Skip to content

Commit

Permalink
Merge pull request #1265 from maykinmedia/task/2426-config-docs
Browse files Browse the repository at this point in the history 
[#2426] Migrate generation of config docs to library
  • Loading branch information
@pi-sigma
pi-sigma authored Jul 16, 2024
2 parents 9c33cde + 4c12da2 commit 0002256
Show file tree
Hide file tree
Showing 36 changed files with 1,683 additions and 1,381 deletions.
68 changes: 37 additions & 31 deletions docs/configuration/admin_oidc.rst
View file
Original file line number Diff line number Diff line change
@@ -1,33 +1,39 @@
.. _admin_oidc:

========================
Admin OIDC Configuration
========================
================================================
Configuration for admin login via OpenID Connect
================================================

Settings Overview
=================


Enable/Disable configuration:
"""""""""""""""""""""""""""""

::

ADMIN_OIDC_CONFIG_ENABLE



Required:
"""""""""

::

ADMIN_OIDC_DEFAULT_GROUPS
ADMIN_OIDC_OIDC_RP_CLIENT_ID
ADMIN_OIDC_OIDC_RP_CLIENT_SECRET


All settings:
"""""""""""""

::

ADMIN_OIDC_CLAIM_MAPPING
ADMIN_OIDC_DEFAULT_GROUPS
ADMIN_OIDC_GROUPS_CLAIM
ADMIN_OIDC_MAKE_USERS_STAFF
ADMIN_OIDC_OIDC_EXEMPT_URLS
Expand Down Expand Up @@ -60,127 +66,127 @@ Detailed Information
Description Mapping from user-model fields to OIDC claims
Possible values Mapping: {'some_key': 'Some value'}
Default value {'email': 'email', 'first_name': 'given_name', 'last_name': 'family_name'}

Variable ADMIN_OIDC_GROUPS_CLAIM
Setting groups claim
Description The name of the OIDC claim that holds the values to map to local user groups.
Possible values string
Default value roles

Variable ADMIN_OIDC_MAKE_USERS_STAFF
Setting make users staff
Description Users will be flagged as being a staff user automatically. This allows users to login to the admin interface. By default they have no permissions, even if they are staff.
Possible values True, False
Default value False

Variable ADMIN_OIDC_OIDC_EXEMPT_URLS
Setting URLs exempt from session renewal
Description This is a list of absolute url paths, regular expressions for url paths, or Django view names. This plus the mozilla-django-oidc urls are exempted from the session renewal by the SessionRefresh middleware.
Possible values string, comma-delimited ('foo,bar,baz')
Default value

Default value
Variable ADMIN_OIDC_OIDC_NONCE_SIZE
Setting Nonce size
Description Sets the length of the random string used for OpenID Connect nonce verification
Possible values string representing a positive integer
Default value 32

Variable ADMIN_OIDC_OIDC_OP_AUTHORIZATION_ENDPOINT
Setting Authorization endpoint
Description URL of your OpenID Connect provider authorization endpoint
Possible values string
Possible values string (URL)
Default value No default

Variable ADMIN_OIDC_OIDC_OP_DISCOVERY_ENDPOINT
Setting Discovery endpoint
Description URL of your OpenID Connect provider discovery endpoint ending with a slash (`.well-known/...` will be added automatically). If this is provided, the remaining endpoints can be omitted, as they will be derived from this endpoint.
Possible values string
Possible values string (URL)
Default value No default

Variable ADMIN_OIDC_OIDC_OP_JWKS_ENDPOINT
Setting JSON Web Key Set endpoint
Description URL of your OpenID Connect provider JSON Web Key Set endpoint. Required if `RS256` is used as signing algorithm.
Possible values string
Possible values string (URL)
Default value No default

Variable ADMIN_OIDC_OIDC_OP_TOKEN_ENDPOINT
Setting Token endpoint
Description URL of your OpenID Connect provider token endpoint
Possible values string
Possible values string (URL)
Default value No default

Variable ADMIN_OIDC_OIDC_OP_USER_ENDPOINT
Setting User endpoint
Description URL of your OpenID Connect provider userinfo endpoint
Possible values string
Possible values string (URL)
Default value No default

Variable ADMIN_OIDC_OIDC_RP_CLIENT_ID
Setting OpenID Connect client ID
Description OpenID Connect client ID provided by the OIDC Provider
Possible values string
Default value No default

Variable ADMIN_OIDC_OIDC_RP_CLIENT_SECRET
Setting OpenID Connect secret
Description OpenID Connect secret provided by the OIDC Provider
Possible values string
Default value No default

Variable ADMIN_OIDC_OIDC_RP_IDP_SIGN_KEY
Setting Sign key
Description Key the Identity Provider uses to sign ID tokens in the case of an RSA sign algorithm. Should be the signing key in PEM or DER format.
Possible values string
Default value No default

Variable ADMIN_OIDC_OIDC_RP_SCOPES_LIST
Setting OpenID Connect scopes
Description OpenID Connect scopes that are requested during login
Possible values string, comma-delimited ('foo,bar,baz')
Default value openid, email, profile

