|
195 | 195 | "authentication": { |
196 | 196 | "type": "object", |
197 | 197 | "description": "Configuration for an authentication source", |
198 | | - "properties": { |
199 | | - "type": { "type": "string", "enum": ["local", "ActiveDirectory", "OpenIdConnect"] }, |
200 | | - "enabled": { "type": "boolean" }, |
201 | | - "adminGroup": { |
202 | | - "type": "string", |
203 | | - "description": "Group that indicates that a user is an admin" |
204 | | - }, |
205 | | - "userGroup": { |
206 | | - "type": "string", |
207 | | - "description": "Group that indicates that a user should be able to login to the Git Proxy UI and can work as a reviewer" |
| 198 | + "oneOf": [ |
| 199 | + { |
| 200 | + "properties": { |
| 201 | + "type": { "type": "string", "const": "local" }, |
| 202 | + "enabled": { "type": "boolean" } |
| 203 | + }, |
| 204 | + "required": ["type","enabled"] |
208 | 205 | }, |
209 | | - "domain": { "type": "string", "description": "Active Directory domain" }, |
210 | | - "adConfig": { |
211 | | - "type": "object", |
212 | | - "description": "Additional Active Directory configuration supporting LDAP connection which can be used to confirm group membership. For the full set of available options see the activedirectory 2 NPM module docs at https://www.npmjs.com/package/activedirectory2#activedirectoryoptions <br /><br />Please note that if the Third Party APIs config `api.ls.userInADGroup` is set then the REST API it represents is used in preference to direct querying of group memebership via LDAP.", |
| 206 | + { |
213 | 207 | "properties": { |
214 | | - "url": { |
| 208 | + "type": { "type": "string", "const": "ActiveDirectory" }, |
| 209 | + "enabled": { "type": "boolean" }, |
| 210 | + "adminGroup": { |
215 | 211 | "type": "string", |
216 | | - "description": "Active Directory server to connect to, e.g. `ldap://ad.example.com`." |
| 212 | + "description": "Group that indicates that a user is an admin" |
217 | 213 | }, |
218 | | - "baseDN": { |
| 214 | + "userGroup": { |
219 | 215 | "type": "string", |
220 | | - "description": "The root DN from which all searches will be performed, e.g. `dc=example,dc=com`." |
| 216 | + "description": "Group that indicates that a user should be able to login to the Git Proxy UI and can work as a reviewer" |
221 | 217 | }, |
222 | | - "username": { |
223 | | - "type": "string", |
224 | | - "description": "An account name capable of performing the operations desired." |
225 | | - }, |
226 | | - "password": { "type": "string", "description": "Password for the given `username`." } |
| 218 | + "domain": { "type": "string", "description": "Active Directory domain" }, |
| 219 | + "adConfig": { |
| 220 | + "type": "object", |
| 221 | + "description": "Additional Active Directory configuration supporting LDAP connection which can be used to confirm group membership. For the full set of available options see the activedirectory 2 NPM module docs at https://www.npmjs.com/package/activedirectory2#activedirectoryoptions <br /><br />Please note that if the Third Party APIs config `api.ls.userInADGroup` is set then the REST API it represents is used in preference to direct querying of group memebership via LDAP.", |
| 222 | + "properties": { |
| 223 | + "url": { |
| 224 | + "type": "string", |
| 225 | + "description": "Active Directory server to connect to, e.g. `ldap://ad.example.com`." |
| 226 | + }, |
| 227 | + "baseDN": { |
| 228 | + "type": "string", |
| 229 | + "description": "The root DN from which all searches will be performed, e.g. `dc=example,dc=com`." |
| 230 | + }, |
| 231 | + "username": { |
| 232 | + "type": "string", |
| 233 | + "description": "An account name capable of performing the operations desired." |
| 234 | + }, |
| 235 | + "password": { "type": "string", "description": "Password for the given `username`." } |
| 236 | + }, |
| 237 | + "required": ["url", "baseDN", "username", "password"] |
| 238 | + } |
227 | 239 | }, |
228 | | - "required": ["url", "baseDN", "username", "password"] |
| 240 | + "required": ["type","enabled","adminGroup","userGroup","domain"] |
| 241 | + }, |
| 242 | + { |
| 243 | + "properties": { |
| 244 | + "type": { "type": "string", "const": "openidconnect" }, |
| 245 | + "enabled": { "type": "boolean" }, |
| 246 | + "oidcConfig": { |
| 247 | + "type": "object", |
| 248 | + "description": "Additional OIDC configuration.", |
| 249 | + "properties": { |
| 250 | + "issuer": { "type": "string" }, |
| 251 | + "clientID": { "type": "string" }, |
| 252 | + "clientSecret": { "type": "string" }, |
| 253 | + "callbackURL": { "type": "string" }, |
| 254 | + "scope": { "type": "string" } |
| 255 | + }, |
| 256 | + "required": ["issuer","clientID","clientSecret","callbackURL","scope"] |
| 257 | + } |
| 258 | + }, |
| 259 | + "required": ["type","enabled","oidcConfig"] |
| 260 | + }, |
| 261 | + { |
| 262 | + "properties": { |
| 263 | + "type": { "type": "string", "const": "jwt" }, |
| 264 | + "enabled": { "type": "boolean" }, |
| 265 | + "jwtConfig": { |
| 266 | + "type": "object", |
| 267 | + "description": "Additional JWT configuration.", |
| 268 | + "properties": { |
| 269 | + "clientID": { "type": "string" }, |
| 270 | + "authorityURL": { "type": "string" } |
| 271 | + }, |
| 272 | + "required": ["clientID","authorityURL"] |
| 273 | + } |
| 274 | + }, |
| 275 | + "required": ["type","enabled","jwtConfig"] |
229 | 276 | } |
230 | | - }, |
231 | | - "required": ["type", "enabled"] |
| 277 | + ], |
232 | 278 | }, |
233 | 279 | "routeAuthRule": { |
234 | 280 | "type": "object", |
|
0 commit comments