diff --git a/dbrepo-auth-service/dbrepo-realm.json b/dbrepo-auth-service/dbrepo-realm.json
index 18dc0c89843de96a003326aae72745793fbf7e6a..b48be9a6bdc607bbfe2f7190b3733238f31f29b8 100644
--- a/dbrepo-auth-service/dbrepo-realm.json
+++ b/dbrepo-auth-service/dbrepo-realm.json
@@ -937,7 +937,7 @@
"composite" : true,
"composites" : {
"client" : {
- "realm-management" : [ "query-realms", "view-identity-providers", "manage-identity-providers", "manage-authorization", "query-clients", "view-authorization", "view-users", "manage-users", "view-realm", "query-users", "view-clients", "query-groups", "create-client", "manage-clients", "manage-events", "impersonation", "view-events", "manage-realm" ]
+ "realm-management" : [ "query-realms", "manage-authorization", "manage-identity-providers", "view-identity-providers", "query-clients", "view-authorization", "view-users", "manage-users", "view-realm", "query-users", "view-clients", "create-client", "query-groups", "impersonation", "manage-clients", "manage-events", "view-events", "manage-realm" ]
}
},
"clientRole" : true,
@@ -1308,8 +1308,8 @@
"protocol" : "openid-connect",
"attributes" : {
"realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
- "post.logout.redirect.uris" : "+"
+ "post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : true,
@@ -1402,11 +1402,11 @@
"protocolMapper" : "oidc-hardcoded-claim-mapper",
"consentRequired" : false,
"config" : {
+ "claim.value" : "dbrepo",
+ "userinfo.token.claim" : "true",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "aud",
- "claim.value" : "dbrepo",
- "userinfo.token.claim" : "true",
"access.tokenResponse.claim" : "false"
}
}, {
@@ -1471,12 +1471,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "false",
"user.attribute" : "username",
"id.token.claim" : "false",
"access.token.claim" : "true",
"claim.name" : "client_id",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "false"
+ "jsonType.label" : "String"
}
}, {
"id" : "f1afc22d-f595-403b-ba2e-6ab19d98205e",
@@ -1485,11 +1485,11 @@
"protocolMapper" : "oidc-hardcoded-claim-mapper",
"consentRequired" : false,
"config" : {
+ "claim.value" : "rabbitmq",
+ "userinfo.token.claim" : "false",
"id.token.claim" : "false",
"access.token.claim" : "true",
"claim.name" : "aud",
- "claim.value" : "rabbitmq",
- "userinfo.token.claim" : "false",
"access.tokenResponse.claim" : "false"
}
} ],
@@ -1548,8 +1548,8 @@
"protocol" : "openid-connect",
"attributes" : {
"realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
"post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
@@ -1562,12 +1562,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ],
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
@@ -1591,8 +1591,8 @@
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${emailScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "782819fe-ba5d-4ddb-9f95-cabb69d79c8d",
@@ -1601,12 +1601,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "emailVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email_verified",
- "jsonType.label" : "boolean",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "boolean"
}
}, {
"id" : "ca613fc8-bbf2-4240-8b33-a1874f1559f3",
@@ -1615,12 +1615,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ]
}, {
@@ -1630,8 +1630,8 @@
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${profileScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "84f0487a-1d7d-470c-9b8e-5835294ae235",
@@ -1640,12 +1640,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "preferred_username",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "bbdcdb36-3ec0-443d-b1af-9993d40f0567",
@@ -1654,12 +1654,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "gender",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "gender",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "9faa870b-5491-4ce9-b27d-c9ce07d6a95e",
@@ -1668,12 +1668,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "birthdate",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "f0e3c012-9523-4076-83ae-e466e2d08220",
@@ -1693,12 +1693,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "profile",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "profile",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "18cfbf4b-0a8e-45c7-a832-c0f72c92f3f3",
@@ -1707,12 +1707,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "updatedAt",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "updated_at",
- "jsonType.label" : "long",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "long"
}
}, {
"id" : "841ea785-26ab-429a-a420-09ce3948924d",
@@ -1721,12 +1721,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "family_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "bfba13ff-f952-4e89-bbb1-a693fdebfae8",
@@ -1735,12 +1735,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "website",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "475f071d-5149-4379-b928-76482f5f519c",
@@ -1749,12 +1749,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "zoneinfo",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "zoneinfo",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "b8bebfed-b5e9-4604-a0ee-9817f7d439ac",
@@ -1763,12 +1763,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "middleName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "middle_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "445232c8-6830-476c-a6f1-8bbef167595a",
@@ -1777,12 +1777,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "picture",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "65f2e474-6ede-4872-86e4-e49504dd0f2a",
@@ -1791,12 +1791,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "16cd5a27-ccf3-453c-ae1e-8621813ab73c",
@@ -1805,12 +1805,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "given_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "f9efedfc-3388-457c-b10a-1dff4525ff9b",
@@ -1819,12 +1819,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "nickname",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "nickname",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ]
}, {
@@ -1858,12 +1858,12 @@
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "upn",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ]
}, {
@@ -1905,8 +1905,8 @@
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "dae802fb-9138-408a-b80e-a40eb0f56814",
@@ -1915,12 +1915,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "feb06a8d-b0eb-4911-8464-368d93f566fa",
@@ -1929,12 +1929,12 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number_verified",
- "jsonType.label" : "boolean",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "boolean"
}
} ]
}, {
@@ -1944,8 +1944,8 @@
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
- "consent.screen.text" : "",
- "display.on.consent.screen" : "false"
+ "display.on.consent.screen" : "false",
+ "consent.screen.text" : ""
},
"protocolMappers" : [ {
"id" : "c6411e3b-6478-453d-b530-5fe175a4d786",
@@ -2041,8 +2041,8 @@
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${addressScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "8d4ffe4d-1d01-4ca1-8ff4-44eacca61b30",
@@ -2115,8 +2115,8 @@
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
- "consent.screen.text" : "${rolesScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "3b6b6914-8ad1-4a71-88ec-444f754aaacb",
@@ -2215,7 +2215,7 @@
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper" ]
+ "allowed-protocol-mapper-types" : [ "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper" ]
}
}, {
"id" : "1849e52a-b8c9-44a8-af3d-ee19376a1ed1",
@@ -2241,15 +2241,7 @@
"subType" : "authenticated",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper" ]
- }
- } ],
- "org.keycloak.userprofile.UserProfileProvider" : [ {
- "id" : "a407a1d6-a7f6-4a72-ba3a-149de03d5a43",
- "providerId" : "declarative-user-profile",
- "subComponents" : { },
- "config" : {
- "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-address-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper" ]
}
} ],
"org.keycloak.storage.UserStorageProvider" : [ {
@@ -2301,8 +2293,8 @@
"config" : {
"ldap.attribute" : [ "mail" ],
"is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
"read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
"user.model.attribute" : [ "email" ]
}
}, {
@@ -2311,16 +2303,16 @@
"providerId" : "group-ldap-mapper",
"subComponents" : { },
"config" : {
- "mode" : [ "LDAP_ONLY" ],
"membership.attribute.type" : [ "DN" ],
- "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
"group.name.ldap.attribute" : [ "cn" ],
"preserve.group.inheritance" : [ "false" ],
- "ignore.missing.groups" : [ "false" ],
- "membership.ldap.attribute" : [ "member" ],
"membership.user.ldap.attribute" : [ "uid" ],
- "memberof.ldap.attribute" : [ "memberOf" ],
"groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "mode" : [ "LDAP_ONLY" ],
+ "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
+ "membership.ldap.attribute" : [ "member" ],
+ "ignore.missing.groups" : [ "false" ],
+ "memberof.ldap.attribute" : [ "memberOf" ],
"group.object.classes" : [ "groupOfNames" ],
"drop.non.existing.groups.during.sync" : [ "false" ],
"groups.path" : [ "/" ]
@@ -2333,8 +2325,8 @@
"config" : {
"ldap.attribute" : [ "modifyTimestamp" ],
"is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "true" ],
"read.only" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
"user.model.attribute" : [ "modifyTimestamp" ]
}
}, {
@@ -2347,8 +2339,8 @@
"is.mandatory.in.ldap" : [ "true" ],
"attribute.force.default" : [ "false" ],
"is.binary.attribute" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
"read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
"user.model.attribute" : [ "username" ]
}
} ]
@@ -2357,16 +2349,16 @@
"pagination" : [ "false" ],
"fullSyncPeriod" : [ "-1" ],
"startTls" : [ "false" ],
- "usersDn" : [ "ou=users,dc=dbrepo,dc=at" ],
"connectionPooling" : [ "true" ],
+ "usersDn" : [ "ou=users,dc=dbrepo,dc=at" ],
"cachePolicy" : [ "DEFAULT" ],
"useKerberosForPasswordAuthentication" : [ "false" ],
"importEnabled" : [ "true" ],
"enabled" : [ "true" ],
+ "changedSyncPeriod" : [ "-1" ],
"bindDn" : [ "cn=admin,dc=dbrepo,dc=at" ],
- "bindCredential" : [ "admin" ],
"usernameLDAPAttribute" : [ "uid" ],
- "changedSyncPeriod" : [ "-1" ],
+ "bindCredential" : [ "admin" ],
"lastSync" : [ "1719252666" ],
"vendor" : [ "other" ],
"uuidLDAPAttribute" : [ "entryUUID" ],
@@ -2383,6 +2375,14 @@
"validatePasswordPolicy" : [ "false" ]
}
} ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "a407a1d6-a7f6-4a72-ba3a-149de03d5a43",
+ "providerId" : "declarative-user-profile",
+ "subComponents" : { },
+ "config" : {
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
+ }
+ } ],
"org.keycloak.keys.KeyProvider" : [ {
"id" : "2f53ccf3-37b0-4d34-83e7-ed497499ee51",
"name" : "rsa-enc-generated",
@@ -2995,12 +2995,10 @@
"actionTokenGeneratedByUserLifespan-idp-verify-account-via-email" : "",
"parRequestUriLifespan" : "60",
"clientSessionMaxLifespan" : "0",
- "organizationsEnabled" : "false",
"shortVerificationUri" : ""
},
- "keycloakVersion" : "26.0.0",
+ "keycloakVersion" : "24.0.5",
"userManagedAccessAllowed" : false,
- "organizationsEnabled" : false,
"clientProfiles" : {
"profiles" : [ ]
},
diff --git a/dbrepo-auth-service/init/Dockerfile b/dbrepo-auth-service/init/Dockerfile
index 6ae8e16d77c4aa3c6460ed93973b0d97a8e8720a..b325b35435431552c9c5898dc03356f556d1f0c2 100644
--- a/dbrepo-auth-service/init/Dockerfile
+++ b/dbrepo-auth-service/init/Dockerfile
@@ -1,7 +1,10 @@
FROM python:3.11-alpine
LABEL org.opencontainers.image.authors="martin.weise@tuwien.ac.at"
-RUN apk add --no-cache alpine-sdk gcc python3-dev mariadb-connector-c-dev
+RUN apk add --no-cache alpine-sdk \
+ gcc \
+ python3-dev \
+ mariadb-connector-c-dev
WORKDIR /home/alpine
diff --git a/dbrepo-auth-service/init/Pipfile b/dbrepo-auth-service/init/Pipfile
index 7c6799865cc4f42f27b46cb768170c2d34237b13..7e33e9af28c45c4d2a747cbf916f5cde9bb23fde 100644
--- a/dbrepo-auth-service/init/Pipfile
+++ b/dbrepo-auth-service/init/Pipfile
@@ -4,7 +4,7 @@ verify_ssl = true
name = "pypi"
[packages]
-python-keycloak = "*"
+requests = "*"
mariadb = "*"
[requires]
diff --git a/dbrepo-auth-service/init/Pipfile.lock b/dbrepo-auth-service/init/Pipfile.lock
index cc139b4931f2fb3b0acef6a537300fc7dc309a1d..c7489ba174fdd940edf7eaf714137940446ff8e7 100644
--- a/dbrepo-auth-service/init/Pipfile.lock
+++ b/dbrepo-auth-service/init/Pipfile.lock
@@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
- "sha256": "e7d1339d14c1425b18632357a83687250144a76d598d9e2ff66a4c758b41611a"
+ "sha256": "72f9dd7f9b61aca876f3b369d1444679a25b5f692a8baa979a0fa947a868f935"
},
"pipfile-spec": 6,
"requires": {
@@ -16,278 +16,111 @@
]
},
"default": {
- "anyio": {
- "hashes": [
- "sha256:2f834749c602966b7d456a7567cafcb309f96482b5081d14ac93ccd457f9dd48",
- "sha256:ea60c3723ab42ba6fff7e8ccb0488c898ec538ff4df1f1d5e642c3601d07e352"
- ],
- "markers": "python_version >= '3.9'",
- "version": "==4.7.0"
- },
- "async-property": {
- "hashes": [
- "sha256:17d9bd6ca67e27915a75d92549df64b5c7174e9dc806b30a3934dc4ff0506380",
- "sha256:8924d792b5843994537f8ed411165700b27b2bd966cefc4daeefc1253442a9d7"
- ],
- "version": "==0.2.2"
- },
"certifi": {
"hashes": [
- "sha256:922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8",
- "sha256:bec941d2aa8195e248a60b31ff9f0558284cf01a52591ceda73ea9afffd69fd9"
+ "sha256:1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56",
+ "sha256:b650d30f370c2b724812bee08008be0c4163b163ddaec3f2546c1caf65f191db"
],
"markers": "python_version >= '3.6'",
- "version": "==2024.8.30"
- },
- "cffi": {
- "hashes": [
- "sha256:045d61c734659cc045141be4bae381a41d89b741f795af1dd018bfb532fd0df8",
- "sha256:0984a4925a435b1da406122d4d7968dd861c1385afe3b45ba82b750f229811e2",
- "sha256:0e2b1fac190ae3ebfe37b979cc1ce69c81f4e4fe5746bb401dca63a9062cdaf1",
- "sha256:0f048dcf80db46f0098ccac01132761580d28e28bc0f78ae0d58048063317e15",
- "sha256:1257bdabf294dceb59f5e70c64a3e2f462c30c7ad68092d01bbbfb1c16b1ba36",
- "sha256:1c39c6016c32bc48dd54561950ebd6836e1670f2ae46128f67cf49e789c52824",
- "sha256:1d599671f396c4723d016dbddb72fe8e0397082b0a77a4fab8028923bec050e8",
- "sha256:28b16024becceed8c6dfbc75629e27788d8a3f9030691a1dbf9821a128b22c36",
- "sha256:2bb1a08b8008b281856e5971307cc386a8e9c5b625ac297e853d36da6efe9c17",
- "sha256:30c5e0cb5ae493c04c8b42916e52ca38079f1b235c2f8ae5f4527b963c401caf",
- "sha256:31000ec67d4221a71bd3f67df918b1f88f676f1c3b535a7eb473255fdc0b83fc",
- "sha256:386c8bf53c502fff58903061338ce4f4950cbdcb23e2902d86c0f722b786bbe3",
- "sha256:3edc8d958eb099c634dace3c7e16560ae474aa3803a5df240542b305d14e14ed",
- "sha256:45398b671ac6d70e67da8e4224a065cec6a93541bb7aebe1b198a61b58c7b702",
- "sha256:46bf43160c1a35f7ec506d254e5c890f3c03648a4dbac12d624e4490a7046cd1",
- "sha256:4ceb10419a9adf4460ea14cfd6bc43d08701f0835e979bf821052f1805850fe8",
- "sha256:51392eae71afec0d0c8fb1a53b204dbb3bcabcb3c9b807eedf3e1e6ccf2de903",
- "sha256:5da5719280082ac6bd9aa7becb3938dc9f9cbd57fac7d2871717b1feb0902ab6",
- "sha256:610faea79c43e44c71e1ec53a554553fa22321b65fae24889706c0a84d4ad86d",
- "sha256:636062ea65bd0195bc012fea9321aca499c0504409f413dc88af450b57ffd03b",
- "sha256:6883e737d7d9e4899a8a695e00ec36bd4e5e4f18fabe0aca0efe0a4b44cdb13e",
- "sha256:6b8b4a92e1c65048ff98cfe1f735ef8f1ceb72e3d5f0c25fdb12087a23da22be",
- "sha256:6f17be4345073b0a7b8ea599688f692ac3ef23ce28e5df79c04de519dbc4912c",
- "sha256:706510fe141c86a69c8ddc029c7910003a17353970cff3b904ff0686a5927683",
- "sha256:72e72408cad3d5419375fc87d289076ee319835bdfa2caad331e377589aebba9",
- "sha256:733e99bc2df47476e3848417c5a4540522f234dfd4ef3ab7fafdf555b082ec0c",
- "sha256:7596d6620d3fa590f677e9ee430df2958d2d6d6de2feeae5b20e82c00b76fbf8",
- "sha256:78122be759c3f8a014ce010908ae03364d00a1f81ab5c7f4a7a5120607ea56e1",
- "sha256:805b4371bf7197c329fcb3ead37e710d1bca9da5d583f5073b799d5c5bd1eee4",
- "sha256:85a950a4ac9c359340d5963966e3e0a94a676bd6245a4b55bc43949eee26a655",
- "sha256:8f2cdc858323644ab277e9bb925ad72ae0e67f69e804f4898c070998d50b1a67",
- "sha256:9755e4345d1ec879e3849e62222a18c7174d65a6a92d5b346b1863912168b595",
- "sha256:98e3969bcff97cae1b2def8ba499ea3d6f31ddfdb7635374834cf89a1a08ecf0",
- "sha256:a08d7e755f8ed21095a310a693525137cfe756ce62d066e53f502a83dc550f65",
- "sha256:a1ed2dd2972641495a3ec98445e09766f077aee98a1c896dcb4ad0d303628e41",
- "sha256:a24ed04c8ffd54b0729c07cee15a81d964e6fee0e3d4d342a27b020d22959dc6",
- "sha256:a45e3c6913c5b87b3ff120dcdc03f6131fa0065027d0ed7ee6190736a74cd401",
- "sha256:a9b15d491f3ad5d692e11f6b71f7857e7835eb677955c00cc0aefcd0669adaf6",
- "sha256:ad9413ccdeda48c5afdae7e4fa2192157e991ff761e7ab8fdd8926f40b160cc3",
- "sha256:b2ab587605f4ba0bf81dc0cb08a41bd1c0a5906bd59243d56bad7668a6fc6c16",
- "sha256:b62ce867176a75d03a665bad002af8e6d54644fad99a3c70905c543130e39d93",
- "sha256:c03e868a0b3bc35839ba98e74211ed2b05d2119be4e8a0f224fba9384f1fe02e",
- "sha256:c59d6e989d07460165cc5ad3c61f9fd8f1b4796eacbd81cee78957842b834af4",
- "sha256:c7eac2ef9b63c79431bc4b25f1cd649d7f061a28808cbc6c47b534bd789ef964",
- "sha256:c9c3d058ebabb74db66e431095118094d06abf53284d9c81f27300d0e0d8bc7c",
- "sha256:ca74b8dbe6e8e8263c0ffd60277de77dcee6c837a3d0881d8c1ead7268c9e576",
- "sha256:caaf0640ef5f5517f49bc275eca1406b0ffa6aa184892812030f04c2abf589a0",
- "sha256:cdf5ce3acdfd1661132f2a9c19cac174758dc2352bfe37d98aa7512c6b7178b3",
- "sha256:d016c76bdd850f3c626af19b0542c9677ba156e4ee4fccfdd7848803533ef662",
- "sha256:d01b12eeeb4427d3110de311e1774046ad344f5b1a7403101878976ecd7a10f3",
- "sha256:d63afe322132c194cf832bfec0dc69a99fb9bb6bbd550f161a49e9e855cc78ff",
- "sha256:da95af8214998d77a98cc14e3a3bd00aa191526343078b530ceb0bd710fb48a5",
- "sha256:dd398dbc6773384a17fe0d3e7eeb8d1a21c2200473ee6806bb5e6a8e62bb73dd",
- "sha256:de2ea4b5833625383e464549fec1bc395c1bdeeb5f25c4a3a82b5a8c756ec22f",
- "sha256:de55b766c7aa2e2a3092c51e0483d700341182f08e67c63630d5b6f200bb28e5",
- "sha256:df8b1c11f177bc2313ec4b2d46baec87a5f3e71fc8b45dab2ee7cae86d9aba14",
- "sha256:e03eab0a8677fa80d646b5ddece1cbeaf556c313dcfac435ba11f107ba117b5d",
- "sha256:e221cf152cff04059d011ee126477f0d9588303eb57e88923578ace7baad17f9",
- "sha256:e31ae45bc2e29f6b2abd0de1cc3b9d5205aa847cafaecb8af1476a609a2f6eb7",
- "sha256:edae79245293e15384b51f88b00613ba9f7198016a5948b5dddf4917d4d26382",
- "sha256:f1e22e8c4419538cb197e4dd60acc919d7696e5ef98ee4da4e01d3f8cfa4cc5a",
- "sha256:f3a2b4222ce6b60e2e8b337bb9596923045681d71e5a082783484d845390938e",
- "sha256:f6a16c31041f09ead72d69f583767292f750d24913dadacf5756b966aacb3f1a",
- "sha256:f75c7ab1f9e4aca5414ed4d8e5c0e303a34f4421f8a0d47a4d019ceff0ab6af4",
- "sha256:f79fc4fc25f1c8698ff97788206bb3c2598949bfe0fef03d299eb1b5356ada99",
- "sha256:f7f5baafcc48261359e14bcd6d9bff6d4b28d9103847c9e136694cb0501aef87",
- "sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b"
- ],
- "markers": "platform_python_implementation != 'PyPy'",
- "version": "==1.17.1"
+ "version": "==2024.12.14"
},
"charset-normalizer": {
"hashes": [
- "sha256:0099d79bdfcf5c1f0c2c72f91516702ebf8b0b8ddd8905f97a8aecf49712c621",
- "sha256:0713f3adb9d03d49d365b70b84775d0a0d18e4ab08d12bc46baa6132ba78aaf6",
- "sha256:07afec21bbbbf8a5cc3651aa96b980afe2526e7f048fdfb7f1014d84acc8b6d8",
- "sha256:0b309d1747110feb25d7ed6b01afdec269c647d382c857ef4663bbe6ad95a912",
- "sha256:0d99dd8ff461990f12d6e42c7347fd9ab2532fb70e9621ba520f9e8637161d7c",
- "sha256:0de7b687289d3c1b3e8660d0741874abe7888100efe14bd0f9fd7141bcbda92b",
- "sha256:1110e22af8ca26b90bd6364fe4c763329b0ebf1ee213ba32b68c73de5752323d",
- "sha256:130272c698667a982a5d0e626851ceff662565379baf0ff2cc58067b81d4f11d",
- "sha256:136815f06a3ae311fae551c3df1f998a1ebd01ddd424aa5603a4336997629e95",
- "sha256:14215b71a762336254351b00ec720a8e85cada43b987da5a042e4ce3e82bd68e",
- "sha256:1db4e7fefefd0f548d73e2e2e041f9df5c59e178b4c72fbac4cc6f535cfb1565",
- "sha256:1ffd9493de4c922f2a38c2bf62b831dcec90ac673ed1ca182fe11b4d8e9f2a64",
- "sha256:2006769bd1640bdf4d5641c69a3d63b71b81445473cac5ded39740a226fa88ab",
- "sha256:20587d20f557fe189b7947d8e7ec5afa110ccf72a3128d61a2a387c3313f46be",
- "sha256:223217c3d4f82c3ac5e29032b3f1c2eb0fb591b72161f86d93f5719079dae93e",
- "sha256:27623ba66c183eca01bf9ff833875b459cad267aeeb044477fedac35e19ba907",
- "sha256:285e96d9d53422efc0d7a17c60e59f37fbf3dfa942073f666db4ac71e8d726d0",
- "sha256:2de62e8801ddfff069cd5c504ce3bc9672b23266597d4e4f50eda28846c322f2",
- "sha256:2f6c34da58ea9c1a9515621f4d9ac379871a8f21168ba1b5e09d74250de5ad62",
- "sha256:309a7de0a0ff3040acaebb35ec45d18db4b28232f21998851cfa709eeff49d62",
- "sha256:35c404d74c2926d0287fbd63ed5d27eb911eb9e4a3bb2c6d294f3cfd4a9e0c23",
- "sha256:3710a9751938947e6327ea9f3ea6332a09bf0ba0c09cae9cb1f250bd1f1549bc",
- "sha256:3d59d125ffbd6d552765510e3f31ed75ebac2c7470c7274195b9161a32350284",
- "sha256:40d3ff7fc90b98c637bda91c89d51264a3dcf210cade3a2c6f838c7268d7a4ca",
- "sha256:425c5f215d0eecee9a56cdb703203dda90423247421bf0d67125add85d0c4455",
- "sha256:43193c5cda5d612f247172016c4bb71251c784d7a4d9314677186a838ad34858",
- "sha256:44aeb140295a2f0659e113b31cfe92c9061622cadbc9e2a2f7b8ef6b1e29ef4b",
- "sha256:47334db71978b23ebcf3c0f9f5ee98b8d65992b65c9c4f2d34c2eaf5bcaf0594",
- "sha256:4796efc4faf6b53a18e3d46343535caed491776a22af773f366534056c4e1fbc",
- "sha256:4a51b48f42d9358460b78725283f04bddaf44a9358197b889657deba38f329db",
- "sha256:4b67fdab07fdd3c10bb21edab3cbfe8cf5696f453afce75d815d9d7223fbe88b",
- "sha256:4ec9dd88a5b71abfc74e9df5ebe7921c35cbb3b641181a531ca65cdb5e8e4dea",
- "sha256:4f9fc98dad6c2eaa32fc3af1417d95b5e3d08aff968df0cd320066def971f9a6",
- "sha256:54b6a92d009cbe2fb11054ba694bc9e284dad30a26757b1e372a1fdddaf21920",
- "sha256:55f56e2ebd4e3bc50442fbc0888c9d8c94e4e06a933804e2af3e89e2f9c1c749",
- "sha256:5726cf76c982532c1863fb64d8c6dd0e4c90b6ece9feb06c9f202417a31f7dd7",
- "sha256:5d447056e2ca60382d460a604b6302d8db69476fd2015c81e7c35417cfabe4cd",
- "sha256:5ed2e36c3e9b4f21dd9422f6893dec0abf2cca553af509b10cd630f878d3eb99",
- "sha256:5ff2ed8194587faf56555927b3aa10e6fb69d931e33953943bc4f837dfee2242",
- "sha256:62f60aebecfc7f4b82e3f639a7d1433a20ec32824db2199a11ad4f5e146ef5ee",
- "sha256:63bc5c4ae26e4bc6be6469943b8253c0fd4e4186c43ad46e713ea61a0ba49129",
- "sha256:6b40e8d38afe634559e398cc32b1472f376a4099c75fe6299ae607e404c033b2",
- "sha256:6b493a043635eb376e50eedf7818f2f322eabbaa974e948bd8bdd29eb7ef2a51",
- "sha256:6dba5d19c4dfab08e58d5b36304b3f92f3bd5d42c1a3fa37b5ba5cdf6dfcbcee",
- "sha256:6fd30dc99682dc2c603c2b315bded2799019cea829f8bf57dc6b61efde6611c8",
- "sha256:707b82d19e65c9bd28b81dde95249b07bf9f5b90ebe1ef17d9b57473f8a64b7b",
- "sha256:7706f5850360ac01d80c89bcef1640683cc12ed87f42579dab6c5d3ed6888613",
- "sha256:7782afc9b6b42200f7362858f9e73b1f8316afb276d316336c0ec3bd73312742",
- "sha256:79983512b108e4a164b9c8d34de3992f76d48cadc9554c9e60b43f308988aabe",
- "sha256:7f683ddc7eedd742e2889d2bfb96d69573fde1d92fcb811979cdb7165bb9c7d3",
- "sha256:82357d85de703176b5587dbe6ade8ff67f9f69a41c0733cf2425378b49954de5",
- "sha256:84450ba661fb96e9fd67629b93d2941c871ca86fc38d835d19d4225ff946a631",
- "sha256:86f4e8cca779080f66ff4f191a685ced73d2f72d50216f7112185dc02b90b9b7",
- "sha256:8cda06946eac330cbe6598f77bb54e690b4ca93f593dee1568ad22b04f347c15",
- "sha256:8ce7fd6767a1cc5a92a639b391891bf1c268b03ec7e021c7d6d902285259685c",
- "sha256:8ff4e7cdfdb1ab5698e675ca622e72d58a6fa2a8aa58195de0c0061288e6e3ea",
- "sha256:9289fd5dddcf57bab41d044f1756550f9e7cf0c8e373b8cdf0ce8773dc4bd417",
- "sha256:92a7e36b000bf022ef3dbb9c46bfe2d52c047d5e3f3343f43204263c5addc250",
- "sha256:92db3c28b5b2a273346bebb24857fda45601aef6ae1c011c0a997106581e8a88",
- "sha256:95c3c157765b031331dd4db3c775e58deaee050a3042fcad72cbc4189d7c8dca",
- "sha256:980b4f289d1d90ca5efcf07958d3eb38ed9c0b7676bf2831a54d4f66f9c27dfa",
- "sha256:9ae4ef0b3f6b41bad6366fb0ea4fc1d7ed051528e113a60fa2a65a9abb5b1d99",
- "sha256:9c98230f5042f4945f957d006edccc2af1e03ed5e37ce7c373f00a5a4daa6149",
- "sha256:9fa2566ca27d67c86569e8c85297aaf413ffab85a8960500f12ea34ff98e4c41",
- "sha256:a14969b8691f7998e74663b77b4c36c0337cb1df552da83d5c9004a93afdb574",
- "sha256:a8aacce6e2e1edcb6ac625fb0f8c3a9570ccc7bfba1f63419b3769ccf6a00ed0",
- "sha256:a8e538f46104c815be19c975572d74afb53f29650ea2025bbfaef359d2de2f7f",
- "sha256:aa41e526a5d4a9dfcfbab0716c7e8a1b215abd3f3df5a45cf18a12721d31cb5d",
- "sha256:aa693779a8b50cd97570e5a0f343538a8dbd3e496fa5dcb87e29406ad0299654",
- "sha256:ab22fbd9765e6954bc0bcff24c25ff71dcbfdb185fcdaca49e81bac68fe724d3",
- "sha256:ab2e5bef076f5a235c3774b4f4028a680432cded7cad37bba0fd90d64b187d19",
- "sha256:ab973df98fc99ab39080bfb0eb3a925181454d7c3ac8a1e695fddfae696d9e90",
- "sha256:af73657b7a68211996527dbfeffbb0864e043d270580c5aef06dc4b659a4b578",
- "sha256:b197e7094f232959f8f20541ead1d9862ac5ebea1d58e9849c1bf979255dfac9",
- "sha256:b295729485b06c1a0683af02a9e42d2caa9db04a373dc38a6a58cdd1e8abddf1",
- "sha256:b8831399554b92b72af5932cdbbd4ddc55c55f631bb13ff8fe4e6536a06c5c51",
- "sha256:b8dcd239c743aa2f9c22ce674a145e0a25cb1566c495928440a181ca1ccf6719",
- "sha256:bcb4f8ea87d03bc51ad04add8ceaf9b0f085ac045ab4d74e73bbc2dc033f0236",
- "sha256:bd7af3717683bea4c87acd8c0d3d5b44d56120b26fd3f8a692bdd2d5260c620a",
- "sha256:bf4475b82be41b07cc5e5ff94810e6a01f276e37c2d55571e3fe175e467a1a1c",
- "sha256:c3e446d253bd88f6377260d07c895816ebf33ffffd56c1c792b13bff9c3e1ade",
- "sha256:c57516e58fd17d03ebe67e181a4e4e2ccab1168f8c2976c6a334d4f819fe5944",
- "sha256:c94057af19bc953643a33581844649a7fdab902624d2eb739738a30e2b3e60fc",
- "sha256:cab5d0b79d987c67f3b9e9c53f54a61360422a5a0bc075f43cab5621d530c3b6",
- "sha256:ce031db0408e487fd2775d745ce30a7cd2923667cf3b69d48d219f1d8f5ddeb6",
- "sha256:cee4373f4d3ad28f1ab6290684d8e2ebdb9e7a1b74fdc39e4c211995f77bec27",
- "sha256:d5b054862739d276e09928de37c79ddeec42a6e1bfc55863be96a36ba22926f6",
- "sha256:dbe03226baf438ac4fda9e2d0715022fd579cb641c4cf639fa40d53b2fe6f3e2",
- "sha256:dc15e99b2d8a656f8e666854404f1ba54765871104e50c8e9813af8a7db07f12",
- "sha256:dcaf7c1524c0542ee2fc82cc8ec337f7a9f7edee2532421ab200d2b920fc97cf",
- "sha256:dd4eda173a9fcccb5f2e2bd2a9f423d180194b1bf17cf59e3269899235b2a114",
- "sha256:dd9a8bd8900e65504a305bf8ae6fa9fbc66de94178c420791d0293702fce2df7",
- "sha256:de7376c29d95d6719048c194a9cf1a1b0393fbe8488a22008610b0361d834ecf",
- "sha256:e7fdd52961feb4c96507aa649550ec2a0d527c086d284749b2f582f2d40a2e0d",
- "sha256:e91f541a85298cf35433bf66f3fab2a4a2cff05c127eeca4af174f6d497f0d4b",
- "sha256:e9e3c4c9e1ed40ea53acf11e2a386383c3304212c965773704e4603d589343ed",
- "sha256:ee803480535c44e7f5ad00788526da7d85525cfefaf8acf8ab9a310000be4b03",
- "sha256:f09cb5a7bbe1ecae6e87901a2eb23e0256bb524a79ccc53eb0b7629fbe7677c4",
- "sha256:f19c1585933c82098c2a520f8ec1227f20e339e33aca8fa6f956f6691b784e67",
- "sha256:f1a2f519ae173b5b6a2c9d5fa3116ce16e48b3462c8b96dfdded11055e3d6365",
- "sha256:f28f891ccd15c514a0981f3b9db9aa23d62fe1a99997512b0491d2ed323d229a",
- "sha256:f3e73a4255342d4eb26ef6df01e3962e73aa29baa3124a8e824c5d3364a65748",
- "sha256:f606a1881d2663630ea5b8ce2efe2111740df4b687bd78b34a8131baa007f79b",
- "sha256:fe9f97feb71aa9896b81973a7bbada8c49501dc73e58a10fcef6663af95e5079",
- "sha256:ffc519621dce0c767e96b9c53f09c5d215578e10b02c285809f76509a3931482"
- ],
- "markers": "python_full_version >= '3.7.0'",
- "version": "==3.4.0"
- },
- "cryptography": {
- "hashes": [
- "sha256:1923cb251c04be85eec9fda837661c67c1049063305d6be5721643c22dd4e2b7",
- "sha256:37d76e6863da3774cd9db5b409a9ecfd2c71c981c38788d3fcfaf177f447b731",
- "sha256:3c672a53c0fb4725a29c303be906d3c1fa99c32f58abe008a82705f9ee96f40b",
- "sha256:404fdc66ee5f83a1388be54300ae978b2efd538018de18556dde92575e05defc",
- "sha256:4ac4c9f37eba52cb6fbeaf5b59c152ea976726b865bd4cf87883a7e7006cc543",
- "sha256:60eb32934076fa07e4316b7b2742fa52cbb190b42c2df2863dbc4230a0a9b385",
- "sha256:62901fb618f74d7d81bf408c8719e9ec14d863086efe4185afd07c352aee1d2c",
- "sha256:660cb7312a08bc38be15b696462fa7cc7cd85c3ed9c576e81f4dc4d8b2b31591",
- "sha256:708ee5f1bafe76d041b53a4f95eb28cdeb8d18da17e597d46d7833ee59b97ede",
- "sha256:761817a3377ef15ac23cd7834715081791d4ec77f9297ee694ca1ee9c2c7e5eb",
- "sha256:831c3c4d0774e488fdc83a1923b49b9957d33287de923d58ebd3cec47a0ae43f",
- "sha256:84111ad4ff3f6253820e6d3e58be2cc2a00adb29335d4cacb5ab4d4d34f2a123",
- "sha256:8b3e6eae66cf54701ee7d9c83c30ac0a1e3fa17be486033000f2a73a12ab507c",
- "sha256:9abcc2e083cbe8dde89124a47e5e53ec38751f0d7dfd36801008f316a127d7ba",
- "sha256:9e6fc8a08e116fb7c7dd1f040074c9d7b51d74a8ea40d4df2fc7aa08b76b9e6c",
- "sha256:a01956ddfa0a6790d594f5b34fc1bfa6098aca434696a03cfdbe469b8ed79285",
- "sha256:abc998e0c0eee3c8a1904221d3f67dcfa76422b23620173e28c11d3e626c21bd",
- "sha256:b15492a11f9e1b62ba9d73c210e2416724633167de94607ec6069ef724fad092",
- "sha256:be4ce505894d15d5c5037167ffb7f0ae90b7be6f2a98f9a5c3442395501c32fa",
- "sha256:c5eb858beed7835e5ad1faba59e865109f3e52b3783b9ac21e7e47dc5554e289",
- "sha256:cd4e834f340b4293430701e772ec543b0fbe6c2dea510a5286fe0acabe153a02",
- "sha256:d2436114e46b36d00f8b72ff57e598978b37399d2786fd39793c36c6d5cb1c64",
- "sha256:eb33480f1bad5b78233b0ad3e1b0be21e8ef1da745d8d2aecbb20671658b9053",
- "sha256:eca27345e1214d1b9f9490d200f9db5a874479be914199194e746c893788d417",
- "sha256:ed3534eb1090483c96178fcb0f8893719d96d5274dfde98aa6add34614e97c8e",
- "sha256:f3f6fdfa89ee2d9d496e2c087cebef9d4fcbb0ad63c40e821b39f74bf48d9c5e",
- "sha256:f53c2c87e0fb4b0c00fa9571082a057e37690a8f12233306161c8f4b819960b7",
- "sha256:f5e7cb1e5e56ca0933b4873c0220a78b773b24d40d186b6738080b73d3d0a756",
- "sha256:f677e1268c4e23420c3acade68fac427fffcb8d19d7df95ed7ad17cdef8404f4"
- ],
- "markers": "python_version >= '3.7' and python_full_version not in '3.9.0, 3.9.1'",
- "version": "==44.0.0"
- },
- "deprecation": {
- "hashes": [
- "sha256:72b3bde64e5d778694b0cf68178aed03d15e15477116add3fb773e581f9518ff",
- "sha256:a10811591210e1fb0e768a8c25517cabeabcba6f0bf96564f8ff45189f90b14a"
- ],
- "version": "==2.1.0"
- },
- "h11": {
- "hashes": [
- "sha256:8f19fbbe99e72420ff35c00b27a34cb9937e902a8b810e2c88300c6f0a3b699d",
- "sha256:e3fe4ac4b851c468cc8363d500db52c2ead036020723024a109d37346efaa761"
+ "sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537",
+ "sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa",
+ "sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a",
+ "sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294",
+ "sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b",
+ "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd",
+ "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601",
+ "sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd",
+ "sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4",
+ "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d",
+ "sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2",
+ "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313",
+ "sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd",
+ "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa",
+ "sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8",
+ "sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1",
+ "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2",
+ "sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496",
+ "sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d",
+ "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b",
+ "sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e",
+ "sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a",
+ "sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4",
+ "sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca",
+ "sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78",
+ "sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408",
+ "sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5",
+ "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3",
+ "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f",
+ "sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a",
+ "sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765",
+ "sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6",
+ "sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146",
+ "sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6",
+ "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9",
+ "sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd",
+ "sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c",
+ "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f",
+ "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545",
+ "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176",
+ "sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770",
+ "sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824",
+ "sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f",
+ "sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf",
+ "sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487",
+ "sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d",
+ "sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd",
+ "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b",
+ "sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534",
+ "sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f",
+ "sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b",
+ "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9",
+ "sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd",
+ "sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125",
+ "sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9",
+ "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de",
+ "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11",
+ "sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d",
+ "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35",
+ "sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f",
+ "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda",
+ "sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7",
+ "sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a",
+ "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971",
+ "sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8",
+ "sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41",
+ "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d",
+ "sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f",
+ "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757",
+ "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a",
+ "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886",
+ "sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77",
+ "sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76",
+ "sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247",
+ "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85",
+ "sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb",
+ "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7",
+ "sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e",
+ "sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6",
+ "sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037",
+ "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1",
+ "sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e",
+ "sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807",
+ "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407",
+ "sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c",
+ "sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12",
+ "sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3",
+ "sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089",
+ "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd",
+ "sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e",
+ "sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00",
+ "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616"
],
"markers": "python_version >= '3.7'",
- "version": "==0.14.0"
- },
- "httpcore": {
- "hashes": [
- "sha256:8551cb62a169ec7162ac7be8d4817d561f60e08eaa485234898414bb5a8a0b4c",
- "sha256:a3fff8f43dc260d5bd363d9f9cf1830fa3a458b332856f34282de498ed420edd"
- ],
- "markers": "python_version >= '3.8'",
- "version": "==1.0.7"
- },
- "httpx": {
- "hashes": [
- "sha256:75e98c5f16b0f35b567856f597f06ff2270a374470a5c2392242528e3e3e42fc",
- "sha256:d909fcccc110f8c7faf814ca82a9a4d816bc5a6dbfea25d6591d6985b8ba59ad"
- ],
- "markers": "python_version >= '3.8'",
- "version": "==0.28.1"
+ "version": "==3.4.1"
},
"idna": {
"hashes": [
@@ -297,14 +130,6 @@
"markers": "python_version >= '3.6'",
"version": "==3.10"
},
- "jwcrypto": {
- "hashes": [
- "sha256:150d2b0ebbdb8f40b77f543fb44ffd2baeff48788be71f67f03566692fd55789",
- "sha256:771a87762a0c081ae6166958a954f80848820b2ab066937dc8b8379d65b1b039"
- ],
- "markers": "python_version >= '3.8'",
- "version": "==1.5.6"
- },
"mariadb": {
"hashes": [
"sha256:0f8de8d66ca71bd102f34a970a331b7d75bdf7f8050d80e37cdcc6ff3c85cf7a",
@@ -330,61 +155,21 @@
"markers": "python_version >= '3.8'",
"version": "==24.2"
},
- "pycparser": {
- "hashes": [
- "sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6",
- "sha256:c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc"
- ],
- "markers": "python_version >= '3.8'",
- "version": "==2.22"
- },
- "python-keycloak": {
- "hashes": [
- "sha256:638a21a450a525989733299b6db1627a0656e770b6cadb2c1d21edb2244df3ce",
- "sha256:bb819be1a0c2fca7f41fe045216c1aa03d612c1b62237fd9ccb98688156c4d2b"
- ],
- "index": "pypi",
- "version": "==4.7.3"
- },
"requests": {
"hashes": [
"sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760",
"sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"
],
- "markers": "python_version >= '3.8'",
+ "index": "pypi",
"version": "==2.32.3"
},
- "requests-toolbelt": {
- "hashes": [
- "sha256:7681a0a3d047012b5bdc0ee37d7f8f07ebe76ab08caeccfc3921ce23c88d5bc6",
- "sha256:cccfdd665f0a24fcf4726e690f65639d272bb0637b9b92dfd91a5568ccf6bd06"
- ],
- "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
- "version": "==1.0.0"
- },
- "sniffio": {
- "hashes": [
- "sha256:2f6da418d1f1e0fddd844478f41680e794e6051915791a034ff65e5f100525a2",
- "sha256:f4324edc670a0f49750a81b895f35c3adb843cca46f0530f79fc1babb23789dc"
- ],
- "markers": "python_version >= '3.7'",
- "version": "==1.3.1"
- },
- "typing-extensions": {
- "hashes": [
- "sha256:04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d",
- "sha256:1a7ead55c7e559dd4dee8856e3a88b41225abfe1ce8df57b7c13915fe121ffb8"
- ],
- "markers": "python_version >= '3.8'",
- "version": "==4.12.2"
- },
"urllib3": {
"hashes": [
- "sha256:ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac",
- "sha256:e7d814a81dad81e6caf2ec9fdedb284ecc9c73076b62654547cc64ccdcae26e9"
+ "sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df",
+ "sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"
],
- "markers": "python_version >= '3.8'",
- "version": "==2.2.3"
+ "markers": "python_version >= '3.9'",
+ "version": "==2.3.0"
}
},
"develop": {}
diff --git a/dbrepo-auth-service/init/app.py b/dbrepo-auth-service/init/app.py
index 948ed9fe2c16124367d0bb206177128310d45e5e..5c974d8f97b45d038836828d104798f1cf9cebca 100644
--- a/dbrepo-auth-service/init/app.py
+++ b/dbrepo-auth-service/init/app.py
@@ -1,34 +1,44 @@
-import logging
import os
import sys
import mariadb
-from keycloak import KeycloakAdmin
+from requests import post, get
+
+endpoint = os.getenv('AUTH_SERVICE_ENDPOINT', 'http://localhost:8080')
system_username = os.getenv('SYSTEM_USERNAME', 'admin')
-admin = KeycloakAdmin(server_url=os.getenv('AUTH_SERVICE_ENDPOINT', 'http://localhost:8080'),
- username=os.getenv('AUTH_SERVICE_ADMIN', 'admin'),
- password=os.getenv('AUTH_SERVICE_ADMIN_PASSWORD', 'admin'),
- verify=True)
-keycloak_user_id = admin.get_user_id(username=system_username)
-logging.info(f'Successfully fetched keycloak user id: {keycloak_user_id}')
-ldap_user = admin.get_user(user_id=keycloak_user_id)
-if ldap_user is None:
- logging.error(f'Failed to obtain user')
+print(f'Fetching user id of internal user with username: {system_username}')
+response = post(url=f'{endpoint}/realms/master/protocol/openid-connect/token', data=dict({
+ 'username': os.getenv('AUTH_SERVICE_ADMIN', 'admin'),
+ 'password': os.getenv('AUTH_SERVICE_ADMIN_PASSWORD', 'admin'),
+ 'grant_type': 'password',
+ 'client_id': 'admin-cli'
+}))
+
+if response.status_code != 200:
+ print(f'Failed to obtain admin token: {response.status_code}')
+
+response = get(url=f'{endpoint}/admin/realms/dbrepo/users/?username={system_username}', headers=dict({
+ 'Authorization': f'Bearer {response.json()["access_token"]}'
+}))
+if len(response.json()) != 1:
+ print(f'Failed to obtain user')
sys.exit(1)
-ldap_user_attrs = ldap_user.get('attributes')
+ldap_user = response.json()[0]
+print(f'Successfully fetched user id: {ldap_user["id"]}')
+ldap_user_attrs = ldap_user['attributes']
if ldap_user_attrs is None:
- logging.error(f'Failed to obtain user attributes')
+ print(f'Failed to obtain user attributes: {ldap_user}')
sys.exit(1)
if 'LDAP_ID' not in ldap_user_attrs:
- logging.error(f'Failed to obtain ldap id: LDAP_ID not in attributes {ldap_user_attrs}')
+ print(f'Failed to obtain ldap id: LDAP_ID not in attributes {ldap_user_attrs}')
sys.exit(1)
if len(ldap_user_attrs['LDAP_ID']) != 1:
- logging.error(f'Failed to obtain ldap id: wrong length {len(ldap_user_attrs["LDAP_ID"])} != 1')
+ print(f'Failed to obtain ldap id: wrong length {len(ldap_user_attrs["LDAP_ID"])} != 1')
sys.exit(1)
ldap_user_id = ldap_user_attrs['LDAP_ID'][0]
-logging.info(f'Successfully fetched ldap user id: {ldap_user_id}')
+print(f'Successfully fetched ldap user id: {ldap_user_id}')
try:
conn = mariadb.connect(user=os.getenv('METADATA_USERNAME', 'root'),
@@ -43,8 +53,8 @@ try:
conn.commit()
conn.close()
except mariadb.Error as e:
- logging.info(f"Error connecting to MariaDB Platform: {e}")
+ print(f"Error connecting to MariaDB Platform: {e}")
exit(1)
-logging.info(f'Successfully inserted user')
+print(f'Successfully inserted user')
exit(0)
diff --git a/dbrepo-auth-service/master-realm.json b/dbrepo-auth-service/master-realm.json
index d6c46ccd15a4c1cfead9c6c76e72d10408100758..ef06561e687af0d808781b6c71a1a2b2ea664275 100644
--- a/dbrepo-auth-service/master-realm.json
+++ b/dbrepo-auth-service/master-realm.json
@@ -1,2853 +1,2232 @@
{
- "id": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "realm": "master",
- "displayName": "Keycloak",
- "displayNameHtml": "",
- "notBefore": 0,
- "defaultSignatureAlgorithm": "RS256",
- "revokeRefreshToken": false,
- "refreshTokenMaxReuse": 0,
- "accessTokenLifespan": 60,
- "accessTokenLifespanForImplicitFlow": 900,
- "ssoSessionIdleTimeout": 1800,
- "ssoSessionMaxLifespan": 36000,
- "ssoSessionIdleTimeoutRememberMe": 0,
- "ssoSessionMaxLifespanRememberMe": 0,
- "offlineSessionIdleTimeout": 2592000,
- "offlineSessionMaxLifespanEnabled": false,
- "offlineSessionMaxLifespan": 5184000,
- "clientSessionIdleTimeout": 0,
- "clientSessionMaxLifespan": 0,
- "clientOfflineSessionIdleTimeout": 0,
- "clientOfflineSessionMaxLifespan": 0,
- "accessCodeLifespan": 60,
- "accessCodeLifespanUserAction": 300,
- "accessCodeLifespanLogin": 1800,
- "actionTokenGeneratedByAdminLifespan": 43200,
- "actionTokenGeneratedByUserLifespan": 300,
- "oauth2DeviceCodeLifespan": 600,
- "oauth2DevicePollingInterval": 5,
- "enabled": true,
- "sslRequired": "external",
- "registrationAllowed": false,
- "registrationEmailAsUsername": false,
- "rememberMe": false,
- "verifyEmail": false,
- "loginWithEmailAllowed": true,
- "duplicateEmailsAllowed": false,
- "resetPasswordAllowed": false,
- "editUsernameAllowed": false,
- "bruteForceProtected": false,
- "permanentLockout": false,
- "maxTemporaryLockouts": 0,
- "maxFailureWaitSeconds": 900,
- "minimumQuickLoginWaitSeconds": 60,
- "waitIncrementSeconds": 60,
- "quickLoginCheckMilliSeconds": 1000,
- "maxDeltaTimeSeconds": 43200,
- "failureFactor": 30,
- "roles": {
- "realm": [
- {
- "id": "01178d3c-65eb-406b-87a1-e7144f488028",
- "name": "default-roles-master",
- "description": "${role_default-roles}",
- "composite": true,
- "composites": {
- "realm": [
- "offline_access",
- "uma_authorization"
- ],
- "client": {
- "account": [
- "view-profile",
- "manage-account"
- ]
- }
- },
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes": {}
+ "id" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "realm" : "master",
+ "displayName" : "Keycloak",
+ "displayNameHtml" : "",
+ "notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
+ "revokeRefreshToken" : false,
+ "refreshTokenMaxReuse" : 0,
+ "accessTokenLifespan" : 60,
+ "accessTokenLifespanForImplicitFlow" : 900,
+ "ssoSessionIdleTimeout" : 1800,
+ "ssoSessionMaxLifespan" : 36000,
+ "ssoSessionIdleTimeoutRememberMe" : 0,
+ "ssoSessionMaxLifespanRememberMe" : 0,
+ "offlineSessionIdleTimeout" : 2592000,
+ "offlineSessionMaxLifespanEnabled" : false,
+ "offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
+ "accessCodeLifespan" : 60,
+ "accessCodeLifespanUserAction" : 300,
+ "accessCodeLifespanLogin" : 1800,
+ "actionTokenGeneratedByAdminLifespan" : 43200,
+ "actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
+ "enabled" : true,
+ "sslRequired" : "external",
+ "registrationAllowed" : false,
+ "registrationEmailAsUsername" : false,
+ "rememberMe" : false,
+ "verifyEmail" : false,
+ "loginWithEmailAllowed" : true,
+ "duplicateEmailsAllowed" : false,
+ "resetPasswordAllowed" : false,
+ "editUsernameAllowed" : false,
+ "bruteForceProtected" : false,
+ "permanentLockout" : false,
+ "maxTemporaryLockouts" : 0,
+ "maxFailureWaitSeconds" : 900,
+ "minimumQuickLoginWaitSeconds" : 60,
+ "waitIncrementSeconds" : 60,
+ "quickLoginCheckMilliSeconds" : 1000,
+ "maxDeltaTimeSeconds" : 43200,
+ "failureFactor" : 30,
+ "roles" : {
+ "realm" : [ {
+ "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
+ "name" : "default-roles-master",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ],
+ "client" : {
+ "account" : [ "view-profile", "manage-account" ]
+ }
},
- {
- "id": "646cda2d-911d-459e-8522-b28ba3126341",
- "name": "uma_authorization",
- "description": "${role_uma_authorization}",
- "composite": false,
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes": {}
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "646cda2d-911d-459e-8522-b28ba3126341",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "344b3b83-99f7-43f7-8533-76f64195eab6",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "9ca176f3-c0c8-4ba1-8364-c38f3ce4f88b",
+ "name" : "admin",
+ "description" : "${role_admin}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-realm" ],
+ "client" : {
+ "master-realm" : [ "manage-realm", "view-events", "view-authorization", "manage-authorization", "query-realms", "query-clients", "manage-clients", "view-clients", "create-client", "impersonation", "query-users", "view-identity-providers", "manage-users", "manage-events", "view-realm", "query-groups", "manage-identity-providers", "view-users" ],
+ "dbrepo-realm" : [ "manage-users", "query-realms", "query-groups", "manage-identity-providers", "manage-events", "manage-authorization", "query-users", "manage-clients", "view-users", "view-events", "view-authorization", "query-clients", "view-identity-providers", "view-realm", "view-clients", "create-client", "manage-realm", "impersonation" ]
+ }
},
- {
- "id": "344b3b83-99f7-43f7-8533-76f64195eab6",
- "name": "offline_access",
- "description": "${role_offline-access}",
- "composite": false,
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes": {}
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "6e765f03-5dee-4061-b027-c3ec41114329",
+ "name" : "default-system-roles",
+ "description" : "${default-system-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-realm", "default-roles-master", "default-system-roles", "offline_access", "admin", "uma_authorization" ]
},
- {
- "id": "9ca176f3-c0c8-4ba1-8364-c38f3ce4f88b",
- "name": "admin",
- "description": "${role_admin}",
- "composite": true,
- "composites": {
- "realm": [
- "create-realm"
- ],
- "client": {
- "master-realm": [
- "manage-realm",
- "view-events",
- "view-authorization",
- "manage-authorization",
- "query-realms",
- "query-clients",
- "manage-clients",
- "view-clients",
- "create-client",
- "impersonation",
- "query-users",
- "view-identity-providers",
- "manage-users",
- "manage-events",
- "view-realm",
- "query-groups",
- "manage-identity-providers",
- "view-users"
- ],
- "dbrepo-realm": [
- "manage-users",
- "query-realms",
- "query-groups",
- "manage-identity-providers",
- "manage-events",
- "manage-authorization",
- "query-users",
- "manage-clients",
- "view-users",
- "view-events",
- "view-authorization",
- "query-clients",
- "view-identity-providers",
- "view-realm",
- "view-clients",
- "create-client",
- "manage-realm",
- "impersonation"
- ]
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "3da4e842-c3cc-4bcd-a2f0-dec1ec36f3c5",
+ "name" : "create-realm",
+ "description" : "${role_create-realm}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ } ],
+ "client" : {
+ "security-admin-console" : [ ],
+ "admin-cli" : [ ],
+ "account-console" : [ ],
+ "broker" : [ {
+ "id" : "07de46e9-cc5c-4b50-8904-14443ed4d1f1",
+ "name" : "read-token",
+ "description" : "${role_read-token}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "217563ea-11c7-4c96-969b-af076d740f7c",
+ "attributes" : { }
+ } ],
+ "master-realm" : [ {
+ "id" : "5c8f38f8-0a16-4f92-8fa2-81a6301f6215",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "d0ab2e61-c7e4-49f3-9af2-965f20ec725a",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "89d438ee-957d-435c-b201-5be06aee01fd",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "664a9190-f73f-4f83-83bc-a2185cea334c",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "b3c0e4db-5a09-4d1e-9ced-96a34efb6398",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "5cd61b20-da2b-4fed-b0c3-2fb5819ab06b",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "94ceae4b-2cb8-4d10-bf11-8ce5c1ec9c55",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "77072e30-3941-4b32-a8c8-76993fc507bb",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "ea00baa8-f64d-409d-936d-ecf0adec5a57",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fb2c167e-fb6b-4db5-b0bf-d2c8454ceee5",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "f0370bc0-15d6-43f1-82bc-7d31f37b19e4",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "f0448680-b803-471e-8d0a-ec3e34a24228",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "dfdf768b-ac34-4491-b5d2-0938242e7e48",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "d5ff044b-c4e0-4197-8f51-833e8a956396",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "aaf73aa0-52a3-4833-8521-1eb1312b9f33",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fa08c54a-1f0c-4392-bf6a-a698bf3d164b",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "master-realm" : [ "query-groups", "query-users" ]
}
},
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes": {}
- },
- {
- "id": "6e765f03-5dee-4061-b027-c3ec41114329",
- "name": "default-system-roles",
- "description": "${default-system-roles}",
- "composite": true,
- "composites": {
- "realm": [
- "create-realm",
- "default-roles-master",
- "default-system-roles",
- "offline_access",
- "admin",
- "uma_authorization"
- ]
- },
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes": {}
- },
- {
- "id": "3da4e842-c3cc-4bcd-a2f0-dec1ec36f3c5",
- "name": "create-realm",
- "description": "${role_create-realm}",
- "composite": false,
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes": {}
- }
- ],
- "client": {
- "security-admin-console": [],
- "admin-cli": [],
- "account-console": [],
- "broker": [
- {
- "id": "07de46e9-cc5c-4b50-8904-14443ed4d1f1",
- "name": "read-token",
- "description": "${role_read-token}",
- "composite": false,
- "clientRole": true,
- "containerId": "217563ea-11c7-4c96-969b-af076d740f7c",
- "attributes": {}
- }
- ],
- "master-realm": [
- {
- "id": "5c8f38f8-0a16-4f92-8fa2-81a6301f6215",
- "name": "create-client",
- "description": "${role_create-client}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "d0ab2e61-c7e4-49f3-9af2-965f20ec725a",
- "name": "manage-realm",
- "description": "${role_manage-realm}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "89d438ee-957d-435c-b201-5be06aee01fd",
- "name": "view-events",
- "description": "${role_view-events}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "664a9190-f73f-4f83-83bc-a2185cea334c",
- "name": "view-authorization",
- "description": "${role_view-authorization}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "b3c0e4db-5a09-4d1e-9ced-96a34efb6398",
- "name": "manage-authorization",
- "description": "${role_manage-authorization}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "5cd61b20-da2b-4fed-b0c3-2fb5819ab06b",
- "name": "query-realms",
- "description": "${role_query-realms}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "94ceae4b-2cb8-4d10-bf11-8ce5c1ec9c55",
- "name": "impersonation",
- "description": "${role_impersonation}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "77072e30-3941-4b32-a8c8-76993fc507bb",
- "name": "query-users",
- "description": "${role_query-users}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "ea00baa8-f64d-409d-936d-ecf0adec5a57",
- "name": "view-identity-providers",
- "description": "${role_view-identity-providers}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "fb2c167e-fb6b-4db5-b0bf-d2c8454ceee5",
- "name": "manage-users",
- "description": "${role_manage-users}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "f0370bc0-15d6-43f1-82bc-7d31f37b19e4",
- "name": "manage-events",
- "description": "${role_manage-events}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "f0448680-b803-471e-8d0a-ec3e34a24228",
- "name": "view-realm",
- "description": "${role_view-realm}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "dfdf768b-ac34-4491-b5d2-0938242e7e48",
- "name": "query-groups",
- "description": "${role_query-groups}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "d5ff044b-c4e0-4197-8f51-833e8a956396",
- "name": "query-clients",
- "description": "${role_query-clients}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "aaf73aa0-52a3-4833-8521-1eb1312b9f33",
- "name": "manage-identity-providers",
- "description": "${role_manage-identity-providers}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "fa08c54a-1f0c-4392-bf6a-a698bf3d164b",
- "name": "view-users",
- "description": "${role_view-users}",
- "composite": true,
- "composites": {
- "client": {
- "master-realm": [
- "query-groups",
- "query-users"
- ]
- }
- },
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "fd317e90-0b34-4263-8906-caa9d6000b28",
- "name": "manage-clients",
- "description": "${role_manage-clients}",
- "composite": false,
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- },
- {
- "id": "162f12db-6d7f-4c53-905c-3f4bbd80fd58",
- "name": "view-clients",
- "description": "${role_view-clients}",
- "composite": true,
- "composites": {
- "client": {
- "master-realm": [
- "query-clients"
- ]
- }
- },
- "clientRole": true,
- "containerId": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes": {}
- }
- ],
- "account": [
- {
- "id": "50c2778e-15fa-4c14-9414-5937649eb89f",
- "name": "delete-account",
- "description": "${role_delete-account}",
- "composite": false,
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "083c3506-866a-4b85-ae57-bab1c29ac33e",
- "name": "view-groups",
- "description": "${role_view-groups}",
- "composite": false,
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "a1942880-1a32-402c-b9bb-e8f5edf2ba1a",
- "name": "view-profile",
- "description": "${role_view-profile}",
- "composite": false,
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "a69f73d6-ce42-41e6-b341-30a2d99caba8",
- "name": "manage-account-links",
- "description": "${role_manage-account-links}",
- "composite": false,
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "ac22aeec-062a-4fc0-ac79-aa849ee55d84",
- "name": "manage-consent",
- "description": "${role_manage-consent}",
- "composite": true,
- "composites": {
- "client": {
- "account": [
- "view-consent"
- ]
- }
- },
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "ad45329d-0efa-4505-906a-5a69b6c8414a",
- "name": "view-applications",
- "description": "${role_view-applications}",
- "composite": false,
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "8c0bfbdf-1914-4522-9024-ef0e6e91be9d",
- "name": "view-consent",
- "description": "${role_view-consent}",
- "composite": false,
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- },
- {
- "id": "f34de6ff-a5aa-41a7-a8d2-87bdfa850c50",
- "name": "manage-account",
- "description": "${role_manage-account}",
- "composite": true,
- "composites": {
- "client": {
- "account": [
- "manage-account-links"
- ]
- }
- },
- "clientRole": true,
- "containerId": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes": {}
- }
- ],
- "dbrepo-realm": [
- {
- "id": "89292ccf-3b12-4c8b-a615-966ddcf14556",
- "name": "manage-users",
- "description": "${role_manage-users}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "784f2fdf-a090-4452-8a02-d9cc8227df8f",
- "name": "view-authorization",
- "description": "${role_view-authorization}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "57a70a96-bc56-4629-8d2b-86c68ac1c6f6",
- "name": "query-realms",
- "description": "${role_query-realms}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "60349d70-ba29-426d-9c05-df0b11e1a73b",
- "name": "query-clients",
- "description": "${role_query-clients}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "c07819ae-8951-4dc4-af4d-bca93c60eb5a",
- "name": "view-identity-providers",
- "description": "${role_view-identity-providers}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "86842bf0-7f63-4053-8389-2ec5401cb2a9",
- "name": "query-groups",
- "description": "${role_query-groups}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "0a1579a0-76c5-4ee3-90cc-c924827b7492",
- "name": "view-realm",
- "description": "${role_view-realm}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "4eb0d05c-38c7-4d45-b858-ad7011df0ac0",
- "name": "manage-identity-providers",
- "description": "${role_manage-identity-providers}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "d4ff5a03-21e8-440c-9ccb-690ecbb89684",
- "name": "manage-events",
- "description": "${role_manage-events}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "00d523c3-e9c7-45c3-8221-0b6d6c82cd5d",
- "name": "manage-authorization",
- "description": "${role_manage-authorization}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "c441f018-7113-4fcb-8208-10ab4bd4bb27",
- "name": "view-clients",
- "description": "${role_view-clients}",
- "composite": true,
- "composites": {
- "client": {
- "dbrepo-realm": [
- "query-clients"
- ]
- }
- },
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "a146533f-fbf3-4513-8505-cf44473f5459",
- "name": "create-client",
- "description": "${role_create-client}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- },
- {
- "id": "d3d0ed01-05a5-4812-8fa7-9231f71e61fa",
- "name": "query-users",
- "description": "${role_query-users}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fd317e90-0b34-4263-8906-caa9d6000b28",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "162f12db-6d7f-4c53-905c-3f4bbd80fd58",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "master-realm" : [ "query-clients" ]
+ }
},
- {
- "id": "fcaed53d-022a-416d-b207-a6ae694a9384",
- "name": "manage-clients",
- "description": "${role_manage-clients}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ } ],
+ "account" : [ {
+ "id" : "50c2778e-15fa-4c14-9414-5937649eb89f",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "083c3506-866a-4b85-ae57-bab1c29ac33e",
+ "name" : "view-groups",
+ "description" : "${role_view-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "a1942880-1a32-402c-b9bb-e8f5edf2ba1a",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "a69f73d6-ce42-41e6-b341-30a2d99caba8",
+ "name" : "manage-account-links",
+ "description" : "${role_manage-account-links}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "ac22aeec-062a-4fc0-ac79-aa849ee55d84",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-consent" ]
+ }
},
- {
- "id": "cefdb023-0eec-4c05-93d7-8b557bb28a81",
- "name": "view-users",
- "description": "${role_view-users}",
- "composite": true,
- "composites": {
- "client": {
- "dbrepo-realm": [
- "query-users",
- "query-groups"
- ]
- }
- },
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "ad45329d-0efa-4505-906a-5a69b6c8414a",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "8c0bfbdf-1914-4522-9024-ef0e6e91be9d",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "f34de6ff-a5aa-41a7-a8d2-87bdfa850c50",
+ "name" : "manage-account",
+ "description" : "${role_manage-account}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "manage-account-links" ]
+ }
},
- {
- "id": "44d13b2a-a2b5-4f3b-bea1-4ab550205e12",
- "name": "manage-realm",
- "description": "${role_manage-realm}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ } ],
+ "dbrepo-realm" : [ {
+ "id" : "89292ccf-3b12-4c8b-a615-966ddcf14556",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "784f2fdf-a090-4452-8a02-d9cc8227df8f",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "57a70a96-bc56-4629-8d2b-86c68ac1c6f6",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "60349d70-ba29-426d-9c05-df0b11e1a73b",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "c07819ae-8951-4dc4-af4d-bca93c60eb5a",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "86842bf0-7f63-4053-8389-2ec5401cb2a9",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "0a1579a0-76c5-4ee3-90cc-c924827b7492",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "4eb0d05c-38c7-4d45-b858-ad7011df0ac0",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "d4ff5a03-21e8-440c-9ccb-690ecbb89684",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "00d523c3-e9c7-45c3-8221-0b6d6c82cd5d",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "c441f018-7113-4fcb-8208-10ab4bd4bb27",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "dbrepo-realm" : [ "query-clients" ]
+ }
},
- {
- "id": "17378e7a-9a78-4e92-ae0b-6bdfadede2d5",
- "name": "impersonation",
- "description": "${role_impersonation}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "a146533f-fbf3-4513-8505-cf44473f5459",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "d3d0ed01-05a5-4812-8fa7-9231f71e61fa",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "fcaed53d-022a-416d-b207-a6ae694a9384",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "cefdb023-0eec-4c05-93d7-8b557bb28a81",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "dbrepo-realm" : [ "query-users", "query-groups" ]
+ }
},
- {
- "id": "7810ab39-c546-456c-81eb-7ee09492da92",
- "name": "view-events",
- "description": "${role_view-events}",
- "composite": false,
- "clientRole": true,
- "containerId": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes": {}
- }
- ]
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "44d13b2a-a2b5-4f3b-bea1-4ab550205e12",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "17378e7a-9a78-4e92-ae0b-6bdfadede2d5",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "7810ab39-c546-456c-81eb-7ee09492da92",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ } ]
}
},
- "groups": [
- {
- "id": "1fcdbec1-9c86-4a14-a859-425b43cf73cb",
- "name": "system",
- "path": "/system",
- "subGroups": [],
- "attributes": {},
- "realmRoles": [
- "default-roles-master",
- "default-system-roles",
- "admin",
- "create-realm"
- ],
- "clientRoles": {}
- }
- ],
- "defaultRole": {
- "id": "01178d3c-65eb-406b-87a1-e7144f488028",
- "name": "default-roles-master",
- "description": "${role_default-roles}",
- "composite": true,
- "clientRole": false,
- "containerId": "afe47bd0-61f8-40c3-95cb-04930407ebdd"
+ "groups" : [ {
+ "id" : "1fcdbec1-9c86-4a14-a859-425b43cf73cb",
+ "name" : "system",
+ "path" : "/system",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-roles-master", "default-system-roles", "admin", "create-realm" ],
+ "clientRoles" : { }
+ } ],
+ "defaultRole" : {
+ "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
+ "name" : "default-roles-master",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd"
},
- "requiredCredentials": [
- "password"
- ],
- "otpPolicyType": "totp",
- "otpPolicyAlgorithm": "HmacSHA1",
- "otpPolicyInitialCounter": 0,
- "otpPolicyDigits": 6,
- "otpPolicyLookAheadWindow": 1,
- "otpPolicyPeriod": 30,
- "otpPolicyCodeReusable": false,
- "otpSupportedApplications": [
- "totpAppFreeOTPName",
- "totpAppGoogleName",
- "totpAppMicrosoftAuthenticatorName"
- ],
- "localizationTexts": {},
- "webAuthnPolicyRpEntityName": "keycloak",
- "webAuthnPolicySignatureAlgorithms": [
- "ES256",
- "RS256"
- ],
- "webAuthnPolicyRpId": "",
- "webAuthnPolicyAttestationConveyancePreference": "not specified",
- "webAuthnPolicyAuthenticatorAttachment": "not specified",
- "webAuthnPolicyRequireResidentKey": "not specified",
- "webAuthnPolicyUserVerificationRequirement": "not specified",
- "webAuthnPolicyCreateTimeout": 0,
- "webAuthnPolicyAvoidSameAuthenticatorRegister": false,
- "webAuthnPolicyAcceptableAaguids": [],
- "webAuthnPolicyExtraOrigins": [],
- "webAuthnPolicyPasswordlessRpEntityName": "keycloak",
- "webAuthnPolicyPasswordlessSignatureAlgorithms": [
- "ES256",
- "RS256"
- ],
- "webAuthnPolicyPasswordlessRpId": "",
- "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified",
- "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified",
- "webAuthnPolicyPasswordlessRequireResidentKey": "not specified",
- "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified",
- "webAuthnPolicyPasswordlessCreateTimeout": 0,
- "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
- "webAuthnPolicyPasswordlessAcceptableAaguids": [],
- "webAuthnPolicyPasswordlessExtraOrigins": [],
- "scopeMappings": [
- {
- "clientScope": "offline_access",
- "roles": [
- "offline_access"
- ]
- }
- ],
- "clientScopeMappings": {
- "account": [
- {
- "client": "account-console",
- "roles": [
- "manage-account",
- "view-groups"
- ]
- }
- ]
+ "requiredCredentials" : [ "password" ],
+ "otpPolicyType" : "totp",
+ "otpPolicyAlgorithm" : "HmacSHA1",
+ "otpPolicyInitialCounter" : 0,
+ "otpPolicyDigits" : 6,
+ "otpPolicyLookAheadWindow" : 1,
+ "otpPolicyPeriod" : 30,
+ "otpPolicyCodeReusable" : false,
+ "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
+ "localizationTexts" : { },
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256", "RS256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyExtraOrigins" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256", "RS256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
+ "scopeMappings" : [ {
+ "clientScope" : "offline_access",
+ "roles" : [ "offline_access" ]
+ } ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account", "view-groups" ]
+ } ]
},
- "clients": [
- {
- "id": "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "clientId": "account",
- "name": "${client_account}",
- "rootUrl": "${authBaseUrl}",
- "baseUrl": "/realms/master/account/",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [
- "/realms/master/account/*"
- ],
- "webOrigins": [],
- "notBefore": 0,
- "bearerOnly": false,
- "consentRequired": false,
- "standardFlowEnabled": true,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": false,
- "serviceAccountsEnabled": false,
- "publicClient": true,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "false",
- "post.logout.redirect.uris": "+"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": false,
- "nodeReRegistrationTimeout": 0,
- "defaultClientScopes": [
- "web-origins",
- "acr",
- "roles",
- "profile",
- "basic",
- "email"
- ],
- "optionalClientScopes": [
- "address",
- "phone",
- "organization",
- "offline_access",
- "microprofile-jwt"
- ]
+ "clients" : [ {
+ "id" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "clientId" : "account",
+ "name" : "${client_account}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/master/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/master/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+"
},
- {
- "id": "1af255f9-7eee-415c-9096-3a717d2c5150",
- "clientId": "account-console",
- "name": "${client_account-console}",
- "rootUrl": "${authBaseUrl}",
- "baseUrl": "/realms/master/account/",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [
- "/realms/master/account/*"
- ],
- "webOrigins": [],
- "notBefore": 0,
- "bearerOnly": false,
- "consentRequired": false,
- "standardFlowEnabled": true,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": false,
- "serviceAccountsEnabled": false,
- "publicClient": true,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "false",
- "post.logout.redirect.uris": "+",
- "pkce.code.challenge.method": "S256"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": false,
- "nodeReRegistrationTimeout": 0,
- "protocolMappers": [
- {
- "id": "63d1e47d-6e61-4f36-8a5b-98384a782d60",
- "name": "audience resolve",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-audience-resolve-mapper",
- "consentRequired": false,
- "config": {}
- }
- ],
- "defaultClientScopes": [
- "web-origins",
- "acr",
- "roles",
- "profile",
- "basic",
- "email"
- ],
- "optionalClientScopes": [
- "address",
- "phone",
- "organization",
- "offline_access",
- "microprofile-jwt"
- ]
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "1af255f9-7eee-415c-9096-3a717d2c5150",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/master/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/master/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
},
- {
- "id": "65ce3e14-5e30-424a-a6bd-0b194da203ef",
- "clientId": "admin-cli",
- "name": "${client_admin-cli}",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [],
- "webOrigins": [],
- "notBefore": 0,
- "bearerOnly": false,
- "consentRequired": false,
- "standardFlowEnabled": false,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": true,
- "serviceAccountsEnabled": false,
- "publicClient": true,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "false",
- "client.use.lightweight.access.token.enabled": "true",
- "post.logout.redirect.uris": "+"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": true,
- "nodeReRegistrationTimeout": 0,
- "defaultClientScopes": [
- "web-origins",
- "acr",
- "roles",
- "profile",
- "basic",
- "email"
- ],
- "optionalClientScopes": [
- "address",
- "phone",
- "organization",
- "offline_access",
- "microprofile-jwt"
- ]
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "63d1e47d-6e61-4f36-8a5b-98384a782d60",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "65ce3e14-5e30-424a-a6bd-0b194da203ef",
+ "clientId" : "admin-cli",
+ "name" : "${client_admin-cli}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : false,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true"
},
- {
- "id": "217563ea-11c7-4c96-969b-af076d740f7c",
- "clientId": "broker",
- "name": "${client_broker}",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [],
- "webOrigins": [],
- "notBefore": 0,
- "bearerOnly": true,
- "consentRequired": false,
- "standardFlowEnabled": true,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": false,
- "serviceAccountsEnabled": false,
- "publicClient": false,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "true",
- "post.logout.redirect.uris": "+"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": false,
- "nodeReRegistrationTimeout": 0,
- "defaultClientScopes": [
- "web-origins",
- "acr",
- "roles",
- "profile",
- "basic",
- "email"
- ],
- "optionalClientScopes": [
- "address",
- "phone",
- "organization",
- "offline_access",
- "microprofile-jwt"
- ]
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "217563ea-11c7-4c96-969b-af076d740f7c",
+ "clientId" : "broker",
+ "name" : "${client_broker}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
},
- {
- "id": "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "clientId": "dbrepo-realm",
- "name": "dbrepo Realm",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [],
- "webOrigins": [],
- "notBefore": 0,
- "bearerOnly": true,
- "consentRequired": false,
- "standardFlowEnabled": true,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": false,
- "serviceAccountsEnabled": false,
- "publicClient": false,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "true",
- "post.logout.redirect.uris": "+"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": false,
- "nodeReRegistrationTimeout": 0,
- "defaultClientScopes": [],
- "optionalClientScopes": []
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "clientId" : "dbrepo-realm",
+ "name" : "dbrepo Realm",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
},
- {
- "id": "9a451e5c-a55a-4872-bee1-58af763101a1",
- "clientId": "master-realm",
- "name": "master Realm",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [],
- "webOrigins": [],
- "notBefore": 0,
- "bearerOnly": true,
- "consentRequired": false,
- "standardFlowEnabled": true,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": false,
- "serviceAccountsEnabled": false,
- "publicClient": false,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "true",
- "post.logout.redirect.uris": "+"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": false,
- "nodeReRegistrationTimeout": 0,
- "defaultClientScopes": [
- "web-origins",
- "acr",
- "roles",
- "profile",
- "basic",
- "email"
- ],
- "optionalClientScopes": [
- "address",
- "phone",
- "organization",
- "offline_access",
- "microprofile-jwt"
- ]
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ ],
+ "optionalClientScopes" : [ ]
+ }, {
+ "id" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "clientId" : "master-realm",
+ "name" : "master Realm",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
},
- {
- "id": "b2a24dc7-01d2-4a5a-8385-8b06d2b8a3fb",
- "clientId": "security-admin-console",
- "name": "${client_security-admin-console}",
- "rootUrl": "${authAdminUrl}",
- "baseUrl": "/admin/master/console/",
- "surrogateAuthRequired": false,
- "enabled": true,
- "alwaysDisplayInConsole": false,
- "clientAuthenticatorType": "client-secret",
- "redirectUris": [
- "/admin/master/console/*"
- ],
- "webOrigins": [
- "+"
- ],
- "notBefore": 0,
- "bearerOnly": false,
- "consentRequired": false,
- "standardFlowEnabled": true,
- "implicitFlowEnabled": false,
- "directAccessGrantsEnabled": false,
- "serviceAccountsEnabled": false,
- "publicClient": true,
- "frontchannelLogout": false,
- "protocol": "openid-connect",
- "attributes": {
- "realm_client": "false",
- "client.use.lightweight.access.token.enabled": "true",
- "post.logout.redirect.uris": "+",
- "pkce.code.challenge.method": "S256"
- },
- "authenticationFlowBindingOverrides": {},
- "fullScopeAllowed": true,
- "nodeReRegistrationTimeout": 0,
- "protocolMappers": [
- {
- "id": "54d1c74b-4eb6-483b-88b5-261964dd182a",
- "name": "locale",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "locale",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "locale",
