From cd607d6d64ed01f38abded57c55f728b34a898dd Mon Sep 17 00:00:00 2001
From: egoncalv <elisamaraaoki.goncalves@windriver.com>
Date: Fri, 30 Apr 2021 15:34:40 -0300
Subject: [PATCH] Updated Security Guide

Added last Note, Step 5, and Step 6 to the file "configure-oidc-auth-applications" in the Security Guide

Patch 1: Acted on comments by Adil

Patch 2: Acted on comments by Greg and Jerry

Signed-off-by: egoncalv <elisamaraaoki.goncalves@windriver.com>
Change-Id: Iae92595a0da5cf7de3d95dd70448d306f9473aec
---
 .../configure-oidc-auth-applications.rst           | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/doc/source/security/kubernetes/configure-oidc-auth-applications.rst b/doc/source/security/kubernetes/configure-oidc-auth-applications.rst
index 66a3fdc7f..4e293fa38 100644
--- a/doc/source/security/kubernetes/configure-oidc-auth-applications.rst
+++ b/doc/source/security/kubernetes/configure-oidc-auth-applications.rst
@@ -128,7 +128,7 @@ and uploaded by default.
     .. code-block:: none
 
         ~(keystone_admin)]$ system helm-override-show oidc-auth-apps dex kube-system
-        
+
         config:
           staticClients:
           - id: stx-oidc-client-app
@@ -147,7 +147,7 @@ and uploaded by default.
         oidc-client container and the dex container. It is recommended that you
         configure a unique, more secure **client\_secret** by specifying the
         value in the dex overrides file, as shown in the example below.
-        
+
     .. code-block:: none
 
         config:
@@ -155,7 +155,7 @@ and uploaded by default.
           - id: stx-oidc-client-app
             name: STX OIDC Client app
             redirectURIs: ['<OAM floating IP address>/callback']
-            secret: BetterSecret 
+            secret: BetterSecret
           client_secret: BetterSecret
           expiry:
             idTokens: "10h"
@@ -212,7 +212,7 @@ and uploaded by default.
     /home/sysadmin/oidc-client-overrides.yaml file.
 
     .. code-block:: none
-  
+
         config:
           client_secret: BetterSecret
 
@@ -223,7 +223,7 @@ and uploaded by default.
         ~(keystone_admin)]$ system helm-override-update oidc-auth-apps oidc-client kube-system --values /home/sysadmin/oidc-client-overrides.yaml
 
     .. note::
-  
+
         If you need to manually override the secrets, the client\_secret in the
         oidc-client overrides must match the staticClients secret and
         client\_secret in the dex overrides, otherwise the oidc-auth |CLI|
@@ -234,6 +234,4 @@ and uploaded by default.
 
     .. code-block:: none
 
-        ~(keystone_admin)]$ system application-apply oidc-auth-apps
-
-
+        ~(keystone_admin)]$ system application-apply oidc-auth-apps
\ No newline at end of file