Files
A-Team-Security-Infra-Agent…/.env.example
nogueiraguh f22bb54e25 feat: Oracle IAM OIDC, force password change, security hardening
- OIDC: authorization code flow, JWKS validation, JIT provisioning, group-to-role mapping, dual auth (local/oidc/both)
- Force password change: random admin password on first install, modal blocks UI until changed
- APP_SECRET required in docker-compose (fail if missing), .env.example improved
- Login page: Oracle IAM button (conditional), hide form in oidc-only mode
- OracleIamPage: test connection via backend, masked client_secret handling
- UsersPage: OIDC badge, auth_provider in list
- i18n: login.oidcButton, login.or (pt/en/es)
- README v3.1: Terminal, User Management, Security, OIDC endpoints, versioning
2026-04-02 10:26:00 -03:00

20 lines
537 B
Plaintext

# REQUIRED — Generate with: openssl rand -hex 64
# This key encrypts JWT tokens, Fernet credentials, and session data.
# It MUST be the same across container restarts and all workers.
APP_SECRET=
# JWT token expiry in hours (default: 12)
JWT_EXPIRY_HOURS=12
# Frontend port (default: 8080)
PORT=8080
# CORS allowed origins (comma-separated, e.g., https://your-domain.com)
CORS_ORIGINS=http://localhost:8080
# Timezone
TZ=America/Sao_Paulo
# Suppress OCI CLI file permission warnings
OCI_CLI_SUPPRESS_FILE_PERMISSIONS_WARNING=True