66 lines
2.2 KiB
Plaintext
66 lines
2.2 KiB
Plaintext
<?php
|
|
|
|
error_reporting(E_ALL & ~E_NOTICE);
|
|
|
|
include_once('include/JWT/JWT.php');
|
|
|
|
return (object) array(
|
|
'LDAP' => [
|
|
'Server' => 'server.domain.tld',
|
|
// FQDN of the LDAP-server
|
|
'Port' => 389,
|
|
// Port of the LDAP-server; default port is 389
|
|
'BaseDN' => 'OU=Users,DC=domain,DC=tld',
|
|
// Location of your useraccounts
|
|
// Syntax:
|
|
// 'OU=container,DC=domain,DC=tld'
|
|
'Domain' => 'domain'
|
|
// Specify the NetBios name of the domain; to allow users to log on with just their usernames.
|
|
],
|
|
|
|
'2FA' => [
|
|
'Protocol' => 'TOTP', // Possible options are HOTP (sequential codes) and TOTP (timebased codes)
|
|
'TOTP' => [
|
|
'Secret' => 'NULL', // By default, a 512 bits secret is generated. If you need, you can provide your own secret here.
|
|
'Age' => '30', // The duration that each OTP code is valid for.
|
|
'Length' => '6', // Number of digits the OTP code will consist of.
|
|
'Algorithm' => 'SHA256' // The hashing algorithm used.
|
|
],
|
|
],
|
|
|
|
'Sqlite' => [
|
|
'Path' => '../data/lucidAuth.sqlite.db'
|
|
// Relative path to the location where the database should be stored
|
|
],
|
|
|
|
'JWT' => [
|
|
'PrivateKey_base64' => '',
|
|
// A base64-encoded random (preferably long) string (see https://www.base64encode.org/)
|
|
'Algorithm' => [
|
|
'HS256',
|
|
]
|
|
],
|
|
|
|
'Session' => [
|
|
'Duration' => 2592000,
|
|
// In seconds (2592000 is equivalent to 30 days)
|
|
'CrossDomainLogin' => False,
|
|
// Set this to True if SingleSignOn (albeit rudementary) is desired
|
|
// (cookies are inheritently unaware of each other; clearing cookies for one domain does not affect other domains)
|
|
// Important!
|
|
// If you leave this set to False, the domainname where lucidAuth will be running on,
|
|
// needs to match the domainname (*ignoring subdomains, if any*) of the resource utilizing the authentication proxy.
|
|
'CookieDomains' => [
|
|
'domain1.tld' #, 'domain2.tld', 'subdomain.domain3.tld'
|
|
]
|
|
// Domain(s) that will be used to set cookie-domains to
|
|
// (multiple domains are allowed; remove the '#' above)
|
|
],
|
|
|
|
'Debug' => [
|
|
'Verbose' => False,
|
|
'LogToFile' => False
|
|
]
|
|
);
|
|
|
|
?> |