Configuration used to manage multiple openidc provider
In our infrastructure, we support multiple providers from various federations to which we are connected.
Currently, we implement this configuration using local modifications. This requires a modified local version of puppet-keystone with an openidc.conf.erb modification and a custom module with a concat::fragment to provide the necessary configuration.
The goal is to import our code into the main repository to stay up-to-date with module development without having to backport our changes every time.
For multiple OpenID providers, Apache mod_openidc requires different configurations for metadata.
The code provides the file structure and configuration needed to implement multiple providers in the Keystone federation.
There are two ways to achieve this: one is to implement a separate class to manage multiple OpenID configurations, and the other is to implement the switch from single or multiple providers using only parameter types and conditions.