Bumped keycloak config

Signed-off-by: Martin Weise <martin.weise@tuwien.ac.at>

helm/dbrepo/templates/auth-configmap.yaml

@@ -5,7 +5,7 @@ metadata:
   name: auth-service-config
   namespace: {{ include "common.names.namespace" . | quote }}
 data:
-  dbrepo-realm.json: |
+  dbrepo-realm.json: |-
     {
       "id" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
       "realm" : "dbrepo",
@@ -35,7 +35,7 @@ data:
       "oauth2DevicePollingInterval" : 5,
       "enabled" : true,
       "sslRequired" : "none",
-      "registrationAllowed" : false,
+      "registrationAllowed" : true,
       "registrationEmailAsUsername" : false,
       "rememberMe" : false,
       "verifyEmail" : true,
@@ -2140,11 +2140,15 @@ data:
           "protocolMapper" : "oidc-usermodel-realm-role-mapper",
           "consentRequired" : false,
           "config" : {
+            "introspection.token.claim" : "true",
+            "userinfo.token.claim" : "false",
+            "multivalued" : "true",
             "user.attribute" : "foo",
+            "id.token.claim" : "true",
+            "lightweight.claim" : "false",
             "access.token.claim" : "true",
             "claim.name" : "realm_access.roles",
-            "jsonType.label" : "String",
-            "multivalued" : "true"
+            "jsonType.label" : "String"
           }
         }, {
           "id" : "a7bd6723-e58e-47f7-95c0-2925ce99283d",
@@ -2174,8 +2178,12 @@ data:
         "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
       },
       "smtpServer" : { },
+      "loginTheme" : "keycloak",
+      "accountTheme" : "",
+      "adminTheme" : "",
+      "emailTheme" : "",
       "eventsEnabled" : false,
-      "eventsListeners" : [ "jboss-logging" ],
+      "eventsListeners" : [ "create-event-listener", "jboss-logging" ],
       "enabledEventTypes" : [ "SEND_RESET_PASSWORD", "UPDATE_CONSENT_ERROR", "GRANT_CONSENT", "VERIFY_PROFILE_ERROR", "REMOVE_TOTP", "REVOKE_GRANT", "UPDATE_TOTP", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "IMPERSONATE_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", "RESTART_AUTHENTICATION", "IMPERSONATE", "UPDATE_PROFILE_ERROR", "LOGIN", "OAUTH2_DEVICE_VERIFY_USER_CODE", "UPDATE_PASSWORD_ERROR", "CLIENT_INITIATED_ACCOUNT_LINKING", "TOKEN_EXCHANGE", "AUTHREQID_TO_TOKEN", "LOGOUT", "REGISTER", "DELETE_ACCOUNT_ERROR", "CLIENT_REGISTER", "IDENTITY_PROVIDER_LINK_ACCOUNT", "DELETE_ACCOUNT", "UPDATE_PASSWORD", "CLIENT_DELETE", "FEDERATED_IDENTITY_LINK_ERROR", "IDENTITY_PROVIDER_FIRST_LOGIN", "CLIENT_DELETE_ERROR", "VERIFY_EMAIL", "CLIENT_LOGIN_ERROR", "RESTART_AUTHENTICATION_ERROR", "EXECUTE_ACTIONS", "REMOVE_FEDERATED_IDENTITY_ERROR", "TOKEN_EXCHANGE_ERROR", "PERMISSION_TOKEN", "SEND_IDENTITY_PROVIDER_LINK_ERROR", "EXECUTE_ACTION_TOKEN_ERROR", "SEND_VERIFY_EMAIL", "OAUTH2_DEVICE_AUTH", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "OAUTH2_DEVICE_CODE_TO_TOKEN", "IDENTITY_PROVIDER_POST_LOGIN", "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", "UPDATE_EMAIL", "REGISTER_ERROR", "REVOKE_GRANT_ERROR", "EXECUTE_ACTION_TOKEN", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "CLIENT_UPDATE_ERROR", "AUTHREQID_TO_TOKEN_ERROR", "UPDATE_PROFILE", "CLIENT_REGISTER_ERROR", "FEDERATED_IDENTITY_LINK", "SEND_IDENTITY_PROVIDER_LINK", "SEND_VERIFY_EMAIL_ERROR", "RESET_PASSWORD", "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", "OAUTH2_DEVICE_AUTH_ERROR", "UPDATE_CONSENT", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "SEND_RESET_PASSWORD_ERROR", "CLIENT_UPDATE", "CUSTOM_REQUIRED_ACTION_ERROR", "IDENTITY_PROVIDER_POST_LOGIN_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN", "VERIFY_PROFILE", "GRANT_CONSENT_ERROR", "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" ],
