From fc579bd2bc5406abcaa9f8dfffe4232a2e256116 Mon Sep 17 00:00:00 2001 From: otaconix Date: Fri, 30 Jun 2023 12:58:20 +0200 Subject: Allow choosing the OIDC remote user claim and scopes to request from the identity provider (#5481) * Allow choosing the OIDC remote user claim and scopes to request from the identity provider * Added comment to explain how checking whether an environment variable is set is done * Use apostrophe's instead of single quotes for verb contractions in docs * Move variables used for checking presence of environment variables inside IfDefine block --- Docker/FreshRSS.Apache.conf | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'Docker') diff --git a/Docker/FreshRSS.Apache.conf b/Docker/FreshRSS.Apache.conf index e5576ac8f..0f9b8e3fa 100644 --- a/Docker/FreshRSS.Apache.conf +++ b/Docker/FreshRSS.Apache.conf @@ -15,6 +15,11 @@ TraceEnable Off Error "The auth_openidc_module is not available. Install it or unset environment variable OIDC_ENABLED." + # Workaround to be able to check whether an environment variable is set + # See: https://serverfault.com/questions/1022233/using-ifdefine-with-environment-variables/1022234#1022234 + Define VStart "${" + Define VEnd "}" + OIDCProviderMetadataURL ${OIDC_PROVIDER_METADATA_URL} OIDCClientID ${OIDC_CLIENT_ID} OIDCClientSecret ${OIDC_CLIENT_SECRET} @@ -22,8 +27,20 @@ TraceEnable Off OIDCRedirectURI /i/oidc/ OIDCCryptoPassphrase ${OIDC_CLIENT_CRYPTO_KEY} - OIDCRemoteUserClaim preferred_username - OIDCScope "openid" + Define "Test_${OIDC_REMOTE_USER_CLAIM}" + + OIDCRemoteUserClaim preferred_username + + + OIDCRemoteUserClaim "${OIDC_REMOTE_USER_CLAIM}" + + Define "Test_${OIDC_SCOPES}" + + OIDCScope openid + + + OIDCScope "${OIDC_SCOPES}" + OIDCRefreshAccessTokenBeforeExpiry 30 -- cgit v1.2.3