starsz commented on code in PR #7371:
URL: https://github.com/apache/apisix/pull/7371#discussion_r912857781
##########
docs/en/latest/plugins/openid-connect.md:
##########
@@ -33,29 +33,29 @@ The `openid-connect` Plugin provides authentication and
introspection capability
## Attributes
-| Name | Type | Required | Default
| Valid values | Description
|
-|--------------------------------------|---------|----------|-----------------------|--------------|--------------------------------------------------------------------------------------------------------------------|
-| client_id | string | True |
| | OAuth client ID.
|
-| client_secret | string | True |
| | OAuth client secret.
|
-| discovery | string | True |
| | Discovery endpoint URL of the identity server.
|
-| scope | string | False | "openid"
| | Scope used for authentication.
|
-| realm | string | False | "apisix"
| | Realm used for authentication.
|
-| bearer_only | boolean | False | false
| | When set to true, the Plugin will check for if the
authorization header in the request matches a bearer token. |
-| logout_path | string | False | "/logout"
| | Path for logging out.
|
-| post_logout_redirect_uri | string | False |
| | URL to redirect to after logging out.
|
-| redirect_uri | string | False |
"ngx.var.request_uri" | | URI to which the identity provider
redirects back to.
|
-| timeout | integer | False | 3
| [1,...] | Request timeout time in seconds.
|
-| ssl_verify | boolean | False | false
| | When set to true, verifies the identity provider's SSL
certificates. |
-| introspection_endpoint | string | False |
| | URL of the token verification endpoint of the identity
server. |
-| introspection_endpoint_auth_method | string | False |
"client_secret_basic" | | Authentication method name for token
introspection. |
-| public_key | string | False |
| | Public key to verify the token.
|
-| use_jwks | boolean | False |
| | When set to true, uses the JWKS endpoint of the identity
server to verify the token. |
-| token_signing_alg_values_expected | string | False |
| | Algorithm used for signing the authentication token.
|
-| set_access_token_header | boolean | False | true
| | When set to true, sets the access token in a request
header. |
-| access_token_in_authorization_header | boolean | False | false
| | When set to true, sets the access token in the
`Authorization` header. Otherwise, set the `X-Access-Token` header. |
-| set_id_token_header | boolean | False | true
| | When set to true and the ID token is available, sets the
ID token in the `X-ID-Token` request header. |
-| set_userinfo_header | boolean | False | true
| | When set to true and the UserInfo object is available,
sets it in the `X-Userinfo` request header. |
-| set_refresh_token_header | boolean | False | false
| | When set to true and a refresh token object is
available, sets it in the `X-Refresh-Token` request header. |
+| Name | Type | Required | Default
| Valid values | Description
|
+|--------------------------------------|---------|----------|-----------------------|--------------|--------------------------------------------------------------------------------------------------------------------------|
+| client_id | string | True |
| | OAuth client ID.
|
+| client_secret | string | True |
| | OAuth client secret.
|
+| discovery | string | True |
| | Discovery endpoint URL of the identity server.
|
+| scope | string | False | "openid"
| | Scope used for authentication.
|
+| realm | string | False | "apisix"
| | Realm used for authentication.
|
+| bearer_only | boolean | False | false
| | When set to true, the Plugin will check for if the
authorization header in the request matches a bearer token. |
+| logout_path | string | False | "/logout"
| | Path for logging out.
|
+| post_logout_redirect_uri | string | False |
| | URL to redirect to after logging out.
|
+| redirect_uri | string | False |
"ngx.var.request_uri" | | URI to which the identity provider
redirects back to.
|
+| timeout | integer | False | 3
| [1,...] | Request timeout time in seconds.
|
+| ssl_verify | boolean | False | false
| | When set to true, verifies the identity provider's SSL
certificates. |
+| introspection_endpoint | string | False |
| | URL of the token verification endpoint of the identity
server. |
+| introspection_endpoint_auth_method | string | False |
| | Authentication method name for token introspection, If
not specified, the default will use the first value in well_know. |
Review Comment:
Ok.Let me have a check.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
