36 lines
1.1 KiB
Terraform
36 lines
1.1 KiB
Terraform
|
data "authentik_flow" "default_authorization_flow" {
|
||
|
|
slug = "default-provider-authorization-implicit-consent"
|
||
|
|
}
|
||
|
|
|
||
|
|
data "authentik_flow" "default_authentication_flow" {
|
||
|
|
slug = "default-authentication-flow"
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
data "authentik_scope_mapping" "wekan" {
|
||
|
|
managed_list = [
|
||
|
|
"goauthentik.io/providers/oauth2/scope-email",
|
||
|
|
"goauthentik.io/providers/oauth2/scope-openid",
|
||
|
|
"goauthentik.io/providers/oauth2/scope-profile"
|
||
|
|
]
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
resource "authentik_provider_oauth2" "wekan" {
|
||
|
|
name = "Wekan"
|
||
|
|
client_id = var.secrets.authentik_client_id
|
||
|
|
client_secret = var.secrets.authentik_client_secret
|
||
|
|
authorization_flow = data.authentik_flow.default_authorization_flow.id
|
||
|
|
authentication_flow = data.authentik_flow.default_authentication_flow.id
|
||
|
|
redirect_uris = [
|
||
|
|
"https://kanban.chaoswest.tv/_oauth/oidc"
|
||
|
|
]
|
||
|
|
sub_mode = "user_username"
|
||
|
|
property_mappings = data.authentik_scope_mapping.wekan.ids
|
||
|
|
}
|
||
|
|
|
||
|
|
resource "authentik_application" "wekan" {
|
||
|
|
name = "Wekan"
|
||
|
|
slug = "wekan"
|
||
|
|
protocol_provider = authentik_provider_oauth2.wekan.id
|
||
|
|
}
|