Patrick Cloke
6dade80048
Combine the CAS & SAML implementations for required attributes. ( #9326 )
2021-02-11 10:05:15 -05:00
Patrick Cloke
26837d5dbe
Do not require the CAS service URL setting (use public_baseurl instead). ( #9199 )
...
The current configuration is handled for backwards compatibility,
but is considered deprecated.
2021-01-26 10:49:25 -05:00
Richard van der Hoff
9de6b94117
Land support for multiple OIDC providers ( #9110 )
...
This is the final step for supporting multiple OIDC providers concurrently.
First of all, we reorganise the config so that you can specify a list of OIDC providers, instead of a single one. Before:
oidc_config:
enabled: true
issuer: "https://oidc_provider "
# etc
After:
oidc_providers:
- idp_id: prov1
issuer: "https://oidc_provider "
- idp_id: prov2
issuer: "https://another_oidc_provider "
The old format is still grandfathered in.
With that done, it's then simply a matter of having OidcHandler instantiate a new OidcProvider for each configured provider.
2021-01-15 16:55:29 +00:00
Patrick Cloke
8f1aefa694
Improve the sample config for SSO (OIDC, SAML, and CAS). ( #8635 )
2020-10-30 10:01:59 -04:00
Valérian Rousset
be9b55e0d2
cas: support setting display name ( #6114 )
...
Now, the CAS server can return an attribute stating what's the desired displayname, instead of using the username directly.
2019-10-11 12:33:12 +01:00
Amber Brown
f743108a94
Refactor HomeserverConfig so it can be typechecked ( #6137 )
2019-10-10 09:39:35 +01:00
Richard van der Hoff
16b52642e2
Don't load the generated config as the default.
...
It's too confusing.
2019-06-24 14:14:52 +01:00
Richard van der Hoff
c3c6b00d95
Pass config_dir_path and data_dir_path into Config.read_config. ( #5522 )
...
* Pull config_dir_path and data_dir_path calculation out of read_config_files
* Pass config_dir_path and data_dir_path into read_config
2019-06-24 11:34:45 +01:00
Richard van der Hoff
5f9bdf90fe
Attempt to make default config more consistent
...
The general idea here is that config examples should just have a hash and no
extraneous whitespace, both to make it easier for people who don't understand
yaml, and to make the examples stand out from the comments.
2019-02-19 13:54:29 +00:00
Matthew Hodgson
208a6647f1
fix typo
2017-10-29 20:54:20 +00:00
Matthew Hodgson
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
Steven Hammerton
414a4a71b4
Allow hs to do CAS login completely and issue the client with a login token that can be redeemed for the usual successful login response
2015-11-05 14:06:48 +00:00
Steven Hammerton
45f1827fb7
Add service URL to CAS config
2015-11-04 23:32:30 +00:00
Erik Johnston
5025ba959f
Add config option to disable password login
2015-10-22 10:37:04 +01:00
Steven Hammerton
ab7f9bb861
Default cas_required_attributes to empty dictionary
2015-10-12 14:58:59 +01:00
Steven Hammerton
01a5f1991c
Support multiple required attributes in CAS response, and in a nicer config format too
2015-10-12 14:43:17 +01:00
Steven Hammerton
76421c496d
Allow optional config params for a required attribute and it's value, if specified any CAS user must have the given attribute and the value must equal
2015-10-12 11:11:49 +01:00
Steven Hammerton
c33f5c1a24
Provide ability to login using CAS
2015-10-10 10:49:42 +01:00