forked from mystiq/dex
5a78e89807
* Remove some unlikely to be used fields to help configurability.
* Combined "serverHost" and "serverPort" into "host"
* Remove "timeout" (just default to 30 seconds).
* Remove "maxIdleConn" will add it back if users feel the need
to control the number of cached connections.
* Remove "trustedEmailProvider" (just always trust).
* Remove "skipCertVerification" you can't make this connector
ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
43 lines
894 B
Text
43 lines
894 B
Text
[
|
|
{
|
|
"type": "local",
|
|
"id": "local"
|
|
},
|
|
{
|
|
"type": "oidc",
|
|
"id": "google",
|
|
"issuerURL": "https://accounts.google.com",
|
|
"clientID": "${CLIENT_ID}",
|
|
"clientSecret": "${CLIENT_SECRET}"
|
|
},
|
|
{
|
|
"type": "github",
|
|
"id": "github",
|
|
"clientID": "${CLIENT_ID}",
|
|
"clientSecret": "${CLIENT_SECRET}"
|
|
},
|
|
{
|
|
"type": "bitbucket",
|
|
"id": "bitbucket",
|
|
"clientID": "${CLIENT_ID}",
|
|
"clientSecret": "${CLIENT_SECRET}"
|
|
},
|
|
{
|
|
"type": "ldap",
|
|
"id": "ldap",
|
|
"host": "127.0.0.1:389",
|
|
"useTLS": true,
|
|
"useSSL": false,
|
|
"caFile": "/etc/ssl/certs/example_com_root.crt",
|
|
"skipCertVerification": false,
|
|
"baseDN": "ou=People,dc=example,dc=com",
|
|
"nameAttribute": "cn",
|
|
"emailAttribute": "mail",
|
|
"searchBeforeAuth": true,
|
|
"searchFilter": "(mail=%u)",
|
|
"searchScope": "one",
|
|
"searchBindDN": "searchuser",
|
|
"searchBindPw": "supersecret",
|
|
"bindTemplate": "uid=%u,%b"
|
|
}
|
|
]
|