New settings for EB 6.14.

OpenConext · Mar 12, 2024 · d623265 · d623265
1 parent 96331ae
commit d623265
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/roles/engineblock/defaults/main.yml b/roles/engineblock/defaults/main.yml
@@ -11,6 +11,7 @@ engine_feature_block_user_on_violation: 0
 engine_feature_enable_sso_notification: 0
 engine_feature_enable_sso_session_cookie: 0
 engine_feature_enable_consent: 1
+engine_feature_stepup_override_entityid: 0
 
 engine_api_feature_metadata_push: 1
 engine_api_feature_consent_listing: 1
@@ -49,6 +50,7 @@ engine_profile_baseurl: "https://profile.{{ base_domain }}"
 # Required for Stepup authentication
 engine_stepup_base_domain: "stepup.{{ base_domain }}"
 engine_stepup_gateway_domain: "gateway.{{ engine_stepup_base_domain }}"
+engine_stepup_override_entityid: ""
 
 ## PDP endpoint
 engine_pdp_baseurl: https://pdp.{{ base_domain }}

diff --git a/roles/engineblock/templates/parameters.yml.j2 b/roles/engineblock/templates/parameters.yml.j2
@@ -229,6 +229,7 @@ parameters:
     feature_enable_sso_notification: {{ engine_feature_enable_sso_notification | bool | to_json }}
     feature_enable_sso_session_cookie: {{ engine_feature_enable_sso_session_cookie | bool | to_json }}
     feature_enable_consent: {{ engine_feature_enable_consent | bool | to_json }}
+    feature_stepup_sfo_override_engine_entityid: {{ engine_feature_stepup_override_entityid | bool | to_json }}
     ##########################################################################################
     ## PROFILE SETTINGS
     ##########################################################################################
@@ -266,6 +267,9 @@ parameters:
     stepup.gateway.sfo.sso_location: '{{ engine_stepup_gateway_sfo_sso_location | replace("%","%%") }}'
     ## The public key from the Stepup Gateway IdP
     stepup.gateway.sfo.key_file: {{ engine_stepup_gateway_sfo_public_key_file | replace("%","%%") }}
+    ## You can override the default entityID used by Engineblock for its callout to stepup gateway.
+    ## You also need to enable the feature toggle feature_stepup_sfo_override_engine_entityid above.
+    stepup.sfo.override_engine_entityid: '{{ engine_stepup_override_entityid }}'
 
     ##########################################################################################
     ## THEME SETTINGS