncompleted": "uncompleted the checklist %s of %s",
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "wekan",
|
||||
"version": "v2.74.0",
|
||||
"version": "v2.75.0",
|
||||
"description": "Open-Source kanban",
|
||||
"private": true,
|
||||
"scripts": {
|
||||
|
|
|
|||
|
|
@ -81,7 +81,12 @@ Meteor.loginWithCas = function(options, callback) {
|
|||
// check auth on server.
|
||||
Accounts.callLoginMethod({
|
||||
methodArguments: [{ cas: { credentialToken: credentialToken } }],
|
||||
userCallback: callback
|
||||
userCallback: err => {
|
||||
// Fix redirect bug after login successfully
|
||||
if (!err) {
|
||||
window.location.href = '/';
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
}, 100);
|
||||
|
|
|
|||
|
|
@ -71,14 +71,37 @@ class CAS {
|
|||
callback({message: 'Empty response.'});
|
||||
}
|
||||
if (result['cas:serviceResponse']['cas:authenticationSuccess']) {
|
||||
var userData = {
|
||||
const userData = {
|
||||
id: result['cas:serviceResponse']['cas:authenticationSuccess'][0]['cas:user'][0].toLowerCase(),
|
||||
}
|
||||
const attributes = result['cas:serviceResponse']['cas:authenticationSuccess'][0]['cas:attributes'][0];
|
||||
for (var fieldName in attributes) {
|
||||
userData[fieldName] = attributes[fieldName][0];
|
||||
};
|
||||
callback(undefined, true, userData);
|
||||
const attributes = result['cas:serviceResponse']['cas:authenticationSuccess'][0]['cas:attributes'][0];
|
||||
|
||||
// Check allowed ldap groups if exist (array only)
|
||||
// example cas settings : "allowedLdapGroups" : ["wekan", "admin"],
|
||||
let findedGroup = false;
|
||||
const allowedLdapGroups = Meteor.settings.cas.allowedLdapGroups || false;
|
||||
for (const fieldName in attributes) {
|
||||
if (allowedLdapGroups && fieldName === 'cas:memberOf') {
|
||||
for (const groups in attributes[fieldName]) {
|
||||
const str = attributes[fieldName][groups];
|
||||
if (!Array.isArray(allowedLdapGroups)) {
|
||||
callback({message: 'Settings "allowedLdapGroups" must be an array'});
|
||||
}
|
||||
for (const allowedLdapGroup in allowedLdapGroups) {
|
||||
if (str.search(`cn=${allowedLdapGroups[allowedLdapGroup]}`) >= 0) {
|
||||
findedGroup = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
userData[fieldName] = attributes[fieldName][0];
|
||||
}
|
||||
|
||||
if (allowedLdapGroups && !findedGroup) {
|
||||
callback({message: 'Group not finded.'}, false);
|
||||
} else {
|
||||
callback(undefined, true, userData);
|
||||
}
|
||||
} else {
|
||||
callback(undefined, false);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -81,6 +81,10 @@
|
|||
#export OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize
|
||||
#export OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo
|
||||
#export OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token
|
||||
# OAUTH2 ID Token Whitelist Fields.
|
||||
#export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
|
||||
# OAUTH2 Request Permissions.
|
||||
#export OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
|
||||
# The claim name you want to map to the unique ID field:
|
||||
#export OAUTH2_ID_MAP=email
|
||||
# The claim name you want to map to the username field:
|
||||
|
|
|
|||
|
|
@ -22,10 +22,10 @@ const pkgdef :Spk.PackageDefinition = (
|
|||
appTitle = (defaultText = "Wekan"),
|
||||
# The name of the app as it is displayed to the user.
|
||||
|
||||
appVersion = 276,
|
||||
appVersion = 277,
|
||||
# Increment this for every release.
|
||||
|
||||
appMarketingVersion = (defaultText = "2.74.0~2019-05-14"),
|
||||
appMarketingVersion = (defaultText = "2.75.0~2019-05-22"),
|
||||
# Human-readable presentation of the app version.
|
||||
|
||||
minUpgradableAppVersion = 0,
|
||||
|
|
|
|||
|
|
@ -76,8 +76,8 @@ Meteor.startup(() => {
|
|||
authorizationEndpoint: process.env.OAUTH2_AUTH_ENDPOINT,
|
||||
userinfoEndpoint: process.env.OAUTH2_USERINFO_ENDPOINT,
|
||||
tokenEndpoint: process.env.OAUTH2_TOKEN_ENDPOINT,
|
||||
idTokenWhitelistFields: [],
|
||||
requestPermissions: ['openid'],
|
||||
idTokenWhitelistFields: process.env.OAUTH2_ID_TOKEN_WHITELIST_FIELDS || [],
|
||||
requestPermissions: process.env.OAUTH2_REQUEST_PERMISSIONS || ['openid','profile','email'],
|
||||
},
|
||||
}
|
||||
);
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
# All supported keys are defined here together with descriptions and default values
|
||||
|
||||
# list of supported keys
|
||||
keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW EMAIL_NOTIFICATION_TIMEOUT CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_EMAIL_MAP LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
|
||||
keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW EMAIL_NOTIFICATION_TIMEOUT CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_ID_TOKEN_WHITELIST_FIELDS OAUTH2_EMAIL_MAP OAUTH2_REQUEST_PERMISSIONS LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
|
||||
|
||||
# default values
|
||||
DESCRIPTION_DEBUG="Debug OIDC OAuth2 etc. Example: sudo snap set wekan debug='true'"
|
||||
|
|
@ -166,6 +166,14 @@ DESCRIPTION_OAUTH2_FULLNAME_MAP="OAuth2 Fullname Mapping. Example: name"
|
|||
DEFAULT_OAUTH2_FULLNAME_MAP=""
|
||||
KEY_OAUTH2_FULLNAME_MAP="oauth2-fullname-map"
|
||||
|
||||
DESCRIPTION_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="OAuth2 ID Token Whitelist Fields. Example: []"
|
||||
DEFAULT_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="[]"
|
||||
KEY_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="oauth2-id-token-whitelist-fields"
|
||||
|
||||
DESCRIPTION_OAUTH2_REQUEST_PERMISSIONS="OAuth2 Request Permissions. Example: ['openid','profile','email']"
|
||||
DEFAULT_OAUTH2_REQUEST_PERMISSIONS="['openid','profile','email']"
|
||||
KEY_OAUTH2_REQUEST_PERMISSIONS="oauth2-request-permissions"
|
||||
|
||||
DESCRIPTION_OAUTH2_EMAIL_MAP="OAuth2 Email Mapping. Example: email"
|
||||
DEFAULT_OAUTH2_EMAIL_MAP=""
|
||||
KEY_OAUTH2_EMAIL_MAP="oauth2-email-map"
|
||||
|
|
|
|||
|
|
@ -130,6 +130,18 @@ echo -e "\t$ snap set $SNAP_NAME oauth2-token-endpoint='/oauth/token'"
|
|||
echo -e "\t-Disable the OAuth2 Token Endpoint of Wekan:"
|
||||
echo -e "\t$ snap set $SNAP_NAME oauth2-token-endpoint=''"
|
||||
echo -e "\n"
|
||||
echo -e "OAuth2 ID Token Whitelist Fields."
|
||||
echo -e "To enable the OAuth2 ID Token Whitelist Fields of Wekan:"
|
||||
echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields='[]'"
|
||||
echo -e "\t-Disable the OAuth2 ID Token Whitelist Fields of Wekan:"
|
||||
echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields=''"
|
||||
echo -e "\n"
|
||||
echo -e "OAuth2 Request Permissions."
|
||||
echo -e "To enable the OAuth2 Request Permissions of Wekan:"
|
||||
echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=\"['openid','profile','email']\""
|
||||
echo -e "\t-Disable the OAuth2 Request Permissions of Wekan:"
|
||||
echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=''"
|
||||
echo -e "\n"
|
||||
echo -e "OAuth2 ID Mapping."
|
||||
echo -e "To enable the OAuth2 ID Mapping of Wekan:"
|
||||
echo -e "\t$ snap set $SNAP_NAME oauth2-id-map='username.uid'"
|
||||
|
|
|
|||
|
|
@ -91,6 +91,25 @@ REM # OAuth2 Token Endpoint. Example: /oauth/token
|
|||
REM # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
|
||||
REM SET OAUTH2_TOKEN_ENDPOINT=
|
||||
|
||||
|
||||
REM # OAUTH2 ID Token Whitelist Fields.
|
||||
REM SET OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
|
||||
|
||||
REM # OAUTH2 Request Permissions.
|
||||
REM SET OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
|
||||
|
||||
REM # OAuth2 ID Mapping
|
||||
REM SET OAUTH2_ID_MAP=
|
||||
|
||||
REM # OAuth2 Username Mapping
|
||||
REM SET OAUTH2_USERNAME_MAP=
|
||||
|
||||
REM # OAuth2 Fullname Mapping
|
||||
REM SET OAUTH2_FULLNAME_MAP=
|
||||
|
||||
REM # OAuth2 Email Mapping
|
||||
REM SET OAUTH2_EMAIL_MAP=
|
||||
|
||||
REM ------------------------------------------------------------
|
||||
|
||||
REM # LDAP_ENABLE : Enable or not the connection by the LDAP
|
||||
|
|
|
|||
|
|
@ -124,6 +124,10 @@
|
|||
#export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
|
||||
# OAuth2 Token Endpoint.
|
||||
#export OAUTH2_TOKEN_ENDPOINT=/oauth/token
|
||||
# OAUTH2 ID Token Whitelist Fields.
|
||||
#export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
|
||||
# OAUTH2 Request Permissions.
|
||||
#export OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
|
||||
# OAuth2 ID Mapping
|
||||
#export OAUTH2_ID_MAP=
|
||||
# OAuth2 Username Mapping
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue