From 0884f89431cd26bcc9674b3b7ab628b090f5881e Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Tue, 7 Dec 2021 13:31:39 +0100
Subject: Implement Cobra CLI tooling, Viper config tooling (#336)

* start pulling out + replacing urfave and config

* replace many many instances of config

* move more stuff => viper

* properly remove urfave

* move some flags to root command

* add testrig commands to root

* alias config file keys

* start adding cli parsing tests

* reorder viper init

* remove config path alias

* fmt

* change config file keys to non-nested

* we're more or less in business now

* tidy up the common func

* go fmt

* get tests passing again

* add note about the cliparsing tests

* reorganize

* update docs with changes

* structure cmd dir better

* rename + move some files around

* fix dangling comma
---
 docs/configuration/oidc.md | 95 +++++++++++++++++++++++-----------------------
 1 file changed, 47 insertions(+), 48 deletions(-)

(limited to 'docs/configuration/oidc.md')

diff --git a/docs/configuration/oidc.md b/docs/configuration/oidc.md
index 6c6bbe94b..e373e48d9 100644
--- a/docs/configuration/oidc.md
+++ b/docs/configuration/oidc.md
@@ -20,55 +20,54 @@ GoToSocial exposes the following configuration settings for OIDC, shown below wi
 #######################
 
 # Config for authentication with an external OIDC provider (Dex, Google, Auth0, etc).
-oidc:
-
-  # Bool. Enable authentication with external OIDC provider. If set to true, then
-  # the other OIDC options must be set as well. If this is set to false, then the standard
-  # internal oauth flow will be used, where users sign in to GtS with username/password.
-  # Options: [true, false]
-  # Default: false
-  enabled: false
-
-  # String. Name of the oidc idp (identity provider). This will be shown to users when
-  # they log in.
-  # Examples: ["Google", "Dex", "Auth0"]
-  # Default: ""
-  idpName: ""
-
-  # Bool. Skip the normal verification flow of tokens returned from the OIDC provider, ie.,
-  # don't check the expiry or signature. This should only be used in debugging or testing,
-  # never ever in a production environment as it's extremely unsafe!
-  # Options: [true, false]
-  # Default: false
-  skipVerification: false
 
-  # String. The OIDC issuer URI. This is where GtS will redirect users to for login.
-  # Typically this will look like a standard web URL.
-  # Examples: ["https://auth.example.org", "https://example.org/auth"]
-  # Default: ""
-  issuer: ""
-
-  # String. The ID for this client as registered with the OIDC provider.
-  # Examples: ["some-client-id", "fda3772a-ad35-41c9-9a59-f1943ad18f54"]
-  # Default: ""
-  clientID: ""
-
-  # String. The secret for this client as registered with the OIDC provider.
-  # Examples: ["super-secret-business", "79379cf5-8057-426d-bb83-af504d98a7b0"]
-  # Default: ""
-  clientSecret: ""
-
-  # Array of string. Scopes to request from the OIDC provider. The returned values will be used to
-  # populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required.
-  # 'profile' is used to extract a username for the newly created user.
-  # 'groups' is optional and can be used to determine if a user is an admin (if they're in the group 'admin' or 'admins').
-  # Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes
-  # Default: ["openid", "email", "profile", "groups"]
-  scopes:
-    - "openid"
-    - "email"
-    - "profile"
-    - "groups"
+# Bool. Enable authentication with external OIDC provider. If set to true, then
+# the other OIDC options must be set as well. If this is set to false, then the standard
+# internal oauth flow will be used, where users sign in to GtS with username/password.
+# Options: [true, false]
+# Default: false
+oidc-enabled: false
+
+# String. Name of the oidc idp (identity provider). This will be shown to users when
+# they log in.
+# Examples: ["Google", "Dex", "Auth0"]
+# Default: ""
+oidc-idp-name: ""
+
+# Bool. Skip the normal verification flow of tokens returned from the OIDC provider, ie.,
+# don't check the expiry or signature. This should only be used in debugging or testing,
+# never ever in a production environment as it's extremely unsafe!
+# Options: [true, false]
+# Default: false
+oidc-skip-verification: false
+
+# String. The OIDC issuer URI. This is where GtS will redirect users to for login.
+# Typically this will look like a standard web URL.
+# Examples: ["https://auth.example.org", "https://example.org/auth"]
+# Default: ""
+oidc-issuer: ""
+
+# String. The ID for this client as registered with the OIDC provider.
+# Examples: ["some-client-id", "fda3772a-ad35-41c9-9a59-f1943ad18f54"]
+# Default: ""
+oidc-client-id: ""
+
+# String. The secret for this client as registered with the OIDC provider.
+# Examples: ["super-secret-business", "79379cf5-8057-426d-bb83-af504d98a7b0"]
+# Default: ""
+oidc-client-secret: ""
+
+# Array of string. Scopes to request from the OIDC provider. The returned values will be used to
+# populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required.
+# 'profile' is used to extract a username for the newly created user.
+# 'groups' is optional and can be used to determine if a user is an admin (if they're in the group 'admin' or 'admins').
+# Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes
+# Default: ["openid", "email", "profile", "groups"]
+oidc-scopes:
+  - "openid"
+  - "email"
+  - "profile"
+  - "groups"
 ```
 
 ## Behavior
-- 
cgit v1.2.3