Commit new Chart releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

premium/authelia/23.12.1/Chart.yaml

@@ -39,7 +39,7 @@ keywords:
   - YubiKey
   - Push Notifications
   - LDAP
-kubeVersion: '>=1.24.0-0'
+kubeVersion: ">=1.24.0-0"
 maintainers:
   - name: TrueCharts
     email: info@truecharts.org
@@ -51,4 +51,4 @@ sources:
   - https://github.com/truecharts/charts/tree/master/charts/premium/authelia
   - https://ghcr.io/authelia/authelia
 type: application
-version: 23.11.10
+version: 23.12.1

premium/authelia/23.12.1/app-changelog.md

@@ -1,6 +1,6 @@
 
 
-## [authelia-23.11.10](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.11.10) (2024-04-13)
+## [authelia-23.12.1](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.12.1) (2024-04-14)
 
 ### Chore
 
@@ -56,4 +56,16 @@
 
 - update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
 
-- make links relative
+- make links relative
+
+### Feat
+
+
+
+- add pkce for oidc ([#20306](https://github.com/truecharts/charts/issues/20306))
+
+### Fix
+
+
+
+- fix pkce ([#20738](https://github.com/truecharts/charts/issues/20738))

premium/authelia/23.12.1/ix_values.yaml

@@ -573,6 +573,12 @@ identity_providers:
 ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
 # userinfo_signing_algorithm: none
 
+## This configuration option enforces the use of PKCE for this registered client.
+# require_pkce: false
+
+## This setting enforces the use of the specified PKCE challenge method for this individual client.
+# pkce_challange_method: S256
+
 portal:
   open:
     enabled: true

premium/authelia/23.12.1/questions.yaml

@@ -3811,6 +3811,25 @@ questions:
                                           type: string
                                           default: "form_post"
                                           required: true
+                                - variable: require_pkce
+                                  label: "Require PKCE"
+                                  description: "This configuration option enforces the use of PKCE for this registered client."
+                                  schema:
+                                    type: boolean
+                                    default: false
+                                    show_subquestions_if: true
+                                    subquestions:
+                                      - variable: pkce_challange_method
+                                        label: "PKCE Challange Method"
+                                        description: "This setting enforces the use of the specified PKCE challenge method for this individual client."
+                                        schema:
+                                          type: string
+                                          default: S256
+                                          enum:
+                                            - value: "plain"
+                                              description: "plain"
+                                            - value: "S256"
+                                              description: "S256"
   - variable: addons
     group: Addons
     label: ""

premium/authelia/23.12.1/templates/_configmap.tpl

@@ -280,6 +280,12 @@ data:
           {{- end }}
           {{- end }}
           userinfo_signing_algorithm: {{ $client.userinfo_signing_algorithm | default "none" }}
+          {{- if $client.require_pkce }}
+          require_pkce: {{ $client.require_pkce }}
+          {{- end }}
+          {{- if $client.pkce_challange_method }}
+          pkce_challenge_method: {{ $client.pkce_challange_method | default "S256" }}
+          {{- end }}
     {{- end }}
     {{- end }}
     {{- end }}