From 16e6fc15f40f46f8568cf9a6767def85186632c4 Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Wed, 3 Nov 2021 10:22:56 +0100
Subject: [PATCH] add comment about single quotes, edit
 values-local.yaml.example

---
 values-local.yaml.example | 46 ++++++++++++++++++++++++---------------
 values.yaml               |  2 ++
 2 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/values-local.yaml.example b/values-local.yaml.example
index 7e3cee72..d79a93ea 100644
--- a/values-local.yaml.example
+++ b/values-local.yaml.example
@@ -49,21 +49,31 @@ apps:
 
 # sociallogin enables login via oAuth/Open-ID Connect
 sociallogin:
-  # sociallogin.server_name is the FQDN of you oAuth server. The oAuth server needs to
-  # provide the endpoints `/userinfo`, `/oauth2/token` and `/oauth2/auth` and according
-  # to the oauth2 standard it needs to be accessible via https with valid certificates
-  server_name: sso.oas.example.net
-  # sociallogin.client_id is the client name nextcloud will use to communicate with the
-  # oAuth server
-  client_id: nextcloud
-
-  ## sociallogin.client_secret is the password that nextcloud uses when communicating with
-  ## the oauth server
-  # client_secret: "YouReallyNeedToChangeThis"
-
-  # sociallogin.groups_claim is the name of a claim that the nextcloud server can retrieve
-  # by querying the `/userinfo` enfpoint of the openID Connect server. For every value in
-  # the groups_claim a corresponding group with a `oas_` prefix will be created if they don't
-  # exist yet. The user will then be added to those groups.
-  # If the claim contains the value `admin` the user will be added granted admin privileges.
-  groups_claim: "openappstack_roles"
+  # Because of how we import these settings, single quotes (') are not allowed
+  # in any of the values below
+  custom_oidc:
+    name: oas
+    title: OpenAppStack
+    # The oAuth server needs to provide the endpoints `/userinfo`,
+    # `/oauth2/token` and `/oauth2/auth` and according to the oauth2 standard it
+    # needs to be accessible via https with valid certificates
+    authorizeUrl: sso.oas.example.net/oauth2/auth
+    tokenUrl: sso.oas.example.net/oauth2/token
+    userInfoUrl: sso.oas.example.net/userinfo
+    logoutUrl: ""
+    # The client name nextcloud will use to communicate with the oAuth server
+    clientId: nextcloud
+    # The password that nextcloud uses when communicating with the oauth server
+    # clientSecret: YouReallyNeedToChangeThis
+    scope: "openid profile email openappstack_roles"
+    # The name of a claim that the nextcloud server can retrieve by querying the
+    # userInfoUrl of the openID Connect server. For every value in the
+    # groups_claim a corresponding group with an `oas_` prefix will be created
+    # if they don't exist yet. The user will then be added to those groups.  If
+    # the claim contains the value `admin` the user will be granted admin
+    # privileges.
+    groupsClaim: "openappstack_roles"
+    style: ""
+    defaultGroup: ""
+    groupMapping:
+      admin: admin
diff --git a/values.yaml b/values.yaml
index bdab04a0..12fa3aa8 100644
--- a/values.yaml
+++ b/values.yaml
@@ -175,6 +175,8 @@ rabbitmq:
     erlangCookie: stub
 
 sociallogin:
+  # Because of how we import these settings, single quotes (') are not allowed
+  # in any of the values below
   custom_oidc:
     name: oas
     title: OpenAppStack
-- 
GitLab