# Enable OAuth2 login

- Create OAuth2 client in MS Azure IDP configuration
- Edit /etc/benno-oauth2/idpClient.yml
  - Set clientId and clientSecret in clients: azure-idp
  - Change redirect-uri hostname in clients: azure-idp
  - Check uri settings in provider:azure
- Enable snippet with link (example MS Azure)
  - ln -s /usr/share/benno-oauth2/azure-login.tpl /etc/benno-oauth2/assets/login.tpl
  - ln -s /usr/share/benno-oauth2/azure-logo.svg  /etc/benno-oauth2/assets/azure-logo.svg
- Enable custom IDP
  - cp /usr/share/benno-oauth2/keyloak-login.tpl /etc/benno-oauth2/assets/login.tpl
  - ln -s /usr/share/benno-oauth2/keycloak-logo.svg  /etc/benno-oauth2/assets/keycloak-logo.svg
  - edit /etc/benno-oauth2/assets/login.tpl for your reqirements


# Custom IDP

The snippet will be included and must implement Smarty
(https://www.smarty.net/) template syntax. Tags like <javascript /> must
be encluded in {literal}...{/literal} blocks for example. See also
/srv/benno/bennoweb/templates/user/header_auth.tpl.

The snippet /etc/benno-oauth2/assets/login.tpl will be automatically
included. Other snipped files could be addressed with the
/etc/benno-web/benno.conf config parameter

  OAUTH2_TPL = /path/to/snipped.tpl

Not existing files will not be included.


# Configuration files

## /etc/benno-oauth2/

Webserver aliases:      apache2.conf
OAuth2 defaults:        app.conf
OAuth2 issuers:         idpClients.yml
Issuer > container:     issuer.map

## /etc/benno-web/auth.conf

Set alternative path for issuer map file:

oauth2_issmap = /etc/benno-oauth2/isser.map


