From 2d84d26b277bf3954e9e93c47c8896e4bd0ca607 Mon Sep 17 00:00:00 2001
From: "Trez.One" <charish.patel@trez.wtf>
Date: Wed, 19 Mar 2025 10:58:17 -0400
Subject: [PATCH] Authelia fix.

---
 ansible/app-configs/authelia_configuration.yml.j2 | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/ansible/app-configs/authelia_configuration.yml.j2 b/ansible/app-configs/authelia_configuration.yml.j2
index 1c7126da..48764283 100644
--- a/ansible/app-configs/authelia_configuration.yml.j2
+++ b/ansible/app-configs/authelia_configuration.yml.j2
@@ -36,7 +36,8 @@ webauthn:
   timeout: 60s
   display_name: Authelia
   attestation_conveyance_preference: indirect
-  user_verification: preferred
+  selection_criteria:
+    user_verification: preferred
 ntp:
   address: "time.cloudflare.com:123"
   version: 4
@@ -143,11 +144,8 @@ identity_providers:
   oidc:
     hmac_secret: '{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['AUTHELIA_OIDC_HMAC_SECRET'] }}'
     jwks:
-      key_id: 'netbird'
-      key: |
-        {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(8) }}
-      certificate_chain: |
-        {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_CERT_CHAIN"] | replace("\\n", "\n") | indent(8) }}
+      - key: |
+          {{ lookup("community.hashi_vault.vault_kv2_get", "env", engine_mount_point="rinoa-docker", url=vault_addr, token=vault_token_cleaned)["secret"]["AUTHELIA_OIDC_JWKS_KEY"] | replace("\\n", "\n") | indent(10) }}
     cors:
       allowed_origins_from_client_redirect_uris: true
       endpoints: