104 lines
3.5 KiB
PHP
104 lines
3.5 KiB
PHP
<?php
|
|
|
|
return [
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| service_name
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The parameter must match the parameter from the registry service
|
|
| auth:
|
|
| token:
|
|
| service:
|
|
|
|
|
*/
|
|
'service_name' => env('REGISTRY_SERVICE_NAME'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| service_http
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Register of real addresses
|
|
|
|
|
*/
|
|
'service_http' => env('REGISTRY_SERVICE_HTTP'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| private_key_name
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Executing commands:
|
|
| openssl req -nodes -newkey rsa:4096 -keyout registry-auth1.key -out registry-auth1.csr -subj "/CN=token_issuer"
|
|
| openssl x509 -in registry-auth1.csr -out registry-auth1.crt -req -signkey registry-auth1.key -days 3650
|
|
|
|
|
| The file name corresponds to the name registry-auth1.key.
|
|
|
|
|
*/
|
|
'private_key_name' => env('REGISTRY_PRIVATE_KEY_NAME'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| issuer
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The parameter must match the parameter from the registry service
|
|
| auth:
|
|
| token:
|
|
| issuer:
|
|
|
|
|
| Executing commands:
|
|
| openssl req -nodes -newkey rsa:4096 -keyout registry-auth1.key -out registry-auth1.csr -subj "/CN=token_issuer"
|
|
| openssl x509 -in registry-auth1.csr -out registry-auth1.crt -req -signkey registry-auth1.key -days 3650
|
|
|
|
|
| auth:
|
|
| token:
|
|
| issuer: token_issuer
|
|
|
|
|
| Where it is better to name token_issuer in your own way.
|
|
|
|
|
*/
|
|
'issuer' => env('REGISTRY_ISSUER'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| algorithm
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Supported algorithms are 'ES384','ES256', 'ES256K', 'HS256', 'HS384',
|
|
| 'HS512', 'RS256', 'RS384', and 'RS512'. Testing only RS256.
|
|
|
|
|
| openssl req -nodes -newkey rsa:4096 -keyout registry-auth1.key -out registry-auth1.csr -subj "/CN=token_issuer"
|
|
| openssl x509 -in registry-auth1.csr -out registry-auth1.crt -req -signkey registry-auth1.key -days 3650
|
|
|
|
|
| If you created a key using this command, then the algorithm will be RS256.
|
|
|
|
|
*/
|
|
'algorithm' => env('REGISTRY_ALGORITHM', 'RS256'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| expires_in_seconds
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| For how many seconds to issue an authorization token.
|
|
|
|
|
*/
|
|
'expires_in_seconds' => (int) env('REGISTRY_EXPIRES_IN_SECONDS', 600),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| token_for_notifications
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The parameter must match the parameter from the registry service
|
|
| notifications:
|
|
| endpoints:
|
|
| headers:
|
|
| Authorization: [REGISTRY_TOKEN_FOR_NOTIFICATIONS]
|
|
|
|
|
*/
|
|
'token_for_notifications' => env('REGISTRY_TOKEN_FOR_NOTIFICATIONS'),
|
|
];
|