       "adminEventsEnabled" : false,
       "adminEventsDetailsEnabled" : false,
@@ -2223,7 +2231,7 @@ data:
           "subType" : "anonymous",
           "subComponents" : { },
           "config" : {
-            "allowed-protocol-mapper-types" : [ "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper" ]
+            "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper" ]
           }
         }, {
           "id" : "1849e52a-b8c9-44a8-af3d-ee19376a1ed1",
@@ -2249,7 +2257,7 @@ data:
           "subType" : "authenticated",
           "subComponents" : { },
           "config" : {
-            "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-address-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper" ]
+            "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-user-property-mapper" ]
           }
         } ],
         "org.keycloak.storage.UserStorageProvider" : [ {
@@ -2265,8 +2273,8 @@ data:
               "config" : {
                 "ldap.attribute" : [ "createTimestamp" ],
                 "is.mandatory.in.ldap" : [ "false" ],
-                "read.only" : [ "true" ],
                 "always.read.value.from.ldap" : [ "true" ],
+                "read.only" : [ "true" ],
                 "user.model.attribute" : [ "createTimestamp" ]
               }
             }, {
@@ -2277,8 +2285,8 @@ data:
               "config" : {
                 "ldap.attribute" : [ "sn" ],
                 "is.mandatory.in.ldap" : [ "true" ],
-                "always.read.value.from.ldap" : [ "true" ],
                 "read.only" : [ "false" ],
+                "always.read.value.from.ldap" : [ "true" ],
                 "user.model.attribute" : [ "lastName" ]
               }
             }, {
@@ -2289,8 +2297,8 @@ data:
               "config" : {
                 "ldap.attribute" : [ "cn" ],
                 "is.mandatory.in.ldap" : [ "true" ],
-                "always.read.value.from.ldap" : [ "true" ],
                 "read.only" : [ "false" ],
+                "always.read.value.from.ldap" : [ "true" ],
                 "user.model.attribute" : [ "firstName" ]
               }
             }, {
@@ -2301,8 +2309,8 @@ data:
               "config" : {
                 "ldap.attribute" : [ "mail" ],
                 "is.mandatory.in.ldap" : [ "false" ],
-                "read.only" : [ "false" ],
                 "always.read.value.from.ldap" : [ "false" ],
+                "read.only" : [ "false" ],
                 "user.model.attribute" : [ "email" ]
               }
             }, {
@@ -2315,7 +2323,7 @@ data:
                 "group.name.ldap.attribute" : [ "cn" ],
                 "preserve.group.inheritance" : [ "false" ],
                 "membership.user.ldap.attribute" : [ "uid" ],
-                "groups.dn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
+                "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
                 "mode" : [ "LDAP_ONLY" ],
                 "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
                 "membership.ldap.attribute" : [ "member" ],
@@ -2344,8 +2352,8 @@ data:
               "subComponents" : { },
               "config" : {
                 "ldap.attribute" : [ "uid" ],
-                "is.mandatory.in.ldap" : [ "true" ],
                 "attribute.force.default" : [ "false" ],
+                "is.mandatory.in.ldap" : [ "true" ],
                 "is.binary.attribute" : [ "false" ],
                 "read.only" : [ "false" ],
                 "always.read.value.from.ldap" : [ "false" ],
@@ -3014,7 +3022,7 @@ data:
         "policies" : [ ]
       }
     }
-  master-realm.json: |
+  master-realm.json: |-
     {
       "id" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
       "realm" : "master",