summaryrefslogtreecommitdiffstats
path: root/doc/example-config/dovecot-oauth2.conf.ext
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:51:24 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:51:24 +0000
commitf7548d6d28c313cf80e6f3ef89aed16a19815df1 (patch)
treea3f6f2a3f247293bee59ecd28e8cd8ceb6ca064a /doc/example-config/dovecot-oauth2.conf.ext
parentInitial commit. (diff)
downloaddovecot-f7548d6d28c313cf80e6f3ef89aed16a19815df1.tar.xz
dovecot-f7548d6d28c313cf80e6f3ef89aed16a19815df1.zip
Adding upstream version 1:2.3.19.1+dfsg1.upstream/1%2.3.19.1+dfsg1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/example-config/dovecot-oauth2.conf.ext')
-rw-r--r--doc/example-config/dovecot-oauth2.conf.ext69
1 files changed, 69 insertions, 0 deletions
diff --git a/doc/example-config/dovecot-oauth2.conf.ext b/doc/example-config/dovecot-oauth2.conf.ext
new file mode 100644
index 0000000..4b3b8ba
--- /dev/null
+++ b/doc/example-config/dovecot-oauth2.conf.ext
@@ -0,0 +1,69 @@
+### OAuth2 password database configuration
+
+## url for verifying token validity. Token is appended to the URL
+# tokeninfo_url = http://endpoint/oauth/tokeninfo?access_token=
+
+## introspection endpoint, used to gather extra fields and other information.
+# introspection_url = http://endpoint/oauth/me
+
+## How introspection is made, valid values are
+## auth = GET request with Bearer authentication
+## get = GET request with token appended to URL
+## post = POST request with token=bearer_token as content
+## local = perform local validation only
+# introspection_mode = auth
+
+## Force introspection even if tokeninfo contains wanted fields
+## Set this to yes if you are using active_attribute
+# force_introspection = no
+
+## Validation key dictionary (e.g. fs:posix:prefix=/etc/dovecot/keys/)
+## Lookup key is /shared/<azp:default>/<alg>/<kid:default>
+# local_validation_key_dict =
+
+## A single wanted scope of validity (optional)
+# scope = something
+
+## username attribute in response (default: email)
+# username_attribute = email
+
+## username normalization format (default: %Lu)
+# username_format = %Lu
+
+## Attribute name for checking whether account is disabled (optional)
+# active_attribute =
+
+## Expected value in active_attribute (empty = require present, but anything goes)
+# active_value =
+
+## Expected issuer(s) for the token (space separated list)
+# issuers =
+
+## URL to RFC 7628 OpenID Provider Configuration Information schema
+# openid_configuration_url =
+
+## Extra fields to set in passdb response (in passdb static style)
+# pass_attrs =
+
+## Timeout in milliseconds
+# timeout_msecs = 0
+
+## Enable debug logging
+# debug = no
+
+## Max parallel connections (how many simultaneous connections to open)
+# max_parallel_connections = 10
+
+## Max pipelined requests (how many requests to send per connection, requires server-side support)
+# max_pipelined_requests = 1
+
+## HTTP request raw log directory
+# rawlog_dir = /tmp/oauth2
+
+## TLS settings
+# tls_ca_cert_file = /path/to/ca-certificates.txt
+# tls_ca_cert_dir = /path/to/certs/
+# tls_cert_file = /path/to/client/cert
+# tls_key_file = /path/to/client/key
+# tls_cipher_suite = HIGH:!SSLv2
+# tls_allow_invalid_cert = FALSE