Colleen Murphy 6f4e31e4f4 Correct and enhance OpenId Connect docs
Make corrections and clarifications to the OpenID Connect federation
plugin documentation, including:

 - Generalize the note about Remote IDs to include OpenID Connect
 - Add the https:// scheme to the notes about Google's remote ID.
   Originally Google's Issuer Identifier did not use the https://
   scheme. It now claims to allow both[1] but in testing I often ran
   into the error "Could not find Identity Provider:
   https://accounts.google.com." when the remote-id was given as
   "accounts.google.com".
 - Make shell examples consistent with each other by including prompt
   symbols and "sudo" where needed
 - Fix the apache module configuration instructions: on Ubuntu, the
   package installed in the earlier step already adds the LoadModule
   config, but does not automatically enable the module
 - Fix OIDCRedirectURI directive examples: fix typo and remove /redirect
   ending, which would cause a 404 error

Also, this patch changes references to the 'oidc' plugin to 'openid'
since 'oidc' does not exist. 'mapped' could also be used as the name of
this plugin and protocol[2]. However, the documentation is structured in
a such a way that it demonstrates using both SAML And OIDC plugins side
by side, which is only possible when they have different names. Rather
than trying to decouple these examples this patch opts to keep the
openid plugin examples distinct from the SAML plugin examples.

[1] https://developers.google.com/identity/protocols/OpenIDConnect
[2] https://git.openstack.org/cgit/openstack/keystone-specs/tree/specs/keystone/juno/generic-mapping-federation.rst

Change-Id: Ie5a07f9d6f3571b0559f91c9620f5328e4c6d7cc
2017-02-25 11:39:06 +01:00
..
2017-02-17 10:06:16 -07:00
2017-02-03 02:25:19 +00:00
2016-12-19 14:55:06 +08:00
2017-02-20 10:32:30 +08:00
2016-12-19 14:24:36 +08:00