cqrenet/aoc
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 29 Wiki Activity
Files
9f4601c4d972090510aedf242b5d3d581cd90e5e
aoc/.env.example
Tomas Kracmar 82bafc06c9
Some checks failed
CI / lint-and-test (push) Has been cancelled
Details
fix(auth): resolve JWT InvalidSignatureError and improve frontend UX 
- Fix auth by using idToken fallback when accessToken audience mismatches
- Add PyJWT verification with audience-aware token selection in frontend
- Source health: track last_attempt_time and error status per source
- Frontend: fix modal outside x-data scope, add circular-safe JSON stringify
- Frontend: support multi-select service filter with All/None toggles
- Frontend: improve filter layout into organized rows
- Frontend: fix text overflow and result pill colors (success/succeeded)
- Intune: normalize application actors (auditActorType=Application)
- Add cache-control middleware for HTML/API responses
- Update tests for multi-service filtering and source health
2026-04-16 11:32:45 +02:00

36 lines
1.2 KiB
Plaintext
Raw Blame History

TENANT_ID=your-tenant-id
CLIENT_ID=your-client-id
CLIENT_SECRET=your-client-secret
ENABLE_PERIODIC_FETCH=false
FETCH_INTERVAL_MINUTES=60
AUTH_ENABLED=false
AUTH_TENANT_ID=your-tenant-id
AUTH_CLIENT_ID=your-api-client-id
# API scope the SPA should request at login.
# When set, the frontend acquires an access token for this scope (aud = AUTH_CLIENT_ID).
# When empty, the frontend falls back to the idToken, which is also valid for the backend.
# Example: api://cc31fd45-1eca-431f-a2c6-ba81cd4c5d50/.default
AUTH_SCOPE=
# Comma-separated lists (optional):
AUTH_ALLOWED_ROLES=
AUTH_ALLOWED_GROUPS=
MONGO_ROOT_USERNAME=root
MONGO_ROOT_PASSWORD=example
MONGO_PORT=27017
# MongoDB connection string (takes precedence over root credentials in Docker Compose)
MONGO_URI=mongodb://root:example@localhost:27017
# Optional: number of days to retain events in MongoDB (0 = disabled)
RETENTION_DAYS=0
# Optional: comma-separated CORS origins (e.g., http://localhost:3000,https://app.example.com)
CORS_ORIGINS=*
# Optional: SIEM export webhook (e.g., Splunk HEC, Sentinel, or generic syslog webhook)
SIEM_ENABLED=false
SIEM_WEBHOOK_URL=
# Optional: enable rule-based alerting during ingestion
ALERTS_ENABLED=false
Reference in New Issue View Git Blame Copy Permalink