Refactor and added ability to use include multiple providers in config

2025-12-20 03:27:02 -07:00 · 2024-03-03 18:23:35 -07:00 · 2024-03-03 18:23:35 -07:00 · 4bca62ec2f
commit 4bca62ec2f
parent 53d1a8cc35
13 changed files with 660 additions and 712 deletions
--- a/config.yaml
+++ b/config.yaml
@ -1,29 +1,73 @@
+version: "0.0.1"
 server:  
-  host: 127.0.0.1
+  host: "127.0.0.1"
  port: 3333
-client: 
-  id: 7527e7b4-c96a-4df0-8fc5-00fde18bb65d
-  secret: gto_cc5uvpb5lsdczkwnbarvwmbpv5kcjwg7nhbc75zt65yrfh2ldenq
-  redirect-uris:
-    - "http://127.0.0.1:3333/oidc/callback"
-oidc:
-  issuer: "http://git.towk.local:3000/"
-urls:
-  #identities: http://127.0.0.1:4434/admin/identities
-  trusted-issuers: http://127.0.0.1:4445/admin/trust/grants/jwt-bearer/issuers
-  access-token: http://127.0.0.1:4444/oauth2/token
-  server-config: http://git.towk.local:3000/.well-known/openid-configuration
-  jwks_uri: http://git.towk.local:3000/login/oauth/keys
-  login: http://127.0.0.1:4433/self-service/login/api
-  login-flow-id: http://127.0.0.1:4433/self-service/login/flows?id={id}
-  register-client: http://127.0.0.1:4445/clients
-  authorize-client: http://127.0.0.1:4444/oauth2/authorize
-state: ""
-response-type: code
-decode-id-token: true
-decode-access-token: true
-run-once: true
-scope:
- openid
- profile
- email
+  callback: "/oidc/callback"
+
+providers:
+  facebook: "http://facebook.com"
+  forgejo: "http://git.towk.local:3000"
+  gitlab: "https://gitlab.newmexicoconsortium.org"
+  github: "https://github.com"
+
+authentication:
+  clients:
+    - id: "1135541217802147"
+      secret: "b3a3123e8235de1dbab448369bc3d024"
+      issuer: "https://www.facebook.com"
+      scope:
+        - "openid"
+        - "name"
+        - "email"
+      redirect-uris:
+        - "http://127.0.0.1:3333/oidc/callback"
+    - id: "978b48059dd4916f53b4"
+      secret: "eb54b533eb6afd695e3a1b3f363ab2b29acc7425"
+      issuer: "https://github.com"
+      scope:
+        - "openid"
+        - "profile"
+      redirect-uris:
+        - "http://127.0.0.1:3333/oidc/callback"
+    - id: "7527e7b4-c96a-4df0-8fc5-00fde18bb65d"
+      secret: "gto_cc5uvpb5lsdczkwnbarvwmbpv5kcjwg7nhbc75zt65yrfh2ldenq"
+      name: "forgejo"
+      issuer: "http://git.towk.local:3000"
+      scope:
+        - "openid"
+        - "profile"
+        - "read"
+        - "email"
+      redirect-uris:
+        - "http://127.0.0.1:3333/oidc/callback"
+    - id: "7c0fab1153674a258a705976fcb9468350df3addd91de4ec622fc9ed24bfbcdd"
+      secret: "a9a8bc55b0cd99236756093adc00ab17855fa507ce106b8038e7f9390ef2ad99"
+      name: "gitlab"
+      issuer: "http://gitlab.newmexicoconsortium.org"
+      scope:
+        - "openid"
+        - "profile"
+        - "email"
+      redirect-uris:
+        - "http://127.0.0.1:3333/oidc/callback"
+  flows:
+    authorization-code:
+      state: ""
+    client-credentials:
+
+authorization:
+  urls:
+    #identities: http://127.0.0.1:4434/admin/identities
+    trusted-issuers: http://127.0.0.1:4445/admin/trust/grants/jwt-bearer/issuers
+    login: http://127.0.0.1:4433/self-service/login/api
+    clients: http://127.0.0.1:4445/admin/clients
+    authorize: http://127.0.0.1:4444/oauth2/auth
+    register: http://127.0.0.1:4444/oauth2/register
+    token: http://127.0.0.1:4444/oauth2/token
+
+
+options:
+  decode-id-token: true
+  decode-access-token: true
+  run-once: true
+  open-browser: false