From 7197802eadf70ddb064ff034651571baeffb65e2 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 13 May 2023 17:06:59 +0200 Subject: documentation for #7835, plus renaming --- manpages/taler.conf.5.rst | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'manpages/taler.conf.5.rst') diff --git a/manpages/taler.conf.5.rst b/manpages/taler.conf.5.rst index 534c51bd..7e1ec2a2 100644 --- a/manpages/taler.conf.5.rst +++ b/manpages/taler.conf.5.rst @@ -182,11 +182,11 @@ The following options must be in the section "[kyc-provider-XXX]" sections with KYC_OAUTH2_VALIDITY Duration (e.g. "12 months") of the validity of the performed KYC check. Can be "forever". -KYC_OAUTH2_AUTH_URL - URL of the OAuth2 endpoint to be used for KYC checks. This is where the server will ultimately send the authorization token from the client and obtain its access token (which currently must be a "bearer" token). Example: "http://localhost:8888/oauth/v2/auth" (or "/token") +KYC_OAUTH2_AUTHORIZE_URL + URL of the OAuth2 endpoint to be used for KYC checks. The authorize URL is where the exchange will redirect the client to begin the authorization process. Example: "http://localhost:8888/oauth/v2/authorize". To use the plugin in combination with the Challenger service's ``/setup`` step, append "#setup", thus "https://challenger.example.com/authorize#setup". Here, "#setup" is not a fragment but merely a hint to the logic to determine the full authorization URL via the ``/setup`` handler. -KYC_OAUTH2_LOGIN_URL - URL of the OAuth2 endpoint to be used for KYC checks. The login URL will be encoded as part of the 'redirect_uri' argument of the request to the KYC_AUTH2_AUTH_URL. Typically, the user will then be redirected to this URL to log in. Example: "http://localhost:8888/oauth/v2/login" +KYC_OAUTH2_TOKEN_URL + URL of the OAuth2 endpoint to be used for KYC checks. This is where the server will ultimately send the authorization token from the client and obtain its access token (which currently must be a "bearer" token). Example: "http://localhost:8888/oauth/v2/token" (or just "/token") KYC_OAUTH2_INFO_URL URL of the OAuth2-protected resource endpoint, where the OAuth 2.0 token can be used to download information about the user that has undergone the KYC process. The exchange will use the access token obtained from the KYC_AUTH2_AUTH_URL to show that it is authorized to obtain the details. Example: "http://localhost:8888/api/user/me" or "http://localhost:8888/oauth/v2/info" @@ -238,6 +238,9 @@ KYC_PERSONA_SALT KYC_PERSONA_SUBDOMAIN Subdomain to use under Persona. +KYC_PERSONA_CONVERTER_HELPER + Helper to convert JSON with KYC data returned by Persona into GNU Taler internal format. Should probably always be set to "taler-exchange-kyc-persona-converter.sh". + KYC_PERSONA_POST_URL URL to which the exchange will redirect the client's browser after successful authorization/login for the KYC process. -- cgit v1.2.3