From 611d2b22d29ec4743a5156990ff439dc0bb0d8c4 Mon Sep 17 00:00:00 2001
From: Paul Canham <paul@canham.io>
Date: Tue, 21 May 2024 23:00:49 +0100
Subject: [PATCH 1/2] feat: expand on sso example showing ability to alter
 oauth2 scope

---
 exampleYmlFiles/docker-compose-latest-security-with-sso.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/exampleYmlFiles/docker-compose-latest-security-with-sso.yml b/exampleYmlFiles/docker-compose-latest-security-with-sso.yml
index 41241b15..dd283638 100644
--- a/exampleYmlFiles/docker-compose-latest-security-with-sso.yml
+++ b/exampleYmlFiles/docker-compose-latest-security-with-sso.yml
@@ -26,6 +26,7 @@ services:
       SECURITY_OAUTH2_ISSUER: "https://accounts.google.com"  # Change with any other provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point
       SECURITY_OAUTH2_CLIENTID: "<YOUR CLIENT ID>.apps.googleusercontent.com" # Client ID from your provider
       SECURITY_OAUTH2_CLIENTSECRET: "<YOUR CLIENT SECRET>"  # Client Secret from your provider
+      SECURITY_OAUTH2_SCOPES: "openid,profile,email" # Expected OAuth2 Scope
       PUID: 1002
       PGID: 1002
       UMASK: "022"

From 841b8a6439a27f9af64b014711c64eef22b6e6bc Mon Sep 17 00:00:00 2001
From: Paul Canham <paul@canham.io>
Date: Tue, 21 May 2024 23:01:40 +0100
Subject: [PATCH 2/2] chore: correcting typo in docker-compose example for sso

---
 exampleYmlFiles/docker-compose-latest-security-with-sso.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exampleYmlFiles/docker-compose-latest-security-with-sso.yml b/exampleYmlFiles/docker-compose-latest-security-with-sso.yml
index dd283638..592daeff 100644
--- a/exampleYmlFiles/docker-compose-latest-security-with-sso.yml
+++ b/exampleYmlFiles/docker-compose-latest-security-with-sso.yml
@@ -22,7 +22,7 @@ services:
       DOCKER_ENABLE_SECURITY: "true"
       SECURITY_ENABLELOGIN: "true"
       SECURITY_OAUTH2_ENABLED: "true"
-      SECURITY_OAUTH2_AUTOCREATEUSER: "true" # This is set to true to allow auto-creation of non-existing users in Striling-PDF
+      SECURITY_OAUTH2_AUTOCREATEUSER: "true" # This is set to true to allow auto-creation of non-existing users in Stirling-PDF
       SECURITY_OAUTH2_ISSUER: "https://accounts.google.com"  # Change with any other provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point
       SECURITY_OAUTH2_CLIENTID: "<YOUR CLIENT ID>.apps.googleusercontent.com" # Client ID from your provider
       SECURITY_OAUTH2_CLIENTSECRET: "<YOUR CLIENT SECRET>"  # Client Secret from your provider