From faf5567add4cf343cc38b3c7dcb297c7cbed88bc Mon Sep 17 00:00:00 2001
From: Dan <djr2468@gmail.com>
Date: Mon, 3 Apr 2023 12:12:38 +0100
Subject: First pass

---
 src/main/java/org/traccar/config/Keys.java | 68 ++++++++++++++++--------------
 1 file changed, 37 insertions(+), 31 deletions(-)

(limited to 'src/main/java/org/traccar/config/Keys.java')

diff --git a/src/main/java/org/traccar/config/Keys.java b/src/main/java/org/traccar/config/Keys.java
index ace4c36af..a666667d4 100644
--- a/src/main/java/org/traccar/config/Keys.java
+++ b/src/main/java/org/traccar/config/Keys.java
@@ -610,61 +610,67 @@ public final class Keys {
             "ldap.adminGroup",
             List.of(KeyType.CONFIG));
 
-
     /**
-     * OIDC enable.
+     * Force OpenID Connect authentication. When enabled, the Traccar login page will be skipped
+     * and users are redirected to the OpenID Connect provider.
      */
-    public static final ConfigKey<Boolean> OIDC_ENABLE = new BooleanConfigKey(
-            "oidc.enable",
+    public static final ConfigKey<Boolean> OPENID_FORCE = new BooleanConfigKey(
+            "openid.force",
             List.of(KeyType.CONFIG));
 
     /**
-     * Force OIDC authentication.
+     * OpenID Connect Client ID.
+     * This is a unique ID assigned to each application you register with your identity provider.
+     * Required to enable SSO.
      */
-    public static final ConfigKey<Boolean> OIDC_FORCE = new BooleanConfigKey(
-            "oidc.force",
+    public static final ConfigKey<String> OPENID_CLIENTID = new StringConfigKey(
+            "openid.clientId",
             List.of(KeyType.CONFIG));
 
     /**
-     * OIDC Client ID.
+     * OpenID Connect Client Secret. 
+     * This is a secret assigned to each application you register with your identity provider.
+     * Required to enable SSO.
      */
-    public static final ConfigKey<String> OIDC_CLIENTID = new StringConfigKey(
-            "oidc.clientId",
+    public static final ConfigKey<String> OPENID_CLIENTSECRET = new StringConfigKey(
+            "openid.clientSecret",
             List.of(KeyType.CONFIG));
 
     /**
-     * OIDC Client Secret.
+     * OpenID Connect Authorization URL.
+     * This can usually be found in the documentation of your identity provider or by using the well-known
+     * configuration endpoint, eg. https://auth.example.com//.well-known/openid-configuration
+     * Required to enable SSO.
      */
-    public static final ConfigKey<String> OIDC_CLIENTSECRET = new StringConfigKey(
-            "oidc.clientSecret",
+    public static final ConfigKey<String> OPENID_AUTHURL = new StringConfigKey(
+            "openid.authUrl",
             List.of(KeyType.CONFIG));
-
     /**
-     * OIDC Authorization URL.
+     * OpenID Connect Token URL.
+     * This can be found in the same ways at openid.authUrl.
+     * Required to enable SSO.
      */
-    public static final ConfigKey<String> OIDC_AUTHURL = new StringConfigKey(
-            "oidc.authUrl",
-            List.of(KeyType.CONFIG));
-    /**
-     * OIDC Token URL.
-     */
-    public static final ConfigKey<String> OIDC_TOKENURL = new StringConfigKey(
-            "oidc.tokenUrl",
+    public static final ConfigKey<String> OPENID_TOKENURL = new StringConfigKey(
+            "openid.tokenUrl",
             List.of(KeyType.CONFIG));
 
     /**
-     * OIDC User Info URL.
+     * OpenID Connect User Info URL.
+     * This can be found in the same ways at openid.authUrl.
+     * Required to enable SSO.
      */
-    public static final ConfigKey<String> OIDC_USERINFOURL = new StringConfigKey(
-            "oidc.userInfoUrl",
+    public static final ConfigKey<String> OPENID_USERINFOURL = new StringConfigKey(
+            "openid.userInfoUrl",
             List.of(KeyType.CONFIG));
 
     /**
-     * OIDC group to grant admin access.
+     * OpenID Connect group to grant admin access.
+     * Defaults to admins.
      */
-    public static final ConfigKey<String> OIDC_ADMINGROUP = new StringConfigKey(
-            "oidc.adminGroup",
-            List.of(KeyType.CONFIG));
+    public static final ConfigKey<String> OPENID_ADMINGROUP = new StringConfigKey(
+            "openid.adminGroup",
+            List.of(KeyType.CONFIG),
+            "admins");
 
     /**
      * If no data is reported by a device for the given amount of time, status changes from online to unknown. Value is
@@ -1629,7 +1635,7 @@ public final class Keys {
             List.of(KeyType.CONFIG));
 
     /**
-     * Public URL for the web app. Used for notification and report link.
+     * Public URL for the web app. Used for notification, report link and OpenID Connect.
      * If not provided, Traccar will attempt to get a URL from the server IP address, but it might be a local address.
      */
     public static final ConfigKey<String> WEB_URL = new StringConfigKey(
-- 
cgit v1.2.3