- "jsonType.label": "String"
- }
- }
- ],
- "defaultClientScopes": [
- "web-origins",
- "acr",
- "roles",
- "profile",
- "basic",
- "email"
- ],
- "optionalClientScopes": [
- "address",
- "phone",
- "organization",
- "offline_access",
- "microprofile-jwt"
- ]
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "b2a24dc7-01d2-4a5a-8385-8b06d2b8a3fb",
+ "clientId" : "security-admin-console",
+ "name" : "${client_security-admin-console}",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/master/console/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/admin/master/console/*" ],
+ "webOrigins" : [ "+" ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "54d1c74b-4eb6-483b-88b5-261964dd182a",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ } ],
+ "clientScopes" : [ {
+ "id" : "12ce4fa5-b53e-47dc-b70f-caf2110e31cd",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "4aed5e41-0d8d-4c24-80a0-cd9822072756",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "introspection.token.claim" : "true",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
+ "access.token.claim" : "true",
+ "user.attribute.locality" : "locality"
+ }
+ } ]
+ }, {
+ "id" : "a7683fe7-1c8b-44f8-9be7-a28acdffa61e",
+ "name" : "organization",
+ "description" : "Additional claims about the organization a subject belongs to",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${organizationScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "5e80a7d2-c9d0-48e1-aadc-d8848ff90f92",
+ "name" : "organization",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-organization-membership-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "organization",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "0411ea86-a074-4781-850d-ea3ca94590a2",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
}
- ],
- "clientScopes": [
- {
- "id": "12ce4fa5-b53e-47dc-b70f-caf2110e31cd",
- "name": "address",
- "description": "OpenID Connect built-in scope: address",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "true",
- "consent.screen.text": "${addressScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "4aed5e41-0d8d-4c24-80a0-cd9822072756",
- "name": "address",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-address-mapper",
- "consentRequired": false,
- "config": {
- "user.attribute.formatted": "formatted",
- "user.attribute.country": "country",
- "introspection.token.claim": "true",
- "user.attribute.postal_code": "postal_code",
- "userinfo.token.claim": "true",
- "user.attribute.street": "street",
- "id.token.claim": "true",
- "user.attribute.region": "region",
- "access.token.claim": "true",
- "user.attribute.locality": "locality"
- }
- }
- ]
+ }, {
+ "id" : "4363ea0f-c7e9-43f3-8611-146514c37b47",
+ "name" : "basic",
+ "description" : "OpenID Connect scope for add all basic claims to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
},
- {
- "id": "a7683fe7-1c8b-44f8-9be7-a28acdffa61e",
- "name": "organization",
- "description": "Additional claims about the organization a subject belongs to",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "true",
- "consent.screen.text": "${organizationScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "5e80a7d2-c9d0-48e1-aadc-d8848ff90f92",
- "name": "organization",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-organization-membership-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "multivalued": "true",
- "userinfo.token.claim": "true",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "organization",
- "jsonType.label": "String"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "0b691845-92b7-47b8-82d3-6fea760d885a",
+ "name" : "sub",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-sub-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ }, {
+ "id" : "15db8f91-12c9-444c-8661-5a795856e884",
+ "name" : "auth_time",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "AUTH_TIME",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "auth_time",
+ "jsonType.label" : "long"
+ }
+ } ]
+ }, {
+ "id" : "5f9da2a4-b8d2-48cd-9343-5c8ff42ef637",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}"
},
- {
- "id": "0411ea86-a074-4781-850d-ea3ca94590a2",
- "name": "offline_access",
- "description": "OpenID Connect built-in scope: offline_access",
- "protocol": "openid-connect",
- "attributes": {
- "consent.screen.text": "${offlineAccessScopeConsentText}",
- "display.on.consent.screen": "true"
+ "protocolMappers" : [ {
+ "id" : "2d1400be-4053-4393-ba87-91b64f699054",
+ "name" : "full name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-full-name-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "6b12336d-589e-4023-9c51-1da3a4114a62",
+ "name" : "website",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "website",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "website",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "13a7a453-3862-40b4-8a81-550172a06dc0",
+ "name" : "zoneinfo",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "zoneinfo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "zoneinfo",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "43c149fc-aaf4-486a-a279-df624d2eb47e",
+ "name" : "given name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "firstName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "8bba390c-543b-4fe3-98db-e020184e5014",
+ "name" : "birthdate",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "birthdate",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "birthdate",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "dc5a7474-c62a-42d6-ba98-f2b2a7a7328c",
+ "name" : "nickname",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "nickname",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "nickname",
+ "jsonType.label" : "String"
}
+ }, {
+ "id" : "9e02395e-5c37-46fb-8d30-0ebe6da3b7f0",
+ "name" : "gender",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "gender",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "gender",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d2f3d16d-21a8-4128-b60b-55e55046fa29",
+ "name" : "profile",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "profile",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "profile",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "825cafb6-3392-491a-bb34-e607330f5170",
+ "name" : "family name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "family_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "c44ac799-cac2-4200-b71b-badab4b48d92",
+ "name" : "updated at",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "updatedAt",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long"
+ }
+ }, {
+ "id" : "402b2c5f-0a7b-4520-9015-03fa9a1e2e4a",
+ "name" : "picture",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "picture",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "picture",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "f34812b0-28b3-486c-8911-9394890be4f6",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "3fe6f4f2-c881-4b84-87db-8e9b9243a7f0",
+ "name" : "middle name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "middleName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "middle_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "4d1465b2-c408-4a62-9821-afce35a55f12",
+ "name" : "username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "preferred_username",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "9b03908f-dac3-4bbd-8e93-ef29e64a59ad",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
},
- {
- "id": "4363ea0f-c7e9-43f3-8611-146514c37b47",
- "name": "basic",
- "description": "OpenID Connect scope for add all basic claims to the token",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "false",
- "display.on.consent.screen": "false"
- },
- "protocolMappers": [
- {
- "id": "0b691845-92b7-47b8-82d3-6fea760d885a",
- "name": "sub",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-sub-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "access.token.claim": "true"
- }
- },
- {
- "id": "15db8f91-12c9-444c-8661-5a795856e884",
- "name": "auth_time",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usersessionmodel-note-mapper",
- "consentRequired": false,
- "config": {
- "user.session.note": "AUTH_TIME",
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "auth_time",
- "jsonType.label": "long"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "d6678801-a0f1-4385-ae11-5dee90a9e3b4",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
+ }
+ } ]
+ }, {
+ "id" : "fa13fc44-16f6-4f82-965d-b86dfad2a984",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
},
- {
- "id": "5f9da2a4-b8d2-48cd-9343-5c8ff42ef637",
- "name": "profile",
- "description": "OpenID Connect built-in scope: profile",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "true",
- "consent.screen.text": "${profileScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "2d1400be-4053-4393-ba87-91b64f699054",
- "name": "full name",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-full-name-mapper",
- "consentRequired": false,
- "config": {
- "id.token.claim": "true",
- "introspection.token.claim": "true",
- "access.token.claim": "true",
- "userinfo.token.claim": "true"
- }
- },
- {
- "id": "6b12336d-589e-4023-9c51-1da3a4114a62",
- "name": "website",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "website",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "website",
- "jsonType.label": "String"
- }
- },
- {
- "id": "13a7a453-3862-40b4-8a81-550172a06dc0",
- "name": "zoneinfo",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "zoneinfo",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "zoneinfo",
- "jsonType.label": "String"
- }
- },
- {
- "id": "43c149fc-aaf4-486a-a279-df624d2eb47e",
- "name": "given name",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "firstName",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "given_name",
- "jsonType.label": "String"
- }
- },
- {
- "id": "8bba390c-543b-4fe3-98db-e020184e5014",
- "name": "birthdate",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "birthdate",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "birthdate",
- "jsonType.label": "String"
- }
- },
- {
- "id": "dc5a7474-c62a-42d6-ba98-f2b2a7a7328c",
- "name": "nickname",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "nickname",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "nickname",
- "jsonType.label": "String"
- }
- },
- {
- "id": "9e02395e-5c37-46fb-8d30-0ebe6da3b7f0",
- "name": "gender",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "gender",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "gender",
- "jsonType.label": "String"
- }
- },
- {
- "id": "d2f3d16d-21a8-4128-b60b-55e55046fa29",
- "name": "profile",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "profile",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "profile",
- "jsonType.label": "String"
- }
- },
- {
- "id": "825cafb6-3392-491a-bb34-e607330f5170",
- "name": "family name",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "lastName",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "family_name",
- "jsonType.label": "String"
- }
- },
- {
- "id": "c44ac799-cac2-4200-b71b-badab4b48d92",
- "name": "updated at",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "updatedAt",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "updated_at",
- "jsonType.label": "long"
- }
- },
- {
- "id": "402b2c5f-0a7b-4520-9015-03fa9a1e2e4a",
- "name": "picture",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "picture",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "picture",
- "jsonType.label": "String"
- }
- },
- {
- "id": "f34812b0-28b3-486c-8911-9394890be4f6",
- "name": "locale",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "locale",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "locale",
- "jsonType.label": "String"
- }
- },
- {
- "id": "3fe6f4f2-c881-4b84-87db-8e9b9243a7f0",
- "name": "middle name",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "middleName",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "middle_name",
- "jsonType.label": "String"
- }
- },
- {
- "id": "4d1465b2-c408-4a62-9821-afce35a55f12",
- "name": "username",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "username",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "preferred_username",
- "jsonType.label": "String"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "f70938d7-e91f-4c45-bfed-3b974d0e4697",
+ "name" : "groups",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "foo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "groups",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "1636d5e3-2af1-4d54-a60f-9db1f562b009",
+ "name" : "upn",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "upn",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "1124b695-1319-45aa-bc1b-ec0b2cf99b9e",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
},
- {
- "id": "9b03908f-dac3-4bbd-8e93-ef29e64a59ad",
- "name": "role_list",
- "description": "SAML role list",
- "protocol": "saml",
- "attributes": {
- "consent.screen.text": "${samlRoleListScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "d6678801-a0f1-4385-ae11-5dee90a9e3b4",
- "name": "role list",
- "protocol": "saml",
- "protocolMapper": "saml-role-list-mapper",
- "consentRequired": false,
- "config": {
- "single": "false",
- "attribute.nameformat": "Basic",
- "attribute.name": "Role"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "0e17d8d7-fb11-4b31-8023-d29611f7d492",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "cc53d998-1eac-4574-9bec-58110d92d282",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false",
+ "consent.screen.text" : ""
},
- {
- "id": "fa13fc44-16f6-4f82-965d-b86dfad2a984",
- "name": "microprofile-jwt",
- "description": "Microprofile - JWT built-in scope",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "true",
- "display.on.consent.screen": "false"
- },
- "protocolMappers": [
- {
- "id": "f70938d7-e91f-4c45-bfed-3b974d0e4697",
- "name": "groups",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-realm-role-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "multivalued": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "foo",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "groups",
- "jsonType.label": "String"
- }
- },
- {
- "id": "1636d5e3-2af1-4d54-a60f-9db1f562b009",
- "name": "upn",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "username",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "upn",
- "jsonType.label": "String"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "635cbac1-7cab-43bd-99fc-f7084aca2fa2",
+ "name" : "allowed web origins",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "2c901d49-bb6d-44a7-8835-1229b655ccfa",
+ "name" : "saml_organization",
+ "description" : "Organization Membership",
+ "protocol" : "saml",
+ "attributes" : {
+ "display.on.consent.screen" : "false"
},
- {
- "id": "1124b695-1319-45aa-bc1b-ec0b2cf99b9e",
- "name": "acr",
- "description": "OpenID Connect scope for add acr (authentication context class reference) to the token",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "false",
- "display.on.consent.screen": "false"
- },
- "protocolMappers": [
- {
- "id": "0e17d8d7-fb11-4b31-8023-d29611f7d492",
- "name": "acr loa level",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-acr-mapper",
- "consentRequired": false,
- "config": {
- "id.token.claim": "true",
- "introspection.token.claim": "true",
- "access.token.claim": "true",
- "userinfo.token.claim": "true"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "60ad6a87-646d-4c9e-932e-34ab1ac51fcb",
+ "name" : "organization",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-organization-membership-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "943d1441-ee61-4ab5-b5bd-de3c5f8ff25f",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
},
- {
- "id": "cc53d998-1eac-4574-9bec-58110d92d282",
- "name": "web-origins",
- "description": "OpenID Connect scope for add allowed web origins to the access token",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "false",
- "consent.screen.text": "",
- "display.on.consent.screen": "false"
- },
- "protocolMappers": [
- {
- "id": "635cbac1-7cab-43bd-99fc-f7084aca2fa2",
- "name": "allowed web origins",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-allowed-origins-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "access.token.claim": "true"
- }
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "2b5a3df4-1adb-402d-bc28-2bd43224e682",
+ "name" : "realm roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "f3b60071-ef26-48a7-9554-67f62f84d543",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "b757200e-494a-4585-857e-e4c18aef7a0c",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "4509fb3c-a899-49ad-b690-b031f9568888",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}"
},
- {
- "id": "2c901d49-bb6d-44a7-8835-1229b655ccfa",
- "name": "saml_organization",
- "description": "Organization Membership",
- "protocol": "saml",
- "attributes": {
- "display.on.consent.screen": "false"
- },
- "protocolMappers": [
- {
- "id": "60ad6a87-646d-4c9e-932e-34ab1ac51fcb",
- "name": "organization",
- "protocol": "saml",
- "protocolMapper": "saml-organization-membership-mapper",
- "consentRequired": false,
- "config": {}
- }
- ]
+ "protocolMappers" : [ {
+ "id" : "e18769b3-778b-47d8-be52-dd2769deebd1",
+ "name" : "email",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "email",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d98c5037-5178-4cc5-8e22-ca6cf0cb169e",
+ "name" : "email verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "emailVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean"
+ }
+ } ]
+ }, {
+ "id" : "6e14db34-285a-47ae-8b43-b3dcf10ae7f8",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}"
},
- {
- "id": "943d1441-ee61-4ab5-b5bd-de3c5f8ff25f",
- "name": "roles",
- "description": "OpenID Connect scope for add user roles to the access token",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "false",
- "consent.screen.text": "${rolesScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "2b5a3df4-1adb-402d-bc28-2bd43224e682",
- "name": "realm roles",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-realm-role-mapper",
- "consentRequired": false,
- "config": {
- "user.attribute": "foo",
- "introspection.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "realm_access.roles",
- "jsonType.label": "String",
- "multivalued": "true"
+ "protocolMappers" : [ {
+ "id" : "98cc724c-3f53-47f7-bf9f-baf2f7e08026",
+ "name" : "phone number verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumberVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean"
+ }
+ }, {
+ "id" : "716a7b58-dcf4-4557-9f84-d21ca19630fb",
+ "name" : "phone number",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumber",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number",
+ "jsonType.label" : "String"
+ }
+ } ]
+ } ],
+ "defaultDefaultClientScopes" : [ "role_list", "saml_organization", "profile", "email", "roles", "web-origins", "acr", "basic" ],
+ "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt", "organization" ],
+ "browserSecurityHeaders" : {
+ "contentSecurityPolicyReportOnly" : "",
+ "xContentTypeOptions" : "nosniff",
+ "referrerPolicy" : "no-referrer",
+ "xRobotsTag" : "none",
+ "xFrameOptions" : "SAMEORIGIN",
+ "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
+ "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
+ },
+ "smtpServer" : { },
+ "eventsEnabled" : false,
+ "eventsListeners" : [ "jboss-logging" ],
+ "enabledEventTypes" : [ ],
+ "adminEventsEnabled" : false,
+ "adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
+ "components" : {
+ "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
+ "id" : "f2a52e27-5582-4ca4-b20c-1864b8339b16",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "95b33704-ec30-4988-b018-f73d8bcf71b5",
+ "name" : "Full Scope Disabled",
+ "providerId" : "scope",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "d1114c75-d0b0-4584-a89f-a4e70eab2cd7",
+ "name" : "Consent Required",
+ "providerId" : "consent-required",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "6b0202cc-e70e-46da-869b-36ad59907239",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper" ]
+ }
+ }, {
+ "id" : "4b976576-c880-48a0-9b4d-2956cfd19b4a",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper" ]
+ }
+ }, {
+ "id" : "e1861ec9-2761-46fb-8048-149492269ff0",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "51b3aa61-e453-4e0b-bfe1-aefd8353ea06",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "max-clients" : [ "200" ]
+ }
+ }, {
+ "id" : "851cf8c2-ffe8-4a37-8a12-df04f724c90b",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ } ],
+ "org.keycloak.storage.UserStorageProvider" : [ {
+ "id" : "3a6f24e8-128b-4ac1-b3ab-694836db82fd",
+ "name" : "Identity Service",
+ "providerId" : "ldap",
+ "subComponents" : {
+ "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ {
+ "id" : "bf97cfab-4d53-4994-b3a8-0c771a70467b",
+ "name" : "email",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "mail" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "user.model.attribute" : [ "email" ]
}
- },
- {
- "id": "f3b60071-ef26-48a7-9554-67f62f84d543",
- "name": "client roles",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-client-role-mapper",
- "consentRequired": false,
- "config": {
- "user.attribute": "foo",
- "introspection.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "resource_access.${client_id}.roles",
- "jsonType.label": "String",
- "multivalued": "true"
+ }, {
+ "id" : "cddffa16-0aff-4e0c-99a2-021f0495de03",
+ "name" : "last name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "sn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "user.model.attribute" : [ "lastName" ]
}
- },
- {
- "id": "b757200e-494a-4585-857e-e4c18aef7a0c",
- "name": "audience resolve",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-audience-resolve-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "access.token.claim": "true"
+ }, {
+ "id" : "4eaae3fa-d280-4605-b09d-1caeb881322c",
+ "name" : "modify date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "modifyTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "true" ],
+ "user.model.attribute" : [ "modifyTimestamp" ]
}
- }
- ]
- },
- {
- "id": "4509fb3c-a899-49ad-b690-b031f9568888",
- "name": "email",
- "description": "OpenID Connect built-in scope: email",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "true",
- "consent.screen.text": "${emailScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "e18769b3-778b-47d8-be52-dd2769deebd1",
- "name": "email",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "email",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "email",
- "jsonType.label": "String"
+ }, {
+ "id" : "98c4a2c1-d509-443b-8475-fc971c193324",
+ "name" : "first name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "cn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "firstName" ]
}
- },
- {
- "id": "d98c5037-5178-4cc5-8e22-ca6cf0cb169e",
- "name": "email verified",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-property-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "emailVerified",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "email_verified",
- "jsonType.label": "boolean"
+ }, {
+ "id" : "74dbebb4-9881-4be1-8b30-6b0f2a718c86",
+ "name" : "username",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "uid" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "username" ]
}
- }
- ]
- },
- {
- "id": "6e14db34-285a-47ae-8b43-b3dcf10ae7f8",
- "name": "phone",
- "description": "OpenID Connect built-in scope: phone",
- "protocol": "openid-connect",
- "attributes": {
- "include.in.token.scope": "true",
- "consent.screen.text": "${phoneScopeConsentText}",
- "display.on.consent.screen": "true"
- },
- "protocolMappers": [
- {
- "id": "98cc724c-3f53-47f7-bf9f-baf2f7e08026",
- "name": "phone number verified",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "phoneNumberVerified",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "phone_number_verified",
- "jsonType.label": "boolean"
+ }, {
+ "id" : "5692d060-55b8-4cb1-b68f-0ae123cd9d03",
+ "name" : "system",
+ "providerId" : "group-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "membership.attribute.type" : [ "DN" ],
+ "group.name.ldap.attribute" : [ "cn" ],
+ "membership.user.ldap.attribute" : [ "uid" ],
+ "preserve.group.inheritance" : [ "false" ],
+ "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "mode" : [ "LDAP_ONLY" ],
+ "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
+ "membership.ldap.attribute" : [ "member" ],
+ "ignore.missing.groups" : [ "false" ],
+ "group.object.classes" : [ "groupOfNames" ],
+ "memberof.ldap.attribute" : [ "memberOf" ],
+ "drop.non.existing.groups.during.sync" : [ "false" ],
+ "groups.path" : [ "/" ]
