From 8244414da7b2818339122f8b53da569b7355e3fb Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Apr 04 2018 09:08:43 +0000 Subject: Mention flask-oidc's settings These settings allow to tune someone's pagure instance depending on the OIDC provider and other setup. Fixes https://pagure.io/pagure/issue/3120 Signed-off-by: Pierre-Yves Chibon --- diff --git a/doc/configuration.rst b/doc/configuration.rst index 7847ec2..438d60f 100644 --- a/doc/configuration.rst +++ b/doc/configuration.rst @@ -691,6 +691,12 @@ Defaults to: ``fas``. OIDC Settings ~~~~~~~~~~~~~ +.. note:: Pagure uses `flask-oidc `_ + to support OIDC authentication. This extension has a `number of configuration + keys `_ + that may be useful depending on your set-up + + OIDC_CLIENT_SECRETS ^^^^^^^^^^^^^^^^^^^ diff --git a/pagure/default_config.py b/pagure/default_config.py index d28ed40..a47a718 100644 --- a/pagure/default_config.py +++ b/pagure/default_config.py @@ -217,6 +217,9 @@ PAGURE_AUTH = 'fas' # (IdP-specific user id, can be a nickname, email or a numeric ID # depending on IdP). # OIDC_PAGURE_USERNAME_FALLBACK = 'email' +# +# More settings for OIDC are available from flask-oidc at: +# http://flask-oidc.readthedocs.io/en/latest/#settings-reference # When this is set to True, the session cookie will only be returned to the # server via ssl (https). If you connect to the server via plain http, the