From da9a451e34a04caa8af89121a3dcfaad80ed2321 Mon Sep 17 00:00:00 2001
From: Jiri Kyjovsky <j1.kyjovsky@gmail.com>
Date: Mon, 24 Feb 2025 00:31:54 +0100
Subject: [PATCH] copr: feed oidc env variables to frontend

---
 roles/copr/frontend/templates/copr.conf | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/roles/copr/frontend/templates/copr.conf b/roles/copr/frontend/templates/copr.conf
index 6cd56b5fbd..db9aa1b19e 100644
--- a/roles/copr/frontend/templates/copr.conf
+++ b/roles/copr/frontend/templates/copr.conf
@@ -265,3 +265,19 @@ USAGE_TREEMAP_TEAMS = {
 }
 
 PULP_CONTENT_URL = "{{ pulp_content_url }}"
+
+# OIDC config
+
+OIDC_LOGIN = True
+OIDC_CLIENT = "copr"
+OIDC_PROVIDER_NAME = "OIDC"  # used for the login button
+OIDC_SCOPES = "openid profile email https://id.fedoraproject.org/scope/groups https://id.fedoraproject.org/scope/agreements"
+OIDC_TOKEN_AUTH_METHOD = "client_secret_post"
+OIDC_USERNAME_CLAIM = "preferred_username"
+OIDC_METADATA = "https://id.fedoraproject.org/openidc/.well-known/openid-configuration"
+
+{% if env == 'production' %}
+OIDC_SECRET = "{{ copr_oidc_prod_client_secret }}"
+{% else %}
+OIDC_SECRET = "{{ copr_oidc_stg_client_secret }}"
+{% endif %}