provider = "oidc"
provider_display_name = "ONAPKeycloakID"
client_id = "{{ index .Values "onap-oauth2-proxy" "config" "clientId" }}"
client_secret = "{{ index .Values "onap-oauth2-proxy" "config" "clientSecret" }}"
oidc_issuer_url = 'https://{{ include "ingress.config.host" (dict "dot" . "baseaddr" "keycloak-ui") }}/realms/onap'
oidc_jwks_url = 'http://{{ include "common.namespace" . }}-authentication-keycloakx-http.{{ include "common.namespace" . }}/realms/onap/protocol/openid-connect/certs'
profile_url = 'https://{{ include "ingress.config.host" (dict "dot" . "baseaddr" "keycloak-ui") }}/realms/onap/protocol/openid-connect/userinfo'
validate_url = 'https://{{ include "ingress.config.host" (dict "dot" . "baseaddr" "keycloak-ui") }}/realms/onap/protocol/openid-connect/userinfo'
redeem_url = 'http://{{ include "common.namespace" . }}-authentication-keycloakx-http.{{ include "common.namespace" . }}/realms/onap/protocol/openid-connect/token'
scope = "openid email profile groups onap_roles"
skip_oidc_discovery = true
cookie_secure = false
cookie_secret = "{{ index .Values "onap-oauth2-proxy" "config" "cookieSecret" }}"
email_domains = [ "*" ]
auth_logging = true
request_logging = true
standard_logging = true
show_debug_on_error = true
cookie_domains = ".{{ .Values.global.ingress.virtualhost.baseurl }}"
cookie_samesite = "lax"
whitelist_domains = ".{{ .Values.global.ingress.virtualhost.baseurl }}"
login_url = 'https://{{ include "ingress.config.host" (dict "dot" . "baseaddr" "keycloak-ui") }}/realms/onap/protocol/openid-connect/auth'
pass_access_token = true
pass_authorization_header = true
pass_host_header = true
pass_user_headers = true
http_address = "0.0.0.0:4180"
oidc_email_claim = "email"
oidc_groups_claim = "groups"
insecure_oidc_skip_issuer_verification = true
insecure_oidc_allow_unverified_email = true
silence_ping_logging = true
upstreams = "static://200"
set_xauthrequest = true
set_authorization_header = true
skip_provider_button = true
skip_jwt_bearer_tokens = true
cookie_expire = "30m"