Skip to content

Allow multiple scopes for Scope in Apache::OIDCSettings #2262

New issue
New issue
Closed
#2265
Closed
Allow multiple scopes for Scope in Apache::OIDCSettings#2262
#2265
Labels
communityfeature
@jjackzhn

Description

@jjackzhn
jjackzhn
opened on Jul 15, 2022

Use Case

Code in question:

puppetlabs-apache/types/oidcsettings.pp

Line 20 in babc21b

Optional['Scope'] => Pattern[/^[A-Za-z0-9\-\._\s]+$/],

The OIDCScope setting can be used with multiple scopes.
Per mod_auth_openidc:

# Define the OpenID Connect scope that is requested from the OP (eg. "openid email profile").
# When not defined, the bare minimal scope "openid" is used.
# NB: multiple scope values must be enclosed in a single pair of double quotes 
# NB: this can be overridden on a per-OP basis in the .conf file using the key: scope
#OIDCScope "<scope(s)-separated-by-spaces-and-enclosed-in-double-quotes>"

However, quoted strings are not currently supported in this Puppet module (per the regex pattern), nor does it automatically enclose the value in quotes in the output config.

Describe the Solution You Would Like

Change the regex pattern to match quoted strings.

Describe Alternatives You've Considered

Enclose the output string in quotes.

Additional Context

N/A

Metadata

Metadata

Assignees

No one assigned

    Labels

    communityfeature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions