|
|
|
@ -55,29 +55,9 @@ REDIS_PORT: 6379
|
|
|
|
|
|
|
|
|
|
# Use OpenID Authorization
|
|
|
|
|
# 使用 OpenID 进行认证设置
|
|
|
|
|
#
|
|
|
|
|
# 配置方式1:
|
|
|
|
|
# 1. 版本 <= 1.5.8
|
|
|
|
|
# 2. OpenID Provider 是 Keycloak
|
|
|
|
|
#
|
|
|
|
|
# BASE_SITE_URL: http://localhost:8080
|
|
|
|
|
# AUTH_OPENID: False # True or False
|
|
|
|
|
# AUTH_OPENID_SERVER_URL: https://openid-auth-server.com/
|
|
|
|
|
# AUTH_OPENID_REALM_NAME: realm-name
|
|
|
|
|
# AUTH_OPENID_CLIENT_ID: client-id
|
|
|
|
|
# AUTH_OPENID_CLIENT_SECRET: client-secret
|
|
|
|
|
# AUTH_OPENID_SHARE_SESSION: True
|
|
|
|
|
# AUTH_OPENID_IGNORE_SSL_VERIFICATION: True
|
|
|
|
|
#
|
|
|
|
|
# 配置方式2: (version >=1.5.8)
|
|
|
|
|
# 1. 版本 >= 1.5.8
|
|
|
|
|
# 2. 支持标准 OpenID Connect Provider
|
|
|
|
|
#
|
|
|
|
|
# AUTH_OPENID: False # True or False
|
|
|
|
|
# AUTH_OPENID_CLIENT_ID: client-id
|
|
|
|
|
# AUTH_OPENID_CLIENT_SECRET: client-secret
|
|
|
|
|
# AUTH_OPENID_SHARE_SESSION: True
|
|
|
|
|
# AUTH_OPENID_IGNORE_SSL_VERIFICATION: True
|
|
|
|
|
# AUTH_OPENID_PROVIDER_ENDPOINT: https://op-example.com/
|
|
|
|
|
# AUTH_OPENID_PROVIDER_AUTHORIZATION_ENDPOINT: https://op-example.com/authorize
|
|
|
|
|
# AUTH_OPENID_PROVIDER_TOKEN_ENDPOINT: https://op-example.com/token
|
|
|
|
@ -86,15 +66,14 @@ REDIS_PORT: 6379
|
|
|
|
|
# AUTH_OPENID_PROVIDER_END_SESSION_ENDPOINT: https://op-example.com/logout
|
|
|
|
|
# AUTH_OPENID_PROVIDER_SIGNATURE_ALG: HS256
|
|
|
|
|
# AUTH_OPENID_PROVIDER_SIGNATURE_KEY: None
|
|
|
|
|
# AUTH_OPENID_PROVIDER_CLAIMS_NAME: None
|
|
|
|
|
# AUTH_OPENID_PROVIDER_CLAIMS_USERNAME: None
|
|
|
|
|
# AUTH_OPENID_PROVIDER_CLAIMS_EMAIL: None
|
|
|
|
|
# AUTH_OPENID_SCOPES: "openid profile email"
|
|
|
|
|
# AUTH_OPENID_ID_TOKEN_MAX_AGE: 60
|
|
|
|
|
# AUTH_OPENID_ID_TOKEN_INCLUDE_USERINFO: True
|
|
|
|
|
# AUTH_OPENID_ID_TOKEN_INCLUDE_CLAIMS: True
|
|
|
|
|
# AUTH_OPENID_USE_STATE: True
|
|
|
|
|
# AUTH_OPENID_USE_NONCE: True
|
|
|
|
|
# AUTH_OPENID_ALWAYS_UPDATE_USER_INFORMATION: True
|
|
|
|
|
# AUTH_OPENID_SHARE_SESSION: True
|
|
|
|
|
# AUTH_OPENID_IGNORE_SSL_VERIFICATION: True
|
|
|
|
|
# AUTH_OPENID_ALWAYS_UPDATE_USER: True
|
|
|
|
|
|
|
|
|
|
# Use Radius authorization
|
|
|
|
|
# 使用Radius来认证
|
|
|
|
|