forked from coop-cloud/authentik
62 lines
2.0 KiB
Cheetah
62 lines
2.0 KiB
Cheetah
version: 1
|
|
metadata:
|
|
labels:
|
|
blueprints.goauthentik.io/instantiate: "true"
|
|
name: Writefreely
|
|
|
|
entries:
|
|
- attrs:
|
|
description: writefreely
|
|
expression: 'return { "writefreely_groups": [{"gid": group.name, "displayName":
|
|
group.name} for group in request.user.ak_groups.all()], }'
|
|
managed: null
|
|
scope_name: writefreely
|
|
conditions: []
|
|
id: writefreely_group_mapping
|
|
identifiers:
|
|
name: writefreely
|
|
model: authentik_providers_oauth2.scopemapping
|
|
state: present
|
|
|
|
- attrs:
|
|
access_code_validity: minutes=1
|
|
authentication_flow: !Find [authentik_flows.flow, [slug, default-authentication-flow]]
|
|
authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-implicit-consent]]
|
|
invalidation_flow: !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
|
|
client_id: {{ secret "writefreely_id" }}
|
|
client_secret: {{ secret "writefreely_secret" }}
|
|
client_type: confidential
|
|
include_claims_in_id_token: true
|
|
issuer_mode: per_provider
|
|
redirect_uris:
|
|
- matching_mode: strict
|
|
url: https://{{ env "WRITEFREELY_DOMAIN" }}/oauth/callback/generic
|
|
name: Writefreely
|
|
property_mappings:
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
|
|
- !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
|
|
- !KeyOf writefreely_group_mapping
|
|
signing_key: !Find [authentik_crypto.certificatekeypair, [name, authentik Self-signed Certificate]]
|
|
sub_mode: user_username
|
|
token_validity: days=30
|
|
conditions: []
|
|
id: writefreely_provider
|
|
identifiers:
|
|
pk: 9988
|
|
model: authentik_providers_oauth2.oauth2provider
|
|
state: present
|
|
|
|
- attrs:
|
|
meta_launch_url: https://{{ env "WRITEFREELY_DOMAIN" }}
|
|
open_in_new_tab: true
|
|
policy_engine_mode: any
|
|
provider: !KeyOf writefreely_provider
|
|
slug: writefreely
|
|
conditions: []
|
|
id: writefreely_application
|
|
identifiers:
|
|
name: Writefreely
|
|
model: authentik_core.application
|
|
state: present
|