OIDCServerSettings¶
- pydantic model gafaelfawr.config.OIDCServerSettings¶
pydantic model of issuer configuration.
- Parameters:
data (
Any)
Show JSON schema
{ "title": "OIDCServerSettings", "description": "pydantic model of issuer configuration.", "type": "object", "properties": { "issuer": { "format": "uri", "maxLength": 2083, "minLength": 1, "title": "Issuer", "type": "string" }, "keyId": { "title": "Keyid", "type": "string" }, "keyFile": { "format": "path", "title": "Keyfile", "type": "string" }, "secretsFile": { "format": "path", "title": "Secretsfile", "type": "string" }, "dataRightsMapping": { "additionalProperties": { "items": { "type": "string" }, "type": "array" }, "default": {}, "description": "Mapping of group names to keywords for data releases, indicating membership in that group grants access to that data release. Used to construct the ``data_rights`` claim, which can be requested by asking for the ``rubin`` scope.", "examples": [ { "g_users": [ "dp0.1", "dp0.2", "dp0.3" ] } ], "title": "Group to data rights mapping", "type": "object" } }, "required": [ "issuer", "keyId", "keyFile", "secretsFile" ] }
- Fields:
- field dataRightsMapping: dict[str, list[str]] = {} (name 'data_rights_mapping')¶
Mapping of group names to keywords for data releases, indicating membership in that group grants access to that data release. Used to construct the
data_rightsclaim, which can be requested by asking for therubinscope.
- field issuer: HttpsUrl [Required]¶
iss (issuer) field in issued tokens.
- Constraints:
max_length = 2083
allowed_schemes = [‘https’]
host_required = True
- field keyFile: Path [Required] (name 'key_file')¶
File containing RSA private key for signing issued tokens.
- field keyId: str [Required] (name 'key_id')¶
kid (key ID) header field in issued tokens.
- field secretsFile: Path [Required] (name 'secrets_file')¶
Path to file containing OpenID Connect client secrets in JSON.