Refacto Oauht2

oauth2/variables.tf

@@ -20,3 +20,36 @@ variable "redirect_path" {
   type    = string
   default = ""
 }
+variable "group_mapping" {
+  type = map(string)
+  default = {}
+  description = "Group mapping where key application group and value the generic group name"
+}
+variable "owner_references" {
+  type = list(object({}))
+  description = "Adding owner references"
+  default = []
+}
+variable "scopes" {
+  type = list(string)
+  description = "List of default scope allowed"
+  default = [
+    "scope-email",
+    "scope-openid",
+    "scope-profile",
+  ]
+}
+variable "client_type" {
+  type = string
+  description = "OAuth client type confidential / public(PKCE)"
+  default = "confidential"
+  validation {
+    condition     = contains(["confidential", "public"], var.client_type)
+    error_message = "Only empty confidential or public is allowed"
+  }
+}
+variable "cert_sign_secret_name" {
+  type = string
+  description = "The name of the secret for signing JWT (if empty use authentik default)"
+  default = ""
+}