-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfastly.secretstore.example.toml
87 lines (59 loc) · 6.65 KB
/
fastly.secretstore.example.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# This file describes a Fastly Compute@Edge package. To learn more visit:
# https://www.fastly.com/documentation/reference/fastly-toml/
authors = ["dmilitaru@fastly.com"]
description = "OAuth 2.0 starter kit for Fastly Compute"
language = "javascript"
manifest_version = 3
name = "compute-js-auth"
service_id = ""
[local_server]
[local_server.backends]
[local_server.backends.idp]
url = "https://accounts.google.com"
[local_server.backends.origin]
url = "https://httpbin.org/"
[local_server.config_stores]
[local_server.config_stores.compute_js_auth_config]
format = "inline-toml"
[local_server.config_stores.compute_js_auth_config.contents]
jwks = "{\"keys\":[{\"use\":\"sig\",\"kid\":\"c6263d09745b5032e57fa6e1d041b77a54066dbd\",\"e\":\"AQAB\",\"alg\":\"RS256\",\"n\":\"0quLYDiZIxssFKreHcXeeUIbgyU-dctbQXTfBTbAKp4Jl_TH-FQt3EfBVbo2P_1bkH-6ofvDSkQDUbigOhN4zx7JwbjAl8P18-dgjxuhF9HRdZA2W54VxBspEuHhqpsFZKoH_409ywbnc0DtAT-OQR3oQ-6ZnJfUOkLvw7o62QSDyscEi_zh8NIAGQnBo98UVVWr6lbR_PIm7l_NZu0LAux-P5Av-CxAxf32Dvl6crfv_I8ME3_fRisfKaVn5qOt_XuSXmygtTtT94lwelCCuutT6VjjIe397j83yR6LDZACOY7aAw8dx_rb3TS-SgvxQoBshj3142B4RFTVwupyQQ\",\"kty\":\"RSA\"},{\"n\":\"keFudaSl4KpJ2xC-fIGOb4eD4hwmCVF3eWxginhvrcLNx3ygDjcN7wGRC-CkzJ12ymBGsTPnSBiTFTpwpa5LXEYi-wvN-RkwA8eptcFXIzCXn1k9TqFxaPfw5Qv8N2hj0ZnFR5KPMr1bgK8vktlBu_VbptXr9IKtUEpV0hQCMjmc0JAS61ZIgx9XhPWaRbuYUvmBVLN3ButKAoWqUuzdlP1arjC1R8bUWek3xKUuSSJmZ9oHIGU5omtTEgXRDiv442R3tle-gLcfcr57uPnaAh9bIgBJRZw2mjqP8uBZurq6YkuyUDFQb8NFkBxHigoEdE7di_OtEef2GFNLseE6mw\",\"alg\":\"RS256\",\"kid\":\"7d334497506acb74cdeedaa66184d15547f83693\",\"kty\":\"RSA\",\"use\":\"sig\",\"e\":\"AQAB\"}]}"
openid_configuration = "{\"issuer\":\"https://accounts.google.com\",\"authorization_endpoint\":\"https://accounts.google.com/o/oauth2/v2/auth\",\"device_authorization_endpoint\":\"https://oauth2.googleapis.com/device/code\",\"token_endpoint\":\"https://oauth2.googleapis.com/token\",\"userinfo_endpoint\":\"https://openidconnect.googleapis.com/v1/userinfo\",\"revocation_endpoint\":\"https://oauth2.googleapis.com/revoke\",\"jwks_uri\":\"https://www.googleapis.com/oauth2/v3/certs\",\"response_types_supported\":[\"code\",\"token\",\"id_token\",\"code token\",\"code id_token\",\"token id_token\",\"code token id_token\",\"none\"],\"subject_types_supported\":[\"public\"],\"id_token_signing_alg_values_supported\":[\"RS256\"],\"scopes_supported\":[\"openid\",\"email\",\"profile\"],\"token_endpoint_auth_methods_supported\":[\"client_secret_post\",\"client_secret_basic\"],\"claims_supported\":[\"aud\",\"email\",\"email_verified\",\"exp\",\"family_name\",\"given_name\",\"iat\",\"iss\",\"locale\",\"name\",\"picture\",\"sub\"],\"code_challenge_methods_supported\":[\"plain\",\"S256\"],\"grant_types_supported\":[\"authorization_code\",\"refresh_token\",\"urn:ietf:params:oauth:grant-type:device_code\",\"urn:ietf:params:oauth:grant-type:jwt-bearer\"]}"
[local_server.secret_stores]
[[local_server.secret_stores.compute_js_auth_secrets]]
data = "YOUR_IDP_CLIENT_ID"
key = "client_id"
[[local_server.secret_stores.compute_js_auth_secrets]]
data = "YOUR_OPTIONAL_CLIENT_SECRET"
key = "client_secret"
[[local_server.secret_stores.compute_js_auth_secrets]]
