forked from mystiq/dex
ac73d3cdf2
In --no-db mode, load passwords from the users file instead of the connectors file. This allows us to remove the password infos field from the local connector and stop loading them during connector registration, a case that was causing panics when using a real database (see #286). Fixes #286 Closes #340
44 lines
917 B
Text
44 lines
917 B
Text
[
|
|
{
|
|
"type": "local",
|
|
"id": "local"
|
|
},
|
|
{
|
|
"type": "oidc",
|
|
"id": "google",
|
|
"issuerURL": "https://accounts.google.com",
|
|
"clientID": "${CLIENT_ID}",
|
|
"clientSecret": "${CLIENT_SECRET}"
|
|
},
|
|
{
|
|
"type": "github",
|
|
"id": "github",
|
|
"clientID": "${CLIENT_ID}",
|
|
"clientSecret": "${CLIENT_SECRET}"
|
|
},
|
|
{
|
|
"type": "bitbucket",
|
|
"id": "bitbucket",
|
|
"clientID": "${CLIENT_ID}",
|
|
"clientSecret": "${CLIENT_SECRET}"
|
|
},
|
|
{
|
|
"type": "ldap",
|
|
"id": "ldap",
|
|
"serverHost": "127.0.0.1",
|
|
"serverPort": 389,
|
|
"useTLS": true,
|
|
"useSSL": false,
|
|
"caFile": "/etc/ssl/certs/example_com_root.crt",
|
|
"skipCertVerification": false,
|
|
"baseDN": "ou=People,dc=example,dc=com",
|
|
"nameAttribute": "cn",
|
|
"emailAttribute": "mail",
|
|
"searchBeforeAuth": true,
|
|
"searchFilter": "(mail=%u)",
|
|
"searchScope": "one",
|
|
"searchBindDN": "searchuser",
|
|
"searchBindPw": "supersecret",
|
|
"bindTemplate": "uid=%u,%b"
|
|
}
|
|
]
|