From acaa0827328e74c3fd21291e0157834da1baa771 Mon Sep 17 00:00:00 2001
From: Daniel Henninger <daniel@ncsu.edu>
Date: Tue, 1 Aug 2017 16:03:50 -0400
Subject: [PATCH] Added support for additional preauth options added in:
 https://github.com/rundeck/rundeck/pull/1883

---
 manifests/params.pp                               | 10 +++++++---
 spec/classes/config/global/rundeck_config_spec.rb |  4 ++++
 templates/rundeck-config.erb                      |  4 ++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/manifests/params.pp b/manifests/params.pp
index bc69772de..47be18e65 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -288,9 +288,13 @@
   $gui_config = {}
 
   $preauthenticated_config = {
-    'enabled'       => false,
-    'attributeName' => 'REMOTE_USER_GROUPS',
-    'delimiter'     => ':',
+    'enabled'         => false,
+    'attributeName'   => 'REMOTE_USER_GROUPS',
+    'delimiter'       => ':',
+    'userNameHeader'  => 'X-Forwarded-Uuid',
+    'userRolesHeader' => 'X-Forwarded-Roles',
+    'redirectLogout'  => false,
+    'redirectUrl'     => '/oauth2/sign_in',
   }
 
   $quartz_job_threadcount = 10
diff --git a/spec/classes/config/global/rundeck_config_spec.rb b/spec/classes/config/global/rundeck_config_spec.rb
index 010470689..1e1a116f2 100644
--- a/spec/classes/config/global/rundeck_config_spec.rb
+++ b/spec/classes/config/global/rundeck_config_spec.rb
@@ -101,6 +101,10 @@
           rundeck.security.authorization.preauthenticated.enabled = "false"
           rundeck.security.authorization.preauthenticated.attributeName = "REMOTE_USER_GROUPS"
           rundeck.security.authorization.preauthenticated.delimiter = ":"
+          rundeck.security.authorization.preauthenticated.userNameHeader = "X-Forwarded-Uuid"
+          rundeck.security.authorization.preauthenticated.userRolesHeader = "X-Forwarded-Roles"
+          rundeck.security.authorization.preauthenticated.redirectLogout = "false"
+          rundeck.security.authorization.preauthenticated.redirectUrl = "/oauth2/sign_in"
 
         CONFIG
 
diff --git a/templates/rundeck-config.erb b/templates/rundeck-config.erb
index b2d776ecb..b06b79de7 100644
--- a/templates/rundeck-config.erb
+++ b/templates/rundeck-config.erb
@@ -76,6 +76,10 @@ rundeck.storage.provider."1".path = "/"
 rundeck.security.authorization.preauthenticated.enabled = "<%= @preauthenticated_config['enabled']%>"
 rundeck.security.authorization.preauthenticated.attributeName = "<%= @preauthenticated_config['attributeName']%>"
 rundeck.security.authorization.preauthenticated.delimiter = "<%= @preauthenticated_config['delimiter']%>"
+rundeck.security.authorization.preauthenticated.userNameHeader = "<%= @preauthenticated_config['userNameHeader']%>"
+rundeck.security.authorization.preauthenticated.userRolesHeader = "<%= @preauthenticated_config['userRolesHeader']%>"
+rundeck.security.authorization.preauthenticated.redirectLogout = "<%= @preauthenticated_config['redirectLogout']%>"
+rundeck.security.authorization.preauthenticated.redirectUrl = "<%= @preauthenticated_config['redirectUrl']%>"
 
 <%- @gui_config.sort.each do |k,v| -%>
 <%= k %> = "<%= v %>"