data = "ARandomStringOfYourChoosingThatsHardToGuess"
key = "nonce_secret"
[scripts]
build = "npm run build"
post_init = "npm install"
[setup]
[setup.backends]
[setup.backends.idp]
address = "accounts.google.com"
description = "Identity provider authorization server"
[setup.backends.origin]
address = "httpbin.org"
description = "Content or application origin"
[setup.config_stores]
[setup.config_stores.compute_js_auth_config]
description = "Configuration metadata store"
[setup.config_stores.compute_js_auth_config.items]
[setup.config_stores.compute_js_auth_config.items.jwks]
value = "{\"keys\":[{\"use\":\"sig\",\"kid\":\"c6263d09745b5032e57fa6e1d041b77a54066dbd\",\"e\":\"AQAB\",\"alg\":\"RS256\",\"n\":\"0quLYDiZIxssFKreHcXeeUIbgyU-dctbQXTfBTbAKp4Jl_TH-FQt3EfBVbo2P_1bkH-6ofvDSkQDUbigOhN4zx7JwbjAl8P18-dgjxuhF9HRdZA2W54VxBspEuHhqpsFZKoH_409ywbnc0DtAT-OQR3oQ-6ZnJfUOkLvw7o62QSDyscEi_zh8NIAGQnBo98UVVWr6lbR_PIm7l_NZu0LAux-P5Av-CxAxf32Dvl6crfv_I8ME3_fRisfKaVn5qOt_XuSXmygtTtT94lwelCCuutT6VjjIe397j83yR6LDZACOY7aAw8dx_rb3TS-SgvxQoBshj3142B4RFTVwupyQQ\",\"kty\":\"RSA\"},{\"n\":\"keFudaSl4KpJ2xC-fIGOb4eD4hwmCVF3eWxginhvrcLNx3ygDjcN7wGRC-CkzJ12ymBGsTPnSBiTFTpwpa5LXEYi-wvN-RkwA8eptcFXIzCXn1k9TqFxaPfw5Qv8N2hj0ZnFR5KPMr1bgK8vktlBu_VbptXr9IKtUEpV0hQCMjmc0JAS61ZIgx9XhPWaRbuYUvmBVLN3ButKAoWqUuzdlP1arjC1R8bUWek3xKUuSSJmZ9oHIGU5omtTEgXRDiv442R3tle-gLcfcr57uPnaAh9bIgBJRZw2mjqP8uBZurq6YkuyUDFQb8NFkBxHigoEdE7di_OtEef2GFNLseE6mw\",\"alg\":\"RS256\",\"kid\":\"7d334497506acb74cdeedaa66184d15547f83693\",\"kty\":\"RSA\",\"use\":\"sig\",\"e\":\"AQAB\"}]}"
[setup.config_stores.compute_js_auth_config.items.openid_configuration]
value = "{\"issuer\":\"https://accounts.google.com\",\"authorization_endpoint\":\"https://accounts.google.com/o/oauth2/v2/auth\",\"device_authorization_endpoint\":\"https://oauth2.googleapis.com/device/code\",\"token_endpoint\":\"https://oauth2.googleapis.com/token\",\"userinfo_endpoint\":\"https://openidconnect.googleapis.com/v1/userinfo\",\"revocation_endpoint\":\"https://oauth2.googleapis.com/revoke\",\"jwks_uri\":\"https://www.googleapis.com/oauth2/v3/certs\",\"response_types_supported\":[\"code\",\"token\",\"id_token\",\"code token\",\"code id_token\",\"token id_token\",\"code token id_token\",\"none\"],\"subject_types_supported\":[\"public\"],\"id_token_signing_alg_values_supported\":[\"RS256\"],\"scopes_supported\":[\"openid\",\"email\",\"profile\"],\"token_endpoint_auth_methods_supported\":[\"client_secret_post\",\"client_secret_basic\"],\"claims_supported\":[\"aud\",\"email\",\"email_verified\",\"exp\",\"family_name\",\"given_name\",\"iat\",\"iss\",\"locale\",\"name\",\"picture\",\"sub\"],\"code_challenge_methods_supported\":[\"plain\",\"S256\"],\"grant_types_supported\":[\"authorization_code\",\"refresh_token\",\"urn:ietf:params:oauth:grant-type:device_code\",\"urn:ietf:params:oauth:grant-type:jwt-bearer\"]}"
[setup.secret_stores]
[setup.secret_stores.compute_js_auth_secrets]
description = "Store for authentication secrets"
[setup.secret_stores.compute_js_auth_secrets.entries]
[setup.secret_stores.compute_js_auth_secrets.entries.client_id]
value = "YOUR_IDP_CLIENT_ID"
[setup.secret_stores.compute_js_auth_secrets.entries.client_secret]
value = "YOUR_OPTIONAL_CLIENT_SECRET"
[setup.secret_stores.compute_js_auth_secrets.entries.nonce_secret]
value = "ARandomStringOfYourChoosingThatsHardToGuess"