<?php
error_reporting(E_ALL & ~E_NOTICE);
include_once('include/JWT/JWT.php');
return (object) array(
'LDAP' => [
'Server' => 'server.domain.tld',
// FQDN of the LDAP-server
'Port' => 389,
// Port of the LDAP-server; default port is 389
'BaseDN' => 'OU=Users,DC=domain,DC=tld',
// Location of your useraccounts
// Syntax:
// 'OU=container,DC=domain,DC=tld'
'Domain' => 'domain'
// Specify the NetBios name of the domain; to allow users to log on with just their usernames.
],
'2FA' => [
'Protocol' => 'TOTP', // Possible options are HOTP (sequential codes) and TOTP (timebased codes)
'TOTP' => [
'Secret' => 'NULL', // By default, a 512 bits secret is generated. If you need, you can provide your own secret here.
'Age' => '30', // The duration that each OTP code is valid for.
'Length' => '6', // Number of digits the OTP code will consist of.
'Algorithm' => 'SHA256' // The hashing algorithm used.
],
],
'Sqlite' => [
'Path' => '../data/lucidAuth.sqlite.db'
// Relative path to the location where the database should be stored
],
'JWT' => [
'PrivateKey_base64' => '',
// A base64-encoded random (preferably long) string (see https://www.base64encode.org/)
'Algorithm' => [
'HS256',
]
],
'Session' => [
'Duration' => 2592000,
// In seconds (2592000 is equivalent to 30 days)
'CrossDomainLogin' => False,
// Set this to True if SingleSignOn (albeit rudementary) is desired
// (cookies are inheritently unaware of each other; clearing cookies for one domain does not affect other domains)
// Important!
// If you leave this set to False, the domainname where lucidAuth will be running on,
// needs to match the domainname (*ignoring subdomains, if any*) of the resource utilizing the authentication proxy.
'CookieDomains' => [
'domain1.tld' #, 'domain2.tld', 'subdomain.domain3.tld'
]
// Domain(s) that will be used to set cookie-domains to
// (multiple domains are allowed; remove the '#' above)
],
'Debug' => [
'Verbose' => False,
'LogToFile' => False
]
);
?>