samples/vue-todo
3
0
Fork 1
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

updated bb conf; login

Browse Source
This commit is contained in:
Markus Thielen
2023-03-01 16:54:26 +01:00
parent ca4480b122
commit c5dce08e20
4 changed files with 48 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
bbconf/broker-config.toml
View File

@ -47,7 +47,7 @@ scope = "openid profile email"
# Optional base URL for OAuth2 URLs, e.g. "https://domain.tld/auth"
# If omitted, it will be derived from the fields in the [server] section.
# base_url = "http://localhost:8080"
# base_url = "http://127.0.0.1:8080"
# Will be appended to `base_url` to form the OAuth2 callback URL
redirect_path = "/oauth/callback"
@ -59,7 +59,18 @@ user_info_additional_claims_required = true
# be redirected to the application URL.
# If this is unset, the browser gets an empty 200 response on successful
# authorization code flow completion.
client_app_url = "http://127.0.0.1:8080/_test/ping"
client_app_url = "http://127.0.0.1:5173/"
# Path to the browser login URL.
# This path is where the basebox broker returns a 302 response that redirects the browser to
# the IdP login page; the target URL will contain all query parms needed to initiate an
# auth code flow login procedure, incl. CSRF protection tokens etc.
login_path = "/oauth/login"
# Logout path that allows explicit, immediate logouts.
# Simply POST to this URL with the session cookie or bearer token.
logout_path = "/oauth/logout"
[business_logic_layer]
business_logic_layer_enabled = false

10
bbconf/dbproxy-config.toml
View File

@ -1,6 +1,6 @@
[generic]
# log level; can be error, warn, info, debug, trace
log_level = "debug"
log_level = "trace"
[idp_config]
# URL of IdP's discovery endpoint. If not set, the URL is made up by appending
@ -9,12 +9,14 @@ discovery_url = "https://kcdev.basebox.health:8443/realms/todo/.well-known/openi
# URL of IdP's public keystore. If set, the discovery endpoint is not used at all.
jwks_url = "https://kcdev.basebox.health:8443/realms/todo/protocol/openid-connect/certs"
[id_token_validation]
[openid_token_validation]
# Incoming ID tokens are validated using, among other, the following fields.
# Contents of 'iss' field, usually the URL of the authetnication realm
iss = "https://kcdev.basebox.health:8443/realms/todo"
# Contents of 'aud' field, aka the OpenID connect client ID
aud = "todo-app"
# ID token audience field, usually OpenID Connect client ID
id_aud = "todo-app"
# Access token audience field
acc_aud = "account"
[graphql]
# path and file name to GraphQL schema file