v14: Merge NewBackOfficeSettings into SecuritySettings. (#15586)

* Merge NewBackOfficeSettings into SecuritySettings.

* Apply suggestions from code review

Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>

* Remove hardcoded callback path

---------

Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>

src/Umbraco.Core/Configuration/Models/SecuritySettings.cs

@@ -25,6 +25,7 @@ public class SecuritySettings
 
     internal const int StaticMemberDefaultLockoutTimeInMinutes = 30 * 24 * 60;
     internal const int StaticUserDefaultLockoutTimeInMinutes = 30 * 24 * 60;
+    internal const string StaticAuthorizeCallbackPathName = "/umbraco";
 
     /// <summary>
     ///     Gets or sets a value indicating whether to keep the user logged in.
@@ -116,4 +117,15 @@ public class SecuritySettings
     /// </summary>
     [DefaultValue(StaticAllowConcurrentLogins)]
     public bool AllowConcurrentLogins { get; set; } = StaticAllowConcurrentLogins;
+
+    /// <summary>
+    ///     Gets or sets a value of the back-office host URI. Use this when running the back-office client and the Management API on different hosts. Leave empty when running both on the same host.
+    /// </summary>
+    public Uri? BackOfficeHost { get; set; }
+
+    /// <summary>
+    ///     The path to use for authorization callback. Will be appended to the BackOfficeHost.
+    /// </summary>
+    [DefaultValue(StaticAuthorizeCallbackPathName)]
+    public string AuthorizeCallbackPathName { get; set; } = StaticAuthorizeCallbackPathName;
 }