stove/dataset
3
0
Fork 1
Code Issues 2 Pull requests Projects Releases Wiki Activity
dataset/seed/applicationservice/2022.03.08/lemonldap/templates/lmConf-1.json
Emmanuel Garette a093f49780 fork from cadoles' risotto-dataset
2022-03-08 19:42:28 +01:00

178 lines
5.9 KiB
JSON
Raw Blame History

%compiler-settings
commentStartToken = §
%end compiler-settings
{
"mailFrom" : "%%lemon_mail_admin",
"mailLDAPFilter" : "(&(mail=$mail)(objectClass=inetOrgPerson))",
"portalSkinBackground" : "1280px-Cedar_Breaks_National_Monument_partially.jpg",
"authentication" : "LDAP",
"AuthLDAPFilter" : "(&(cn=$user)(objectClass=inetOrgPerson))",
"managerDn" : "%%ldapclient_remote_user",
"managerPassword" : "%%ldapclient_remote_user_password",
"ldapPpolicyControl" : 1,
"ldapAllowResetExpiredPassword" : 1,
"ldapChangePasswordAsUser" : 1,
"ldapBase" : "ou=users,%%ldap_base_dn",
"ldapExportedVars" : {
"uid" : "uid",
"cn" : "cn",
"sn" : "sn",
"mail" : "mail",
"givenName" : "givenName"
},
"ldapGroupAttributeName" : "memberUid",
"ldapGroupAttributeNameUser" : "cn",
"ldapGroupObjectClass" : "group",
"ldapPort" : "636",
"ldapServer" : "ldaps://%%ldap_server_address",
"ldapVerify" : "required",
"ldapTimeout" : 120,
"cfgAuthor" : "EOLE",
"cfgNum" : 1,
"cfgVersion" : "2.0.9",
"demoExportedVars" : {
"cn" : "cn",
"mail" : "mail",
"uid" : "uid"
},
"domain" : "%%revprox_client_external_domainname",
"exportedVars" : {
"UA" : "HTTP_USER_AGENT",
"cn" : "cn",
"mail" : "mail"
},
"globalStorageOptions" : {
"Directory" : "/srv/lemonldap-ng/sessions",
"LockDirectory" : "/srv/lemonldap-ng/sessions/lock"
},
"issuerDBOpenIDConnectActivation" : 1,
"localSessionStorageOptions" : {
"cache_depth" : 3,
"cache_root" : "/srv/lemonldap-ng/cache",
"default_expires_in" : 600,
"directory_umask" : "007",
"namespace" : "lemonldap-ng-sessions"
},
"locationRules" : {
"%%revprox_client_external_domainname" : {
"default" : "accept"
%for %%app in %%oauth2.remotes
%set %%key = %%normalize_family(%%app)
},
"%%lemon_domain" : {
"^/logout" : "logout_sso",
"default" : "accept"
%end for
}
},
"loginHistoryEnabled" : 1,
"macros" : {
"UA" : "$ENV{HTTP_USER_AGENT}",
"_whatToTrace" : "$_auth eq 'SAML' ? lc($_user.'@'.$_idpConfKey) : $_auth eq 'OpenIDConnect' ? lc($_user.'@'.$_oidc_OP) : lc($_user)"
},
"mailUrl" : "https://%%revprox_client_external_domainname/resetpwd",
"mySessionAuthorizedRWKeys" : [
"_appsListOrder",
"_oidcConnectedRP",
"_oidcConsents"
],
"notification" : 1,
"notificationStorageOptions" : {
"dirName" : "/srv/lemonldap-ng/notifications"
},
"oidcRPMetaDataExportedVars" : {
%set %%len_app = %%len(%%oauth2.remotes)
%for %%idx, %%app in %%enumerate(%%oauth2.remotes)
%set %%key = %%normalize_family(%%app)
%set %%description = %%oauth2['oauth2_' + %%key]['description_' + %%key]
