Update mod_openidc config for devstack
Use a vanity URL for redirect uri so that it does not conflict with
existing keystone endpoint. The documentation was updated recently[1]
but the actual configuration used in devstack setup was still kept old
at that time.
[1] 7ac0c3cd33
Related-Bug: #2075349
Change-Id: I8d06f3c388260f356c7a1da0212bb3b399f3a848
This commit is contained in:
parent
97431ec99b
commit
c450599cbd
@ -12,8 +12,12 @@ OIDCClientSecret "%OIDC_CLIENT_SECRET%"
|
|||||||
OIDCPKCEMethod "S256"
|
OIDCPKCEMethod "S256"
|
||||||
OIDCCryptoPassphrase "openstack"
|
OIDCCryptoPassphrase "openstack"
|
||||||
|
|
||||||
OIDCRedirectURI "https://%HOST_IP%/identity/v3/auth/OS-FEDERATION/identity_providers/%IDP_ID%/protocols/openid/websso"
|
OIDCRedirectURI "https://%HOST_IP%/identity/v3/redirect_uri"
|
||||||
OIDCRedirectURI "https://%HOST_IP%/identity/v3/auth/OS-FEDERATION/websso/openid"
|
|
||||||
|
<Location "/v3/redirect_uri">
|
||||||
|
Require valid-user
|
||||||
|
AuthType openid-connect
|
||||||
|
</Location>
|
||||||
|
|
||||||
<LocationMatch "/v3/auth/OS-FEDERATION/websso/openid">
|
<LocationMatch "/v3/auth/OS-FEDERATION/websso/openid">
|
||||||
AuthType "openid-connect"
|
AuthType "openid-connect"
|
||||||
|
Loading…
Reference in New Issue
Block a user