From a171c1d84975c22ad5a932b994ec561ad9d08a5e Mon Sep 17 00:00:00 2001 From: Gang Li Date: Mon, 3 Apr 2023 16:10:32 +0800 Subject: [PATCH] Deprecated old way of keycloak code * Remove compose realm setting files from git * Remove legacy keycloak js and json support --- .gitignore | 3 +- compose/config/indyuiservice-realm.json | 2335 ----------------- pom.xml | 4 +- .../service/ui/keycloak/KeycloakConfig.java | 44 +- .../ui/keycloak/SecurityController.java | 6 +- .../service/ui/keycloak/SecurityResource.java | 4 + .../service/ui/keycloak/TokenResource.java | 74 - src/main/resources/application.yaml | 42 +- src/main/webui/app/index.html | 5 +- src/main/webui/app/js/boot.js | 5 + 10 files changed, 46 insertions(+), 2476 deletions(-) delete mode 100644 compose/config/indyuiservice-realm.json delete mode 100644 src/main/java/org/commonjava/indy/service/ui/keycloak/TokenResource.java create mode 100644 src/main/webui/app/js/boot.js diff --git a/.gitignore b/.gitignore index 7f902c4..22843e3 100644 --- a/.gitignore +++ b/.gitignore @@ -38,4 +38,5 @@ log/* *.dat - +# compose +compose/config/*.json diff --git a/compose/config/indyuiservice-realm.json b/compose/config/indyuiservice-realm.json deleted file mode 100644 index a81b16f..0000000 --- a/compose/config/indyuiservice-realm.json +++ /dev/null @@ -1,2335 +0,0 @@ -{ - "id": "quarkus", - "realm": "indyuiservice", - "notBefore": 0, - "defaultSignatureAlgorithm": "RS256", - "revokeRefreshToken": false, - "refreshTokenMaxReuse": 0, - "accessTokenLifespan": 300, - "accessTokenLifespanForImplicitFlow": 900, - "ssoSessionIdleTimeout": 1800, - "ssoSessionMaxLifespan": 36000, - "ssoSessionIdleTimeoutRememberMe": 0, - "ssoSessionMaxLifespanRememberMe": 0, - "offlineSessionIdleTimeout": 2592000, - "offlineSessionMaxLifespanEnabled": false, - "offlineSessionMaxLifespan": 5184000, - "clientSessionIdleTimeout": 0, - "clientSessionMaxLifespan": 0, - "clientOfflineSessionIdleTimeout": 0, - "clientOfflineSessionMaxLifespan": 0, - "accessCodeLifespan": 60, - "accessCodeLifespanUserAction": 300, - "accessCodeLifespanLogin": 1800, - "actionTokenGeneratedByAdminLifespan": 43200, - "actionTokenGeneratedByUserLifespan": 300, - "oauth2DeviceCodeLifespan": 600, - "oauth2DevicePollingInterval": 5, - "enabled": true, - "sslRequired": "external", - "registrationAllowed": false, - "registrationEmailAsUsername": false, - "rememberMe": false, - "verifyEmail": false, - "loginWithEmailAllowed": true, - "duplicateEmailsAllowed": false, - "resetPasswordAllowed": false, - "editUsernameAllowed": false, - "bruteForceProtected": false, - "permanentLockout": false, - "maxFailureWaitSeconds": 900, - "minimumQuickLoginWaitSeconds": 60, - "waitIncrementSeconds": 60, - "quickLoginCheckMilliSeconds": 1000, - "maxDeltaTimeSeconds": 43200, - "failureFactor": 30, - "roles": { - "realm": [ - { - "id": "3fc80564-13ac-4e7b-9986-322f571e82bc", - "name": "confidential", - "composite": false, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - }, - { - "id": "39eb64c8-66a9-4983-9c81-27ea7e2f6273", - "name": "uma_authorization", - "description": "${role_uma_authorization}", - "composite": false, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - }, - { - "id": "8c1abe12-62fe-4a06-ae0d-f5fb67dddbb0", - "name": "admin", - "composite": false, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - }, - { - "id": "73b57725-ecf5-4a7a-8060-5d417a32eb5c", - "name": "power-user", - "composite": false, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - }, - { - "id": "5afce544-6a3c-495f-b805-fd737cf5081e", - "name": "user", - "composite": false, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - }, - { - "id": "bc431d62-a80a-425b-961a-0fb3fc59006d", - "name": "offline_access", - "description": "${role_offline-access}", - "composite": false, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - }, - { - "id": "70fe9dad-62df-4df9-9837-b331f8c88191", - "name": "default-roles-quarkus", - "description": "${role_default-roles}", - "composite": true, - "composites": { - "realm": [ - "offline_access", - "uma_authorization" - ], - "client": { - "account": [ - "view-profile", - "manage-account" - ] - } - }, - "clientRole": false, - "containerId": "quarkus", - "attributes": {} - } - ], - "client": { - "realm-management": [ - { - "id": "1163b9bd-7319-4154-a25f-0101b2548d21", - "name": "impersonation", - "description": "${role_impersonation}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "7db1f38d-d436-4725-93fd-030a3bbe628e", - "name": "manage-identity-providers", - "description": "${role_manage-identity-providers}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "73d0a556-072b-404f-bf8e-10e2544c8c27", - "name": "view-identity-providers", - "description": "${role_view-identity-providers}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "df9e5352-f835-4467-bcaf-cb1b5f55c1ec", - "name": "query-users", - "description": "${role_query-users}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "7e727e28-2095-4443-b2da-865e684f2308", - "name": "view-realm", - "description": "${role_view-realm}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "fa77909a-32a3-41ae-9983-2b92ae03080c", - "name": "manage-clients", - "description": "${role_manage-clients}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "a8780507-dc72-4433-8b95-b8e4f3c37d0e", - "name": "manage-events", - "description": "${role_manage-events}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "f7f4697a-3977-42f6-af86-9bb006cf4d04", - "name": "realm-admin", - "description": "${role_realm-admin}", - "composite": true, - "composites": { - "client": { - "realm-management": [ - "impersonation", - "manage-identity-providers", - "view-identity-providers", - "view-realm", - "query-users", - "manage-clients", - "manage-events", - "manage-realm", - "view-authorization", - "manage-authorization", - "view-users", - "create-client", - "query-clients", - "query-groups", - "manage-users", - "view-clients", - "view-events", - "query-realms" - ] - } - }, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "ca7dc1ce-a981-4efe-b3f0-a7192b6d3943", - "name": "manage-realm", - "description": "${role_manage-realm}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "a0ab4faa-00a9-4f52-ac9f-8e764b6a8126", - "name": "view-authorization", - "description": "${role_view-authorization}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "0b4ed5e0-eceb-4d81-ba05-fa67022abe59", - "name": "manage-authorization", - "description": "${role_manage-authorization}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "c10336be-06f3-40ef-bef5-28d8c9b8a1e2", - "name": "create-client", - "description": "${role_create-client}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "1a1ffadc-11d5-44ea-bac0-d94372c8ae5c", - "name": "view-users", - "description": "${role_view-users}", - "composite": true, - "composites": { - "client": { - "realm-management": [ - "query-groups", - "query-users" - ] - } - }, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "5ba9a1a3-9027-4531-8253-b91f6058513c", - "name": "query-clients", - "description": "${role_query-clients}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "b4fba807-7a7e-4e3e-bd31-45703305a9e3", - "name": "query-groups", - "description": "${role_query-groups}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "c9384254-0af3-434c-b4ed-7c94f59a8247", - "name": "manage-users", - "description": "${role_manage-users}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "9a0022f2-bd58-4418-828c-a8e7abe3346b", - "name": "view-clients", - "description": "${role_view-clients}", - "composite": true, - "composites": { - "client": { - "realm-management": [ - "query-clients" - ] - } - }, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "83df8311-4366-4d22-9425-eccc343faa3f", - "name": "view-events", - "description": "${role_view-events}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - }, - { - "id": "e81bf277-047f-4bdd-afd6-59e2016c5066", - "name": "query-realms", - "description": "${role_query-realms}", - "composite": false, - "clientRole": true, - "containerId": "376bd940-e50a-4495-80fc-9c6c07312748", - "attributes": {} - } - ], - "security-admin-console": [], - "admin-cli": [], - "account-console": [], - "indy": [ - { - "id": "df147a91-6da7-4bbc-866c-f30cf99b2637", - "name": "uma_protection", - "composite": false, - "clientRole": true, - "containerId": "0ac5df91-e044-4051-bd03-106a3a5fb9cc", - "attributes": {} - } - ], - "broker": [ - { - "id": "d36865b0-7ade-4bcd-a7dc-1dacbd80f169", - "name": "read-token", - "description": "${role_read-token}", - "composite": false, - "clientRole": true, - "containerId": "53d4fe53-a039-471e-886a-28eddc950e95", - "attributes": {} - } - ], - "account": [ - { - "id": "539325a0-d9b3-4821-97ee-d42999296b62", - "name": "view-profile", - "description": "${role_view-profile}", - "composite": false, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - }, - { - "id": "26e1c3c3-ad08-402e-892c-13cb2475737e", - "name": "manage-consent", - "description": "${role_manage-consent}", - "composite": true, - "composites": { - "client": { - "account": [ - "view-consent" - ] - } - }, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - }, - { - "id": "e4af836c-c884-4a57-8b1d-fb673b0fe3a5", - "name": "manage-account", - "description": "${role_manage-account}", - "composite": true, - "composites": { - "client": { - "account": [ - "manage-account-links" - ] - } - }, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - }, - { - "id": "6e97643a-6e2d-42e1-87df-239704b5fcc3", - "name": "delete-account", - "description": "${role_delete-account}", - "composite": false, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - }, - { - "id": "35d1c998-bcae-4ab1-a026-4c67bff49a98", - "name": "manage-account-links", - "description": "${role_manage-account-links}", - "composite": false, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - }, - { - "id": "50279dbb-2c98-4b91-a83e-4214aae0b4cb", - "name": "view-applications", - "description": "${role_view-applications}", - "composite": false, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - }, - { - "id": "d4cbf940-13da-4ea3-a06c-c3ab820d9c2c", - "name": "view-consent", - "description": "${role_view-consent}", - "composite": false, - "clientRole": true, - "containerId": "e55e1234-38fa-432d-8d90-39f5e024688d", - "attributes": {} - } - ] - } - }, - "groups": [], - "defaultRole": { - "id": "70fe9dad-62df-4df9-9837-b331f8c88191", - "name": "default-roles-quarkus", - "description": "${role_default-roles}", - "composite": true, - "clientRole": false, - "containerId": "quarkus" - }, - "requiredCredentials": [ - "password" - ], - "otpPolicyType": "totp", - "otpPolicyAlgorithm": "HmacSHA1", - "otpPolicyInitialCounter": 0, - "otpPolicyDigits": 6, - "otpPolicyLookAheadWindow": 1, - "otpPolicyPeriod": 30, - "otpSupportedApplications": [ - "FreeOTP", - "Google Authenticator" - ], - "webAuthnPolicyRpEntityName": "keycloak", - "webAuthnPolicySignatureAlgorithms": [ - "ES256" - ], - "webAuthnPolicyRpId": "", - "webAuthnPolicyAttestationConveyancePreference": "not specified", - "webAuthnPolicyAuthenticatorAttachment": "not specified", - "webAuthnPolicyRequireResidentKey": "not specified", - "webAuthnPolicyUserVerificationRequirement": "not specified", - "webAuthnPolicyCreateTimeout": 0, - "webAuthnPolicyAvoidSameAuthenticatorRegister": false, - "webAuthnPolicyAcceptableAaguids": [], - "webAuthnPolicyPasswordlessRpEntityName": "keycloak", - "webAuthnPolicyPasswordlessSignatureAlgorithms": [ - "ES256" - ], - "webAuthnPolicyPasswordlessRpId": "", - "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", - "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", - "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", - "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", - "webAuthnPolicyPasswordlessCreateTimeout": 0, - "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, - "webAuthnPolicyPasswordlessAcceptableAaguids": [], - "users": [ - { - "id": "948c59ec-46ed-4d99-aa43-02900029b930", - "createdTimestamp": 1554245880023, - "username": "service-account-indy", - "enabled": true, - "totp": false, - "emailVerified": false, - "email": "service-account-backend-service@placeholder.org", - "serviceAccountClientId": "indy", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "offline_access" - ], - "clientRoles": { - "indy": [ - "uma_protection" - ], - "account": [ - "view-profile", - "manage-account" - ] - }, - "notBefore": 0, - "groups": [] - } - ], - "scopeMappings": [ - { - "clientScope": "offline_access", - "roles": [ - "offline_access" - ] - } - ], - "clientScopeMappings": { - "account": [ - { - "client": "account-console", - "roles": [ - "manage-account" - ] - } - ] - }, - "clients": [ - { - "id": "e55e1234-38fa-432d-8d90-39f5e024688d", - "clientId": "account", - "name": "${client_account}", - "rootUrl": "${authBaseUrl}", - "baseUrl": "/realms/indyuiservice/account/", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "/realms/indyuiservice/account/*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": {}, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "adf011e4-85db-4976-aefe-dc7c0cdd5ef4", - "clientId": "account-console", - "name": "${client_account-console}", - "rootUrl": "${authBaseUrl}", - "baseUrl": "/realms/quarkus/account/", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "redirectUris": [ - "/realms/quarkus/account/*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "pkce.code.challenge.method": "S256" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": 0, - "protocolMappers": [ - { - "id": "87eef37a-8b0a-44a5-a0e4-61cdb71ce344", - "name": "audience resolve", - "protocol": "openid-connect", - "protocolMapper": "oidc-audience-resolve-mapper", - "consentRequired": false, - "config": {} - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "e9cc41a2-8e35-4d5e-949e-4879880c2ddb", - "clientId": "admin-cli", - "name": "${client_admin-cli}", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": {}, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "53d4fe53-a039-471e-886a-28eddc950e95", - "clientId": "broker", - "name": "${client_broker}", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": {}, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "0ac5df91-e044-4051-bd03-106a3a5fb9cc", - "clientId": "indy", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "secret", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": true, - "authorizationServicesEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.encrypt": "false", - "saml.server.signature": "false", - "exclude.session.state.from.auth.response": "false", - "saml.artifact.binding": "false", - "saml_force_name_id_format": "false", - "acr.loa.map": "{}", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "token.response.type.bearer.lower-case": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "3eac903f-c16b-4a78-a7e8-eb8f4d402b71", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientId", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientId", - "jsonType.label": "String" - } - }, - { - "id": "8422cefe-7f42-4f3b-abad-5f06f7d4b748", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "988e47d6-2055-45eb-82d6-0b8b25c629fc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ], - "authorizationSettings": { - "allowRemoteResourceManagement": true, - "policyEnforcementMode": "ENFORCING", - "resources": [ - { - "name": "User Resource", - "ownerManagedAccess": false, - "attributes": {}, - "_id": "df1b74a9-3f10-499d-a581-368de48e512b", - "uris": [ - "/api/users/*" - ] - }, - { - "name": "Administration Resource", - "ownerManagedAccess": false, - "attributes": {}, - "_id": "7124e2f1-e6dc-44b4-87ab-24b010090b97", - "uris": [ - "/api/admin/*" - ] - } - ], - "policies": [ - { - "id": "b8710fa6-160e-4de0-adf3-398c7007a0af", - "name": "Any User Policy", - "description": "Any user granted with the user role can access something", - "type": "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "roles": "[{\"id\":\"user\",\"required\":false}]" - } - }, - { - "id": "fcef30b2-68b2-4b78-9f3d-9162c6cdf5cb", - "name": "Only Administrators", - "description": "Only administrators can access", - "type": "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "roles": "[{\"id\":\"admin\",\"required\":false}]" - } - }, - { - "id": "3479dd56-02e9-4222-94fe-6a13cd065195", - "name": "User Resource Permission", - "type": "resource", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "resources": "[\"User Resource\"]", - "applyPolicies": "[\"Any User Policy\"]" - } - }, - { - "id": "60188298-d55b-4066-b231-6a7c56ff7cc5", - "name": "Administration Resource Permission", - "type": "resource", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "config": { - "resources": "[\"Administration Resource\"]", - "applyPolicies": "[\"Only Administrators\"]" - } - } - ], - "scopes": [], - "decisionStrategy": "UNANIMOUS" - } - }, - { - "id": "376bd940-e50a-4495-80fc-9c6c07312748", - "clientId": "realm-management", - "name": "${client_realm-management}", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": true, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": {}, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "a8732cac-ae0f-44ec-b7f3-bd2c41eff13c", - "clientId": "security-admin-console", - "name": "${client_security-admin-console}", - "rootUrl": "${authAdminUrl}", - "baseUrl": "/admin/indyuiservice/console/", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "/admin/indyuiservice/console/*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "pkce.code.challenge.method": "S256" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": 0, - "protocolMappers": [ - { - "id": "280528ca-5e96-4bb9-9fc0-20311caac32d", - "name": "locale", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "locale", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "locale", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - } - ], - "clientScopes": [ - { - "id": "19920c96-a383-4f35-8ee9-27833263cf03", - "name": "email", - "description": "OpenID Connect built-in scope: email", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "true", - "display.on.consent.screen": "true", - "consent.screen.text": "${emailScopeConsentText}" - }, - "protocolMappers": [ - { - "id": "36a0adf0-6c25-419f-98d7-cdeada8661aa", - "name": "email", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-property-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "email", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "email", - "jsonType.label": "String" - } - }, - { - "id": "b0c39901-5e5d-4436-b685-908bb90ea1d9", - "name": "email verified", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-property-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "emailVerified", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "email_verified", - "jsonType.label": "boolean" - } - } - ] - }, - { - "id": "3f190f54-8e3a-4c82-a799-bd12ddc475b2", - "name": "offline_access", - "description": "OpenID Connect built-in scope: offline_access", - "protocol": "openid-connect", - "attributes": { - "consent.screen.text": "${offlineAccessScopeConsentText}", - "display.on.consent.screen": "true" - } - }, - { - "id": "defa3480-5368-4f34-8075-49fb982b71b3", - "name": "phone", - "description": "OpenID Connect built-in scope: phone", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "true", - "display.on.consent.screen": "true", - "consent.screen.text": "${phoneScopeConsentText}" - }, - "protocolMappers": [ - { - "id": "069ae414-9e98-4612-a3d6-e8b5a1fa841d", - "name": "phone