puppetlabs-apache

puppetlabs-apache copied to clipboard

Use Case

mod_auth_openidc supports adding a boolean expression after "OIDCUnAuthAction {action}" to specify conditions that should be met to override the default action. This module seems to prohibit configuring that option for UnAuthAction.

Describe the Solution You Would Like

The system should accept configuration like:

oidc_settings => {
    'UnAuthAction' => 'pass "%{HTTP_ACCEPT} !~ m#text/html#"',
   ...
},

Describe Alternatives You've Considered

I could work around this issue by changing the spec in types/oidcsettings.pp to: Optional['UnAuthAction'] => Pattern[/^(auth|pass|401|407|410)\s.*/],

Additional Context

OIDC Settings Documentation: here