[civicrm-core.git] / ext / authx / settings / authx.setting.php

<?php
/*
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC. All rights reserved.                        |
 |                                                                    |
 | This work is published under the GNU AGPLv3 license with some      |
 | permitted exceptions and without any warranty. For full license    |
 | and copyright information, see https://civicrm.org/licensing       |
 +--------------------------------------------------------------------+
 */

use CRM_Authx_ExtensionUtil as E;

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC https://civicrm.org/licensing
 */
$_authx_settings = function() {
  $weight = 10;
  $flows = ['param', 'header', 'xheader', 'login', 'auto', 'script', 'pipe', 'legacyrest'];
  $basic = [
    'group_name' => 'CiviCRM Preferences',
    'group' => 'authx',
    'is_domain' => 1,
    'is_contact' => 0,
    'add' => '5.36',
  ];

  $s = [];
  $s["authx_guards"] = $basic + [
    'name' => 'authx_guards',
    'type' => 'Array',
    'quick_form_type' => 'Select',
    'html_type' => 'Select',
    'html_attributes' => [
      'multiple' => 1,
      'class' => 'crm-select2',
    ],
    'default' => ['site_key', 'perm'],
    'title' => ts('Authentication guard'),
    'help_text' => ts('Enable an authentication guard if you want to limit which users may authenticate via authx. The permission-based guard is satisfied by checking user permissions. The key-based guard is satisfied by checking the secret site-key. The JWT guard is satisfied if the user presents a signed token. If there are no guards, then any user can authenticate.'),
    'pseudoconstant' => [
      'callback' => ['\Civi\Authx\Meta', 'getGuardTypes'],
    ],
    'settings_pages' => ['authx' => ['weight' => $weight]],
  ];
  foreach ($flows as $flow) {
    $weight = $weight + 10;
    $s["authx_{$flow}_cred"] = $basic + [
      'name' => "authx_{$flow}_cred",
      'type' => 'Array',
      'quick_form_type' => 'Select',
      'html_type' => 'Select',
      'html_attributes' => [
        'multiple' => 1,
        'class' => 'crm-select2',
      ],
      'default' => ['jwt'],
      'title' => ts('Acceptable credentials (%1)', [1 => $flow]),
      'help_text' => NULL,
      'pseudoconstant' => [
        'callback' => ['\Civi\Authx\Meta', 'getCredentialTypes'],
      ],
      'settings_pages' => ['authx' => ['weight' => $weight]],
    ];
    $s["authx_{$flow}_user"] = $basic + [
      'name' => "authx_{$flow}_user",
      'type' => 'String',
      'quick_form_type' => 'Select',
      'html_type' => 'Select',
      'html_attributes' => [
        'class' => 'crm-select2',
      ],
      'default' => 'optional',
      'title' => ts('User account requirements (%1)', [1 => $flow]),
      'help_text' => NULL,
      'pseudoconstant' => [
        'callback' => ['\Civi\Authx\Meta', 'getUserModes'],
      ],
      'settings_pages' => ['authx' => ['weight' => $weight + 5]],
    ];
  }

  // Override defaults for a few specific elements
  $s['authx_legacyrest_cred']['default'] = ['jwt', 'api_key'];
  $s['authx_legacyrest_user']['default'] = 'require';
  $s['authx_param_cred']['default'] = ['jwt', 'api_key'];
  $s['authx_header_cred']['default'] = ['jwt', 'api_key'];
  $s['authx_xheader_cred']['default'] = ['jwt', 'api_key'];
  $s['authx_pipe_cred']['default'] = ['jwt', 'api_key'];

  return $s;
};

/**
 * Settings metadata file
 */
return $_authx_settings();
Commit	Line	Data
7b617429 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
	4	\| Copyright CiviCRM LLC. All rights reserved. \|
	5	\| \|
	6	\| This work is published under the GNU AGPLv3 license with some \|
	7	\| permitted exceptions and without any warranty. For full license \|
	8	\| and copyright information, see https://civicrm.org/licensing \|
	9	+--------------------------------------------------------------------+
	10	*/
	11
	12	use CRM_Authx_ExtensionUtil as E;
	13
	14	/**
	15	*
	16	* @package CRM
	17	* @copyright CiviCRM LLC https://civicrm.org/licensing
	18	*/
53951784	19	$_authx_settings = function() {
bab432f3	20	$weight = 10;
df9b24b2	21	$flows = ['param', 'header', 'xheader', 'login', 'auto', 'script', 'pipe', 'legacyrest'];
7b617429 TO	22	$basic = [
	23	'group_name' => 'CiviCRM Preferences',
	24	'group' => 'authx',
	25	'is_domain' => 1,
	26	'is_contact' => 0,
	27	'add' => '5.36',
	28	];
	29
	30	$s = [];
a0956f3c TO	31	$s["authx_guards"] = $basic + [
	32	'name' => 'authx_guards',
	33	'type' => 'Array',
	34	'quick_form_type' => 'Select',
	35	'html_type' => 'Select',
	36	'html_attributes' => [
	37	'multiple' => 1,
	38	'class' => 'crm-select2',
	39	],
	40	'default' => ['site_key', 'perm'],
	41	'title' => ts('Authentication guard'),
	42	'help_text' => ts('Enable an authentication guard if you want to limit which users may authenticate via authx. The permission-based guard is satisfied by checking user permissions. The key-based guard is satisfied by checking the secret site-key. The JWT guard is satisfied if the user presents a signed token. If there are no guards, then any user can authenticate.'),
	43	'pseudoconstant' => [
	44	'callback' => ['\Civi\Authx\Meta', 'getGuardTypes'],
	45	],
bab432f3	46	'settings_pages' => ['authx' => ['weight' => $weight]],
a0956f3c	47	];
7b617429	48	foreach ($flows as $flow) {
cb9722cc	49	$weight = $weight + 10;
7b617429 TO	50	$s["authx_{$flow}_cred"] = $basic + [
	51	'name' => "authx_{$flow}_cred",
	52	'type' => 'Array',
	53	'quick_form_type' => 'Select',
	54	'html_type' => 'Select',
	55	'html_attributes' => [
	56	'multiple' => 1,
	57	'class' => 'crm-select2',
	58	],
	59	'default' => ['jwt'],
7dcba4e2	60	'title' => ts('Acceptable credentials (%1)', [1 => $flow]),
7b617429 TO	61	'help_text' => NULL,
	62	'pseudoconstant' => [
	63	'callback' => ['\Civi\Authx\Meta', 'getCredentialTypes'],
	64	],
bab432f3	65	'settings_pages' => ['authx' => ['weight' => $weight]],
7b617429 TO	66	];
	67	$s["authx_{$flow}_user"] = $basic + [
	68	'name' => "authx_{$flow}_user",
	69	'type' => 'String',
	70	'quick_form_type' => 'Select',
	71	'html_type' => 'Select',
	72	'html_attributes' => [
	73	'class' => 'crm-select2',
	74	],
	75	'default' => 'optional',
7dcba4e2	76	'title' => ts('User account requirements (%1)', [1 => $flow]),
7b617429 TO	77	'help_text' => NULL,
	78	'pseudoconstant' => [
	79	'callback' => ['\Civi\Authx\Meta', 'getUserModes'],
	80	],
cb9722cc	81	'settings_pages' => ['authx' => ['weight' => $weight + 5]],
7b617429 TO	82	];
7b617429 TO	83	}
470101a9	84
df9b24b2 TO	85	// Override defaults for a few specific elements
	86	$s['authx_legacyrest_cred']['default'] = ['jwt', 'api_key'];
	87	$s['authx_legacyrest_user']['default'] = 'require';
470101a9 TO	88	$s['authx_param_cred']['default'] = ['jwt', 'api_key'];
	89	$s['authx_header_cred']['default'] = ['jwt', 'api_key'];
	90	$s['authx_xheader_cred']['default'] = ['jwt', 'api_key'];
02dc5c62	91	$s['authx_pipe_cred']['default'] = ['jwt', 'api_key'];
470101a9	92
7b617429	93	return $s;
53951784	94	};
7b617429 TO	95
	96	/**
	97	* Settings metadata file
	98	*/
53951784	99	return $_authx_settings();