SECRET_KEY = "change me before you go in production" NAME = "MyDomain" # LOGO = "https://path/to/your/organization/logo.png" # If unset, language is detected LANGUAGE = "en" # Path to the RFC8414 metadata file OAUTH2_METADATA_FILE = "conf/oauth-authorization-server.json" OIDC_METADATA_FILE = "conf/openid-configuration.json" [LDAP] URI = "ldap://ldap" ROOT_DN = "dc=mydomain,dc=tld" BIND_DN = "cn=admin,dc=mydomain,dc=tld" BIND_PW = "admin" # Filter to match users on sign in. Supports a variable # {login}. For sigin against uid or mail use: # USER_FILTER = "(|(uid={login})(mail={login}))" USER_FILTER = "(|(uid={login})(cn={login}))" # Filter to match admin users. If your server has memberof # you can filter against group membership ADMIN_FILTER = "cn=Jane Doe" [JWT] KEY = "secret-key" ALG = "HS256" ISS = "http://mydomain.tld" EXP = 3600 [JWT.MAPPING] # Mapping between JWT fields and LDAP attributes from your # User objectClass. SUB = "uid" NAME = "cn" PHONE_NUMBER = "telephoneNumber" # EXAMPLE OF MAPPING FOR inetOrgPerson # PHONE_NUMBER = "telephoneNumber" # EMAIL = "mail" # GIVEN_NAME = "givenName" # PREFERRED_USERNAME = "displayName" # FAMILIY_NAME = " # LOCALE = "preferredLanguage" # PICTURE = "photo" # ADDRESS = "postalAddress"