File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -5,6 +5,9 @@ All notable changes to this project will be documented in this file.
55The format is based on [ Keep a Changelog] ( https://keepachangelog.com/en/1.0.0/ ) ,
66and this project adheres to [ Semantic Versioning] ( https://semver.org/spec/v2.0.0.html )
77
8+ ## [ Unreleased]
9+ - Set default for ADMIN_OIDC_ALLOW_HTTP to false in README to prevent unsafe settings in production
10+
811## [ 4.0.1] - 2025-01-16
912- Fix doctrine/orm require
1013
Original file line number Diff line number Diff line change @@ -71,7 +71,7 @@ itkdev_openid_connect:
7171 # Optional: Specify leeway (seconds) to account for clock skew between provider and hosting
7272 # Defaults to 10
7373 leeway : ' %env(int:ADMIN_OIDC_LEEWAY)%'
74- # Optional: Allow http requests (used for mocking a IdP)
74+ # Optional: Allow (non-secure) http requests (used for mocking a IdP). NOT RECOMMENDED FOR PRODUCTION.
7575 # Defaults to false
7676 allow_http : ' %env(bool:ADMIN_OIDC_ALLOW_HTTP)%'
7777 user :
@@ -96,7 +96,7 @@ ADMIN_OIDC_CLIENT_ID=ADMIN_APP_CLIENT_ID
9696ADMIN_OIDC_CLIENT_SECRET=ADMIN_APP_CLIENT_SECRET
9797ADMIN_OIDC_REDIRECT_URI=ADMIN_APP_REDIRECT_URI
9898ADMIN_OIDC_LEEWAY=30
99- ADMIN_OIDC_ALLOW_HTTP=true
99+ ADMIN_OIDC_ALLOW_HTTP=false
100100
101101# "user" open id connect configuration variables
102102USER_OIDC_METADATA_URL=USER_APP_METADATA_URL
You can’t perform that action at this time.
0 commit comments