4
0

oauth2_pocketid.adoc 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
  1. [#oauth2-pocketid]
  2. = OAuth2 - Pocket ID
  3. OliveTin has been tested with Pocket ID. This documentation page describes how to configure Pocket ID for use with OliveTin and assumes you already have Pocket ID installed and running.
  4. == Configuration
  5. .config.yaml
  6. [source,yaml]
  7. ----
  8. authRequireGuestsToLogin: true
  9. accessControlLists:
  10. - name: admin
  11. permissions:
  12. view: true
  13. exec: true
  14. logs: true
  15. matchUsergroups:
  16. # Since you can't map properties in userinfo response from Pocket ID I am kind of cheating here:
  17. # only I will be able to log in and so I return the "preferred_username" as the group, and I configure my
  18. # own username as the "Usergroup" to mean "admin"
  19. - myusername
  20. addToEveryAction: true
  21. authLocalUsers:
  22. enabled: false
  23. authOAuth2RedirectUrl: https://olivetin.example.com/oauth/callback
  24. authOAuth2Providers:
  25. pocket-id:
  26. name: pocket-id
  27. title: Pocket ID
  28. icon: '<img src="https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/pocket-id-light.svg"/>'
  29. authUrl: https://id.example.com/authorize
  30. tokenUrl: https://id.example.com/api/oidc/token
  31. whoamiUrl: https://id.example.com/api/oidc/userinfo
  32. clientId: "[REDACTED]"
  33. clientSecret: "[REDACTED]"
  34. scopes:
  35. - profile
  36. - email
  37. usernameField: preferred_username
  38. userGroupField: preferred_username
  39. insecureSkipVerify: true
  40. actions:
  41. - title: "Hello world!"
  42. shell: echo 'Hello World!'
  43. ----
  44. == Pocket ID config
  45. image::pocketid.png[]