Variable ADMIN_OIDC_OIDC_RP_SIGN_ALGO
Setting OpenID sign algorithm
Description Algorithm the Identity Provider uses to sign ID tokens
Possible values string
Default value HS256

Variable ADMIN_OIDC_OIDC_STATE_SIZE
Setting State size
Description Sets the length of the random string used for OpenID Connect state verification
Possible values string representing a positive integer
Default value 32

Variable ADMIN_OIDC_OIDC_USE_NONCE
Setting Use nonce
Description Controls whether the OpenID Connect client uses nonce verification
Possible values True, False
Default value True

Variable ADMIN_OIDC_SUPERUSER_GROUP_NAMES
Setting Superuser group names
Description If any of these group names are present in the claims upon login, the user will be marked as a superuser. If none of these groups are present the user will lose superuser permissions.
Possible values string, comma-delimited ('foo,bar,baz')
Default value

Default value
Variable ADMIN_OIDC_SYNC_GROUPS
Setting Create local user groups if they do not exist yet
Description If checked, local user groups will be created for group names present in the groups claim, if they do not exist yet locally.
Possible values True, False
Default value True

Variable ADMIN_OIDC_SYNC_GROUPS_GLOB_PATTERN
Setting groups glob pattern
Description The glob pattern that groups must match to be synchronized to the local database.
Possible values string
Default value *

Variable ADMIN_OIDC_USERINFO_CLAIMS_SOURCE
Setting user information claims extracted from
Description Indicates the source from which the user information claims should be extracted.
Possible values userinfo_endpoint, id_token
Default value userinfo_endpoint

Variable ADMIN_OIDC_USERNAME_CLAIM
Setting username claim
Description The name of the OIDC claim that is used as the username
Expand Down
54 changes: 54 additions & 0 deletions docs/configuration/cms_cases.rst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
.. _cms_cases:

===============================
Configuration for CMS cases app
===============================

Settings Overview
=================


Enable/Disable configuration:
"""""""""""""""""""""""""""""

::

CMS_CONFIG_CASES_ENABLE




All settings:
"""""""""""""

::

CMS_CASES_MENU_ICON
CMS_CASES_MENU_INDICATOR
CMS_CASES_REQUIRES_AUTH
CMS_CASES_REQUIRES_AUTH_BSN_OR_KVK

Detailed Information
====================

::

Variable CMS_CASES_MENU_ICON
Description Icon in the menu
Possible values String
Default value No default
Variable CMS_CASES_MENU_INDICATOR
Description Menu indicator for the app
Possible values String
Default value No default
Variable CMS_CASES_REQUIRES_AUTH
Description Whether the access to the page is restricted
Possible values True, False
Default value No default
Variable CMS_CASES_REQUIRES_AUTH_BSN_OR_KVK
Description Access to the page requires BSN or KVK
Possible values True, False
Default value No default
54 changes: 54 additions & 0 deletions docs/configuration/cms_collaborate.rst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
.. _cms_collaborate:

=====================================
Configuration for CMS collaborate app
=====================================

Settings Overview
=================


Enable/Disable configuration:
"""""""""""""""""""""""""""""

::

CMS_CONFIG_COLLABORATE_ENABLE




All settings:
"""""""""""""

::

CMS_COLLABORATE_MENU_ICON
CMS_COLLABORATE_MENU_INDICATOR
CMS_COLLABORATE_REQUIRES_AUTH
CMS_COLLABORATE_REQUIRES_AUTH_BSN_OR_KVK

Detailed Information
====================

::

Variable CMS_COLLABORATE_MENU_ICON
Description Icon in the menu
Possible values String
Default value No default
Variable CMS_COLLABORATE_MENU_INDICATOR
Description Menu indicator for the app
Possible values String
Default value No default
Variable CMS_COLLABORATE_REQUIRES_AUTH
Description Whether the access to the page is restricted
Possible values True, False
Default value No default
Variable CMS_COLLABORATE_REQUIRES_AUTH_BSN_OR_KVK
Description Access to the page requires BSN or KVK
Possible values True, False
Default value No default
54 changes: 54 additions & 0 deletions docs/configuration/cms_inbox.rst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
.. _cms_inbox:

===============================
Configuration for CMS inbox app
===============================

Settings Overview
=================


Enable/Disable configuration:
"""""""""""""""""""""""""""""

::

CMS_CONFIG_INBOX_ENABLE




All settings:
"""""""""""""

::

CMS_INBOX_MENU_ICON
CMS_INBOX_MENU_INDICATOR
CMS_INBOX_REQUIRES_AUTH
CMS_INBOX_REQUIRES_AUTH_BSN_OR_KVK

Detailed Information
====================

::

Variable CMS_INBOX_MENU_ICON
Description Icon in the menu
Possible values String
Default value No default
Variable CMS_INBOX_MENU_INDICATOR
Description Menu indicator for the app
Possible values String
Default value No default
Variable CMS_INBOX_REQUIRES_AUTH
Description Whether the access to the page is restricted
Possible values True, False
Default value No default
Variable CMS_INBOX_REQUIRES_AUTH_BSN_OR_KVK
Description Access to the page requires BSN or KVK
Possible values True, False
Default value No default
Loading

0 comments on commit 0002256

Please sign in to comment.