mirror of https://github.com/MISP/misp-docker
DiegolAmaral
GitHub
parent
2ec117ccbb
commit
ce805b58a3
|
|
@ -97,11 +97,21 @@ set_up_oidc() {
|
||||||
\"client_secret\": \"${OIDC_CLIENT_SECRET}\",
|
\"client_secret\": \"${OIDC_CLIENT_SECRET}\",
|
||||||
\"roles_property\": \"${OIDC_ROLES_PROPERTY}\",
|
\"roles_property\": \"${OIDC_ROLES_PROPERTY}\",
|
||||||
\"role_mapper\": ${OIDC_ROLES_MAPPING},
|
\"role_mapper\": ${OIDC_ROLES_MAPPING},
|
||||||
\"default_org\": \"${OIDC_DEFAULT_ORG}\",
|
\"default_org\": \"${OIDC_DEFAULT_ORG}\"
|
||||||
\"scopes\": ${OIDC_SCOPES}
|
|
||||||
}
|
}
|
||||||
}" > /dev/null
|
}" > /dev/null
|
||||||
|
|
||||||
|
# Check if OIDC_SCOPES is set and not empty
|
||||||
|
if [[ -n "$OIDC_SCOPES" ]]; then
|
||||||
|
# Run the modify_config.php script to update OidcAuth configuration with the provided OIDC_SCOPES
|
||||||
|
# The 'scopes' field will only be added if OIDC_SCOPES has a value
|
||||||
|
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
|
||||||
|
\"OidcAuth\": {
|
||||||
|
${OIDC_SCOPES:+\"scopes\": \"${OIDC_SCOPES}\"}
|
||||||
|
}
|
||||||
|
}" > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
# Set the custom logout URL for OIDC if it is defined
|
# Set the custom logout URL for OIDC if it is defined
|
||||||
if [[ -n "${OIDC_LOGOUT_URL}" ]]; then
|
if [[ -n "${OIDC_LOGOUT_URL}" ]]; then
|
||||||
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Plugin.CustomAuth_custom_logout" "${OIDC_LOGOUT_URL}&post_logout_redirect_uri=${BASE_URL}/users/login"
|
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Plugin.CustomAuth_custom_logout" "${OIDC_LOGOUT_URL}&post_logout_redirect_uri=${BASE_URL}/users/login"
|
||||||
|
|
@ -128,6 +138,10 @@ set_up_oidc() {
|
||||||
}
|
}
|
||||||
}" > /dev/null
|
}" > /dev/null
|
||||||
|
|
||||||
|
# Remove the line containing 'scopes' => from config.php
|
||||||
|
# This prevents an empty scopes entry from being loaded in the configuration.
|
||||||
|
sudo -u www-data sed -i "/'scopes' =>/d" /var/www/MISP/app/Config/config.php
|
||||||
|
|
||||||
# Use sed to remove the OidcAuth.Oidc entry from the 'auth' array in the config.php
|
# Use sed to remove the OidcAuth.Oidc entry from the 'auth' array in the config.php
|
||||||
sudo -u www-data sed -i "/'auth' =>/,/)/ { /0 => 'OidcAuth.Oidc',/d; }" /var/www/MISP/app/Config/config.php
|
sudo -u www-data sed -i "/'auth' =>/,/)/ { /0 => 'OidcAuth.Oidc',/d; }" /var/www/MISP/app/Config/config.php
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -123,6 +123,7 @@ SYNCSERVERS_1_PULL_RULES=
|
||||||
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
|
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
|
||||||
# OIDC_DEFAULT_ORG=
|
# OIDC_DEFAULT_ORG=
|
||||||
# OIDC_LOGOUT_URL=
|
# OIDC_LOGOUT_URL=
|
||||||
|
# OIDC_SCOPES=
|
||||||
|
|
||||||
# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
|
# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
|
||||||
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component,
|
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue