Keep OIDCClientSecret in external file

[septatrix]

In our organization we would prefer to keep the client secret (and OIDCCryptoPassphrase) separate from the Apache config file. Is this possible somehow? Passing a filepath seems to fail and there also is no OIDCClientSecretFile variable or similar according to the docs.

The metadata directory from the "Multiple Providers" wiki page seems promising but I fail to completely understand it. I would be happy if someone might provide some answers or clear up how the metadata dir works.

[zandbelt]

see https://github.com/OpenIDC/mod_auth_openidc/blob/v2.4.17/auth_openidc.conf#L20-L21

[septatrix]

Ah so exec:cat /my/secret/file should work? I assume it strip the trailing newlines?