docs: fix some example formatting (#5501)

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>

config.template.yml

@@ -39,7 +39,7 @@ default_redirection_url: 'https://home.example.com/'
 ## Set the default 2FA method for new users and for when a user has a preferred method configured that has been
 ## disabled. This setting must be a method that is enabled.
 ## Options are totp, webauthn, mobile_push.
-default_2fa_method: ''
+# default_2fa_method: ''
 
 ##
 ## Server Configuration
@@ -203,7 +203,7 @@ totp:
   ## The TOTP algorithm to use.
   ## It is CRITICAL you read the documentation before changing this option:
   ## https://www.authelia.com/c/totp#algorithm
-  algorithm: 'sha1'
+  algorithm: 'SHA1'
 
   ## The number of digits a user has to input. Must either be 6 or 8.
   ## Changing this option only affects newly generated TOTP configurations.
@@ -300,7 +300,7 @@ authentication_backend:
 
     ## External reset password url that redirects the user to an external reset portal. This disables the internal reset
     ## functionality.
-    custom_url: ''
+    # custom_url: ''
 
   ## The amount of time to wait before we refresh data from the authentication backend in the duration common syntax.
   ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
@@ -396,7 +396,7 @@ authentication_backend:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
     ## The distinguished name of the container searched for objects in the directory information tree.
@@ -820,7 +820,7 @@ session:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
     ## The Redis HA configuration options.
@@ -965,7 +965,7 @@ regulation:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
   ##
@@ -1048,8 +1048,8 @@ regulation:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
-      # -----END RSA PRIVATE KEY-----
+        # -----END RSA PRIVATE KEY-----
 
 ##
 ## Notification Provider
@@ -1166,7 +1166,7 @@ notifier:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
 ##
@@ -1208,7 +1208,7 @@ notifier:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
 
@@ -1238,7 +1238,7 @@ notifier:
       # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
       # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
       # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-      # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+      # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
       # -----END RSA PRIVATE KEY-----
 
     ## Optional matching certificate chain in PEM DER form that matches the issuer_private_key. All certificates within
@@ -1287,6 +1287,7 @@ notifier:
       ## List of endpoints in addition to the metadata endpoints to permit cross-origin requests on.
       # endpoints:
         #  - 'authorization'
+        #  - 'pushed-authorization-request'
         #  - 'token'
         #  - 'revocation'
         #  - 'introspection'
@@ -1325,7 +1326,7 @@ notifier:
 
         ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
         # redirect_uris:
-        # - 'https://oidc.example.com:8080/oauth2/callback'
+          # - 'https://oidc.example.com:8080/oauth2/callback'
 
         ## Audience this client is allowed to request.
         # audience: []
@@ -1340,7 +1341,7 @@ notifier:
         ## Grant Types configures which grants this client can obtain.
         ## It's not recommended to define this unless you know what you're doing.
         # grant_types:
-        # - 'authorization_code'
+          # - 'authorization_code'
 
         ## Response Types configures which responses this client can be sent.
         ## It's not recommended to define this unless you know what you're doing.
@@ -1412,7 +1413,7 @@ notifier:
               # key: |
                 # -----BEGIN RSA PUBLIC KEY-----
                 # MEgCQQDAwV26ZA1lodtOQxNrJ491gWT+VzFum9IeZ+WTmMypYWyW1CzXKwsvTHDz
-                # 9ec+jserR3EMQ0Rr24lj13FL1ib5AgMBAAE=
+                # 9ec+jserR3EMQ0Rr24lj13FL1ib5AgMBAAE_DO_NOT_USE=
                 # -----END RSA PUBLIC KEY----
 
               ## The matching certificate chain in PEM DER form that matches the key if available.

internal/configuration/config.template.yml

@@ -39,7 +39,7 @@ default_redirection_url: 'https://home.example.com/'
 ## Set the default 2FA method for new users and for when a user has a preferred method configured that has been
 ## disabled. This setting must be a method that is enabled.
 ## Options are totp, webauthn, mobile_push.
-default_2fa_method: ''
+# default_2fa_method: ''
 