"%%app" : {
"email" : "mail",
"family_name" : "sn",
"name" : "cn",
"nickname" : "uid"
%if %%len_app - 1 == %%idx
}
%else
},
%end if
%end for
},
"oidcRPMetaDataOptions" : {
%for %%idx, %%app in %%enumerate(%%oauth2.remotes)
%set %%key = %%normalize_family(%%app)
%set %%description = %%oauth2['oauth2_' + %%key]['description_' + %%key]
"%%app" : {
"oidcRPMetaDataOptionsAllowClientCredentialsGrant" : 0,
"oidcRPMetaDataOptionsAllowOffline" : 1,
"oidcRPMetaDataOptionsAllowPasswordGrant" : 0,
"oidcRPMetaDataOptionsBypassConsent" : 1,
"oidcRPMetaDataOptionsClientID" : "%%key",
"oidcRPMetaDataOptionsClientSecret" : "%%oauth2['oauth2_' + %%key]['secret_' + %%key]",
"oidcRPMetaDataOptionsIDTokenForceClaims" : 0,
"oidcRPMetaDataOptionsIDTokenSignAlg" : "%%oauth2['oauth2_' + %%key]['token_signature_algo_' + %%key]",
"oidcRPMetaDataOptionsLogoutSessionRequired" : 0,
"oidcRPMetaDataOptionsLogoutType" : "front",
§ "oidcRPMetaDataOptionsLogoutUrl" : "https://git.gnunux.com/user/oauth2/NAME/logout",
§FIXME
"oidcRPMetaDataOptionsPostLogoutRedirectUris" : "gnunux-allow",
"oidcRPMetaDataOptionsPublic" : 0,
%if %%oauth2['oauth2_' + %%key]['login_' + %%key]
"oidcRPMetaDataOptionsRedirectUris" : "%%oauth2['oauth2_' + %%key]['login_' + %%key]",
%end if
"oidcRPMetaDataOptionsRefreshToken" : 0,
"oidcRPMetaDataOptionsRequirePKCE" : 0
%if %%len_app - 1 == %%idx
}
%else
},
%end if
%end for
},
"oidcServiceKeyIdSig" : "2PDCicoyT45rjsARYcxjfg",
"oidcServiceMetaDataAuthnContext" : {
"loa-1" : 1,
"loa-2" : 2,
"loa-3" : 3,
"loa-4" : 4,
"loa-5" : 5
},
%set %%pub = '\\n'.join(%%get_public_key(%%domain_name_eth0).split("\n"))
"oidcServicePublicKeySig" : "%%pub",
%set %%priv = '\\n'.join(%%get_private_key(%%domain_name_eth0).split("\n"))
"oidcServicePrivateKeySig" : "%%priv",
"passwordDB" : "LDAP",
"persistentStorage" : "Apache::Session::File",
"persistentStorageOptions" : {
"Directory": "/srv/lemonldap-ng/psessions",
"LockDirectory": "/srv/lemonldap-ng/psessions/lock"
},
"portal" : "https://%%revprox_client_external_domainname/",
"registerUrl" : "https://%%lemon_reload_web_name/register",
"reloadUrls" : {
"localhost" : "https://%%lemon_reload_web_name/reload"
},
"whatToTrace" : "_whatToTrace",
"applicationList" : {
"test" : {
"catname" : "Test Cat",
%for %%app in %%oauth2.remotes
%set %%key = %%normalize_family(%%app)
%set %%description = %%oauth2['oauth2_' + %%key]['description_' + %%key]
%if not %%description
%continue
%end if
"%%key" : {
"options" : {
"description" : "%%description",
"display" : "auto",
"logo" : "demo.png",
"name" : "%%oauth2['oauth2_' + %%key]['name_' + %%key]",
"uri" : "%%oauth2['oauth2_' + %%key]['external_' + %%key]"
},
"type" : "application"
},
%end for
"type" : "category"
}
}
}
Reference in a new issue View git blame Copy permalink