-
-
Notifications
You must be signed in to change notification settings - Fork 229
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to set SOCIAL_AUTH_OIDC_ENABLED_IDPS from compose yml? #401
Comments
You can't, it's not supported by diff --git a/entrypoint.sh b/entrypoint.sh
index 77ff692..c9e2ef4 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -294,7 +294,9 @@ zulipConfiguration() {
[ "$setting_key" = "SECURE_PROXY_SSL_HEADER" ] || \
[[ "$setting_key" = "CSRF_"* ]] || \
[ "$setting_key" = "REALM_HOSTS" ] || \
- [ "$setting_key" = "ALLOWED_HOSTS" ]; then
+ [ "$setting_key" = "ALLOWED_HOSTS" ] || \
+ [ "$setting_key" = "SOCIAL_AUTH_SAML_ENABLED_IDPS" ] || \
+ [ "$setting_key" = "SOCIAL_AUTH_SAML_ORG_INFO" ]; then
type="array"
fi
if [ "$SPECIAL_SETTING_DETECTION_MODE" = "True" ] || [ "$SPECIAL_SETTING_DETECTION_MODE" = "true" ] || \ And in your SETTING_SOCIAL_AUTH_SAML_SP_ENTITY_ID: "https://example"
SETTING_SOCIAL_AUTH_SAML_ORG_INFO: |
{
"en-US": {
"displayname": "example",
"name": "example",
"url": "{}{}".format("https://", EXTERNAL_HOST)
}
}
SETTING_SOCIAL_AUTH_SAML_ENABLED_IDPS: |
{
"idp_example": {
"entity_id": "https://example",
"url": "https://example",
"slo_url": "https://example",
"display_name": "example",
"auto_signup": True
}
} But it would be much easier to enable |
The original post was about In general, |
My bad, thanks. OP's issue still solved as YAML multiline syntax wasn't being used :) |
The details of SOCIAL_AUTH_OIDC_ENABLED_IDPS generated in settings.py is an object, how we can set the details from compose yml?
SOCIAL_AUTH_OIDC_ENABLED_IDPS: Dict[str, Any] = {
## This field (example: "idp_name") may appear in URLs during
## authentication, but is otherwise not user-visible.
"idp_name": {
## The base path to the provider's OIDC API. Zulip fetches the
## IdP's configuration from the discovery endpoint, which will be
## "{oidc_url}/.well-known/openid-configuration".
"oidc_url": "https://example.com/api/openid",
## The display name, used for "Log in with " buttons.
"display_name": "Example",
## Optional: URL of an icon to decorate "Log in with " buttons.
"display_icon": None,
## The client_id and secret provided by your OIDC IdP. To keep
## settings.py free of secrets, the get_secret call below
## reads the secret with the specified name from zulip-secrets.conf.
"client_id": "",
"secret": get_secret("social_auth_oidc_secret"),
## Determines whether "Log in with OIDC" will automatically
## register a new account if one does not already exist. By
## default, Zulip asks the user whether they want to create an
## account or try to log in again using another method.
# "auto_signup": False,
}
}
The text was updated successfully, but these errors were encountered: