-
Notifications
You must be signed in to change notification settings - Fork 3
/
provider-schema.yaml
133 lines (123 loc) · 4.18 KB
/
provider-schema.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
---
$schema: http://json-schema.org/schema#
$id: https://gitlab.com/openmicroscopy/incubator/omero-oauth#0
title: jsonschema for provider configuration file
type: object
additionalProperties: false
required:
- providers
properties:
providers:
title: List of OAuth provider configurations
type: array
minItems: 1
items:
type: object
additionalProperties: false
required:
- name
- displayname
- url
- client
- userinfo
- user
properties:
name:
title: provider short name used for URLs and variables
type: string
pattern: "^[a-z][a-z0-9]+$"
displayname:
title: Provider name shown to users
type: string
url:
type: object
additionalProperties: false
required:
- callback
properties:
authorisation:
title: Provider authorisation URL, optional if openid.issuer defined
type: string
token:
title: Provider token URL, optional if openid.issuer defined
type: string
userinfo:
title: Provider userinfo URL, optional if openid.issuer defined
type: string
callback:
title: Provider callback to this web app
description: >
The OMERO.web server address followed by /oauth/callback/{name} where {name} is the provider shortname defined above.
For example, https://omero.example.org/oauth/callback/name.
Most providers require this callback defined here to exactly match the callback configured in the provider settings.
type: string
client:
type: object
additionalProperties: false
required:
- id
properties:
id:
title: Client ID, see your Oauth provider settings
type: string
secret:
title: Client secret, see your Oauth provider
type: string
scopes:
type: array
title: List of provider-specific scopes
items:
type: string
openid:
type: object
additionalProperties: false
required:
- issuer
properties:
issuer:
title: The OpenID issuer, required for autoconfiguration and verification
description: >
If you are using autoconfiguration to obtain urls of for verification this must be provided
type: string
verify:
title: If true verify the Oauth token
description: >
This default to false since the token is supplied over https so a verification step is redundant
type: boolean
authorization:
type: object
additionalProperties: false
properties:
params:
title: Additional key-value properties for authorisation
type: object
userinfo:
type: object
additionalProperties: false
required:
- type
properties:
type:
title: The name of the userinfo parser, for example "default"
type: string
user:
title: variables used to fill in new OMERO user fields
description: >
These properties contain `{template}` variables which will be filled using the fields in the JSON response from the userinfo calls.
Any field in the response can be used in a template when `userinfo.type: default`.
Some of these properties are ignored for other values of `userinfo.type`.
type: object
additionalProperties: false
properties:
name:
title: OMERO user name template
type: string
email:
title: email address template
type: string
firstname:
title: Firstname template
type: string
lastname:
title: Lastname template
type: string