}
- },
- {
- "id": "716a7b58-dcf4-4557-9f84-d21ca19630fb",
- "name": "phone number",
- "protocol": "openid-connect",
- "protocolMapper": "oidc-usermodel-attribute-mapper",
- "consentRequired": false,
- "config": {
- "introspection.token.claim": "true",
- "userinfo.token.claim": "true",
- "user.attribute": "phoneNumber",
- "id.token.claim": "true",
- "access.token.claim": "true",
- "claim.name": "phone_number",
- "jsonType.label": "String"
+ }, {
+ "id" : "0453ae29-3cdc-4e09-800e-0117e7a2fb68",
+ "name" : "creation date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "createTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "true" ],
+ "user.model.attribute" : [ "createTimestamp" ]
}
- }
- ]
- }
- ],
- "defaultDefaultClientScopes": [
- "role_list",
- "saml_organization",
- "profile",
- "email",
- "roles",
- "web-origins",
- "acr",
- "basic"
- ],
- "defaultOptionalClientScopes": [
- "offline_access",
- "address",
- "phone",
- "microprofile-jwt",
- "organization"
- ],
- "browserSecurityHeaders": {
- "contentSecurityPolicyReportOnly": "",
- "xContentTypeOptions": "nosniff",
- "referrerPolicy": "no-referrer",
- "xRobotsTag": "none",
- "xFrameOptions": "SAMEORIGIN",
- "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
- "xXSSProtection": "1; mode=block",
- "strictTransportSecurity": "max-age=31536000; includeSubDomains"
- },
- "smtpServer": {},
- "eventsEnabled": false,
- "eventsListeners": [
- "jboss-logging"
- ],
- "enabledEventTypes": [],
- "adminEventsEnabled": false,
- "adminEventsDetailsEnabled": false,
- "identityProviders": [],
- "identityProviderMappers": [],
- "components": {
- "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
- {
- "id": "f2a52e27-5582-4ca4-b20c-1864b8339b16",
- "name": "Trusted Hosts",
- "providerId": "trusted-hosts",
- "subType": "anonymous",
- "subComponents": {},
- "config": {
- "host-sending-registration-request-must-match": [
- "true"
- ],
- "client-uris-must-match": [
- "true"
- ]
- }
- },
- {
- "id": "95b33704-ec30-4988-b018-f73d8bcf71b5",
- "name": "Full Scope Disabled",
- "providerId": "scope",
- "subType": "anonymous",
- "subComponents": {},
- "config": {}
- },
- {
- "id": "d1114c75-d0b0-4584-a89f-a4e70eab2cd7",
- "name": "Consent Required",
- "providerId": "consent-required",
- "subType": "anonymous",
- "subComponents": {},
- "config": {}
- },
- {
- "id": "6b0202cc-e70e-46da-869b-36ad59907239",
- "name": "Allowed Protocol Mapper Types",
- "providerId": "allowed-protocol-mappers",
- "subType": "anonymous",
- "subComponents": {},
- "config": {
- "allowed-protocol-mapper-types": [
- "oidc-usermodel-attribute-mapper",
- "saml-role-list-mapper",
- "oidc-sha256-pairwise-sub-mapper",
- "oidc-usermodel-property-mapper",
- "saml-user-attribute-mapper",
- "oidc-full-name-mapper",
- "oidc-address-mapper",
- "saml-user-property-mapper"
- ]
- }
- },
- {
- "id": "4b976576-c880-48a0-9b4d-2956cfd19b4a",
- "name": "Allowed Protocol Mapper Types",
- "providerId": "allowed-protocol-mappers",
- "subType": "authenticated",
- "subComponents": {},
- "config": {
- "allowed-protocol-mapper-types": [
- "saml-role-list-mapper",
- "oidc-usermodel-property-mapper",
- "oidc-full-name-mapper",
- "saml-user-attribute-mapper",
- "saml-user-property-mapper",
- "oidc-address-mapper",
- "oidc-sha256-pairwise-sub-mapper",
- "oidc-usermodel-attribute-mapper"
- ]
- }
- },
- {
- "id": "e1861ec9-2761-46fb-8048-149492269ff0",
- "name": "Allowed Client Scopes",
- "providerId": "allowed-client-templates",
- "subType": "anonymous",
- "subComponents": {},
- "config": {
- "allow-default-scopes": [
- "true"
- ]
- }
- },
- {
- "id": "51b3aa61-e453-4e0b-bfe1-aefd8353ea06",
- "name": "Max Clients Limit",
- "providerId": "max-clients",
- "subType": "anonymous",
- "subComponents": {},
- "config": {
- "max-clients": [
- "200"
- ]
- }
+ } ]
},
- {
- "id": "851cf8c2-ffe8-4a37-8a12-df04f724c90b",
- "name": "Allowed Client Scopes",
- "providerId": "allowed-client-templates",
- "subType": "authenticated",
- "subComponents": {},
- "config": {
- "allow-default-scopes": [
- "true"
- ]
- }
+ "config" : {
+ "pagination" : [ "false" ],
+ "fullSyncPeriod" : [ "-1" ],
+ "startTls" : [ "false" ],
+ "connectionPooling" : [ "false" ],
+ "usersDn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "cachePolicy" : [ "DEFAULT" ],
+ "useKerberosForPasswordAuthentication" : [ "false" ],
+ "importEnabled" : [ "true" ],
+ "enabled" : [ "true" ],
+ "changedSyncPeriod" : [ "-1" ],
+ "bindCredential" : [ "admin" ],
+ "bindDn" : [ "cn=admin,dc=dbrepo,dc=at" ],
+ "usernameLDAPAttribute" : [ "uid" ],
+ "vendor" : [ "other" ],
+ "uuidLDAPAttribute" : [ "entryUUID" ],
+ "allowKerberosAuthentication" : [ "false" ],
+ "connectionUrl" : [ "ldap://identity-service:1389" ],
+ "syncRegistrations" : [ "true" ],
+ "authType" : [ "simple" ],
+ "krbPrincipalAttribute" : [ "krb5PrincipalName" ],
+ "searchScope" : [ "1" ],
+ "useTruststoreSpi" : [ "always" ],
+ "usePasswordModifyExtendedOp" : [ "false" ],
+ "trustEmail" : [ "false" ],
+ "userObjectClasses" : [ "inetOrgPerson, organizationalPerson, person" ],
+ "rdnLDAPAttribute" : [ "uid" ],
+ "editMode" : [ "READ_ONLY" ],
+ "validatePasswordPolicy" : [ "false" ]
}
- ],
- "org.keycloak.userprofile.UserProfileProvider": [
- {
- "id": "34049725-5a66-456c-b895-87ca7c11bb6b",
- "providerId": "declarative-user-profile",
- "subComponents": {},
- "config": {
- "kc.user.profile.config": [
- "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}"
- ]
- }
+ } ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "34049725-5a66-456c-b895-87ca7c11bb6b",
+ "providerId" : "declarative-user-profile",
+ "subComponents" : { },
+ "config" : {
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}" ]
}
- ],
- "org.keycloak.storage.UserStorageProvider": [
- {
- "id": "3a6f24e8-128b-4ac1-b3ab-694836db82fd",
- "name": "Identity Service",
- "providerId": "ldap",
- "subComponents": {
- "org.keycloak.storage.ldap.mappers.LDAPStorageMapper": [
- {
- "id": "bf97cfab-4d53-4994-b3a8-0c771a70467b",
- "name": "email",
- "providerId": "user-attribute-ldap-mapper",
- "subComponents": {},
- "config": {
- "ldap.attribute": [
- "mail"
- ],
- "is.mandatory.in.ldap": [
- "false"
- ],
- "always.read.value.from.ldap": [
- "false"
- ],
- "read.only": [
- "false"
- ],
- "user.model.attribute": [
- "email"
- ]
- }
- },
- {
- "id": "cddffa16-0aff-4e0c-99a2-021f0495de03",
- "name": "last name",
- "providerId": "user-attribute-ldap-mapper",
- "subComponents": {},
- "config": {
- "ldap.attribute": [
- "sn"
- ],
- "is.mandatory.in.ldap": [
- "true"
- ],
- "always.read.value.from.ldap": [
- "true"
- ],
- "read.only": [
- "false"
- ],
- "user.model.attribute": [
- "lastName"
- ]
- }
- },
- {
- "id": "4eaae3fa-d280-4605-b09d-1caeb881322c",
- "name": "modify date",
- "providerId": "user-attribute-ldap-mapper",
- "subComponents": {},
- "config": {
- "ldap.attribute": [
- "modifyTimestamp"
- ],
- "is.mandatory.in.ldap": [
- "false"
- ],
- "always.read.value.from.ldap": [
- "true"
- ],
- "read.only": [
- "true"
- ],
- "user.model.attribute": [
- "modifyTimestamp"
- ]
- }
- },
- {
- "id": "98c4a2c1-d509-443b-8475-fc971c193324",
- "name": "first name",
- "providerId": "user-attribute-ldap-mapper",
- "subComponents": {},
- "config": {
- "ldap.attribute": [
- "cn"
- ],
- "is.mandatory.in.ldap": [
- "true"
- ],
- "read.only": [
- "false"
- ],
- "always.read.value.from.ldap": [
- "true"
- ],
- "user.model.attribute": [
- "firstName"
- ]
- }
- },
- {
- "id": "74dbebb4-9881-4be1-8b30-6b0f2a718c86",
- "name": "username",
- "providerId": "user-attribute-ldap-mapper",
- "subComponents": {},
- "config": {
- "ldap.attribute": [
- "uid"
- ],
- "is.mandatory.in.ldap": [
- "true"
- ],
- "always.read.value.from.ldap": [
- "false"
- ],
- "read.only": [
- "false"
- ],
- "user.model.attribute": [
- "username"
- ]
- }
- },
- {
- "id": "5692d060-55b8-4cb1-b68f-0ae123cd9d03",
- "name": "system",
- "providerId": "group-ldap-mapper",
- "subComponents": {},
- "config": {
- "mode": [
- "LDAP_ONLY"
- ],
- "membership.attribute.type": [
- "DN"
- ],
- "user.roles.retrieve.strategy": [
- "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE"
- ],
- "group.name.ldap.attribute": [
- "cn"
- ],
- "membership.ldap.attribute": [
- "member"
- ],
- "membership.user.ldap.attribute": [
- "uid"
- ],
- "ignore.missing.groups": [
- "false"
- ],
- "preserve.group.inheritance": [
- "false"
- ],
- "groups.dn": [
- "ou=users,dc=dbrepo,dc=at"
- ],
- "memberof.ldap.attribute": [
- "memberOf"
- ],
- "group.object.classes": [
- "groupOfNames"
- ],
- "drop.non.existing.groups.during.sync": [
- "false"
- ],
- "groups.path": [
- "/"
- ]
- }
- },
- {
- "id": "0453ae29-3cdc-4e09-800e-0117e7a2fb68",
- "name": "creation date",
- "providerId": "user-attribute-ldap-mapper",
- "subComponents": {},
- "config": {
- "ldap.attribute": [
- "createTimestamp"
- ],
- "is.mandatory.in.ldap": [
- "false"
- ],
- "always.read.value.from.ldap": [
- "true"
- ],
- "read.only": [
- "true"
- ],
- "user.model.attribute": [
- "createTimestamp"
- ]
- }
- }
- ]
- },
- "config": {
- "pagination": [
- "false"
- ],
- "fullSyncPeriod": [
- "-1"
- ],
- "startTls": [
- "false"
- ],
- "connectionPooling": [
- "false"
- ],
- "usersDn": [
- "ou=users,dc=dbrepo,dc=at"
- ],
- "cachePolicy": [
- "DEFAULT"
- ],
- "useKerberosForPasswordAuthentication": [
- "false"
- ],
- "importEnabled": [
- "true"
- ],
- "enabled": [
- "true"
- ],
- "changedSyncPeriod": [
- "-1"
- ],
- "usernameLDAPAttribute": [
- "uid"
- ],
- "bindCredential": [
- "admin"
- ],
- "bindDn": [
- "cn=admin,dc=dbrepo,dc=at"
- ],
- "vendor": [
- "other"
- ],
- "uuidLDAPAttribute": [
- "entryUUID"
- ],
- "allowKerberosAuthentication": [
- "false"
- ],
- "connectionUrl": [
- "ldap://identity-service:1389"
- ],
- "syncRegistrations": [
- "true"
- ],
- "authType": [
- "simple"
- ],
- "krbPrincipalAttribute": [
- "krb5PrincipalName"
- ],
- "searchScope": [
- "1"
- ],
- "useTruststoreSpi": [
- "always"
- ],
- "usePasswordModifyExtendedOp": [
- "false"
- ],
- "trustEmail": [
- "false"
- ],
- "userObjectClasses": [
- "inetOrgPerson, organizationalPerson, person"
- ],
- "rdnLDAPAttribute": [
- "uid"
- ],
- "editMode": [
- "READ_ONLY"
- ],
- "validatePasswordPolicy": [
- "false"
- ]
- }
+ } ],
+ "org.keycloak.keys.KeyProvider" : [ {
+ "id" : "5b1052d2-fb71-47d2-86f9-908c869c8d1b",
+ "name" : "hmac-generated-hs512",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "dff6ccc5-bd9b-467c-8e93-0fe51d353eaf" ],
+ "secret" : [ "Q8srw06SZoVO9ZJtKsfKPZyg8O7w01pLMv-CVMbxhBNXJ2lldqKmDgYxHBWnyeIYjXsp2M_Q-SQh1MZc7THyJJpFpRvqN8q9ZgUyWv3GZ-TH7Cez7aeg-WEQrWywBTFfacu_VjmDxucinZoJTWLaH9NNdCcZSMeuBHyM1V__BeE" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS512" ]
}
- ],
- "org.keycloak.keys.KeyProvider": [
- {
- "id": "5b1052d2-fb71-47d2-86f9-908c869c8d1b",
- "name": "hmac-generated-hs512",
- "providerId": "hmac-generated",
- "subComponents": {},
- "config": {
- "priority": [
- "100"
- ],
- "algorithm": [
- "HS512"
- ]
- }
- },
- {
- "id": "fd48cdb1-8be8-4ac9-9347-dc3e91db95d7",
- "name": "rsa-enc-generated",
- "providerId": "rsa-enc-generated",
- "subComponents": {},
- "config": {
- "priority": [
- "100"
- ],
- "algorithm": [
- "RSA-OAEP"
- ]
- }
- },
- {
- "id": "0ff03eb6-b43b-4065-b583-9e310f53a573",
- "name": "rsa-generated",
- "providerId": "rsa-generated",
- "subComponents": {},
- "config": {
- "priority": [
- "100"
- ]
- }
- },
- {
- "id": "df28b561-7463-4927-974d-615618056b41",
- "name": "aes-generated",
- "providerId": "aes-generated",
- "subComponents": {},
- "config": {
- "priority": [
- "100"
- ]
- }
+ }, {
+ "id" : "fd48cdb1-8be8-4ac9-9347-dc3e91db95d7",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEpAIBAAKCAQEA3ZslFoBBYiRi9ZF9uMllfkL6ZDheVTSDTPgQar/ueThttbnovNEJ5W2xIJrSPJkN5yuq55zycwr8IzMjBPt9DLbKxqHmaUm2YkO3MMPdQGLoI8j8no6IB74qKBxpyUoEDXmmUaE02u+QkuBohhBuBSyvzktWzv25giXVxzwFqzmRx6aJXvZSKuE6fBqbIA+hxit6Wm35OkLNl6UKDDI1WmhAuaNwV/UUsJvOWW2QFAosLCr7bevrIX+mHWUimiTcBQC/hW6K391dA0LczHHGJ//74r/OeXvF4ODBdFSl1NuamgRGZnRD7pjTtp57mutwWm+bSWo2/DrCFQfjfVKhkQIDAQABAoIBAA+zk+ult7w/7sEOh3Vl06qgDUS3l7t6xojYFLWzlq6BGIjlPL/QId7fKEsynQ3NHGaSOgBCJw2OrDHESElslj4l33U2eHBiWClbOeobHpyWxXLvpTKIz8uYpj0EUlyAQYxA389t2CRhEAHQI6fIFzuHoIdB4Es3QAMgMib1MkOg5VGsuV1LE8HcK44uFBOWXeQmEuasMQqmvAwj9M2yS6xjsxq0nS381PY1JYR7suhmOyvyZas/YvmltOVvQczwzW/MfMGga14YoJyAAz/7VZXCgVTs1ffHg9ET6s1PkNwVNTDAGriMG7GtN40UFEukS5cb2SRIJdg89DnHxHoNQ3cCgYEA+QIaUDuzgN+0D1ydYnCbTDwolHtBce7EUkOpaJRXyfwsrf/m8/bx302JSQLXs9zd9B3VwHWQIDQElAKcE/nbqUJPZLvjAWuSU/viLljGab5++mLKQ537UEV74msFj5rxwulzvQQ0owPsf/gHgTQ27ds/fWufywWpSCr/0+aE+NsCgYEA49QShQ1LakkAtckJYJ5W5TycDHMj1WV5GHUy9SX6fDNK9HpL1RQv5RY2yNa5nlpy5Izv5LzQb+6vAGZcfdd3WXv934k5qwAh+prmorWS2gXEbQJAan1BsApjFgtbJqyxLjhHywlG3W9Eh+HImlLTUKnx/3tr3Yn4vP7YAA1ZVQMCgYB+uZQ8qvWCq9aOTtsGAzr1xFP+pO+8lQAywZ6Qy5YWBJGUh/y4wj98HpC0qI6wScJnf1uOVAZibTa7QMy/2dPxwv52zKwNx/ozZahJYAKyRDGJKge3+8mvo30V0NOGrxtEz9yIIIDNSaztv4PKPJGL4Z3hLYmoIBxzzvZdmB6qKwKBgQDKqOYEduwD0oaQLhFqYc8YQU7qgC168LXEfNRkX3EutA3T5Um5dCialqULCH67Dugux/PJO/AJ8X64U1WpF1ZyQip1gsLKiuau3sWULQJBcGnnMd6NG3ioGMVFYbqmb214mNW8FTd1WDnUyZJBPLX+hf3fbjFoMwgRTnxjp3w0cwKBgQDxnYNXZqVPJsDDqW23+uj66b0n1oamhe/hl6zm2uhhq5hXXIRbRPqCWznZvm6eD/kcvknrNYopsb90RkJYjl9povaIFrSWH28QEaTHIzJmW0tKOxL0bQo05AmRXLnW2vlBafno6ZQGFAotnIIJLwzU9Tu2PwRQ83ypP1mvWowXzA==" ],
+ "certificate" : [ "MIICmzCCAYMCBgGUfz5NvjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdmyUWgEFiJGL1kX24yWV+QvpkOF5VNINM+BBqv+55OG21uei80QnlbbEgmtI8mQ3nK6rnnPJzCvwjMyME+30MtsrGoeZpSbZiQ7cww91AYugjyPyejogHviooHGnJSgQNeaZRoTTa75CS4GiGEG4FLK/OS1bO/bmCJdXHPAWrOZHHpole9lIq4Tp8GpsgD6HGK3pabfk6Qs2XpQoMMjVaaEC5o3BX9RSwm85ZbZAUCiwsKvtt6+shf6YdZSKaJNwFAL+Fborf3V0DQtzMccYn//viv855e8Xg4MF0VKXU25qaBEZmdEPumNO2nnua63Bab5tJajb8OsIVB+N9UqGRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALGWVRlB9zbRWtv9fgxyWEzPqcZeyILAp0//bC4Y+EEe1fS5EfgP/J5U7j0DNt2Sc87uVkGCOGjTx7du6a/9uPA4ULMLUQO0Xusz41YrntjLWdWveLDmcqEYfF52qJQRhX7iYGGGG1Iq6Ju/1dfiX3nBD/RnVVHHf5s8QY0v0V/AnfWVaj3eFA8tybx1VsD7A8Whm7jgcQTOqu2L5F4gw4BwDDkCIYhkJcfPu1pvM+R3eDmXN8rTEVnNcCtvLFtTlBcmHhYnCYJaNHiSquKs5wDuDE6crBPgWfzzk2XHKLpmamdFyjzL8WFUmhnypQfwBNjnsgAl2U059bQz1fyBIlM=" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
}
- ]
- },
- "internationalizationEnabled": false,
- "supportedLocales": [],
- "authenticationFlows": [
- {
- "id": "2e13d5a8-b0fb-475b-8991-66d1cc8e99f1",
- "alias": "Account verification options",
- "description": "Method with which to verity the existing account",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "idp-email-verification",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "ALTERNATIVE",
- "priority": 20,
- "autheticatorFlow": true,
- "flowAlias": "Verify Existing Account by Re-authentication",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "0bf3a099-5ef5-4ea9-b325-5bc9699180a6",
- "alias": "Browser - Conditional OTP",
- "description": "Flow to determine if the OTP is required for the authentication",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "conditional-user-configured",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "auth-otp-form",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "88ca29ab-cbe0-4e3f-938a-e6c5327748ab",
- "alias": "Direct Grant - Conditional OTP",
- "description": "Flow to determine if the OTP is required for the authentication",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "conditional-user-configured",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "direct-grant-validate-otp",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "789e7d43-bc05-44d2-8c09-de7fee9d56de",
- "alias": "First broker login - Conditional OTP",
- "description": "Flow to determine if the OTP is required for the authentication",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "conditional-user-configured",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "auth-otp-form",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "ee145b84-2b30-438e-9cee-6fe90909af1a",
- "alias": "Handle Existing Account",
- "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "idp-confirm-link",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": true,
- "flowAlias": "Account verification options",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "853d891a-0009-443c-91c3-a7f1ad1dd0dc",
- "alias": "Reset - Conditional OTP",
- "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "conditional-user-configured",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "reset-otp",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "d7f13a9b-a13c-4236-ae41-df8da7e5fa8d",
- "alias": "User creation or linking",
- "description": "Flow for the existing/non-existing user alternatives",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticatorConfig": "create unique user config",
- "authenticator": "idp-create-user-if-unique",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "ALTERNATIVE",
- "priority": 20,
- "autheticatorFlow": true,
- "flowAlias": "Handle Existing Account",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "3cb699ee-11d4-44be-878b-a183b9e96b59",
- "alias": "Verify Existing Account by Re-authentication",
- "description": "Reauthentication of existing account",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "idp-username-password-form",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "CONDITIONAL",
- "priority": 20,
- "autheticatorFlow": true,
- "flowAlias": "First broker login - Conditional OTP",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "61d5a1e2-7074-41ad-97bf-e5c41c70989e",
- "alias": "browser",
- "description": "Browser based authentication",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "auth-cookie",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "auth-spnego",
- "authenticatorFlow": false,
- "requirement": "DISABLED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "identity-provider-redirector",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 25,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "ALTERNATIVE",
- "priority": 30,
- "autheticatorFlow": true,
- "flowAlias": "forms",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "21dabcf1-8817-4f2d-981a-13239e160b56",
- "alias": "clients",
- "description": "Base authentication for clients",
- "providerId": "client-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "client-secret",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "client-jwt",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "client-secret-jwt",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 30,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "client-x509",
- "authenticatorFlow": false,
- "requirement": "ALTERNATIVE",
- "priority": 40,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "a349aeb2-9373-47ec-9381-0c379df56c71",
- "alias": "direct grant",
- "description": "OpenID Connect Resource Owner Grant",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "direct-grant-validate-username",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "direct-grant-validate-password",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "CONDITIONAL",
- "priority": 30,
- "autheticatorFlow": true,
- "flowAlias": "Direct Grant - Conditional OTP",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "39b3aa37-4ece-4e31-acbc-79889994713e",
- "alias": "docker auth",
- "description": "Used by Docker clients to authenticate against the IDP",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "docker-http-basic-authenticator",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "18561349-cc5e-4e5b-bcb2-979645118f96",
- "alias": "first broker login",
- "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticatorConfig": "review profile config",
- "authenticator": "idp-review-profile",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": true,
- "flowAlias": "User creation or linking",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "9933f082-3d53-4575-b011-90e6933fb2a1",
- "alias": "forms",
- "description": "Username, password, otp and other auth forms.",
- "providerId": "basic-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "auth-username-password-form",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "CONDITIONAL",
- "priority": 20,
- "autheticatorFlow": true,
- "flowAlias": "Browser - Conditional OTP",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "00285357-456a-4fd4-b449-ed25253e6364",
- "alias": "registration",
- "description": "Registration flow",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "registration-page-form",
- "authenticatorFlow": true,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": true,
- "flowAlias": "registration form",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "b9131fa9-5614-42b4-8353-c6c15e66c2ce",
- "alias": "registration form",
- "description": "Registration form",
- "providerId": "form-flow",
- "topLevel": false,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "registration-user-creation",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "registration-password-action",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 50,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "registration-recaptcha-action",
- "authenticatorFlow": false,
- "requirement": "DISABLED",
- "priority": 60,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "registration-terms-and-conditions",
- "authenticatorFlow": false,
- "requirement": "DISABLED",
- "priority": 70,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "424642cc-3a71-4732-ba38-b737179ce37f",
- "alias": "reset credentials",
- "description": "Reset credentials for a user if they forgot their password or something",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "reset-credentials-choose-user",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "reset-credential-email",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 20,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticator": "reset-password",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 30,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- },
- {
- "authenticatorFlow": true,
- "requirement": "CONDITIONAL",
- "priority": 40,
- "autheticatorFlow": true,
- "flowAlias": "Reset - Conditional OTP",
- "userSetupAllowed": false
- }
- ]
- },
- {
- "id": "c8c9c4dc-a39d-4ba6-ad4b-9447a8125349",
- "alias": "saml ecp",
- "description": "SAML ECP Profile Authentication Flow",
- "providerId": "basic-flow",
- "topLevel": true,
- "builtIn": true,
- "authenticationExecutions": [
- {
- "authenticator": "http-basic-authenticator",
- "authenticatorFlow": false,
- "requirement": "REQUIRED",
- "priority": 10,
- "autheticatorFlow": false,
- "userSetupAllowed": false
- }
- ]
- }
- ],
- "authenticatorConfig": [
- {
- "id": "49d63952-ca6e-450c-a65f-70388169cb90",
- "alias": "create unique user config",
- "config": {
- "require.password.update.after.registration": "false"
+ }, {
+ "id" : "0ff03eb6-b43b-4065-b583-9e310f53a573",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEogIBAAKCAQEAsetSXQJDd0r9Cv6hB/QyQ7DlVXAQeRuwasOTF5Eoez0mTuW1DGraTIttZwPOYMxvDOs4c9/+0QA9DNUtc4PHGXPB0WxuKDSikkVlPtyqOnrcaSYYArhHkYU727M+8r+vIhtToYB/g88mlMH4JfL0tUJQGlnOrDxUUP7RiWAbzQ33JDAAyV6HUOm1SgNH61V6z8a06m9NL//trN2PeILqNt/DT7iwTd+bmNQZzw+wSVTGR4K3O5sjWjRHvihAxvOCKvyzpYnbQ5AM/GpXOmahpuOQ45LebSYHlU7YSUVXH8Q2yLefjRCZ0H0mkRDx+yBr/vkKhF5vqv+lH3qKA6H6jQIDAQABAoIBAFdLSWb/BFEUhuENG79GTh8uPOdVi4+QSVeoy5PFkeIdl50gUVtdVew2gKAJmwmdZGMnSdR4s5KiFlIkih9iKZ7QT+lL1SR+5sDzsYBNTmxQ+bHRkfhLqDm68CqUYK9D407Nr5PO80GdsqVMIk+kS/JfLeQv6hpRo2D2FaLcd+d8Pzp72qgCcRTLGKzjPEv+ffA9eL6smP+E3/m54YS7e3jwMyVdl4IXAKBjPMkdtKMWnuGxHnPrZ71A1LJjL4un4N8HjIMGDCyFFkCvPE7FhzpdN249VF29QTfU+QHjiKC0O6nej/A+4kIbWjDF+YmmSEJRSKfk7SVuzs4XnBfsz7UCgYEA6zW+Sud2qos5/DQUUWTleKfqhaEzVvy2pWMXUqaHzvPu7NsaLl+DbEIRvoxJzqdWfwwnWIrD6kGU8GVa1I8RLKK3JS681R6Pw/Ih5JKw9n5lkD+gIpE5ryENQ5jGdwFRUTpJxKY2aPUve7PsyM5flau2d3eo/4SXIRy1pCMcAgMCgYEAwaU44XDH54rLVFuSpg6ck7uSxb15987AECW1z6n/oIAw0reVvCvp8tInk6owKRqvxVCM3W/B0UQONGDmcCcK1GoaO+hJZV/t+c9NAHrna2t10+bHRHwYLG9FUu/hWKtLsxqathsEXdS02m6y6jX3UWuR6Qwz2XYH7PWS3/EHNC8CgYA//qxapuVTe3P4WZcZmjERBea6GuTkCvgKwY4r76FNvnLIQMi7y0Lvpn47cOH39vGCuaTO41pwlw1V5s2yvYY3tcHMvQ2lkp4c+vkbvomlVzh86cLBBPBD5OM9/AgrgtFEH27IsUxmfCdCKe8Hp5a8Gy8XDBiQBNw1pyEImoDZTwKBgCU+nwMVSw2or1TpS/puYwUzFZa8y8Gy3VP9vMtVOhpnrXxJ3R3VIGkYrI4FNMAjJt1/kahhf1i9izHd1VSK3dVfFu6gzcUWv1HF4lyORwZtI7t+7qKob4nUWPQLuT7xq1ymaE1QQvW9HI/KrNTJTmk1lFnLhAl2Xy3fScGSvTz3AoGABYA6e1Ksiex2Iv37f16l6lo6hfbUKIoAooyrTKjwqpWGaFtDBQxTNaOR93APjg1rX+wtcwMpl1ABpsf2a1DoRJBItH1oE7q6ZDJ/qz2BnJkH8TvDy89Cbe/8R2vwQIsE7rDzW3Ivfx2KN//iKHAA6BEqf3m2p4u2Dqient5XC9M=" ],