number verified", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "phoneNumberVerified", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "phone_number_verified", - "jsonType.label": "boolean" - } - }, - { - "id": "cea58e24-d0e0-4cc6-9e34-7b3bf7d6d85b", - "name": "phone number", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "phoneNumber", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "phone_number", - "jsonType.label": "String" - } - } - ] - }, - { - "id": "55b3ee1c-cbf9-4526-93d7-aa56a9c5f1cb", - "name": "microprofile-jwt", - "description": "Microprofile - JWT built-in scope", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "true", - "display.on.consent.screen": "false" - }, - "protocolMappers": [ - { - "id": "59128144-a21a-4744-bb55-e66ff0503b18", - "name": "upn", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-property-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "username", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "upn", - "jsonType.label": "String" - } - }, - { - "id": "69351a63-7d6e-45d0-be47-088c83b20fdb", - "name": "groups", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-realm-role-mapper", - "consentRequired": false, - "config": { - "multivalued": "true", - "userinfo.token.claim": "true", - "user.attribute": "foo", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "groups", - "jsonType.label": "String" - } - } - ] - }, - { - "id": "520cc3ef-2c6b-4d84-bcde-8c063241f4bd", - "name": "address", - "description": "OpenID Connect built-in scope: address", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "true", - "display.on.consent.screen": "true", - "consent.screen.text": "${addressScopeConsentText}" - }, - "protocolMappers": [ - { - "id": "c1d3bd07-0a5f-4f4f-b381-c58a7b723029", - "name": "address", - "protocol": "openid-connect", - "protocolMapper": "oidc-address-mapper", - "consentRequired": false, - "config": { - "user.attribute.formatted": "formatted", - "user.attribute.country": "country", - "user.attribute.postal_code": "postal_code", - "userinfo.token.claim": "true", - "user.attribute.street": "street", - "id.token.claim": "true", - "user.attribute.region": "region", - "access.token.claim": "true", - "user.attribute.locality": "locality" - } - } - ] - }, - { - "id": "f72c1acd-c367-41b1-8646-b6bd5fff3e3f", - "name": "roles", - "description": "OpenID Connect scope for add user roles to the access token", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "false", - "display.on.consent.screen": "true", - "consent.screen.text": "${rolesScopeConsentText}" - }, - "protocolMappers": [ - { - "id": "cd8e589e-5fa7-4dae-bf6e-e8f6a3fd3cff", - "name": "realm roles", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-realm-role-mapper", - "consentRequired": false, - "config": { - "user.attribute": "foo", - "access.token.claim": "true", - "claim.name": "realm_access.roles", - "jsonType.label": "String", - "multivalued": "true" - } - }, - { - "id": "708b19d1-0709-4278-b5a1-bcbeec11f51a", - "name": "audience resolve", - "protocol": "openid-connect", - "protocolMapper": "oidc-audience-resolve-mapper", - "consentRequired": false, - "config": {} - }, - { - "id": "25e97210-30c7-4f35-be11-407f1fa674cb", - "name": "client roles", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-client-role-mapper", - "consentRequired": false, - "config": { - "user.attribute": "foo", - "access.token.claim": "true", - "claim.name": "resource_access.${client_id}.roles", - "jsonType.label": "String", - "multivalued": "true" - } - } - ] - }, - { - "id": "52618957-a4e8-4c6f-a902-217f2c41a2fd", - "name": "web-origins", - "description": "OpenID Connect scope for add allowed web origins to the access token", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "false", - "display.on.consent.screen": "false", - "consent.screen.text": "" - }, - "protocolMappers": [ - { - "id": "a66ddadf-312f-491f-993c-fa58685815c6", - "name": "allowed web origins", - "protocol": "openid-connect", - "protocolMapper": "oidc-allowed-origins-mapper", - "consentRequired": false, - "config": {} - } - ] - }, - { - "id": "f3dc793d-6011-4861-b538-399dde5434c0", - "name": "role_list", - "description": "SAML role list", - "protocol": "saml", - "attributes": { - "consent.screen.text": "${samlRoleListScopeConsentText}", - "display.on.consent.screen": "true" - }, - "protocolMappers": [ - { - "id": "22eeabf8-a3c3-4026-a351-367f8ace7927", - "name": "role list", - "protocol": "saml", - "protocolMapper": "saml-role-list-mapper", - "consentRequired": false, - "config": { - "single": "false", - "attribute.nameformat": "Basic", - "attribute.name": "Role" - } - } - ] - }, - { - "id": "b7321e2e-dd8e-41cf-a527-c765155c3f78", - "name": "profile", - "description": "OpenID Connect built-in scope: profile", - "protocol": "openid-connect", - "attributes": { - "include.in.token.scope": "true", - "display.on.consent.screen": "true", - "consent.screen.text": "${profileScopeConsentText}" - }, - "protocolMappers": [ - { - "id": "1d4d3df5-7af5-488e-8477-0ad7cb74d50a", - "name": "nickname", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "nickname", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "nickname", - "jsonType.label": "String" - } - }, - { - "id": "1a5e26d6-211e-4f8a-b696-0ea9577db25a", - "name": "zoneinfo", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "zoneinfo", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "zoneinfo", - "jsonType.label": "String" - } - }, - { - "id": "18971685-6dd7-420f-9c09-879c4f2d54d8", - "name": "updated at", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "updatedAt", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "updated_at", - "jsonType.label": "String" - } - }, - { - "id": "b970d96b-0156-4db0-9beb-9c84c173e619", - "name": "birthdate", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "birthdate", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "birthdate", - "jsonType.label": "String" - } - }, - { - "id": "50287033-df21-45c6-aa46-c3060e6f9855", - "name": "given name", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-property-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "firstName", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "given_name", - "jsonType.label": "String" - } - }, - { - "id": "3dc6b97e-7063-4077-98d1-0cacf9029c7b", - "name": "full name", - "protocol": "openid-connect", - "protocolMapper": "oidc-full-name-mapper", - "consentRequired": false, - "config": { - "id.token.claim": "true", - "access.token.claim": "true", - "userinfo.token.claim": "true" - } - }, - { - "id": "3fb9391b-376c-42ef-b012-4df461c617cc", - "name": "middle name", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "middleName", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "middle_name", - "jsonType.label": "String" - } - }, - { - "id": "83f7fc4a-5386-4f86-a103-6585e138b61d", - "name": "username", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-property-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "username", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "preferred_username", - "jsonType.label": "String" - } - }, - { - "id": "8ef177b3-f485-44b1-afee-1901393b00c7", - "name": "family name", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-property-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "lastName", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "family_name", - "jsonType.label": "String" - } - }, - { - "id": "e994cbc7-2a1a-4465-b7b7-12b35b4fe49e", - "name": "gender", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "gender", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "gender", - "jsonType.label": "String" - } - }, - { - "id": "abaa4c9e-1fa2-4b45-a1bb-b3d650de9aca", - "name": "picture", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "picture", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "picture", - "jsonType.label": "String" - } - }, - { - "id": "bf21b514-81fd-4bbe-9236-bab5fcf54561", - "name": "locale", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "locale", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "locale", - "jsonType.label": "String" - } - }, - { - "id": "254f8de4-08e7-4d3d-a87f-4b238f0f922b", - "name": "profile", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "profile", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "profile", - "jsonType.label": "String" - } - }, - { - "id": "7934bf2a-cfc3-4b2d-a5cb-287f3ed2a977", - "name": "website", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "website", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "website", - "jsonType.label": "String" - } - } - ] - } - ], - "defaultDefaultClientScopes": [ - "role_list", - "profile", - "email", - "roles", - "web-origins" - ], - "defaultOptionalClientScopes": [ - "offline_access", - "address", - "phone", - "microprofile-jwt" - ], - "browserSecurityHeaders": { - "contentSecurityPolicyReportOnly": "", - "xContentTypeOptions": "nosniff", - "xRobotsTag": "none", - "xFrameOptions": "SAMEORIGIN", - "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", - "xXSSProtection": "1; mode=block", - "strictTransportSecurity": "max-age=31536000; includeSubDomains" - }, - "smtpServer": {}, - "eventsEnabled": false, - "eventsListeners": [ - "jboss-logging" - ], - "enabledEventTypes": [], - "adminEventsEnabled": false, - "adminEventsDetailsEnabled": false, - "identityProviders": [], - "identityProviderMappers": [], - "components": { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ - { - "id": "a7679218-373d-48ca-88f8-429985faeae3", - "name": "Allowed Protocol Mapper Types", - "providerId": "allowed-protocol-mappers", - "subType": "anonymous", - "subComponents": {}, - "config": { - "allowed-protocol-mapper-types": [ - "oidc-usermodel-attribute-mapper", - "oidc-address-mapper", - "oidc-usermodel-property-mapper", - "saml-user-attribute-mapper", - "oidc-sha256-pairwise-sub-mapper", - "saml-user-property-mapper", - "oidc-full-name-mapper", - "saml-role-list-mapper" - ] - } - }, - { - "id": "2ebf6f9f-4bfc-44b9-ad7c-282f2274d35b", - "name": "Allowed Client Scopes", - "providerId": "allowed-client-templates", - "subType": "authenticated", - "subComponents": {}, - "config": { - "allow-default-scopes": [ - "true" - ] - } - }, - { - "id": "552093c3-0a0a-4234-ad7c-ae660f0f0db1", - "name": "Allowed Client Scopes", - "providerId": "allowed-client-templates", - "subType": "anonymous", - "subComponents": {}, - "config": { - "allow-default-scopes": [ - "true" - ] - } - }, - { - "id": "8f27cf74-cee7-4a73-851f-982ee45157ca", - "name": "Trusted Hosts", - "providerId": "trusted-hosts", - "subType": "anonymous", - "subComponents": {}, - "config": { - "host-sending-registration-request-must-match": [ - "true" - ], - "client-uris-must-match": [ - "true" - ] - } - }, - { - "id": "ff570525-6c96-4500-9d73-c02e708b39de", - "name": "Full Scope Disabled", - "providerId": "scope", - "subType": "anonymous", - "subComponents": {}, - "config": {} - }, - { - "id": "b52284eb-123a-4718-aac9-857530a24a9b", - "name": "Max Clients Limit", - "providerId": "max-clients", - "subType": "anonymous", - "subComponents": {}, - "config": { - "max-clients": [ - "200" - ] - } - }, - { - "id": "2b8c0a6d-d5c0-4ea2-8a9c-4843d3e04ec6", - "name": "Consent Required", - "providerId": "consent-required", - "subType": "anonymous", - "subComponents": {}, - "config": {} - }, - { - "id": "bf59de5a-2c93-43cc-a9aa-03be0129fe53", - "name": "Allowed Protocol Mapper Types", - "providerId": "allowed-protocol-mappers", - "subType": "authenticated", - "subComponents": {}, - "config": { - "allowed-protocol-mapper-types": [ - "saml-user-attribute-mapper", - "saml-role-list-mapper", - "oidc-usermodel-attribute-mapper", - "oidc-sha256-pairwise-sub-mapper", - "oidc-usermodel-property-mapper", - "oidc-full-name-mapper", - "saml-user-property-mapper", - "oidc-address-mapper" - ] - } - } - ], - "org.keycloak.userprofile.UserProfileProvider": [ - { - "id": "9b6a6cf7-904f-4c7b-b3f2-f065555846f8", - "providerId": "declarative-user-profile", - "subComponents": {}, - "config": {} - } - ], - "org.keycloak.keys.KeyProvider": [ - { - "id": "b3efd9cc-28b6-4404-82af-8a48a966b8ff", - "name": "rsa-generated", - "providerId": "rsa-generated", - "subComponents": {}, - "config": { - "priority": [ - "100" - ] - } - }, - { - "id": "20460ca5-ec24-4a9b-839a-457743d3f841", - "name": "hmac-generated", - "providerId": "hmac-generated", - "subComponents": {}, - "config": { - "priority": [ - "100" - ], - "algorithm": [ - "HS256" - ] - } - }, - { - "id": "4f02d984-7a23-4ce1-8591-848a71390efe", - "name": "aes-generated", - "providerId": "aes-generated", - "subComponents": {}, - "config": { - "priority": [ - "100" - ] - } - } - ] - }, - "internationalizationEnabled": false, - "supportedLocales": [], - "authenticationFlows": [ - { - "id": "1db8c91b-c458-4da5-8556-df884e97daaa", - "alias": "Handle Existing Account", - "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "idp-confirm-link", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "Handle