gitea-admin/lti-api
1
0
Fork 0
mirror of https://gitlab.com/mbugroup/lti-api.git synced 2026-05-20 05:21:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feat(BE-69,70,71,72,73): crud and integration sso with lti, revoke_token

Browse Source
This commit is contained in:
ragilap
2025-10-08 15:25:17 +07:00
parent 6c387b420c
commit e239246d02
14 changed files with 536 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+4 -2
View File
@@ -35,7 +35,8 @@ REDIS_PORT_HOST=6381
# SSO Integration
SSO_ISSUER=http://localhost:8080/api
SSO_JWKS_URL=http://localhost:8080/api/.well-known/jwks.json
# SSO_JWKS_URL=http://localhost:8080/api/.well-known/jwks.json
SSO_JWKS_URL=http://host.docker.internal:8080/api/.well-known/jwks.json
SSO_ALLOWED_AUDIENCES=client:lti-api
SSO_AUTHORIZE_URL=http://localhost:8080/sso/authorize
SSO_TOKEN_URL=http://localhost:8080/sso/token
@@ -45,10 +46,11 @@ SSO_REFRESH_COOKIE_NAME=sso_refresh
SSO_COOKIE_DOMAIN=
SSO_COOKIE_SECURE=false
SSO_COOKIE_SAMESITE=Lax
SSO_TOKEN_BLACKLIST_PREFIX=sso:blacklist
SSO_PKCE_TTL_SECONDS=300
# Security window and payload limits for SSO user sync webhook
SSO_USER_SYNC_SIGNATURE_DRIFT_SECONDS=120
SSO_USER_SYNC_NONCE_TTL_SECONDS=600
SSO_USER_SYNC_MAX_BODY_BYTES=32768
# Example JSON (single-line) of client configs (each client requires a unique sync_secret)
SSO_CLIENTS={"lti":{"public_id":"client:lti","redirect_uri":"http://localhost:8081/api/sso/callback","scope":"openid profile","default_return_uri":"http://localhost:3000","allowed_return_origins":["http://localhost:3000"],"sync_secret":"changeme"}}
SSO_CLIENTS={"LTI":{"public_id":"Lumbung-Telur-Indonesia","redirect_uri":"http://localhost:8081/api/sso/callback","scope":"openid profile","default_return_uri":"http://localhost:3000","allowed_return_origins":["http://localhost:3000"],"sync_secret":"onUyfODIMHOh4TgGLgyWLmsNeVNxFRHqoLJFLPjr"}}