From: Peter Amstutz <pamstutz@veritasgenetics.com>
Date: Mon, 18 Nov 2019 17:20:58 +0000 (-0500)
Subject: Merge branch 'master' into 15577-ownership-transfer
X-Git-Tag: 2.0.0~124^2~3
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/8b43f32b2c11d45f951bf4ff1bffab03d391ff41?hp=-c

Merge branch 'master' into 15577-ownership-transfer

Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <pamstutz@veritasgenetics.com>
---

8b43f32b2c11d45f951bf4ff1bffab03d391ff41
diff --combined lib/config/config.default.yml
index dfa175f04c,fee8503df8..d9dc664686
--- a/lib/config/config.default.yml
+++ b/lib/config/config.default.yml
@@@ -493,12 -493,25 +493,25 @@@ Clusters
      Login:
        # These settings are provided by your OAuth2 provider (eg
        # Google) used to perform upstream authentication.
-       ProviderAppSecret: ""
        ProviderAppID: ""
+       ProviderAppSecret: ""
+ 
+       # (Experimental) Authenticate with Google, bypassing the
+       # SSO-provider gateway service. Use the Google Cloud console to
+       # generate the Client ID and secret (APIs and Services >
+       # Credentials > Create credentials > OAuth client ID > Web
+       # application) and add your controller's /login URL (e.g.,
+       # "https://zzzzz.example.com/login") as an authorized redirect
+       # URL.
+       #
+       # Requires EnableBetaController14287. ProviderAppID must be
+       # blank.
+       GoogleClientID: ""
+       GoogleClientSecret: ""
  
        # The cluster ID to delegate the user database.  When set,
        # logins on this cluster will be redirected to the login cluster
 -      # (login cluster must appear in RemoteHosts with Proxy: true)
 +      # (login cluster must appear in RemoteClusters with Proxy: true)
        LoginCluster: ""
  
        # How long a cached token belonging to a remote cluster will