kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 10:19:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Solved bug existed due to difference between mailu domain and hostname difference. also refactored during this to find the bug

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-16 14:29:07 +02:00
parent 1bed83078e
commit 0de26fa6c7
76 changed files with 543 additions and 487 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
roles/web-app-wordpress/vars/oidc.yml
View File

@@ -3,12 +3,12 @@
# @see https://github.com/oidc-wp/openid-connect-generic/blob/develop/includes/openid-connect-dev-option-settings.php
oidc_settings:
client_id: "{{ oidc.client.id }}" # The client ID that identifies WordPress as the OIDC client.
client_secret: "{{ oidc.client.secret }}" # The secret key used by WordPress to authenticate to the OIDC provider.
endpoint_login: "{{ oidc.client.authorize_url }}" # URL of the authorization endpoint to initiate the login flow.
endpoint_token: "{{ oidc.client.token_url }}" # URL of the token endpoint for exchanging authorization codes for tokens.
endpoint_userinfo: "{{ oidc.client.user_info_url }}" # URL of the userinfo endpoint to retrieve user profile data.
endpoint_end_session: "{{ oidc.client.logout_url }}" # URL of the end-session endpoint to log users out of the IDP.
client_id: "{{ OIDC.CLIENT.ID }}" # The client ID that identifies WordPress as the OIDC client.
client_secret: "{{ OIDC.CLIENT.SECRET }}" # The secret key used by WordPress to authenticate to the OIDC provider.
endpoint_login: "{{ OIDC.CLIENT.AUTHORIZE_URL }}" # URL of the authorization endpoint to initiate the login flow.
endpoint_token: "{{ OIDC.CLIENT.TOKEN_URL }}" # URL of the token endpoint for exchanging authorization codes for tokens.
endpoint_userinfo: "{{ OIDC.CLIENT.USER_INFO_URL }}" # URL of the userinfo endpoint to retrieve user profile data.
endpoint_end_session: "{{ OIDC.CLIENT.LOGOUT_URL }}" # URL of the end-session endpoint to log users out of the IDP.
login_type: "auto" # Determines how the login interface is rendered (e.g., button or form).
scope: "openid profile email" # Scopes requested from the OIDC provider during authentication.
create_if_does_not_exist: true # Auto-create a new WP user if one doesnt exist.
@@ -16,14 +16,14 @@ oidc_settings:
link_existing_users: true # Link OIDC login to existing WP users by matching email.
redirect_on_logout: true # Redirect users after logout to the login screen or homepage.
redirect_user_back: true # Return users to their original URL after successful login.
#acr_values: "{{ oidc.client.acr_values | default('') }}" # ACR values defining required authentication context (e.g., MFA level).
#acr_values: "{{ OIDC.CLIENT.acr_values | default('') }}" # ACR values defining required authentication context (e.g., MFA level).
enable_logging: "{{ MODE_DEBUG }}" # Enable detailed plugin logging for debugging and auditing.
# log_limit: "{{ oidc.client.log_limit | default('') }}" # Maximum number of log entries to retain before pruning.
# log_limit: "{{ OIDC.CLIENT.log_limit | default('') }}" # Maximum number of log entries to retain before pruning.
no_sslverify: false # The flag to enable/disable SSL verification during authorization.
http_request_timeout: 5 # The timeout for requests made to the IDP. Default value is 5.
identity_key: "{{ oidc.attributes.username }}" # The key in the user claim array to find the user's identification data.
nickname_key: "{{ oidc.attributes.username }}" # The key in the user claim array to find the user's nickname.
email_format: "{{ oidc.attributes.email }}" # The key(s) in the user claim array to formulate the user's email address.
displayname_format: "{{ oidc.attributes.given_name }} {{ oidc.attributes.family_name }}" # The key(s) in the user claim array to formulate the user's display name.
identity_key: "{{ OIDC.ATTRIBUTES.USERNAME }}" # The key in the user claim array to find the user's identification data.
nickname_key: "{{ OIDC.ATTRIBUTES.USERNAME }}" # The key in the user claim array to find the user's nickname.
email_format: "{{ OIDC.ATTRIBUTES.EMAIL }}" # The key(s) in the user claim array to formulate the user's email address.
displayname_format: "{{ OIDC.ATTRIBUTES.GIVEN_NAME }} {{ OIDC.ATTRIBUTES.FAMILY_NAME }}" # The key(s) in the user claim array to formulate the user's display name.
identify_with_username: true # The flag which indicates how the user's identity will be determined.
state_time_limit: 180 # The valid time limit of the state, in seconds. Defaults to 180 seconds.