vue-todo/bbconf/basebox/broker-config.toml

64 lines
2.0 KiB
TOML
Raw Normal View History

2023-11-17 16:04:52 +01:00
[generic]
# log level; can be error, warn, info, debug, trace
log_level = "trace"
[graphql]
# path and file name to GraphQL schema file
schema_file = "/bbconf/schema.graphql"
allow_introspection = true
[proxy]
# host name or IP of basebox DB proxy
host = "dbproxy"
port = 8081
# Whether to use http or https to connect to the proxy
tls = false
[server]
# Host name of the broker (GraphQL server)
host = "broker"
# Port number; default is 80 for http, 443 for https
port = 8080
max_request_size = 33554433
[auth]
# Contents of 'iss' field, usually the URL of the authentication realm
iss = "https://basebox-test-1.eu.auth0.com/"
# Access token audience field
aud = "basebox-todo"
# public key file for the IdP server (KeyCloak in this case)
# jwks_file = "/bbconf/idp_keys.json"
#####
# OpenID Connect scope; default is "openid profile email"
scope = "openid profile email"
# Fully qualified URL to the OAuth2 callback endpoint.
# After the user entered his/her credentials at the IdP's login form, the client will be redirected
# to this URL. When the client receives a request to this URL, it must send the request's query
# string to the broker's "openid_connect_path" set below.
#redirect_url = "http://127.0.0.1:5167/oauth-callback"
# OpenID Connect login completion request path.
# The client must pass the query string from the call to "redirect_url" to this URL and gets
# a basebox session token in return.
#openid_connect_path = "/oauth/complete-login"
# Path to the browser login URL.
# This path is where the basebox broker returns a 302 response that redirects the browser to
# the IdP login page; the target URL will contain all query parms needed to initiate an
# auth code flow login procedure, incl. CSRF protection tokens etc.
#login_path = "/oauth/login"
# Logout path that allows explicit, immediate logouts.
# Simply POST to this URL with the session cookie or bearer token.
#logout_path = "/oauth/logout"
# TODO - need?
# Set to true to get a user's additional claims from OAuth2
user_info_additional_claims_required = true