+ "certificate" : [ "MIICmzCCAYMCBgGUfz5OEDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx61JdAkN3Sv0K/qEH9DJDsOVVcBB5G7Bqw5MXkSh7PSZO5bUMatpMi21nA85gzG8M6zhz3/7RAD0M1S1zg8cZc8HRbG4oNKKSRWU+3Ko6etxpJhgCuEeRhTvbsz7yv68iG1OhgH+DzyaUwfgl8vS1QlAaWc6sPFRQ/tGJYBvNDfckMADJXodQ6bVKA0frVXrPxrTqb00v/+2s3Y94guo238NPuLBN35uY1BnPD7BJVMZHgrc7myNaNEe+KEDG84Iq/LOlidtDkAz8alc6ZqGm45Djkt5tJgeVTthJRVcfxDbIt5+NEJnQfSaREPH7IGv++QqEXm+q/6UfeooDofqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADmCns7tVOSdgo8sdJ/pviO1wjbmsNdg8vwn2uTsPesYLTya9iaIXVfjvhM2jOqoglIGp2/udjphOJvJapmpPmr7v6jPSrzW6phW4NP75scWR61gr9a+HKGA2imA/UwRPbb4gV3sIkIZtzlAiBJ7mItQ3C4gg3UpzwFkCxeUVPira0zq87T0p3c8b2QaUdsqhnpHUlB1KeSKstGgrUShZbOh0/Qzu+Fkw+CPsbshlRpCzpL5gwz8YolLeAl9E+qXH2fbugc+gvJyxciN6bn5tMa8QwV833jYSUdt3f+P+BwVCWG1XbkbzLTxd3JWB5JNXtEzXpylnRgtTydLDTZyC3c=" ],
+ "priority" : [ "100" ]
}
- },
- {
- "id": "5b4f58fc-aff7-4e12-8c48-40aeb3db1432",
- "alias": "review profile config",
- "config": {
- "update.profile.on.first.login": "missing"
+ }, {
+ "id" : "df28b561-7463-4927-974d-615618056b41",
+ "name" : "aes-generated",
+ "providerId" : "aes-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "04a0e3ff-030f-4d22-a125-449f1541b83c" ],
+ "secret" : [ "uhC2E9sCbuigVhRLbnCmCQ" ],
+ "priority" : [ "100" ]
}
+ } ]
+ },
+ "internationalizationEnabled" : false,
+ "supportedLocales" : [ ],
+ "authenticationFlows" : [ {
+ "id" : "2e13d5a8-b0fb-475b-8991-66d1cc8e99f1",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "0bf3a099-5ef5-4ea9-b325-5bc9699180a6",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "88ca29ab-cbe0-4e3f-938a-e6c5327748ab",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "789e7d43-bc05-44d2-8c09-de7fee9d56de",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "ee145b84-2b30-438e-9cee-6fe90909af1a",
+ "alias" : "Handle Existing Account",
+ "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "853d891a-0009-443c-91c3-a7f1ad1dd0dc",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "d7f13a9b-a13c-4236-ae41-df8da7e5fa8d",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "3cb699ee-11d4-44be-878b-a183b9e96b59",
+ "alias" : "Verify Existing Account by Re-authentication",
+ "description" : "Reauthentication of existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "61d5a1e2-7074-41ad-97bf-e5c41c70989e",
+ "alias" : "browser",
+ "description" : "Browser based authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 25,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "forms",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "21dabcf1-8817-4f2d-981a-13239e160b56",
+ "alias" : "clients",
+ "description" : "Base authentication for clients",
+ "providerId" : "client-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "client-secret",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-x509",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 40,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "a349aeb2-9373-47ec-9381-0c379df56c71",
+ "alias" : "direct grant",
+ "description" : "OpenID Connect Resource Owner Grant",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "39b3aa37-4ece-4e31-acbc-79889994713e",
+ "alias" : "docker auth",
+ "description" : "Used by Docker clients to authenticate against the IDP",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "18561349-cc5e-4e5b-bcb2-979645118f96",
+ "alias" : "first broker login",
+ "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "review profile config",
+ "authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "9933f082-3d53-4575-b011-90e6933fb2a1",
+ "alias" : "forms",
+ "description" : "Username, password, otp and other auth forms.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "00285357-456a-4fd4-b449-ed25253e6364",
+ "alias" : "registration",
+ "description" : "Registration flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : true,
+ "flowAlias" : "registration form",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "b9131fa9-5614-42b4-8353-c6c15e66c2ce",
+ "alias" : "registration form",
+ "description" : "Registration form",
+ "providerId" : "form-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 50,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 60,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-terms-and-conditions",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 70,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "424642cc-3a71-4732-ba38-b737179ce37f",
+ "alias" : "reset credentials",
+ "description" : "Reset credentials for a user if they forgot their password or something",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 40,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "c8c9c4dc-a39d-4ba6-ad4b-9447a8125349",
+ "alias" : "saml ecp",
+ "description" : "SAML ECP Profile Authentication Flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ } ],
+ "authenticatorConfig" : [ {
+ "id" : "49d63952-ca6e-450c-a65f-70388169cb90",
+ "alias" : "create unique user config",
+ "config" : {
+ "require.password.update.after.registration" : "false"
}
- ],
- "requiredActions": [
- {
- "alias": "CONFIGURE_TOTP",
- "name": "Configure OTP",
- "providerId": "CONFIGURE_TOTP",
- "enabled": true,
- "defaultAction": false,
- "priority": 10,
- "config": {}
- },
- {
- "alias": "TERMS_AND_CONDITIONS",
- "name": "Terms and Conditions",
- "providerId": "TERMS_AND_CONDITIONS",
- "enabled": false,
- "defaultAction": false,
- "priority": 20,
- "config": {}
- },
- {
- "alias": "UPDATE_PASSWORD",
- "name": "Update Password",
- "providerId": "UPDATE_PASSWORD",
- "enabled": true,
- "defaultAction": false,
- "priority": 30,
- "config": {}
- },
- {
- "alias": "UPDATE_PROFILE",
- "name": "Update Profile",
- "providerId": "UPDATE_PROFILE",
- "enabled": true,
- "defaultAction": false,
- "priority": 40,
- "config": {}
- },
- {
- "alias": "VERIFY_EMAIL",
- "name": "Verify Email",
- "providerId": "VERIFY_EMAIL",
- "enabled": true,
- "defaultAction": false,
- "priority": 50,
- "config": {}
- },
- {
- "alias": "delete_account",
- "name": "Delete Account",
- "providerId": "delete_account",
- "enabled": false,
- "defaultAction": false,
- "priority": 60,
- "config": {}
- },
- {
- "alias": "webauthn-register",
- "name": "Webauthn Register",
- "providerId": "webauthn-register",
- "enabled": true,
- "defaultAction": false,
- "priority": 70,
- "config": {}
- },
- {
- "alias": "webauthn-register-passwordless",
- "name": "Webauthn Register Passwordless",
- "providerId": "webauthn-register-passwordless",
- "enabled": true,
- "defaultAction": false,
- "priority": 80,
- "config": {}
- },
- {
- "alias": "VERIFY_PROFILE",
- "name": "Verify Profile",
- "providerId": "VERIFY_PROFILE",
- "enabled": true,
- "defaultAction": false,
- "priority": 90,
- "config": {}
- },
- {
- "alias": "delete_credential",
- "name": "Delete Credential",
- "providerId": "delete_credential",
- "enabled": true,
- "defaultAction": false,
- "priority": 100,
- "config": {}
- },
- {
- "alias": "update_user_locale",
- "name": "Update User Locale",
- "providerId": "update_user_locale",
- "enabled": true,
- "defaultAction": false,
- "priority": 1000,
- "config": {}
+ }, {
+ "id" : "5b4f58fc-aff7-4e12-8c48-40aeb3db1432",
+ "alias" : "review profile config",
+ "config" : {
+ "update.profile.on.first.login" : "missing"
}
- ],
- "browserFlow": "browser",
- "registrationFlow": "registration",
- "directGrantFlow": "direct grant",
- "resetCredentialsFlow": "reset credentials",
- "clientAuthenticationFlow": "clients",
- "dockerAuthenticationFlow": "docker auth",
- "firstBrokerLoginFlow": "first broker login",
- "attributes": {
- "cibaBackchannelTokenDeliveryMode": "poll",
- "cibaAuthRequestedUserHint": "login_hint",
- "clientOfflineSessionMaxLifespan": "0",
- "oauth2DevicePollingInterval": "5",
- "clientSessionIdleTimeout": "0",
- "clientOfflineSessionIdleTimeout": "0",
- "cibaInterval": "5",
- "realmReusableOtpCode": "false",
- "cibaExpiresIn": "120",
- "oauth2DeviceCodeLifespan": "600",
- "parRequestUriLifespan": "60",
- "clientSessionMaxLifespan": "0",
- "frontendUrl": "",
- "organizationsEnabled": "false",
- "acr.loa.map": "{}"
+ } ],
+ "requiredActions" : [ {
+ "alias" : "CONFIGURE_TOTP",
+ "name" : "Configure OTP",
+ "providerId" : "CONFIGURE_TOTP",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 10,
+ "config" : { }
+ }, {
+ "alias" : "TERMS_AND_CONDITIONS",
+ "name" : "Terms and Conditions",
+ "providerId" : "TERMS_AND_CONDITIONS",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 20,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PASSWORD",
+ "name" : "Update Password",
+ "providerId" : "UPDATE_PASSWORD",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 30,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PROFILE",
+ "name" : "Update Profile",
+ "providerId" : "UPDATE_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 40,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_EMAIL",
+ "name" : "Verify Email",
+ "providerId" : "VERIFY_EMAIL",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 50,
+ "config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_PROFILE",
+ "name" : "Verify Profile",
+ "providerId" : "VERIFY_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 90,
+ "config" : { }
+ }, {
+ "alias" : "delete_credential",
+ "name" : "Delete Credential",
+ "providerId" : "delete_credential",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 100,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
+ } ],
+ "browserFlow" : "browser",
+ "registrationFlow" : "registration",
+ "directGrantFlow" : "direct grant",
+ "resetCredentialsFlow" : "reset credentials",
+ "clientAuthenticationFlow" : "clients",
+ "dockerAuthenticationFlow" : "docker auth",
+ "firstBrokerLoginFlow" : "first broker login",
+ "attributes" : {
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "clientOfflineSessionMaxLifespan" : "0",
+ "oauth2DevicePollingInterval" : "5",
+ "clientSessionIdleTimeout" : "0",
+ "clientOfflineSessionIdleTimeout" : "0",
+ "cibaInterval" : "5",
+ "realmReusableOtpCode" : "false",
+ "cibaExpiresIn" : "120",
+ "oauth2DeviceCodeLifespan" : "600",
+ "parRequestUriLifespan" : "60",
+ "clientSessionMaxLifespan" : "0",
+ "frontendUrl" : "",
+ "acr.loa.map" : "{}"
},
- "keycloakVersion": "26.0.0",
- "userManagedAccessAllowed": false,
- "organizationsEnabled": false,
- "clientProfiles": {
- "profiles": []
+ "keycloakVersion" : "24.0.5",
+ "userManagedAccessAllowed" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
},
- "clientPolicies": {
- "policies": []
+ "clientPolicies" : {
+ "policies" : [ ]
}
}
\ No newline at end of file
diff --git a/dbrepo-data-service/rest-service/src/main/resources/init/querystore.sql b/dbrepo-data-service/rest-service/src/main/resources/init/querystore.sql
index 3e7471df3e1eb3a1bb79db7246ecb805a06f495c..de488f89ee3b9b24426927bb114a3e73f4d6daf0 100644
--- a/dbrepo-data-service/rest-service/src/main/resources/init/querystore.sql
+++ b/dbrepo-data-service/rest-service/src/main/resources/init/querystore.sql
@@ -1,5 +1,3 @@
-CREATE SEQUENCE `qs_queries_seq` NOCACHE;
-CREATE TABLE `qs_queries` ( `id` bigint not null primary key default nextval(`qs_queries_seq`), `created` datetime not null default now(), `executed` datetime not null default now(), `created_by` varchar(36), `query` text not null, `query_normalized` text not null, `is_persisted` boolean not null, `query_hash` varchar(255) not null, `result_hash` varchar(255), `result_number` bigint ) WITH SYSTEM VERSIONING;
CREATE PROCEDURE hash_table(IN name VARCHAR(255), OUT hash VARCHAR(255), OUT count BIGINT) BEGIN DECLARE _sql TEXT; SELECT CONCAT('SELECT SHA2(GROUP_CONCAT(CONCAT_WS(\'\',', GROUP_CONCAT(CONCAT('`', column_name, '`') ORDER BY column_name), ') SEPARATOR \',\'), 256) AS hash, COUNT(*) AS count FROM `', name, '` INTO @hash, @count;') FROM `information_schema`.`columns` WHERE `table_schema` = DATABASE() AND `table_name` = name INTO _sql; PREPARE stmt FROM _sql; EXECUTE stmt; DEALLOCATE PREPARE stmt; SET hash = @hash; SET count = @count; END;
CREATE PROCEDURE store_query(IN query TEXT, IN executed DATETIME, OUT queryId BIGINT) BEGIN DECLARE _queryhash varchar(255) DEFAULT SHA2(query, 256); DECLARE _username varchar(255) DEFAULT REGEXP_REPLACE(current_user(), '@.*', ''); DECLARE _query TEXT DEFAULT CONCAT('CREATE OR REPLACE TABLE _tmp AS (', query, ')'); PREPARE stmt FROM _query; EXECUTE stmt; DEALLOCATE PREPARE stmt; CALL hash_table('_tmp', @hash, @count); DROP TABLE IF EXISTS `_tmp`; IF @hash IS NULL THEN INSERT INTO `qs_queries` (`created_by`, `query`, `query_normalized`, `is_persisted`, `query_hash`, `result_hash`, `result_number`, `executed`) SELECT _username, query, query, false, _queryhash, @hash, @count, executed WHERE NOT EXISTS (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` IS NULL); SET queryId = (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` IS NULL); ELSE INSERT INTO `qs_queries` (`created_by`, `query`, `query_normalized`, `is_persisted`, `query_hash`, `result_hash`, `result_number`, `executed`) SELECT _username, query, query, false, _queryhash, @hash, @count, executed WHERE NOT EXISTS (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` = @hash); SET queryId = (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` = @hash); END IF; END;
CREATE DEFINER = 'root' PROCEDURE _store_query(IN _username VARCHAR(255), IN query TEXT, IN executed DATETIME, OUT queryId BIGINT) BEGIN DECLARE _queryhash varchar(255) DEFAULT SHA2(query, 256); DECLARE _query TEXT DEFAULT CONCAT('CREATE OR REPLACE TABLE _tmp AS (', query, ')'); PREPARE stmt FROM _query; EXECUTE stmt; DEALLOCATE PREPARE stmt; CALL hash_table('_tmp', @hash, @count); DROP TABLE IF EXISTS `_tmp`; IF @hash IS NULL THEN INSERT INTO `qs_queries` (`created_by`, `query`, `query_normalized`, `is_persisted`, `query_hash`, `result_hash`, `result_number`, `executed`) SELECT _username, query, query, false, _queryhash, @hash, @count, executed WHERE NOT EXISTS (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` IS NULL); SET queryId = (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` IS NULL); ELSE INSERT INTO `qs_queries` (`created_by`, `query`, `query_normalized`, `is_persisted`, `query_hash`, `result_hash`, `result_number`, `executed`) SELECT _username, query, query, false, _queryhash, @hash, @count, executed WHERE NOT EXISTS (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` = @hash); SET queryId = (SELECT `id` FROM `qs_queries` WHERE `query_hash` = _queryhash AND `result_hash` = @hash); END IF; END;
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 315f6bf1884c1e49d2ac870ab53f50d7a6b8c449..5a0d1a4242d9ca2f7f0f8cd97617def35e65cd6a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -80,7 +80,7 @@ services:
restart: "no"
container_name: dbrepo-auth-service
hostname: auth-service
- image: bitnami/keycloak:26.0.0-debian-12-r1
+ image: bitnami/keycloak:24.0.5-debian-12-r8
volumes:
- ./dbrepo-auth-service/import-realms.sh:/docker-entrypoint-initdb.d/import-realms.sh
- ./dbrepo-auth-service/master-realm.json:/opt/keycloak/data/import/master-realm.json
@@ -90,13 +90,12 @@ services:
environment:
KEYCLOAK_ENABLE_HTTPS: "false"
KEYCLOAK_ENABLE_STATISTICS: "true"
- KEYCLOAK_ENABLE_HEALTH_ENDPOINTS: "true"
KEYCLOAK_DATABASE_HOST: "auth-db"
KEYCLOAK_DATABASE_NAME: "${AUTH_DB_NAME:-keycloak}"
KEYCLOAK_DATABASE_USER: "${AUTH_DB_USERNAME:-keycloak}"
KEYCLOAK_DATABASE_PASSWORD: "${AUTH_DB_PASSWORD:-dbrepo}"
healthcheck:
- test: curl --head -fsS http://localhost:9000/health/ready
+ test: curl -fsS http://localhost:8080/realms/master
interval: 10s
timeout: 5s
retries: 12
diff --git a/helm/dbrepo/Chart.lock b/helm/dbrepo/Chart.lock
index 0ae700f9d6f0a4674036ae4fb26c4aafc6ee1a5f..b18ee6f5f6f9fa67da970a2779fd6a33ca3974a1 100644
--- a/helm/dbrepo/Chart.lock
+++ b/helm/dbrepo/Chart.lock
@@ -6,25 +6,25 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
version: 21.6.1
- name: mariadb-galera
- repository: oci://registry-1.docker.io/bitnamicharts
+ repository: https://charts.bitnami.com/bitnami
version: 13.2.7
- name: mariadb-galera
- repository: oci://registry-1.docker.io/bitnamicharts
+ repository: https://charts.bitnami.com/bitnami
version: 13.2.7
- name: rabbitmq
- repository: oci://registry-1.docker.io/bitnamicharts
+ repository: https://charts.bitnami.com/bitnami
version: 14.0.0
- name: seaweedfs
repository: file://../seaweedfs
version: 4.2.1
- name: grafana
- repository: oci://registry-1.docker.io/bitnamicharts
+ repository: https://charts.bitnami.com/bitnami
version: 11.4.2
- name: prometheus
- repository: oci://registry-1.docker.io/bitnamicharts
+ repository: https://charts.bitnami.com/bitnami
version: 1.3.22
- name: nginx
- repository: oci://registry-1.docker.io/bitnamicharts
+ repository: https://charts.bitnami.com/bitnami
version: 18.3.1
-digest: sha256:f244730fab10d52050634ce3286413d378b92e4dc97b0ad2951295c0d2971146
-generated: "2025-01-14T16:48:00.637443736+01:00"
+digest: sha256:414c043a3751945d7bd5b02fa00ee0464bee7f08efb469e00a5f059cdbff03b5
+generated: "2025-01-19T17:22:48.686050629+01:00"
diff --git a/helm/dbrepo/charts/mariadb-galera-13.2.7.tgz b/helm/dbrepo/charts/mariadb-galera-13.2.7.tgz
index 92bfce78d9c52d62ca9d7e4816c51dccece8af2b..377afe25d2435c5788c26592b39797aa1378e966 100644
Binary files a/helm/dbrepo/charts/mariadb-galera-13.2.7.tgz and b/helm/dbrepo/charts/mariadb-galera-13.2.7.tgz differ
diff --git a/helm/dbrepo/charts/prometheus-1.3.22.tgz b/helm/dbrepo/charts/prometheus-1.3.22.tgz
index 5c26eda5dfb6ec24a8e3cf1b22e1b3aee10d838e..3d81a5e625af76257c1a7bc032e889005bc66607 100644
Binary files a/helm/dbrepo/charts/prometheus-1.3.22.tgz and b/helm/dbrepo/charts/prometheus-1.3.22.tgz differ
diff --git a/helm/dbrepo/charts/rabbitmq-14.0.0.tgz b/helm/dbrepo/charts/rabbitmq-14.0.0.tgz
index e858784faeff04c04a34ebad05885197f565c1e0..39ea3aaef2a94fe507a08242bbfe37209eb9fa53 100644
Binary files a/helm/dbrepo/charts/rabbitmq-14.0.0.tgz and b/helm/dbrepo/charts/rabbitmq-14.0.0.tgz differ
diff --git a/helm/dbrepo/charts/seaweedfs-4.2.1.tgz b/helm/dbrepo/charts/seaweedfs-4.2.1.tgz
index fece394e7c53ae6f207c913485155b278314ad1c..768b5d085bbfc1d987250a546ffb3e032959c241 100644
Binary files a/helm/dbrepo/charts/seaweedfs-4.2.1.tgz and b/helm/dbrepo/charts/seaweedfs-4.2.1.tgz differ
diff --git a/helm/dbrepo/templates/auth-configmap.yaml b/helm/dbrepo/templates/auth-configmap.yaml
index 9a237767cce39c2b3ad2cdb9c307f858ae158224..ffd14c4b1765cab2f20af5888c746fbf47a71a45 100644
--- a/helm/dbrepo/templates/auth-configmap.yaml
+++ b/helm/dbrepo/templates/auth-configmap.yaml
@@ -5,8 +5,6 @@ metadata:
name: auth-service-config
namespace: {{ include "common.names.namespace" . | quote }}
data:
- KC_HOSTNAME_PATH: "/"
- KC_HOSTNAME_ADMIN_URL: "{{ .Values.gateway }}/"
dbrepo-realm.json: |
{
"id" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -83,7 +81,7 @@ data:
"description" : "${default-system-roles}",
"composite" : true,
"composites" : {
- "realm" : [ "delete-database-view", "update-semantic-unit", "export-query-data", "check-foreign-database-access", "default-data-steward-roles", "execute-query", "default-user-handling", "delete-table-data", "find-query", "list-database-views", "persist-query", "update-search-index", "delete-database-access", "view-table-history", "create-ontology", "update-ontology", "modify-user-theme", "default-system-roles", "create-semantic-concept", "default-container-handling", "create-container", "create-table", "default-broker-handling", "default-maintenance-handling", "execute-semantic-query", "uma_authorization", "table-semantic-analyse", "list-containers", "check-database-access", "escalated-query-handling", "delete-identifier", "modify-database-owner", "list-tables", "export-table-data", "create-database-access", "delete-container", "re-execute-query", "create-semantic-unit", "escalated-identifier-handling", "system", "update-table-statistic", "escalated-semantics-handling", "default-database-handling", "delete-ontology", "find-database", "find-database-view", "update-semantic-concept", "find-user", "import-database-data", "publish-identifier", "default-roles-dbrepo", "find-foreign-user", "create-database", "create-maintenance-message", "find-maintenance-message", "escalated-container-handling", "default-researcher-roles", "default-identifier-handling", "escalated-user-handling", "modify-user-information", "create-database-view", "update-maintenance-message", "delete-foreign-table", "offline_access", "modify-foreign-table-column-semantics", "delete-maintenance-message", "find-container", "insert-table-data", "modify-identifier-metadata", "modify-database-image", "escalated-broker-handling", "modify-table-column-semantics", "escalated-database-handling", "default-semantics-handling", "update-database-access", "default-query-handling", "find-table", "list-queries", "default-developer-roles", "create-identifier", "escalated-table-handling", "find-identifier", "view-database-view-data", "view-table-data", "list-licenses", "default-table-handling", "list-identifiers", "create-foreign-identifier", "list-databases", "list-ontologies", "modify-database-visibility", "list-maintenance-messages", "delete-table" ]
+ "realm" : [ "delete-database-view", "update-semantic-unit", "export-query-data", "check-foreign-database-access", "default-data-steward-roles", "execute-query", "default-user-handling", "delete-table-data", "find-query", "list-database-views", "persist-query", "update-search-index", "delete-database-access", "view-table-history", "create-ontology", "update-ontology", "modify-user-theme", "default-system-roles", "create-semantic-concept", "default-container-handling", "create-container", "create-table", "default-broker-handling", "default-maintenance-handling", "execute-semantic-query", "uma_authorization", "table-semantic-analyse", "list-containers", "check-database-access", "escalated-query-handling", "delete-identifier", "modify-database-owner", "list-tables", "export-table-data", "create-database-access", "delete-container", "re-execute-query", "create-semantic-unit", "escalated-identifier-handling", "system", "update-table-statistic", "escalated-semantics-handling", "default-database-handling", "delete-ontology", "find-database", "find-database-view", "update-semantic-concept", "find-user", "import-database-data", "publish-identifier", "default-roles-dbrepo", "find-foreign-user", "create-database", "create-maintenance-message", "find-maintenance-message", "escalated-container-handling", "default-researcher-roles", "default-identifier-handling", "escalated-user-handling", "modify-user-information", "create-database-view", "update-maintenance-message", "delete-foreign-table", "offline_access", "modify-foreign-table-column-semantics", "delete-maintenance-message", "find-container", "insert-table-data", "modify-identifier-metadata", "modify-database-image", "escalated-broker-handling", "modify-table-column-semantics", "escalated-database-handling", "default-semantics-handling", "update-database-access", "default-query-handling", "find-table", "list-queries", "default-developer-roles", "create-identifier", "escalated-table-handling", "find-identifier", "view-table-data", "list-licenses", "default-table-handling", "list-identifiers", "create-foreign-identifier", "list-databases", "list-ontologies", "modify-database-visibility", "list-maintenance-messages", "delete-table" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -156,19 +154,11 @@ data:
"description" : "${default-table-handling}",
"composite" : true,
"composites" : {
- "realm" : [ "modify-table-column-semantics", "list-tables", "update-table-statistic", "find-table", "create-table", "delete-table" ]
+ "realm" : [ "modify-table-column-semantics", "list-tables", "update-table-statistic", "find-table", "create-table", "delete-table", "update-table" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
- }, {
- "id" : "b0d66d3d-59b4-4aae-aa66-e3d5a49f28e3",
- "name" : "view-database-view-data",
- "description" : "${view-database-view-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
}, {
"id" : "f5ea431a-9b2c-4195-bcb4-9511f38e4b44",
"name" : "create-database-view",
@@ -229,7 +219,7 @@ data:
"description" : "${default-researcher-roles}",
"composite" : true,
"composites" : {
- "realm" : [ "default-table-handling", "default-semantics-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-broker-handling", "default-identifier-handling" ]
+ "realm" : [ "default-table-handling", "default-semantics-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-broker-handling", "default-identifier-handling", "default-view-handling" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -274,6 +264,14 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
+ }, {
+ "id" : "22449528-00c9-4e86-9400-4b8ae6fd8f4d",
+ "name" : "modify-view-visibility",
+ "description" : "${modify-view-visibility}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
}, {
"id" : "c12c1f4e-186f-4153-a795-26e79fb623d6",
"name" : "create-ontology",
@@ -306,6 +304,17 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
+ }, {
+ "id" : "d75e7938-9d5e-4cb3-8c57-18a446867d3a",
+ "name" : "default-view-handling",
+ "description" : "${default-view-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "delete-database-view", "update-database-view", "create-database-view", "modify-view-visibility", "find-database-view", "list-database-views" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
}, {
"id" : "535f1484-4514-4d24-8d97-e3f6c11a426b",
"name" : "create-container",
@@ -400,13 +409,21 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
+ }, {
+ "id" : "6ae766b0-b8b4-4067-a95d-c8576bc4ac77",
+ "name" : "update-table",
+ "description" : "${update-table}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
}, {
"id" : "64c16bfb-2015-48ad-a23f-637ff24419cb",
"name" : "default-query-handling",
"description" : "${default-query-handling}",
"composite" : true,
"composites" : {
- "realm" : [ "delete-database-view", "export-query-data", "execute-query", "delete-table-data", "export-table-data", "list-queries", "find-query", "list-database-views", "persist-query", "view-database-view-data", "view-table-data", "re-execute-query", "view-table-history", "create-database-view", "find-database-view", "insert-table-data" ]
+ "realm" : [ "delete-database-view", "export-query-data", "execute-query", "delete-table-data", "export-table-data", "list-queries", "find-query", "list-database-views", "persist-query", "view-table-data", "re-execute-query", "view-table-history", "create-database-view", "find-database-view", "insert-table-data" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -427,6 +444,14 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
+ }, {
+ "id" : "df20b7d1-8d30-4a99-80eb-e8195fab0e76",
+ "name" : "update-database-view",
+ "description" : "${update-database-view}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
}, {
"id" : "88f82262-be80-4d18-9fb4-5529da031f33",
"name" : "system",
@@ -920,7 +945,7 @@ data:
"composite" : true,
"composites" : {
"client" : {
- "realm-management" : [ "query-realms", "view-identity-providers", "manage-identity-providers", "manage-authorization", "query-clients", "view-authorization", "view-users", "manage-users", "view-realm", "query-users", "view-clients", "query-groups", "create-client", "manage-clients", "manage-events", "impersonation", "view-events", "manage-realm" ]
+ "realm-management" : [ "query-realms", "manage-authorization", "manage-identity-providers", "view-identity-providers", "query-clients", "view-authorization", "view-users", "manage-users", "view-realm", "query-users", "view-clients", "create-client", "query-groups", "impersonation", "manage-clients", "manage-events", "view-events", "manage-realm" ]
}
},
"clientRole" : true,
@@ -1221,12 +1246,13 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "d3c4a04e-39ce-4549-a34a-11e25774cd96",
@@ -1251,6 +1277,7 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
"post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
@@ -1265,7 +1292,7 @@ data:
"consentRequired" : false,
"config" : { }
} ],
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "81ef0f59-a5ca-4be4-a1d1-0c32edf1cfd6",
@@ -1288,12 +1315,14 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "post.logout.redirect.uris" : "+"
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true"
},
"authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
+ "fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "88694c91-753d-4c44-9740-ec9ac06bba45",
@@ -1316,6 +1345,7 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "true",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
@@ -1349,6 +1379,7 @@ data:
"frontchannelLogout" : true,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
"oidc.ciba.grant.enabled" : "false",
"client.secret.creation.time" : "1680085365",
"backchannel.logout.session.required" : "true",
@@ -1402,7 +1433,7 @@ data:
"claim.name" : "uid"
}
} ],
- "defaultClientScopes" : [ "roles", "attributes" ],
+ "defaultClientScopes" : [ "roles", "attributes", "basic" ],
"optionalClientScopes" : [ "rabbitmq.read:*/*", "web-origins", "acr", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
}, {
"id" : "25741f6b-4867-4138-8238-6345c6ba8702",
@@ -1430,6 +1461,7 @@ data:
"frontchannelLogout" : true,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
"oidc.ciba.grant.enabled" : "false",
"client.secret.creation.time" : "1680000860",
"backchannel.logout.session.required" : "true",
@@ -1469,7 +1501,7 @@ data:
"access.tokenResponse.claim" : "false"
}
} ],
- "defaultClientScopes" : [ "web-origins", "acr", "rabbitmq.tag:management" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "rabbitmq.tag:management", "basic" ],
"optionalClientScopes" : [ "rabbitmq.read:*/*", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "roles", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
}, {
"id" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
@@ -1492,6 +1524,7 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "true",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
@@ -1522,11 +1555,13 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
"post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
+ "fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "c4d54410-3f22-4259-9571-94da2c43b752",
@@ -1543,7 +1578,7 @@ data:
"jsonType.label" : "String"
}
} ],
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
@@ -2046,6 +2081,41 @@ data:
"gui.order" : "",
"consent.screen.text" : ""
}
+ }, {
+ "id" : "ba11267a-478b-4b32-872f-4eb2d125d116",
+ "name" : "basic",
+ "description" : "OpenID Connect scope for add all basic claims to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "1445e14f-49b0-4666-8ddc-691493c24ad9",
+ "name" : "sub",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-sub-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ }, {
+ "id" : "846f1ef0-2b86-4e07-9d25-691d25af5fce",
+ "name" : "auth_time",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "AUTH_TIME",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "auth_time",
+ "jsonType.label" : "long"
+ }
+ } ]
}, {
"id" : "37f61543-dad7-4a82-8e10-77acdd1eefdc",
"name" : "roles",
@@ -2091,7 +2161,7 @@ data:
}
} ]
} ],
- "defaultDefaultClientScopes" : [ "rabbitmq.tag:administrator", "rabbitmq.tag:management" ],
+ "defaultDefaultClientScopes" : [ "rabbitmq.tag:administrator", "rabbitmq.tag:management", "basic" ],
"defaultOptionalClientScopes" : [ "rabbitmq.write:*/*", "offline_access", "rabbitmq.configure:*/*", "roles", "role_list", "address", "phone", "acr", "microprofile-jwt", "email", "attributes", "profile", "rabbitmq.read:*/*", "web-origins" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
@@ -2153,7 +2223,7 @@ data:
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper" ]
+ "allowed-protocol-mapper-types" : [ "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper" ]
}
}, {
"id" : "1849e52a-b8c9-44a8-af3d-ee19376a1ed1",
@@ -2179,7 +2249,7 @@ data:
"subType" : "authenticated",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-address-mapper" ]
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-address-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper" ]
}
} ],
"org.keycloak.storage.UserStorageProvider" : [ {
@@ -2231,8 +2301,8 @@ data:
"config" : {
"ldap.attribute" : [ "mail" ],
"is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
"read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
"user.model.attribute" : [ "email" ]
}
}, {
@@ -2245,15 +2315,15 @@ data:
"group.name.ldap.attribute" : [ "cn" ],
"preserve.group.inheritance" : [ "false" ],
"membership.user.ldap.attribute" : [ "uid" ],
- "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "groups.dn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
"mode" : [ "LDAP_ONLY" ],
"user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
- "ignore.missing.groups" : [ "false" ],
"membership.ldap.attribute" : [ "member" ],
+ "ignore.missing.groups" : [ "false" ],
"memberof.ldap.attribute" : [ "memberOf" ],
"group.object.classes" : [ "groupOfNames" ],
- "groups.path" : [ "/" ],
- "drop.non.existing.groups.during.sync" : [ "false" ]
+ "drop.non.existing.groups.during.sync" : [ "false" ],
+ "groups.path" : [ "/" ]
}
}, {
"id" : "b6ff3285-35af-4e86-8bb4-d94b8e0d70bb",
@@ -2284,19 +2354,19 @@ data:
} ]
},
"config" : {
- "fullSyncPeriod" : [ "-1" ],
"pagination" : [ "false" ],
+ "fullSyncPeriod" : [ "-1" ],
"startTls" : [ "false" ],
- "usersDn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
"connectionPooling" : [ "true" ],
+ "usersDn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
"cachePolicy" : [ "DEFAULT" ],
"useKerberosForPasswordAuthentication" : [ "false" ],
"importEnabled" : [ "true" ],
"enabled" : [ "true" ],
+ "changedSyncPeriod" : [ "-1" ],
"bindDn" : [ "cn={{ .Values.identityservice.global.adminUser }},{{ .Values.identityservice.global.ldapDomain }}" ],
- "bindCredential" : [ "{{ .Values.identityservice.global.adminPassword }}" ],
"usernameLDAPAttribute" : [ "uid" ],
- "changedSyncPeriod" : [ "-1" ],
+ "bindCredential" : [ "{{ .Values.identityservice.global.adminPassword }}" ],
"lastSync" : [ "1719252666" ],
"vendor" : [ "other" ],
"uuidLDAPAttribute" : [ "entryUUID" ],
@@ -2944,4 +3014,2237 @@ data:
"policies" : [ ]
}
}
-{{- end }}
+ master-realm.json: |
+ {
+ "id" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "realm" : "master",
+ "displayName" : "Keycloak",
+ "displayNameHtml" : "",
+ "notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
+ "revokeRefreshToken" : false,
+ "refreshTokenMaxReuse" : 0,
+ "accessTokenLifespan" : 60,
+ "accessTokenLifespanForImplicitFlow" : 900,
+ "ssoSessionIdleTimeout" : 1800,
+ "ssoSessionMaxLifespan" : 36000,
+ "ssoSessionIdleTimeoutRememberMe" : 0,
+ "ssoSessionMaxLifespanRememberMe" : 0,
+ "offlineSessionIdleTimeout" : 2592000,
+ "offlineSessionMaxLifespanEnabled" : false,
+ "offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
+ "accessCodeLifespan" : 60,
+ "accessCodeLifespanUserAction" : 300,
+ "accessCodeLifespanLogin" : 1800,
+ "actionTokenGeneratedByAdminLifespan" : 43200,
+ "actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
+ "enabled" : true,
+ "sslRequired" : "external",
+ "registrationAllowed" : false,
+ "registrationEmailAsUsername" : false,
+ "rememberMe" : false,
+ "verifyEmail" : false,
+ "loginWithEmailAllowed" : true,
+ "duplicateEmailsAllowed" : false,
+ "resetPasswordAllowed" : false,
+ "editUsernameAllowed" : false,
+ "bruteForceProtected" : false,
+ "permanentLockout" : false,
+ "maxTemporaryLockouts" : 0,
+ "maxFailureWaitSeconds" : 900,
+ "minimumQuickLoginWaitSeconds" : 60,
+ "waitIncrementSeconds" : 60,
+ "quickLoginCheckMilliSeconds" : 1000,
+ "maxDeltaTimeSeconds" : 43200,
+ "failureFactor" : 30,
+ "roles" : {
+ "realm" : [ {
+ "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
+ "name" : "default-roles-master",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ],
+ "client" : {
+ "account" : [ "view-profile", "manage-account" ]
+ }
+ },
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "646cda2d-911d-459e-8522-b28ba3126341",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "344b3b83-99f7-43f7-8533-76f64195eab6",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "9ca176f3-c0c8-4ba1-8364-c38f3ce4f88b",
+ "name" : "admin",
+ "description" : "${role_admin}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-realm" ],
+ "client" : {
+ "master-realm" : [ "manage-realm", "view-events", "view-authorization", "manage-authorization", "query-realms", "query-clients", "manage-clients", "view-clients", "create-client", "impersonation", "query-users", "view-identity-providers", "manage-users", "manage-events", "view-realm", "query-groups", "manage-identity-providers", "view-users" ],
+ "dbrepo-realm" : [ "manage-users", "query-realms", "query-groups", "manage-identity-providers", "manage-events", "manage-authorization", "query-users", "manage-clients", "view-users", "view-events", "view-authorization", "query-clients", "view-identity-providers", "view-realm", "view-clients", "create-client", "manage-realm", "impersonation" ]
+ }
+ },
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "6e765f03-5dee-4061-b027-c3ec41114329",
+ "name" : "default-system-roles",
+ "description" : "${default-system-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-realm", "default-roles-master", "default-system-roles", "offline_access", "admin", "uma_authorization" ]
+ },
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "3da4e842-c3cc-4bcd-a2f0-dec1ec36f3c5",
+ "name" : "create-realm",
+ "description" : "${role_create-realm}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ } ],
+ "client" : {
+ "security-admin-console" : [ ],
+ "admin-cli" : [ ],
+ "account-console" : [ ],
+ "broker" : [ {
+ "id" : "07de46e9-cc5c-4b50-8904-14443ed4d1f1",
+ "name" : "read-token",
+ "description" : "${role_read-token}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "217563ea-11c7-4c96-969b-af076d740f7c",
+ "attributes" : { }
+ } ],
+ "master-realm" : [ {
+ "id" : "5c8f38f8-0a16-4f92-8fa2-81a6301f6215",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "d0ab2e61-c7e4-49f3-9af2-965f20ec725a",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "89d438ee-957d-435c-b201-5be06aee01fd",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "664a9190-f73f-4f83-83bc-a2185cea334c",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "b3c0e4db-5a09-4d1e-9ced-96a34efb6398",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "5cd61b20-da2b-4fed-b0c3-2fb5819ab06b",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "94ceae4b-2cb8-4d10-bf11-8ce5c1ec9c55",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "77072e30-3941-4b32-a8c8-76993fc507bb",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "ea00baa8-f64d-409d-936d-ecf0adec5a57",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fb2c167e-fb6b-4db5-b0bf-d2c8454ceee5",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "f0370bc0-15d6-43f1-82bc-7d31f37b19e4",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "f0448680-b803-471e-8d0a-ec3e34a24228",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "dfdf768b-ac34-4491-b5d2-0938242e7e48",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "d5ff044b-c4e0-4197-8f51-833e8a956396",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "aaf73aa0-52a3-4833-8521-1eb1312b9f33",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fa08c54a-1f0c-4392-bf6a-a698bf3d164b",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "master-realm" : [ "query-groups", "query-users" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fd317e90-0b34-4263-8906-caa9d6000b28",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "162f12db-6d7f-4c53-905c-3f4bbd80fd58",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "master-realm" : [ "query-clients" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ } ],
+ "account" : [ {
+ "id" : "50c2778e-15fa-4c14-9414-5937649eb89f",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "083c3506-866a-4b85-ae57-bab1c29ac33e",
+ "name" : "view-groups",
+ "description" : "${role_view-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "a1942880-1a32-402c-b9bb-e8f5edf2ba1a",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "a69f73d6-ce42-41e6-b341-30a2d99caba8",
+ "name" : "manage-account-links",
+ "description" : "${role_manage-account-links}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "ac22aeec-062a-4fc0-ac79-aa849ee55d84",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-consent" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "ad45329d-0efa-4505-906a-5a69b6c8414a",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "8c0bfbdf-1914-4522-9024-ef0e6e91be9d",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "f34de6ff-a5aa-41a7-a8d2-87bdfa850c50",
+ "name" : "manage-account",
+ "description" : "${role_manage-account}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "manage-account-links" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ } ],
+ "dbrepo-realm" : [ {
+ "id" : "89292ccf-3b12-4c8b-a615-966ddcf14556",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "784f2fdf-a090-4452-8a02-d9cc8227df8f",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "57a70a96-bc56-4629-8d2b-86c68ac1c6f6",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "60349d70-ba29-426d-9c05-df0b11e1a73b",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "c07819ae-8951-4dc4-af4d-bca93c60eb5a",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "86842bf0-7f63-4053-8389-2ec5401cb2a9",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "0a1579a0-76c5-4ee3-90cc-c924827b7492",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "4eb0d05c-38c7-4d45-b858-ad7011df0ac0",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "d4ff5a03-21e8-440c-9ccb-690ecbb89684",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "00d523c3-e9c7-45c3-8221-0b6d6c82cd5d",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "c441f018-7113-4fcb-8208-10ab4bd4bb27",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "dbrepo-realm" : [ "query-clients" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "a146533f-fbf3-4513-8505-cf44473f5459",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "d3d0ed01-05a5-4812-8fa7-9231f71e61fa",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "fcaed53d-022a-416d-b207-a6ae694a9384",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "cefdb023-0eec-4c05-93d7-8b557bb28a81",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "dbrepo-realm" : [ "query-users", "query-groups" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "44d13b2a-a2b5-4f3b-bea1-4ab550205e12",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "17378e7a-9a78-4e92-ae0b-6bdfadede2d5",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "7810ab39-c546-456c-81eb-7ee09492da92",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ } ]
+ }
+ },
+ "groups" : [ {
+ "id" : "1fcdbec1-9c86-4a14-a859-425b43cf73cb",
+ "name" : "system",
+ "path" : "/system",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-roles-master", "default-system-roles", "admin", "create-realm" ],
+ "clientRoles" : { }
+ } ],
+ "defaultRole" : {
+ "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
+ "name" : "default-roles-master",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd"
+ },
+ "requiredCredentials" : [ "password" ],
+ "otpPolicyType" : "totp",
+ "otpPolicyAlgorithm" : "HmacSHA1",
+ "otpPolicyInitialCounter" : 0,
+ "otpPolicyDigits" : 6,
+ "otpPolicyLookAheadWindow" : 1,
+ "otpPolicyPeriod" : 30,
+ "otpPolicyCodeReusable" : false,
+ "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
+ "localizationTexts" : { },
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256", "RS256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyExtraOrigins" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256", "RS256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
+ "scopeMappings" : [ {
+ "clientScope" : "offline_access",
+ "roles" : [ "offline_access" ]
+ } ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account", "view-groups" ]
+ } ]
+ },
+ "clients" : [ {
+ "id" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "clientId" : "account",
+ "name" : "${client_account}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/master/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/master/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "1af255f9-7eee-415c-9096-3a717d2c5150",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/master/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/master/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "63d1e47d-6e61-4f36-8a5b-98384a782d60",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "65ce3e14-5e30-424a-a6bd-0b194da203ef",
+ "clientId" : "admin-cli",
+ "name" : "${client_admin-cli}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : false,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "217563ea-11c7-4c96-969b-af076d740f7c",
+ "clientId" : "broker",
+ "name" : "${client_broker}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "clientId" : "dbrepo-realm",
+ "name" : "dbrepo Realm",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ ],
+ "optionalClientScopes" : [ ]
+ }, {
+ "id" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "clientId" : "master-realm",
+ "name" : "master Realm",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "b2a24dc7-01d2-4a5a-8385-8b06d2b8a3fb",
+ "clientId" : "security-admin-console",
+ "name" : "${client_security-admin-console}",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/master/console/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/admin/master/console/*" ],
+ "webOrigins" : [ "+" ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "54d1c74b-4eb6-483b-88b5-261964dd182a",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ } ],
+ "clientScopes" : [ {
+ "id" : "12ce4fa5-b53e-47dc-b70f-caf2110e31cd",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "4aed5e41-0d8d-4c24-80a0-cd9822072756",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "introspection.token.claim" : "true",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
+ "access.token.claim" : "true",
+ "user.attribute.locality" : "locality"
+ }
+ } ]
+ }, {
+ "id" : "a7683fe7-1c8b-44f8-9be7-a28acdffa61e",
+ "name" : "organization",
+ "description" : "Additional claims about the organization a subject belongs to",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${organizationScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "5e80a7d2-c9d0-48e1-aadc-d8848ff90f92",
+ "name" : "organization",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-organization-membership-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "organization",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "0411ea86-a074-4781-850d-ea3ca94590a2",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ }
+ }, {
+ "id" : "4363ea0f-c7e9-43f3-8611-146514c37b47",
+ "name" : "basic",
+ "description" : "OpenID Connect scope for add all basic claims to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "0b691845-92b7-47b8-82d3-6fea760d885a",
+ "name" : "sub",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-sub-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ }, {
+ "id" : "15db8f91-12c9-444c-8661-5a795856e884",
+ "name" : "auth_time",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "AUTH_TIME",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "auth_time",
+ "jsonType.label" : "long"
+ }
+ } ]
+ }, {
+ "id" : "5f9da2a4-b8d2-48cd-9343-5c8ff42ef637",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "2d1400be-4053-4393-ba87-91b64f699054",
+ "name" : "full name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-full-name-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "6b12336d-589e-4023-9c51-1da3a4114a62",
+ "name" : "website",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "website",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "website",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "13a7a453-3862-40b4-8a81-550172a06dc0",
+ "name" : "zoneinfo",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "zoneinfo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "zoneinfo",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "43c149fc-aaf4-486a-a279-df624d2eb47e",
+ "name" : "given name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "firstName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "8bba390c-543b-4fe3-98db-e020184e5014",
+ "name" : "birthdate",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "birthdate",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "birthdate",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "dc5a7474-c62a-42d6-ba98-f2b2a7a7328c",
+ "name" : "nickname",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "nickname",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "nickname",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "9e02395e-5c37-46fb-8d30-0ebe6da3b7f0",
+ "name" : "gender",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "gender",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "gender",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d2f3d16d-21a8-4128-b60b-55e55046fa29",
+ "name" : "profile",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "profile",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "profile",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "825cafb6-3392-491a-bb34-e607330f5170",
+ "name" : "family name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "family_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "c44ac799-cac2-4200-b71b-badab4b48d92",
+ "name" : "updated at",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "updatedAt",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long"
+ }
+ }, {
+ "id" : "402b2c5f-0a7b-4520-9015-03fa9a1e2e4a",
+ "name" : "picture",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "picture",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "picture",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "f34812b0-28b3-486c-8911-9394890be4f6",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "3fe6f4f2-c881-4b84-87db-8e9b9243a7f0",