 ##
 ## Server Configuration
@@ -203,7 +203,7 @@ totp:
   ## The TOTP algorithm to use.
   ## It is CRITICAL you read the documentation before changing this option:
   ## https://www.authelia.com/c/totp#algorithm
-  algorithm: 'sha1'
+  algorithm: 'SHA1'
 
   ## The number of digits a user has to input. Must either be 6 or 8.
   ## Changing this option only affects newly generated TOTP configurations.
@@ -300,7 +300,7 @@ authentication_backend:
 
     ## External reset password url that redirects the user to an external reset portal. This disables the internal reset
     ## functionality.
-    custom_url: ''
+    # custom_url: ''
 
   ## The amount of time to wait before we refresh data from the authentication backend in the duration common syntax.
   ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
@@ -396,7 +396,7 @@ authentication_backend:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
     ## The distinguished name of the container searched for objects in the directory information tree.
@@ -820,7 +820,7 @@ session:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
     ## The Redis HA configuration options.
@@ -965,7 +965,7 @@ regulation:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
   ##
@@ -1048,8 +1048,8 @@ regulation:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
-      # -----END RSA PRIVATE KEY-----
+        # -----END RSA PRIVATE KEY-----
 
 ##
 ## Notification Provider
@@ -1166,7 +1166,7 @@ notifier:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
 ##
@@ -1208,7 +1208,7 @@ notifier:
         # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
         # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
         # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+        # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
         # -----END RSA PRIVATE KEY-----
 
 
@@ -1238,7 +1238,7 @@ notifier:
       # SKECIQDY6G8gvsYJdXCE9UJ7ukoLrRHxt/frhAtmSY5lVAPuMwIhAMzuDrJo73LH
       # ZyEaqIXc5pIiX3Sag43csPDHfuXdtT2NAiEAhyRKGJzDxiDlefFU+sGWYK/z/iYg
       # 0Rvz/kbV8UvnJwECIQDAYN6VJ6NZmc27qv33JIejOfdoTEEhZMMKVg1PlxE0ZQIg
-      # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRsDO_NOT_USE=
+      # HFpJiFxZES3QvVPr8deBXORPurqD5uU85NKsf61AdRs_DO_NOT_USE=
       # -----END RSA PRIVATE KEY-----
 
     ## Optional matching certificate chain in PEM DER form that matches the issuer_private_key. All certificates within
@@ -1287,6 +1287,7 @@ notifier:
       ## List of endpoints in addition to the metadata endpoints to permit cross-origin requests on.
       # endpoints:
         #  - 'authorization'
+        #  - 'pushed-authorization-request'
         #  - 'token'
         #  - 'revocation'
         #  - 'introspection'
@@ -1325,7 +1326,7 @@ notifier:
 
         ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
         # redirect_uris:
-        # - 'https://oidc.example.com:8080/oauth2/callback'
+          # - 'https://oidc.example.com:8080/oauth2/callback'
 
         ## Audience this client is allowed to request.
         # audience: []
@@ -1340,7 +1341,7 @@ notifier:
         ## Grant Types configures which grants this client can obtain.
         ## It's not recommended to define this unless you know what you're doing.
         # grant_types:
-        # - 'authorization_code'
+          # - 'authorization_code'
 
         ## Response Types configures which responses this client can be sent.
         ## It's not recommended to define this unless you know what you're doing.
@@ -1412,7 +1413,7 @@ notifier:
               # key: |
                 # -----BEGIN RSA PUBLIC KEY-----
                 # MEgCQQDAwV26ZA1lodtOQxNrJ491gWT+VzFum9IeZ+WTmMypYWyW1CzXKwsvTHDz
-                # 9ec+jserR3EMQ0Rr24lj13FL1ib5AgMBAAE=
+                # 9ec+jserR3EMQ0Rr24lj13FL1ib5AgMBAAE_DO_NOT_USE=
                 # -----END RSA PUBLIC KEY----
 
               ## The matching certificate chain in PEM DER form that matches the key if available.