feat(sso): sSO環境設定の追加と設定ファイルの更新

2025-08-04 00:32:30 +09:00
parent d0c2d073b9
commit 189352656a
2 changed files with 67 additions and 1 deletions
--- a/.env.example
+++ b/.env.example
@ -5,3 +5,24 @@ API_TOKEN_SALT=tobemodified
 ADMIN_JWT_SECRET=tobemodified
 TRANSFER_TOKEN_SALT=tobemodified
 JWT_SECRET=tobemodified
+
+SSO_REMEMBER_ME=false
+
+GOOGLE_OAUTH_CLIENT_ID=your_google_client_id
+GOOGLE_OAUTH_CLIENT_SECRET=your_google_client_secret
+GOOGLE_OAUTH_REDIRECT_URI=http://localhost:1337/strapi-plugin-sso/google/callback
+
+COGNITO_OAUTH_CLIENT_ID=your_cognito_client_id
+COGNITO_OAUTH_CLIENT_SECRET=your_cognito_client_secret
+COGNITO_OAUTH_DOMAIN=your_cognito_domain
+COGNITO_OAUTH_REDIRECT_URI=http://localhost:1337/strapi-plugin-sso/cognito/callback
+
+AZUREAD_TENANT_ID=your_azure_tenant_id
+AZUREAD_OAUTH_CLIENT_ID=your_azure_client_id
+AZUREAD_OAUTH_CLIENT_SECRET=your_azure_client_secret
+
+OIDC_CLIENT_ID=your_oidc_client_id
+OIDC_CLIENT_SECRET=your_oidc_client_secret
+OIDC_AUTHORIZATION_ENDPOINT=https://example.com/oauth2/authorize
+OIDC_TOKEN_ENDPOINT=https://example.com/oauth2/token
+OIDC_USER_INFO_ENDPOINT=https://example.com/oauth2/userinfo
--- a/config/plugins.ts
+++ b/config/plugins.ts
@ -1 +1,46 @@
-export default () => ({});
+export default ({ env }) => ({
+  'strapi-plugin-sso': {
+    enabled: true,
+    config: {
+      REMEMBER_ME: false,
+
+      // Google
+      GOOGLE_OAUTH_CLIENT_ID: env('GOOGLE_OAUTH_CLIENT_ID'),
+      GOOGLE_OAUTH_CLIENT_SECRET: env('GOOGLE_OAUTH_CLIENT_SECRET'),
+      GOOGLE_OAUTH_REDIRECT_URI: env('GOOGLE_OAUTH_REDIRECT_URI', 'http://localhost:1337/strapi-plugin-sso/google/callback'),
+      GOOGLE_ALIAS: env('GOOGLE_ALIAS', ''),
+      GOOGLE_GSUITE_HD: env('GOOGLE_GSUITE_HD', ''),
+
+      // // Cognito
+      // COGNITO_OAUTH_CLIENT_ID: env('COGNITO_OAUTH_CLIENT_ID'),
+      // COGNITO_OAUTH_CLIENT_SECRET: env('COGNITO_OAUTH_CLIENT_SECRET'),
+      // COGNITO_OAUTH_DOMAIN: env('COGNITO_OAUTH_DOMAIN'),
+      // COGNITO_OAUTH_REDIRECT_URI: env('COGNITO_OAUTH_REDIRECT_URI', 'http://localhost:1337/strapi-plugin-sso/cognito/callback'),
+      // COGNITO_OAUTH_REGION: env('COGNITO_OAUTH_REGION', 'ap-northeast-1'),
+      // COGNITO_USER_GROUP: env('COGNITO_USER_GROUP', ''),
+      //
+      // // AzureAD
+      // AZUREAD_OAUTH_REDIRECT_URI: env('AZUREAD_OAUTH_REDIRECT_URI', 'http://localhost:1337/strapi-plugin-sso/azuread/callback'),
+      // AZUREAD_TENANT_ID: env('AZUREAD_TENANT_ID'),
+      // AZUREAD_OAUTH_CLIENT_ID: env('AZUREAD_OAUTH_CLIENT_ID'),
+      // AZUREAD_OAUTH_CLIENT_SECRET: env('AZUREAD_OAUTH_CLIENT_SECRET'),
+      // AZUREAD_SCOPE: env('AZUREAD_SCOPE', 'user.read'),
+      //
+      // // OpenID Connect
+      // OIDC_REDIRECT_URI: env('OIDC_REDIRECT_URI', 'http://localhost:1337/strapi-plugin-sso/oidc/callback'),
+      // OIDC_CLIENT_ID: env('OIDC_CLIENT_ID'),
+      // OIDC_CLIENT_SECRET: env('OIDC_CLIENT_SECRET'),
+      // OIDC_SCOPES: env('OIDC_SCOPES', 'openid profile email'),
+      // OIDC_AUTHORIZATION_ENDPOINT: env('OIDC_AUTHORIZATION_ENDPOINT'),
+      // OIDC_TOKEN_ENDPOINT: env('OIDC_TOKEN_ENDPOINT'),
+      // OIDC_USER_INFO_ENDPOINT: env('OIDC_USER_INFO_ENDPOINT'),
+      // OIDC_USER_INFO_ENDPOINT_WITH_AUTH_HEADER: env.bool('OIDC_USER_INFO_ENDPOINT_WITH_AUTH_HEADER', false),
+      // OIDC_GRANT_TYPE: env('OIDC_GRANT_TYPE', 'authorization_code'),
+      // OIDC_FAMILY_NAME_FIELD: env('OIDC_FAMILY_NAME_FIELD', 'family_name'),
+      // OIDC_GIVEN_NAME_FIELD: env('OIDC_GIVEN_NAME_FIELD', 'given_name'),
+      //
+      // // Whitelist
+      // USE_WHITELIST: env.bool('USE_WHITELIST', true),
+    },
+  },
+});