3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-25 20:49:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

Remove references to idp_provider_url for Google. (#2882)

Browse source 
* Remove references to idp_provider_url for Google. Closes #2866

* replace google with Okta in nginx docker example

Co-authored-by: alexfornuto <alex@fornuto.com>
This commit is contained in:
Alex 2022-01-07 11:21:01 -06:00 committed by GitHub
parent 425c8bd58d
commit 5d34cad553
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 7 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/docs/identity-providers/google.md
View file

@ -126,7 +126,6 @@ Your [environmental variables] should look something like this.
```bash ```bash
IDP_PROVIDER="google" IDP_PROVIDER="google"
IDP_PROVIDER_URL="https://accounts.google.com"
IDP_CLIENT_ID="yyyy.apps.googleusercontent.com" IDP_CLIENT_ID="yyyy.apps.googleusercontent.com"
IDP_CLIENT_SECRET="xxxxxx" IDP_CLIENT_SECRET="xxxxxx"
IDP_SERVICE_ACCOUNT="zzzz" # output of `base64 -i service-account-key.json` IDP_SERVICE_ACCOUNT="zzzz" # output of `base64 -i service-account-key.json`

4
docs/reference/readme.md
View file

@ -827,9 +827,9 @@ If you plan to write authorization policies using groups, or any other data that
- Environmental Variable: `IDP_PROVIDER_URL` - Environmental Variable: `IDP_PROVIDER_URL`
- Config File Key: `idp_provider_url` - Config File Key: `idp_provider_url`
- Type: `string` - Type: `string`
- Required, depending on provider - Required, depending on provider. (Do not use with Google)
Provider URL is the base path to an identity provider's [OpenID connect discovery document](https://openid.net/specs/openid-connect-discovery-1_0.html). For example, google's URL would be `https://accounts.google.com` for [their discover document](https://accounts.google.com/.well-known/openid-configuration). Provider URL is the base path to an identity provider's [OpenID connect discovery document](https://openid.net/specs/openid-connect-discovery-1_0.html). An example Azure URL would be `https://login.microsoftonline.com/common/v2.0` for [their discover document](https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration).
### Identity Provider Request Params ### Identity Provider Request Params

4
docs/reference/settings.yaml
View file

@ -943,9 +943,9 @@ settings:
- Environmental Variable: `IDP_PROVIDER_URL` - Environmental Variable: `IDP_PROVIDER_URL`
- Config File Key: `idp_provider_url` - Config File Key: `idp_provider_url`
- Type: `string` - Type: `string`
- Required, depending on provider - Required, depending on provider (Do not use with Google)
doc: | doc: |
Provider URL is the base path to an identity provider's [OpenID connect discovery document](https://openid.net/specs/openid-connect-discovery-1_0.html). For example, google's URL would be `https://accounts.google.com` for [their discover document](https://accounts.google.com/.well-known/openid-configuration). Provider URL is the base path to an identity provider's [OpenID connect discovery document](https://openid.net/specs/openid-connect-discovery-1_0.html). An example Azure URL would be `https://login.microsoftonline.com/common/v2.0` for [their discover document](https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration).
shortdoc: | shortdoc: |
Provider URL is the base path to an identity provider's OpenID connect discovery document. Provider URL is the base path to an identity provider's OpenID connect discovery document.
- name: "Identity Provider Request Params" - name: "Identity Provider Request Params"

2
examples/config/config.example.env
View file

@ -47,7 +47,6 @@ export COOKIE_SECRET="$(head -c32 /dev/urandom | base64)"
## GOOGLE ## GOOGLE
export IDP_PROVIDER="google" export IDP_PROVIDER="google"
export IDP_PROVIDER_URL="https://accounts.google.com" # optional for google
# OKTA # OKTA
# export IDP_PROVIDER="okta" # export IDP_PROVIDER="okta"
@ -69,3 +68,4 @@ export POLICY="$(base64 ./docs/configuration/examples/config/policy.example.yaml
# For Group data you must set an IDP_SERVICE_ACCOUNT # For Group data you must set an IDP_SERVICE_ACCOUNT
# https://www.pomerium.com/configuration/#identity-provider-service-account # https://www.pomerium.com/configuration/#identity-provider-service-account
# export IDP_SERVICE_ACCOUNT=$( echo YOUR_SERVICE_ACCOUNT | base64) # export IDP_SERVICE_ACCOUNT=$( echo YOUR_SERVICE_ACCOUNT | base64)
# For Google manually edit the service account to add the impersonate_user field before base64

1
examples/config/config.example.yaml
View file

@ -51,7 +51,6 @@ authenticate_service_url: https://authenticate.localhost.pomerium.io
## GOOGLE ## GOOGLE
# idp_provider: "google" # idp_provider: "google"
# idp_provider_url: "https://accounts.google.com" # optional for google
# idp_client_id: "REPLACEME # idp_client_id: "REPLACEME
# idp_client_secret: "REPLACEME # idp_client_secret: "REPLACEME

4
examples/docker/nginx.docker-compose.yml
View file

@ -18,8 +18,8 @@ services:
- SERVICES=authenticate - SERVICES=authenticate
- INSECURE_SERVER=TRUE - INSECURE_SERVER=TRUE
# NOTE!: Replace with your identity provider settings https://www.pomerium.com/docs/identity-providers.html # NOTE!: Replace with your identity provider settings https://www.pomerium.com/docs/identity-providers.html
# - IDP_PROVIDER=google # - IDP_PROVIDER=okta
# - IDP_PROVIDER_URL=https://accounts.google.com # - IDP_PROVIDER_URL=https://beyondperimeter.okta.com
# - IDP_CLIENT_ID=REPLACE_ME # - IDP_CLIENT_ID=REPLACE_ME
# - IDP_CLIENT_SECRET=REPLACE_ME # - IDP_CLIENT_SECRET=REPLACE_ME
# - IDP_SERVICE_ACCOUNT=REPLACE_ME # - IDP_SERVICE_ACCOUNT=REPLACE_ME