# --- 1. Provider Configuration ---
provider = "google"
client_id = "908518725447-1pbdp071t2b07p66fv0n845n3nrbeu0k.apps.googleusercontent.com"
client_secret = "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"
scope = "openid profile email"

# provider = "github"
# client_id = "Ov23liA8Pj1NqKm5HgqR"
# client_secret = "3b5015ef53b81d94ff9414a55be1252508d70795"
# scope = "user:email"

# --- 2. OAuth2 Proxy Configuration ---
upstreams = "static://200"
http_address = "0.0.0.0:4180"
redirect_url = "https://auth.diukman.com/oauth2/callback"

set_xauthrequest = true
# --- 3. Cookie Configuration ---
cookie_secret = "0MuGA07eq7PqfEBQXV_mkRxPsHb4VsuwlEka5A4dExg="
cookie_domains = [ ".diukman.com", "diukman.com" ]
cookie_httponly = true
cookie_secure = true
cookie_samesite = "none"
# --- 5. Email Whitelisting ---
authenticated_emails_file = "/etc/allowed_emails.txt"
# --- 6. Domain redirection Whitelisting ---
whitelist_domains = [ "*.diukman.com", "diukman.com" ]