Existing Account - Alternatives - 0", - "userSetupAllowed": false - } - ] - }, - { - "id": "3dc347a2-9d38-4cd9-b059-e9311f0fc3ba", - "alias": "Handle Existing Account - Alternatives - 0", - "description": "Subflow of Handle Existing Account with alternative executions", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "idp-email-verification", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "ALTERNATIVE", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "Verify Existing Account by Re-authentication", - "userSetupAllowed": false - } - ] - }, - { - "id": "1b4a807a-eaa7-4423-ae37-d973008717d0", - "alias": "Verify Existing Account by Re-authentication", - "description": "Reauthentication of existing account", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "idp-username-password-form", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "CONDITIONAL", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "Verify Existing Account by Re-authentication - auth-otp-form - Conditional", - "userSetupAllowed": false - } - ] - }, - { - "id": "b94f9764-8ba8-4fd9-a29a-d8d7de6f0832", - "alias": "Verify Existing Account by Re-authentication - auth-otp-form - Conditional", - "description": "Flow to determine if the auth-otp-form authenticator should be used or not.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "conditional-user-configured", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "auth-otp-form", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "6db56ae8-5027-4c89-8a92-39b37e0eed84", - "alias": "browser", - "description": "browser based authentication", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "auth-cookie", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "auth-spnego", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "identity-provider-redirector", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 25, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "ALTERNATIVE", - "priority": 30, - "autheticatorFlow": true, - "flowAlias": "forms", - "userSetupAllowed": false - } - ] - }, - { - "id": "6c7827ed-fc52-41ff-8c6b-de45f2d667da", - "alias": "clients", - "description": "Base authentication for clients", - "providerId": "client-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "client-secret", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "client-jwt", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "client-secret-jwt", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 30, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "client-x509", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "c1841ddb-9498-48d8-a29f-700354f8a398", - "alias": "direct grant", - "description": "OpenID Connect Resource Owner Grant", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "direct-grant-validate-username", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "direct-grant-validate-password", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "CONDITIONAL", - "priority": 30, - "autheticatorFlow": true, - "flowAlias": "direct grant - direct-grant-validate-otp - Conditional", - "userSetupAllowed": false - } - ] - }, - { - "id": "99b42d88-0d61-46b2-a262-206bee084306", - "alias": "direct grant - direct-grant-validate-otp - Conditional", - "description": "Flow to determine if the direct-grant-validate-otp authenticator should be used or not.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "conditional-user-configured", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "direct-grant-validate-otp", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "1f71781e-9263-4dee-9511-3c6638ac0a1e", - "alias": "docker auth", - "description": "Used by Docker clients to authenticate against the IDP", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "docker-http-basic-authenticator", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "8eefeec0-b5cc-42be-9dc7-da39c8b8fd8e", - "alias": "first broker login", - "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticatorConfig": "review profile config", - "authenticator": "idp-review-profile", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "first broker login - Alternatives - 0", - "userSetupAllowed": false - } - ] - }, - { - "id": "59d0d63c-8320-43e5-8a03-4fce49cb44c7", - "alias": "first broker login - Alternatives - 0", - "description": "Subflow of first broker login with alternative executions", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticatorConfig": "create unique user config", - "authenticator": "idp-create-user-if-unique", - "authenticatorFlow": false, - "requirement": "ALTERNATIVE", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "ALTERNATIVE", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "Handle Existing Account", - "userSetupAllowed": false - } - ] - }, - { - "id": "30f01324-3653-45a2-a338-2af4f7da0f92", - "alias": "forms", - "description": "Username, password, otp and other auth forms.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "auth-username-password-form", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "CONDITIONAL", - "priority": 20, - "autheticatorFlow": true, - "flowAlias": "forms - auth-otp-form - Conditional", - "userSetupAllowed": false - } - ] - }, - { - "id": "2e959a9f-8006-40d9-b2f3-1be274acf882", - "alias": "forms - auth-otp-form - Conditional", - "description": "Flow to determine if the auth-otp-form authenticator should be used or not.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "conditional-user-configured", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "auth-otp-form", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "40a498db-b5a8-420c-b83b-6ff358decce1", - "alias": "http challenge", - "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "no-cookie-redirect", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "basic-auth", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "basic-auth-otp", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 30, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "auth-spnego", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "91c67e68-19fc-4a9a-9f0b-9887e2de00de", - "alias": "registration", - "description": "registration flow", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "registration-page-form", - "authenticatorFlow": true, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": true, - "flowAlias": "registration form", - "userSetupAllowed": false - } - ] - }, - { - "id": "f11c3a39-96e7-46a6-994a-773bc5de002b", - "alias": "registration form", - "description": "registration