github.com/cs3org/reva/v2@v2.27.7/examples/oc-phoenix/frontend.toml (about) 1 [shared] 2 jwt_secret = "Pive-Fumkiu4" 3 gatewaysvc = "localhost:19000" 4 5 # This frontend.toml config file will start a reva service that: 6 # - serves as the entrypoint for owncloud APIs. 7 # - serves http endpoints on port 20080 8 # - / --------------- ocdav 9 # - /ocs ------------ ocs 10 # - /oauth2 --------- oidcprovider 11 # - /.well-known ---- wellknown service to announce openid-configuration 12 # - TODO(diocas): ocm 13 # - authenticates requests using oidc bearer auth and basic auth as fallback 14 # - serves the grpc services on port 18002 15 [grpc] 16 address = "0.0.0.0:20099" 17 18 [grpc.services.authprovider] 19 auth_manager = "oidc" 20 21 # If you want to use your own openid provider change this config 22 [grpc.services.authprovider.auth_managers.oidc] 23 issuer = "http://localhost:20080" 24 25 [http] 26 address = "0.0.0.0:20080" 27 28 [http.middlewares.cors] 29 allow_credentials = true 30 31 [http.services.wellknown] 32 issuer = "http://localhost:20080" 33 authorization_endpoint = "http://localhost:20080/oauth2/auth" 34 token_endpoint = "http://localhost:20080/oauth2/token" 35 revocation_endpoint = "http://localhost:20080/oauth2/auth" 36 introspection_endpoint = "http://localhost:20080/oauth2/introspect" 37 userinfo_endpoint = "http://localhost:20080/oauth2/userinfo" 38 39 [http.services.oidcprovider] 40 prefix = "oauth2" 41 issuer = "http://localhost:20080" 42 43 [http.services.oidcprovider.clients.phoenix] 44 id = "phoenix" 45 redirect_uris = ["http://localhost:8300/oidc-callback.html", "http://localhost:8300/"] 46 grant_types = ["implicit", "refresh_token", "authorization_code", "password", "client_credentials"] 47 response_types = ["code"] # use authorization code flow, see https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead for details 48 scopes = ["openid", "profile", "email", "offline"] 49 public = true # force PKCS for public clients 50 51 [http.services.ocdav] 52 # serve ocdav on the root path 53 prefix = "" 54 # for user lookups 55 # prefix the path of requests to /dav/files with this namespace 56 # While owncloud has only listed usernames at this endpoint CERN has 57 # been exposing more than just usernames. For owncloud deployments we 58 # can prefix the path to jail the requests to the correct CS3 namespace. 59 # In this deployment we mounted the owncloud storage provider at /oc. It 60 # expects a username as the first path segment. 61 # currently, only the desktop client will use this endpoint, but only if 62 # the dav.chunking capability is available 63 # TODO implement a path wrapper that rewrites `<username>` into the path 64 # layout for the users home? 65 # no, use GetHome? 66 # for eos we need to rewrite the path 67 # TODO strip the username from the path so the CS3 namespace can be mounted 68 # at the files/<username> endpoint? what about migration? separate reva instance 69 files_namespace = "/oc" 70 71 # similar to the dav/files endpoint we can configure a prefix for the old webdav endpoint 72 # we use the old webdav endpoint to present the cs3 namespace 73 # note: this changes the tree that is rendered at remote.php/webdav from the users home to the cs3 namespace 74 # use webdav_namespace = "/home" to use the old namespace that only exposes the users files 75 # this endpoint should not affect the desktop client sync but will present different folders for the other clients: 76 # - the desktop clients use a hardcoded remote.php/dav/files/<username> if the dav.chunkung capability is present 77 # - the ios ios uses the core.webdav-root capability which points to remote.php/webdav in oc10 78 # - the oc js sdk is hardcoded to the remote.php/webdav so it will see the new tree 79 # - TODO android? no sync ... but will see different tree 80 webdav_namespace = "/home" 81 82 [http.services.ocs]