Fixed endpoint sessions for SSO
This commit is contained in:
root
parent
c26a7bfe52
commit
213337cf3e
@ -240,7 +240,7 @@ OIDC_CLIENT_SECRET=$BOOKSTACK_CLIENT_SECRET
|
|||||||
OIDC_ISSUER=https://authelia.$DOMAIN
|
OIDC_ISSUER=https://authelia.$DOMAIN
|
||||||
OIDC_ISSUER_DISCOVER=true
|
OIDC_ISSUER_DISCOVER=true
|
||||||
OIDC_EXTERNAL_ID_CLAIM=email
|
OIDC_EXTERNAL_ID_CLAIM=email
|
||||||
OIDC_END_SESSION_ENDPOINT=https://authelia.$DOMAIN/logout
|
OIDC_END_SESSION_ENDPOINT=https://authelia.$DOMAIN/logout?rd=https://dashboard.$DOMAIN
|
||||||
#APP_DEBUG=true
|
#APP_DEBUG=true
|
||||||
#OIDC_DUMP_USER_DETAILS=true
|
#OIDC_DUMP_USER_DETAILS=true
|
||||||
EOF
|
EOF
|
||||||
|
|||||||
@ -248,7 +248,7 @@ ESPOCRM_CONFIG_OIDC_CLIENT_SECRET=$ESPOCRM_CLIENT_SECRET
|
|||||||
ESPOCRM_CONFIG_OIDC_AUTHORIZATION_ENDPOINT=https://authelia.$DOMAIN/api/oidc/authorization
|
ESPOCRM_CONFIG_OIDC_AUTHORIZATION_ENDPOINT=https://authelia.$DOMAIN/api/oidc/authorization
|
||||||
ESPOCRM_CONFIG_OIDC_TOKEN_ENDPOINT=https://authelia.$DOMAIN/api/oidc/token
|
ESPOCRM_CONFIG_OIDC_TOKEN_ENDPOINT=https://authelia.$DOMAIN/api/oidc/token
|
||||||
ESPOCRM_CONFIG_OIDC_JWKS_ENDPOINT=https://authelia.$DOMAIN/jwks.json
|
ESPOCRM_CONFIG_OIDC_JWKS_ENDPOINT=https://authelia.$DOMAIN/jwks.json
|
||||||
ESPOCRM_CONFIG_OIDC_LOGOUT_URL=https://authelia.$DOMAIN/logout
|
ESPOCRM_CONFIG_OIDC_LOGOUT_URL=https://authelia.$DOMAIN/logout?rd=https://dashboard.$DOMAIN"
|
||||||
ESPOCRM_CONFIG_OIDC_CREATE_USER=true
|
ESPOCRM_CONFIG_OIDC_CREATE_USER=true
|
||||||
ESPOCRM_CONFIG_OIDC_ALLOW_ADMIN_USER=true
|
ESPOCRM_CONFIG_OIDC_ALLOW_ADMIN_USER=true
|
||||||
ESPOCRM_CONFIG_OIDC_SYNC=false
|
ESPOCRM_CONFIG_OIDC_SYNC=false
|
||||||
|
|||||||
@ -383,7 +383,7 @@ EOF
|
|||||||
run_command "docker exec -u 33 nextcloud /var/www/html/occ config:system:set allow_local_remote_servers --value=true"
|
run_command "docker exec -u 33 nextcloud /var/www/html/occ config:system:set allow_local_remote_servers --value=true"
|
||||||
run_command "docker exec -u 33 nextcloud /var/www/html/occ app:enable user_oidc"
|
run_command "docker exec -u 33 nextcloud /var/www/html/occ app:enable user_oidc"
|
||||||
run_command "docker exec -u 33 nextcloud /var/www/html/occ config:system:set --value=true --type=boolean user_oidc use_pkce"
|
run_command "docker exec -u 33 nextcloud /var/www/html/occ config:system:set --value=true --type=boolean user_oidc use_pkce"
|
||||||
run_command "docker exec -u 33 nextcloud /var/www/html/occ user_oidc:provider Authelia --clientid="nextcloud" --clientsecret="$NEXTCLOUD_CLIENT_SECRET" --discoveryuri="https://authelia.$DOMAIN/.well-known/openid-configuration" --mapping-uid=name --endsessionendpointuri=https://authelia.$DOMAIN/logout"
|
run_command "docker exec -u 33 nextcloud /var/www/html/occ user_oidc:provider Authelia --clientid="nextcloud" --clientsecret="$NEXTCLOUD_CLIENT_SECRET" --discoveryuri="https://authelia.$DOMAIN/.well-known/openid-configuration" --mapping-uid=name --endsessionendpointuri=https://authelia.$DOMAIN/logout?rd=https://dashboard.$DOMAIN"
|
||||||
|
|
||||||
run_command "/federated/bin/stop nextcloud"
|
run_command "/federated/bin/stop nextcloud"
|
||||||
run_command "/federated/bin/start nextcloud"
|
run_command "/federated/bin/start nextcloud"
|
||||||
|
|||||||
@ -246,7 +246,7 @@ define( 'OIDC_CLIENT_SECRET', '$WORDPRESS_CLIENT_SECRET' );\n\
|
|||||||
define( 'OIDC_ENDPOINT_LOGIN_URL', 'https://authelia.$DOMAIN/api/oidc/authorization' );\n\
|
define( 'OIDC_ENDPOINT_LOGIN_URL', 'https://authelia.$DOMAIN/api/oidc/authorization' );\n\
|
||||||
define( 'OIDC_ENDPOINT_USERINFO_URL', 'https://authelia.$DOMAIN/api/oidc/userinfo' );\n\
|
define( 'OIDC_ENDPOINT_USERINFO_URL', 'https://authelia.$DOMAIN/api/oidc/userinfo' );\n\
|
||||||
define( 'OIDC_ENDPOINT_TOKEN_URL', 'https://authelia.$DOMAIN/api/oidc/token' );\n\
|
define( 'OIDC_ENDPOINT_TOKEN_URL', 'https://authelia.$DOMAIN/api/oidc/token' );\n\
|
||||||
define( 'OIDC_ENDPOINT_LOGOUT_URL', 'https://authelia.$DOMAIN/logout' );\n\
|
define( 'OIDC_ENDPOINT_LOGOUT_URL', 'https://authelia.$DOMAIN/logout?rd=https://dashboard.$DOMAIN' );\n\
|
||||||
define( 'OIDC_CLIENT_SCOPE', 'openid profile email groups' );\n\
|
define( 'OIDC_CLIENT_SCOPE', 'openid profile email groups' );\n\
|
||||||
define( 'OIDC_LOGIN_TYPE', 'button' );\n\
|
define( 'OIDC_LOGIN_TYPE', 'button' );\n\
|
||||||
define( 'OIDC_CREATE_IF_DOES_NOT_EXIST', '1' );\n\
|
define( 'OIDC_CREATE_IF_DOES_NOT_EXIST', '1' );\n\
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user