form", - "providerId": "form-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "registration-user-creation", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "registration-password-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 50, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "registration-recaptcha-action", - "authenticatorFlow": false, - "requirement": "DISABLED", - "priority": 60, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "fa8319b4-8985-43d7-97d0-ce23d38f01c5", - "alias": "reset credentials", - "description": "Reset credentials for a user if they forgot their password or something", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "reset-credentials-choose-user", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "reset-credential-email", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "reset-password", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 30, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticatorFlow": true, - "requirement": "CONDITIONAL", - "priority": 40, - "autheticatorFlow": true, - "flowAlias": "reset credentials - reset-otp - Conditional", - "userSetupAllowed": false - } - ] - }, - { - "id": "e27c352e-6ab3-4c8f-82d2-bd075adbf855", - "alias": "reset credentials - reset-otp - Conditional", - "description": "Flow to determine if the reset-otp authenticator should be used or not.", - "providerId": "basic-flow", - "topLevel": false, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "conditional-user-configured", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - }, - { - "authenticator": "reset-otp", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 20, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - }, - { - "id": "5810f797-ba18-4497-af97-a5235486e7cb", - "alias": "saml ecp", - "description": "SAML ECP Profile Authentication Flow", - "providerId": "basic-flow", - "topLevel": true, - "builtIn": true, - "authenticationExecutions": [ - { - "authenticator": "http-basic-authenticator", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 10, - "autheticatorFlow": false, - "userSetupAllowed": false - } - ] - } - ], - "authenticatorConfig": [ - { - "id": "7352018f-e4a0-47f8-a0ea-85e4c72dc808", - "alias": "create unique user config", - "config": { - "require.password.update.after.registration": "false" - } - }, - { - "id": "724e3417-09f2-4998-9bbb-0107c3701474", - "alias": "review profile config", - "config": { - "update.profile.on.first.login": "missing" - } - } - ], - "requiredActions": [ - { - "alias": "CONFIGURE_TOTP", - "name": "Configure OTP", - "providerId": "CONFIGURE_TOTP", - "enabled": true, - "defaultAction": false, - "priority": 10, - "config": {} - }, - { - "alias": "terms_and_conditions", - "name": "Terms and Conditions", - "providerId": "terms_and_conditions", - "enabled": false, - "defaultAction": false, - "priority": 20, - "config": {} - }, - { - "alias": "UPDATE_PASSWORD", - "name": "Update Password", - "providerId": "UPDATE_PASSWORD", - "enabled": true, - "defaultAction": false, - "priority": 30, - "config": {} - }, - { - "alias": "UPDATE_PROFILE", - "name": "Update Profile", - "providerId": "UPDATE_PROFILE", - "enabled": true, - "defaultAction": false, - "priority": 40, - "config": {} - }, - { - "alias": "VERIFY_EMAIL", - "name": "Verify Email", - "providerId": "VERIFY_EMAIL", - "enabled": true, - "defaultAction": false, - "priority": 50, - "config": {} - }, - { - "alias": "delete_account", - "name": "Delete Account", - "providerId": "delete_account", - "enabled": false, - "defaultAction": false, - "priority": 60, - "config": {} - }, - { - "alias": "update_user_locale", - "name": "Update User Locale", - "providerId": "update_user_locale", - "enabled": true, - "defaultAction": false, - "priority": 1000, - "config": {} - } - ], - "browserFlow": "browser", - "registrationFlow": "registration", - "directGrantFlow": "direct grant", - "resetCredentialsFlow": "reset credentials", - "clientAuthenticationFlow": "clients", - "dockerAuthenticationFlow": "docker auth", - "attributes": { - "cibaBackchannelTokenDeliveryMode": "poll", - "cibaExpiresIn": "120", - "cibaAuthRequestedUserHint": "login_hint", - "oauth2DeviceCodeLifespan": "600", - "oauth2DevicePollingInterval": "5", - "clientOfflineSessionMaxLifespan": "0", - "clientSessionIdleTimeout": "0", - "userProfileEnabled": "false", - "parRequestUriLifespan": "60", - "clientSessionMaxLifespan": "0", - "clientOfflineSessionIdleTimeout": "0", - "cibaInterval": "5" - }, - "keycloakVersion": "17.0.0", - "userManagedAccessAllowed": false, - "clientProfiles": { - "profiles": [] - }, - "clientPolicies": { - "policies": [] - } -} \ No newline at end of file diff --git a/pom.xml b/pom.xml index 125bd6d..85af9c1 100644 --- a/pom.xml +++ b/pom.xml @@ -20,7 +20,7 @@ org.commonjava service-parent - 2 + 3-SNAPSHOT 4.0.0 org.commonjava.indy.service @@ -261,7 +261,7 @@ - io.quarkus + io.quarkus.platform quarkus-maven-plugin diff --git a/src/main/java/org/commonjava/indy/service/ui/keycloak/KeycloakConfig.java b/src/main/java/org/commonjava/indy/service/ui/keycloak/KeycloakConfig.java index 44867af..d586f19 100644 --- a/src/main/java/org/commonjava/indy/service/ui/keycloak/KeycloakConfig.java +++ b/src/main/java/org/commonjava/indy/service/ui/keycloak/KeycloakConfig.java @@ -24,9 +24,9 @@ import java.util.Optional; import java.util.Properties; -@Startup -@ConfigMapping( prefix = "keycloak" ) -@ApplicationScoped +//@Startup +//@ConfigMapping( prefix = "keycloak" ) +//@ApplicationScoped @Deprecated interface KeycloakConfig { @@ -60,45 +60,45 @@ interface KeycloakConfig String KEYCLOAK_REALM_PUBLIC_KEY = "keycloak.realmPublicKey"; - @WithName( "enabled" ) - @WithDefault( "false" ) +// @WithName( "enabled" ) +// @WithDefault( "false" ) Boolean enabled(); - @WithName( "realm.name" ) - @WithDefault( DEFAULT_REALM ) +// @WithName( "realm.name" ) +// @WithDefault( DEFAULT_REALM ) String getRealm(); - @WithName( "keycloak.json" ) - @WithDefault( DEFAULT_KEYCLOAK_JSON ) +// @WithName( "keycloak.json" ) +// @WithDefault( DEFAULT_KEYCLOAK_JSON ) String getKeycloakJson(); - @WithName( "keycloak-ui.json" ) - @WithDefault( DEFAULT_KEYCLOAK_UI_JSON ) +// @WithName( "keycloak-ui.json" ) +// @WithDefault( DEFAULT_KEYCLOAK_UI_JSON ) String getKeycloakUiJson(); - @WithName( "security-bindings.json" ) - @WithDefault( DEFAULT_SECURITY_BINDINGS_JSON ) +// @WithName( "security-bindings.json" ) +// @WithDefault( DEFAULT_SECURITY_BINDINGS_JSON ) String