From 5ca4c9d11a9eda36e4976dab44c0f92dc2311d03 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 15 Feb 2022 11:51:10 +0800 Subject: [PATCH 1/2] Add custom open id providers support --- .../2022-01-01-preview/EasyAuthConfigs.json | 96 +++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index fbb6513ebf39..dc9241650f9c 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -408,6 +408,102 @@ "azureStaticWebApp": { "$ref": "#/definitions/AzureStaticWebApp", "description": "The configuration settings of the Azure Static Web Apps provider." + }, + "customOpenIdConnectProviders": { + "description": "The map of the name of the alias of each custom Open ID Connect provider to the\nconfiguration settings of the custom Open ID Connect provider.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/CustomOpenIdConnectProvider" + } + } + } + }, + "CustomOpenIdConnectProvider": { + "description": "The configuration settings of the custom Open ID Connect provider.", + "type": "object", + "properties": { + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the custom Open ID Connect provider provider should not be enabled despite the set registration; otherwise, Enabled." + }, + "registration": { + "$ref": "#/definitions/OpenIdConnectRegistration", + "description": "The configuration settings of the app registration for the custom Open ID Connect provider." + }, + "login": { + "$ref": "#/definitions/OpenIdConnectLogin", + "description": "The configuration settings of the login flow of the custom Open ID Connect provider." + } + } + }, + "OpenIdConnectRegistration": { + "description": "The configuration settings of the app registration for the custom Open ID Connect provider.", + "type": "object", + "properties": { + "clientId": { + "description": "The client id of the custom Open ID Connect provider.", + "type": "string" + }, + "clientCredential": { + "$ref": "#/definitions/OpenIdConnectClientCredential", + "description": "The authentication credentials of the custom Open ID Connect provider." + }, + "openIdConnectConfiguration": { + "$ref": "#/definitions/OpenIdConnectConfig", + "description": "The configuration settings of the endpoints used for the custom Open ID Connect provider." + } + } + }, + "OpenIdConnectClientCredential": { + "description": "The authentication client credentials of the custom Open ID Connect provider.", + "type": "object", + "properties": { + "clientSecretRefName": { + "description": "The app setting that contains the client secret for the custom Open ID Connect provider.", + "type": "string" + } + } + }, + "OpenIdConnectConfig": { + "description": "The configuration settings of the endpoints used for the custom Open ID Connect provider.", + "type": "object", + "properties": { + "authorizationEndpoint": { + "description": "The endpoint to be used to make an authorization request.", + "type": "string" + }, + "tokenEndpoint": { + "description": "The endpoint to be used to request a token.", + "type": "string" + }, + "issuer": { + "description": "The endpoint that issues the token.", + "type": "string" + }, + "certificationUri": { + "description": "The endpoint that provides the keys necessary to validate the token.", + "type": "string" + }, + "wellKnownOpenIdConfiguration": { + "description": "The endpoint that contains all the configuration endpoints for the provider.", + "type": "string" + } + } + }, + "OpenIdConnectLogin": { + "description": "The configuration settings of the login flow of the custom Open ID Connect provider.", + "type": "object", + "properties": { + "nameClaimType": { + "description": "The name of the claim that contains the users name.", + "type": "string" + }, + "scopes": { + "description": "A list of the scopes that should be requested while authenticating.", + "type": "array", + "items": { + "type": "string" + } } } }, From 404858ec9e70e82a0827019359527bca2b040019 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 15 Feb 2022 13:43:26 +0800 Subject: [PATCH 2/2] Update description --- .../preview/2022-01-01-preview/EasyAuthConfigs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index dc9241650f9c..d0720d183ee0 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -424,7 +424,7 @@ "properties": { "state": { "$ref": "#/definitions/IdentityProviderState", - "description": "Disabled if the custom Open ID Connect provider provider should not be enabled despite the set registration; otherwise, Enabled." + "description": "Disabled if the custom Open ID Connect provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/OpenIdConnectRegistration",