SSO Google
Example Configuration:
Code Block | ||
---|---|---|
| ||
[service.local] protocol = "http" policy = "failover" admins = ["admin"] [service.local.credential] username = "user" password = "password" [[service.local.targets]] hostname = "b2bmft.stonebranch.com" port = 9180 |
...
Google Auth
Create a new Project under you google account: https://console.cloud.google.com/projectcreate
...
Create the following instance under your service wit with the path related to the configuration file
...
{
"clientID": "client-id",
"clientSecret": "client-server",
"redirectURI": "<http-fqdn>/service/auth/sso/google/callback",
"hostedDomains": ["domain.com"]
}
...
Note |
---|
...
If |
...
you |
...
are |
...
going |
...
to |
...
use |
...
a |
...
public |
...
domain, |
...
like |
...
...
dont |
...
setup |
...
the |
...
hostedDomains, |
...
since |
...
the |
...
hd |
...
parameter |
...
in |
...
the |
...
callback |
...
will |
...
be |
...
empty. |
OpenID
https://console.cloud.google.com/apis/credentials
Code Block | ||
---|---|---|
| ||
[service.local.auth.oidc] file = "openid-config.json" |
...
{ "issuer": "https://accounts.google.com", "clientID": "<client-id>", "clientSecret": "<client-secret-id>", "redirectURI": "https://<fqdn>/service/auth/sso/openid/callback" } |
OAuth2
Code Block | ||
---|---|---|
| ||
[service.local.auth.oauth] file = "oauth-config.json" |
...
{ "issuer": "https://accounts.google.com", "clientID": "<client-id>", "clientSecret": "<client-secret-id>", "redirectURI": "https://<fqdn>/service/auth/sso/oauth/callback", "tokenURL": "https://oauth2.googleapis.com/token", "authorizationURL": "https://accounts.google.com/o/oauth2/auth", "scopes": ["profile"], "insecureSkipVerify": true, "userInfoURL": "https://www.googleapis.com/oauth2/v3/userinfo", "userIDKey": "sub" } |
Note |
---|
...
Google provider offer a setup for Oauth2. |