+ "name" : "middle name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "middleName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "middle_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "4d1465b2-c408-4a62-9821-afce35a55f12",
+ "name" : "username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "preferred_username",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "9b03908f-dac3-4bbd-8e93-ef29e64a59ad",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "d6678801-a0f1-4385-ae11-5dee90a9e3b4",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
+ }
+ } ]
+ }, {
+ "id" : "fa13fc44-16f6-4f82-965d-b86dfad2a984",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "f70938d7-e91f-4c45-bfed-3b974d0e4697",
+ "name" : "groups",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "foo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "groups",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "1636d5e3-2af1-4d54-a60f-9db1f562b009",
+ "name" : "upn",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "upn",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "1124b695-1319-45aa-bc1b-ec0b2cf99b9e",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "0e17d8d7-fb11-4b31-8023-d29611f7d492",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "cc53d998-1eac-4574-9bec-58110d92d282",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false",
+ "consent.screen.text" : ""
+ },
+ "protocolMappers" : [ {
+ "id" : "635cbac1-7cab-43bd-99fc-f7084aca2fa2",
+ "name" : "allowed web origins",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "2c901d49-bb6d-44a7-8835-1229b655ccfa",
+ "name" : "saml_organization",
+ "description" : "Organization Membership",
+ "protocol" : "saml",
+ "attributes" : {
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "60ad6a87-646d-4c9e-932e-34ab1ac51fcb",
+ "name" : "organization",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-organization-membership-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "943d1441-ee61-4ab5-b5bd-de3c5f8ff25f",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "2b5a3df4-1adb-402d-bc28-2bd43224e682",
+ "name" : "realm roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "f3b60071-ef26-48a7-9554-67f62f84d543",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "b757200e-494a-4585-857e-e4c18aef7a0c",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "4509fb3c-a899-49ad-b690-b031f9568888",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "e18769b3-778b-47d8-be52-dd2769deebd1",
+ "name" : "email",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "email",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d98c5037-5178-4cc5-8e22-ca6cf0cb169e",
+ "name" : "email verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "emailVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean"
+ }
+ } ]
+ }, {
+ "id" : "6e14db34-285a-47ae-8b43-b3dcf10ae7f8",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "98cc724c-3f53-47f7-bf9f-baf2f7e08026",
+ "name" : "phone number verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumberVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean"
+ }
+ }, {
+ "id" : "716a7b58-dcf4-4557-9f84-d21ca19630fb",
+ "name" : "phone number",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumber",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number",
+ "jsonType.label" : "String"
+ }
+ } ]
+ } ],
+ "defaultDefaultClientScopes" : [ "role_list", "saml_organization", "profile", "email", "roles", "web-origins", "acr", "basic" ],
+ "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt", "organization" ],
+ "browserSecurityHeaders" : {
+ "contentSecurityPolicyReportOnly" : "",
+ "xContentTypeOptions" : "nosniff",
+ "referrerPolicy" : "no-referrer",
+ "xRobotsTag" : "none",
+ "xFrameOptions" : "SAMEORIGIN",
+ "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
+ "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
+ },
+ "smtpServer" : { },
+ "eventsEnabled" : false,
+ "eventsListeners" : [ "jboss-logging" ],
+ "enabledEventTypes" : [ ],
+ "adminEventsEnabled" : false,
+ "adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
+ "components" : {
+ "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
+ "id" : "f2a52e27-5582-4ca4-b20c-1864b8339b16",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "95b33704-ec30-4988-b018-f73d8bcf71b5",
+ "name" : "Full Scope Disabled",
+ "providerId" : "scope",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "d1114c75-d0b0-4584-a89f-a4e70eab2cd7",
+ "name" : "Consent Required",
+ "providerId" : "consent-required",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "6b0202cc-e70e-46da-869b-36ad59907239",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper" ]
+ }
+ }, {
+ "id" : "4b976576-c880-48a0-9b4d-2956cfd19b4a",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper" ]
+ }
+ }, {
+ "id" : "e1861ec9-2761-46fb-8048-149492269ff0",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "51b3aa61-e453-4e0b-bfe1-aefd8353ea06",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "max-clients" : [ "200" ]
+ }
+ }, {
+ "id" : "851cf8c2-ffe8-4a37-8a12-df04f724c90b",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ } ],
+ "org.keycloak.storage.UserStorageProvider" : [ {
+ "id" : "3a6f24e8-128b-4ac1-b3ab-694836db82fd",
+ "name" : "Identity Service",
+ "providerId" : "ldap",
+ "subComponents" : {
+ "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ {
+ "id" : "bf97cfab-4d53-4994-b3a8-0c771a70467b",
+ "name" : "email",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "mail" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "user.model.attribute" : [ "email" ]
+ }
+ }, {
+ "id" : "cddffa16-0aff-4e0c-99a2-021f0495de03",
+ "name" : "last name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "sn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "user.model.attribute" : [ "lastName" ]
+ }
+ }, {
+ "id" : "4eaae3fa-d280-4605-b09d-1caeb881322c",
+ "name" : "modify date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "modifyTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "true" ],
+ "user.model.attribute" : [ "modifyTimestamp" ]
+ }
+ }, {
+ "id" : "98c4a2c1-d509-443b-8475-fc971c193324",
+ "name" : "first name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "cn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "firstName" ]
+ }
+ }, {
+ "id" : "74dbebb4-9881-4be1-8b30-6b0f2a718c86",
+ "name" : "username",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "uid" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "username" ]
+ }
+ }, {
+ "id" : "5692d060-55b8-4cb1-b68f-0ae123cd9d03",
+ "name" : "system",
+ "providerId" : "group-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "membership.attribute.type" : [ "DN" ],
+ "group.name.ldap.attribute" : [ "cn" ],
+ "membership.user.ldap.attribute" : [ "uid" ],
+ "preserve.group.inheritance" : [ "false" ],
+ "groups.dn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
+ "mode" : [ "LDAP_ONLY" ],
+ "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
+ "membership.ldap.attribute" : [ "member" ],
+ "ignore.missing.groups" : [ "false" ],
+ "group.object.classes" : [ "groupOfNames" ],
+ "memberof.ldap.attribute" : [ "memberOf" ],
+ "drop.non.existing.groups.during.sync" : [ "false" ],
+ "groups.path" : [ "/" ]
+ }
+ }, {
+ "id" : "0453ae29-3cdc-4e09-800e-0117e7a2fb68",
+ "name" : "creation date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "createTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "true" ],
+ "user.model.attribute" : [ "createTimestamp" ]
+ }
+ } ]
+ },
+ "config" : {
+ "pagination" : [ "false" ],
+ "fullSyncPeriod" : [ "-1" ],
+ "startTls" : [ "false" ],
+ "connectionPooling" : [ "false" ],
+ "usersDn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
+ "cachePolicy" : [ "DEFAULT" ],
+ "useKerberosForPasswordAuthentication" : [ "false" ],
+ "importEnabled" : [ "true" ],
+ "enabled" : [ "true" ],
+ "changedSyncPeriod" : [ "-1" ],
+ "bindCredential" : [ "{{ .Values.identityservice.global.adminPassword }}" ],
+ "bindDn" : [ "cn={{ .Values.identityservice.global.adminUser }},{{ .Values.identityservice.global.ldapDomain }}" ],
+ "usernameLDAPAttribute" : [ "uid" ],
+ "vendor" : [ "other" ],
+ "uuidLDAPAttribute" : [ "entryUUID" ],
+ "allowKerberosAuthentication" : [ "false" ],
+ "connectionUrl" : [ "ldap://identity-service:1389" ],
+ "syncRegistrations" : [ "true" ],
+ "authType" : [ "simple" ],
+ "krbPrincipalAttribute" : [ "krb5PrincipalName" ],
+ "searchScope" : [ "1" ],
+ "useTruststoreSpi" : [ "always" ],
+ "usePasswordModifyExtendedOp" : [ "false" ],
+ "trustEmail" : [ "false" ],
+ "userObjectClasses" : [ "inetOrgPerson, organizationalPerson, person" ],
+ "rdnLDAPAttribute" : [ "uid" ],
+ "editMode" : [ "READ_ONLY" ],
+ "validatePasswordPolicy" : [ "false" ]
+ }
+ } ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "34049725-5a66-456c-b895-87ca7c11bb6b",
+ "providerId" : "declarative-user-profile",
+ "subComponents" : { },
+ "config" : {
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}" ]
+ }
+ } ],
+ "org.keycloak.keys.KeyProvider" : [ {
+ "id" : "5b1052d2-fb71-47d2-86f9-908c869c8d1b",
+ "name" : "hmac-generated-hs512",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "dff6ccc5-bd9b-467c-8e93-0fe51d353eaf" ],
+ "secret" : [ "Q8srw06SZoVO9ZJtKsfKPZyg8O7w01pLMv-CVMbxhBNXJ2lldqKmDgYxHBWnyeIYjXsp2M_Q-SQh1MZc7THyJJpFpRvqN8q9ZgUyWv3GZ-TH7Cez7aeg-WEQrWywBTFfacu_VjmDxucinZoJTWLaH9NNdCcZSMeuBHyM1V__BeE" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS512" ]
+ }
+ }, {
+ "id" : "fd48cdb1-8be8-4ac9-9347-dc3e91db95d7",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEpAIBAAKCAQEA3ZslFoBBYiRi9ZF9uMllfkL6ZDheVTSDTPgQar/ueThttbnovNEJ5W2xIJrSPJkN5yuq55zycwr8IzMjBPt9DLbKxqHmaUm2YkO3MMPdQGLoI8j8no6IB74qKBxpyUoEDXmmUaE02u+QkuBohhBuBSyvzktWzv25giXVxzwFqzmRx6aJXvZSKuE6fBqbIA+hxit6Wm35OkLNl6UKDDI1WmhAuaNwV/UUsJvOWW2QFAosLCr7bevrIX+mHWUimiTcBQC/hW6K391dA0LczHHGJ//74r/OeXvF4ODBdFSl1NuamgRGZnRD7pjTtp57mutwWm+bSWo2/DrCFQfjfVKhkQIDAQABAoIBAA+zk+ult7w/7sEOh3Vl06qgDUS3l7t6xojYFLWzlq6BGIjlPL/QId7fKEsynQ3NHGaSOgBCJw2OrDHESElslj4l33U2eHBiWClbOeobHpyWxXLvpTKIz8uYpj0EUlyAQYxA389t2CRhEAHQI6fIFzuHoIdB4Es3QAMgMib1MkOg5VGsuV1LE8HcK44uFBOWXeQmEuasMQqmvAwj9M2yS6xjsxq0nS381PY1JYR7suhmOyvyZas/YvmltOVvQczwzW/MfMGga14YoJyAAz/7VZXCgVTs1ffHg9ET6s1PkNwVNTDAGriMG7GtN40UFEukS5cb2SRIJdg89DnHxHoNQ3cCgYEA+QIaUDuzgN+0D1ydYnCbTDwolHtBce7EUkOpaJRXyfwsrf/m8/bx302JSQLXs9zd9B3VwHWQIDQElAKcE/nbqUJPZLvjAWuSU/viLljGab5++mLKQ537UEV74msFj5rxwulzvQQ0owPsf/gHgTQ27ds/fWufywWpSCr/0+aE+NsCgYEA49QShQ1LakkAtckJYJ5W5TycDHMj1WV5GHUy9SX6fDNK9HpL1RQv5RY2yNa5nlpy5Izv5LzQb+6vAGZcfdd3WXv934k5qwAh+prmorWS2gXEbQJAan1BsApjFgtbJqyxLjhHywlG3W9Eh+HImlLTUKnx/3tr3Yn4vP7YAA1ZVQMCgYB+uZQ8qvWCq9aOTtsGAzr1xFP+pO+8lQAywZ6Qy5YWBJGUh/y4wj98HpC0qI6wScJnf1uOVAZibTa7QMy/2dPxwv52zKwNx/ozZahJYAKyRDGJKge3+8mvo30V0NOGrxtEz9yIIIDNSaztv4PKPJGL4Z3hLYmoIBxzzvZdmB6qKwKBgQDKqOYEduwD0oaQLhFqYc8YQU7qgC168LXEfNRkX3EutA3T5Um5dCialqULCH67Dugux/PJO/AJ8X64U1WpF1ZyQip1gsLKiuau3sWULQJBcGnnMd6NG3ioGMVFYbqmb214mNW8FTd1WDnUyZJBPLX+hf3fbjFoMwgRTnxjp3w0cwKBgQDxnYNXZqVPJsDDqW23+uj66b0n1oamhe/hl6zm2uhhq5hXXIRbRPqCWznZvm6eD/kcvknrNYopsb90RkJYjl9povaIFrSWH28QEaTHIzJmW0tKOxL0bQo05AmRXLnW2vlBafno6ZQGFAotnIIJLwzU9Tu2PwRQ83ypP1mvWowXzA==" ],
+ "certificate" : [ "MIICmzCCAYMCBgGUfz5NvjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdmyUWgEFiJGL1kX24yWV+QvpkOF5VNINM+BBqv+55OG21uei80QnlbbEgmtI8mQ3nK6rnnPJzCvwjMyME+30MtsrGoeZpSbZiQ7cww91AYugjyPyejogHviooHGnJSgQNeaZRoTTa75CS4GiGEG4FLK/OS1bO/bmCJdXHPAWrOZHHpole9lIq4Tp8GpsgD6HGK3pabfk6Qs2XpQoMMjVaaEC5o3BX9RSwm85ZbZAUCiwsKvtt6+shf6YdZSKaJNwFAL+Fborf3V0DQtzMccYn//viv855e8Xg4MF0VKXU25qaBEZmdEPumNO2nnua63Bab5tJajb8OsIVB+N9UqGRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALGWVRlB9zbRWtv9fgxyWEzPqcZeyILAp0//bC4Y+EEe1fS5EfgP/J5U7j0DNt2Sc87uVkGCOGjTx7du6a/9uPA4ULMLUQO0Xusz41YrntjLWdWveLDmcqEYfF52qJQRhX7iYGGGG1Iq6Ju/1dfiX3nBD/RnVVHHf5s8QY0v0V/AnfWVaj3eFA8tybx1VsD7A8Whm7jgcQTOqu2L5F4gw4BwDDkCIYhkJcfPu1pvM+R3eDmXN8rTEVnNcCtvLFtTlBcmHhYnCYJaNHiSquKs5wDuDE6crBPgWfzzk2XHKLpmamdFyjzL8WFUmhnypQfwBNjnsgAl2U059bQz1fyBIlM=" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
+ }
+ }, {
+ "id" : "0ff03eb6-b43b-4065-b583-9e310f53a573",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEogIBAAKCAQEAsetSXQJDd0r9Cv6hB/QyQ7DlVXAQeRuwasOTF5Eoez0mTuW1DGraTIttZwPOYMxvDOs4c9/+0QA9DNUtc4PHGXPB0WxuKDSikkVlPtyqOnrcaSYYArhHkYU727M+8r+vIhtToYB/g88mlMH4JfL0tUJQGlnOrDxUUP7RiWAbzQ33JDAAyV6HUOm1SgNH61V6z8a06m9NL//trN2PeILqNt/DT7iwTd+bmNQZzw+wSVTGR4K3O5sjWjRHvihAxvOCKvyzpYnbQ5AM/GpXOmahpuOQ45LebSYHlU7YSUVXH8Q2yLefjRCZ0H0mkRDx+yBr/vkKhF5vqv+lH3qKA6H6jQIDAQABAoIBAFdLSWb/BFEUhuENG79GTh8uPOdVi4+QSVeoy5PFkeIdl50gUVtdVew2gKAJmwmdZGMnSdR4s5KiFlIkih9iKZ7QT+lL1SR+5sDzsYBNTmxQ+bHRkfhLqDm68CqUYK9D407Nr5PO80GdsqVMIk+kS/JfLeQv6hpRo2D2FaLcd+d8Pzp72qgCcRTLGKzjPEv+ffA9eL6smP+E3/m54YS7e3jwMyVdl4IXAKBjPMkdtKMWnuGxHnPrZ71A1LJjL4un4N8HjIMGDCyFFkCvPE7FhzpdN249VF29QTfU+QHjiKC0O6nej/A+4kIbWjDF+YmmSEJRSKfk7SVuzs4XnBfsz7UCgYEA6zW+Sud2qos5/DQUUWTleKfqhaEzVvy2pWMXUqaHzvPu7NsaLl+DbEIRvoxJzqdWfwwnWIrD6kGU8GVa1I8RLKK3JS681R6Pw/Ih5JKw9n5lkD+gIpE5ryENQ5jGdwFRUTpJxKY2aPUve7PsyM5flau2d3eo/4SXIRy1pCMcAgMCgYEAwaU44XDH54rLVFuSpg6ck7uSxb15987AECW1z6n/oIAw0reVvCvp8tInk6owKRqvxVCM3W/B0UQONGDmcCcK1GoaO+hJZV/t+c9NAHrna2t10+bHRHwYLG9FUu/hWKtLsxqathsEXdS02m6y6jX3UWuR6Qwz2XYH7PWS3/EHNC8CgYA//qxapuVTe3P4WZcZmjERBea6GuTkCvgKwY4r76FNvnLIQMi7y0Lvpn47cOH39vGCuaTO41pwlw1V5s2yvYY3tcHMvQ2lkp4c+vkbvomlVzh86cLBBPBD5OM9/AgrgtFEH27IsUxmfCdCKe8Hp5a8Gy8XDBiQBNw1pyEImoDZTwKBgCU+nwMVSw2or1TpS/puYwUzFZa8y8Gy3VP9vMtVOhpnrXxJ3R3VIGkYrI4FNMAjJt1/kahhf1i9izHd1VSK3dVfFu6gzcUWv1HF4lyORwZtI7t+7qKob4nUWPQLuT7xq1ymaE1QQvW9HI/KrNTJTmk1lFnLhAl2Xy3fScGSvTz3AoGABYA6e1Ksiex2Iv37f16l6lo6hfbUKIoAooyrTKjwqpWGaFtDBQxTNaOR93APjg1rX+wtcwMpl1ABpsf2a1DoRJBItH1oE7q6ZDJ/qz2BnJkH8TvDy89Cbe/8R2vwQIsE7rDzW3Ivfx2KN//iKHAA6BEqf3m2p4u2Dqient5XC9M=" ],
+ "certificate" : [ "MIICmzCCAYMCBgGUfz5OEDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx61JdAkN3Sv0K/qEH9DJDsOVVcBB5G7Bqw5MXkSh7PSZO5bUMatpMi21nA85gzG8M6zhz3/7RAD0M1S1zg8cZc8HRbG4oNKKSRWU+3Ko6etxpJhgCuEeRhTvbsz7yv68iG1OhgH+DzyaUwfgl8vS1QlAaWc6sPFRQ/tGJYBvNDfckMADJXodQ6bVKA0frVXrPxrTqb00v/+2s3Y94guo238NPuLBN35uY1BnPD7BJVMZHgrc7myNaNEe+KEDG84Iq/LOlidtDkAz8alc6ZqGm45Djkt5tJgeVTthJRVcfxDbIt5+NEJnQfSaREPH7IGv++QqEXm+q/6UfeooDofqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADmCns7tVOSdgo8sdJ/pviO1wjbmsNdg8vwn2uTsPesYLTya9iaIXVfjvhM2jOqoglIGp2/udjphOJvJapmpPmr7v6jPSrzW6phW4NP75scWR61gr9a+HKGA2imA/UwRPbb4gV3sIkIZtzlAiBJ7mItQ3C4gg3UpzwFkCxeUVPira0zq87T0p3c8b2QaUdsqhnpHUlB1KeSKstGgrUShZbOh0/Qzu+Fkw+CPsbshlRpCzpL5gwz8YolLeAl9E+qXH2fbugc+gvJyxciN6bn5tMa8QwV833jYSUdt3f+P+BwVCWG1XbkbzLTxd3JWB5JNXtEzXpylnRgtTydLDTZyC3c=" ],
+ "priority" : [ "100" ]
+ }
+ }, {
+ "id" : "df28b561-7463-4927-974d-615618056b41",
+ "name" : "aes-generated",
+ "providerId" : "aes-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "04a0e3ff-030f-4d22-a125-449f1541b83c" ],
+ "secret" : [ "uhC2E9sCbuigVhRLbnCmCQ" ],
+ "priority" : [ "100" ]
+ }
+ } ]
+ },
+ "internationalizationEnabled" : false,
+ "supportedLocales" : [ ],
+ "authenticationFlows" : [ {
+ "id" : "2e13d5a8-b0fb-475b-8991-66d1cc8e99f1",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "0bf3a099-5ef5-4ea9-b325-5bc9699180a6",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "88ca29ab-cbe0-4e3f-938a-e6c5327748ab",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "789e7d43-bc05-44d2-8c09-de7fee9d56de",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "ee145b84-2b30-438e-9cee-6fe90909af1a",
+ "alias" : "Handle Existing Account",
+ "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "853d891a-0009-443c-91c3-a7f1ad1dd0dc",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "d7f13a9b-a13c-4236-ae41-df8da7e5fa8d",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "3cb699ee-11d4-44be-878b-a183b9e96b59",
+ "alias" : "Verify Existing Account by Re-authentication",
+ "description" : "Reauthentication of existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "61d5a1e2-7074-41ad-97bf-e5c41c70989e",
+ "alias" : "browser",
+ "description" : "Browser based authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 25,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "forms",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "21dabcf1-8817-4f2d-981a-13239e160b56",
+ "alias" : "clients",
+ "description" : "Base authentication for clients",
+ "providerId" : "client-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "client-secret",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-x509",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 40,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "a349aeb2-9373-47ec-9381-0c379df56c71",
+ "alias" : "direct grant",
+ "description" : "OpenID Connect Resource Owner Grant",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "39b3aa37-4ece-4e31-acbc-79889994713e",
+ "alias" : "docker auth",
+ "description" : "Used by Docker clients to authenticate against the IDP",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "18561349-cc5e-4e5b-bcb2-979645118f96",
+ "alias" : "first broker login",
+ "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "review profile config",
+ "authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "9933f082-3d53-4575-b011-90e6933fb2a1",
+ "alias" : "forms",
+ "description" : "Username, password, otp and other auth forms.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "00285357-456a-4fd4-b449-ed25253e6364",
+ "alias" : "registration",
+ "description" : "Registration flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : true,
+ "flowAlias" : "registration form",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "b9131fa9-5614-42b4-8353-c6c15e66c2ce",
+ "alias" : "registration form",
+ "description" : "Registration form",
+ "providerId" : "form-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 50,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 60,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-terms-and-conditions",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 70,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "424642cc-3a71-4732-ba38-b737179ce37f",
+ "alias" : "reset credentials",
+ "description" : "Reset credentials for a user if they forgot their password or something",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 40,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "c8c9c4dc-a39d-4ba6-ad4b-9447a8125349",
+ "alias" : "saml ecp",
+ "description" : "SAML ECP Profile Authentication Flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ } ],
+ "authenticatorConfig" : [ {
+ "id" : "49d63952-ca6e-450c-a65f-70388169cb90",
+ "alias" : "create unique user config",
+ "config" : {
+ "require.password.update.after.registration" : "false"
+ }
+ }, {
+ "id" : "5b4f58fc-aff7-4e12-8c48-40aeb3db1432",
+ "alias" : "review profile config",
+ "config" : {
+ "update.profile.on.first.login" : "missing"
+ }
+ } ],
+ "requiredActions" : [ {
+ "alias" : "CONFIGURE_TOTP",
+ "name" : "Configure OTP",
+ "providerId" : "CONFIGURE_TOTP",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 10,
+ "config" : { }
+ }, {
+ "alias" : "TERMS_AND_CONDITIONS",
+ "name" : "Terms and Conditions",
+ "providerId" : "TERMS_AND_CONDITIONS",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 20,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PASSWORD",
+ "name" : "Update Password",
+ "providerId" : "UPDATE_PASSWORD",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 30,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PROFILE",
+ "name" : "Update Profile",
+ "providerId" : "UPDATE_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 40,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_EMAIL",
+ "name" : "Verify Email",
+ "providerId" : "VERIFY_EMAIL",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 50,
+ "config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_PROFILE",
+ "name" : "Verify Profile",
+ "providerId" : "VERIFY_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 90,
+ "config" : { }
+ }, {
+ "alias" : "delete_credential",
+ "name" : "Delete Credential",
+ "providerId" : "delete_credential",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 100,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
+ } ],
+ "browserFlow" : "browser",
+ "registrationFlow" : "registration",
+ "directGrantFlow" : "direct grant",
+ "resetCredentialsFlow" : "reset credentials",
+ "clientAuthenticationFlow" : "clients",
+ "dockerAuthenticationFlow" : "docker auth",
+ "firstBrokerLoginFlow" : "first broker login",
+ "attributes" : {
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "clientOfflineSessionMaxLifespan" : "0",
+ "oauth2DevicePollingInterval" : "5",
+ "clientSessionIdleTimeout" : "0",
+ "clientOfflineSessionIdleTimeout" : "0",
+ "cibaInterval" : "5",
+ "realmReusableOtpCode" : "false",
+ "cibaExpiresIn" : "120",
+ "oauth2DeviceCodeLifespan" : "600",
+ "parRequestUriLifespan" : "60",
+ "clientSessionMaxLifespan" : "0",
+ "frontendUrl" : "",
+ "acr.loa.map" : "{}"
+ },
+ "keycloakVersion" : "24.0.5",
+ "userManagedAccessAllowed" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
+ },
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
+ }
+{{- end }}
\ No newline at end of file
diff --git a/helm/dbrepo/templates/auth-job.yaml b/helm/dbrepo/templates/auth-job.yaml
index d107dde3dbfedcb484545691fa5e2ece07f53bcc..5771f817ff4c5422c6f5d84cb04aa07ce2cc1d84 100644
--- a/helm/dbrepo/templates/auth-job.yaml
+++ b/helm/dbrepo/templates/auth-job.yaml
@@ -6,6 +6,7 @@ metadata:
name: auth-service-setup-job
namespace: {{ include "common.names.namespace" . | quote }}
spec:
+ backoffLimit: {{ .Values.authservice.setupJob.backoffLimit | default "10" }}
template:
metadata:
name: auth-service-setup-job
@@ -13,8 +14,8 @@ spec:
restartPolicy: OnFailure
containers:
- name: init
- image: {{ .Values.authservice.init.image.name }}
- imagePullPolicy: {{ .Values.authservice.init.image.pullPolicy | default "IfNotPresent" }}
+ image: {{ .Values.authservice.setupJob.image.name }}
+ imagePullPolicy: {{ .Values.authservice.setupJob.image.pullPolicy | default "IfNotPresent" }}
env:
- name: POD_IP
valueFrom:
@@ -31,9 +32,9 @@ spec:
envFrom:
- secretRef:
name: auth-service-secret
- {{- if .Values.authservice.init.resources }}
- resources: {{- toYaml .Values.authservice.init.resources | nindent 12 }}
- {{- else if ne .Values.authservice.init.resourcesPreset "none" }}
- resources: {{- include "common.resources.preset" (dict "type" .Values.authservice.init.resourcesPreset) | nindent 12 }}
+ {{- if .Values.authservice.setupJob.resources }}
+ resources: {{- toYaml .Values.authservice.setupJob.resources | nindent 12 }}
+ {{- else if ne .Values.authservice.setupJob.resourcesPreset "none" }}
+ resources: {{- include "common.resources.preset" (dict "type" .Values.authservice.setupJob.resourcesPreset) | nindent 12 }}
{{- end }}
{{- end }}
diff --git a/helm/dbrepo/templates/storage-job.yaml b/helm/dbrepo/templates/storage-job.yaml
index 92174539affea89bf1890e673755917d7d15f43f..ebc26f22125a10e94d910e0b385729b10b0c3c19 100644
--- a/helm/dbrepo/templates/storage-job.yaml
+++ b/helm/dbrepo/templates/storage-job.yaml
@@ -6,6 +6,7 @@ metadata:
name: storage-service-setup-job
namespace: {{ include "common.names.namespace" . | quote }}
spec:
+ backoffLimit: {{ .Values.storageservice.init.backoffLimit | default "10" }}
template:
metadata:
name: storage-service-setup-job
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index 9afc47022d690ba679276c2cd5b4c76c4e7a34be..1c1b1cb5ad78b49bb6e47896c61589a2b1273ed6 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -89,8 +89,6 @@ authservice:
postgresPassword: postgres
## @param authservice.resourcesPreset The container resource presets
resourcesPreset: "small"
- ## @skip authservice.extraStartupArgs
- extraStartupArgs: "--import-realm"
jwt:
## @param authservice.jwt.pubkey The JWT public key from the `dbrepo-client`.
pubkey: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB"
@@ -109,7 +107,12 @@ authservice:
id: dbrepo-client
## @param authservice.client.secret The client secret for the microservices.
secret: MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG
- init:
+ initdbScripts:
+ import-realms.sh: |
+ #!/bin/bash
+ kc.sh import --file /opt/keycloak/data/import/master-realm.json
+ kc.sh import --file /opt/keycloak/data/import/dbrepo-realm.json
+ setupJob:
image:
## @skip authservice.init.image.name
name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.6.1
@@ -130,10 +133,15 @@ authservice:
- name: config-map
configMap:
name: auth-service-config
+ - name: cache
+ emptyDir:
+ sizeLimit: 100Mi
## @skip authservice.extraVolumeMounts
extraVolumeMounts:
- name: config-map
- mountPath: /opt/bitnami/keycloak/data/import
+ mountPath: /opt/keycloak/data/import
+ - name: cache
+ mountPath: /bitnami/keycloak/
## @skip authservice.replicaCount The number of replicas.
replicaCount: 2