getSecurityBindingsJson(); - @WithName( "url" ) - @WithDefault( DEFAULT_URL ) +// @WithName( "url" ) +// @WithDefault( DEFAULT_URL ) String getUrl(); - @WithName( "server.credential.secret" ) +// @WithName( "server.credential.secret" ) Optional getServerCredentialSecret(); - @WithName( "server.resource" ) - @WithDefault( DEFAULT_SERVER_RESOURCE ) +// @WithName( "server.resource" ) +// @WithDefault( DEFAULT_SERVER_RESOURCE ) String getServerResource(); - @WithName( "ui.resource" ) - @WithDefault( DEFAULT_UI_RESOURCE ) +// @WithName( "ui.resource" ) +// @WithDefault( DEFAULT_UI_RESOURCE ) String getUiResource(); - @WithName( "realm.key" ) +// @WithName( "realm.key" ) Optional getRealmKey(); - @WithName( "realm.public.key" ) +// @WithName( "realm.public.key" ) Optional getRealmPublicKey(); default KeycloakConfig setSystemProperties() diff --git a/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityController.java b/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityController.java index 2c4b39c..dee70f8 100644 --- a/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityController.java +++ b/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityController.java @@ -32,6 +32,10 @@ import java.nio.charset.Charset; import java.util.Properties; +/** + * @deprecated Will use quarkus native oidc implementation. This is not needed anymore + */ +@Deprecated @ApplicationScoped public class SecurityController { @@ -40,7 +44,7 @@ public class SecurityController private static final String DISABLED_KEYCLOAK_INIT_JS = "disabled-keycloak-init.js"; - @Inject +// @Inject KeycloakConfig config; private String keycloakInitJs; diff --git a/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityResource.java b/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityResource.java index 492215e..f53a7bc 100644 --- a/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityResource.java +++ b/src/main/java/org/commonjava/indy/service/ui/keycloak/SecurityResource.java @@ -35,6 +35,10 @@ import static javax.ws.rs.core.HttpHeaders.CACHE_CONTROL; +/** + * @deprecated Will use quarkus native oidc implementation. This is not needed anymore + */ +@Deprecated @Tag( description = "Security Infrastructure" ) @Path( "/api/security" ) public class SecurityResource diff --git a/src/main/java/org/commonjava/indy/service/ui/keycloak/TokenResource.java b/src/main/java/org/commonjava/indy/service/ui/keycloak/TokenResource.java deleted file mode 100644 index a43bcbd..0000000 --- a/src/main/java/org/commonjava/indy/service/ui/keycloak/TokenResource.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Copyright (C) 2023 Red Hat, Inc. (https://github.com/Commonjava/indy-ui-service) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.commonjava.indy.service.ui.keycloak; - -import io.quarkus.oidc.IdToken; -import io.quarkus.oidc.RefreshToken; -import org.eclipse.microprofile.jwt.JsonWebToken; - -import javax.inject.Inject; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.Response; - -@Path("/api/security/tokens") -public class TokenResource { - - /** - * Injection point for the ID Token issued by the OpenID Connect Provider - */ - @Inject - @IdToken - JsonWebToken idToken; - - /** - * Injection point for the Access Token issued by the OpenID Connect Provider - */ - @Inject - JsonWebToken accessToken; - - /** - * Injection point for the Refresh Token issued by the OpenID Connect Provider - */ - @Inject - RefreshToken refreshToken; - - @GET - @Path( "username" ) - @Produces( "application/json" ) - public Response getUser() { - - Object userName = this.idToken.getClaim("preferred_username"); - - if (userName != null) { - return Response.ok(String.format( "{\"username\": \"%s\"}", userName)).build(); - }else{ - return Response.status( Response.Status.NOT_FOUND ).build(); - } - -// Object scopes = this.accessToken.getClaim("scope"); -// -// if (scopes != null) { -// response.append("
  • scopes: ").append(scopes.toString()).append("
    • "); -// } -// -// response.append("
  • refresh_token: ").append(refreshToken.getToken() != null).append("
    • "); -// -// return response.append("").append("").append("").toString(); - } - -} \ No newline at end of file diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 59e66d7..70d24bc 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -5,11 +5,6 @@ quarkus: enable-compression: true limits: max-body-size: 500M -# auth: -# permission: -# authenticated: -# paths: "/*" -# policy: authenticated package: type: uber-jar application: @@ -21,16 +16,6 @@ quarkus: keycloak: devservices: enabled: false -# oidc: -# enabled: true -# auth-server-url: "http://localhost:8180/realms/indyuiservice" -# "client-id": "indy" -# credentials: -# secret: "secret" -# "application-type": "web-app" -# logout: -# path: "/logout" -# post-logout-path: "/" log: level: INFO min-level: TRACE @@ -95,33 +80,12 @@ mp: indy_security: enabled: False -keycloak: - enabled: false -# url: http://localhost:8090/ -# realm: -# name: indy -# key: "UNSPECIFIED" -# public: -# key: "UNSPECIFIED" -# keycloak: -# json: keycloak/keycloak.json -# keycloak-ui: -# json: keycloak/keycloak-ui.json -# security-bindings: -# json: keycloak/security-bindings.json -# server: -# credential: -# secret: "UNSPECIFIED" -# resource: indy -# ui: -# resource: indy-ui - ## [rest client] service-api/mp-rest/uri: http://localhost:8080/ service-api/mp-rest/scope: javax.inject.Singleton -#service-api/mp-rest/connectTimeout: 60000 -#service-api/mp-rest/readTimeout: 60000 +service-api/mp-rest/connectTimeout: 60000 +service-api/mp-rest/readTimeout: 60000 #service-api/mp-rest/providers: org.commonjava.indy.service.ui.client.AuthClientRequestFilter "%dev": @@ -157,4 +121,4 @@ service-api/mp-rest/scope: javax.inject.Singleton max-file-size: 10M quinoa: package-manager-command: - install: "npm config set strict-ssl false && npm ci" \ No newline at end of file + install: "npm config set strict-ssl false && npm ci" diff --git a/src/main/webui/app/index.html b/src/main/webui/app/index.html index e3ed662..2052b6b 100644 --- a/src/main/webui/app/index.html +++ b/src/main/webui/app/index.html @@ -36,7 +36,7 @@ - + @@ -133,7 +133,8 @@ - + + diff --git a/src/main/webui/app/js/boot.js b/src/main/webui/app/js/boot.js new file mode 100644 index 0000000..6af2b3b --- /dev/null +++ b/src/main/webui/app/js/boot.js @@ -0,0 +1,5 @@ +var auth={loggedIn: false, keycloak: {authenticated: false, loginRequired: false}}; + +angular.element(document).ready(function () { + angular.bootstrap(document, ['indy']); +});