-
-
Save gamemaker1/055875c27d3af1bb27c408223b390767 to your computer and use it in GitHub Desktop.
Registry setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
spring: | |
profiles.active: dev | |
--- | |
spring: | |
main: | |
allow-bean-definition-overriding: true | |
profiles: dev | |
servlet: | |
multipart: | |
enabled: true | |
max-file-size: 128MB | |
max-request-size: 128MB | |
output: | |
ansi: | |
enabled: always | |
name: dev-yaml | |
enviroment: development | |
server: | |
port: 8081 | |
notification: | |
service: | |
connection_url: http://localhost:8765/divoc/notification-service/v1/notification | |
cors: | |
allowedOrigin: '*' | |
perf: | |
monitoring: | |
enabled: false | |
registry: | |
baseAPIS: | |
enable: false | |
internalentities: '' | |
externalentities: '' | |
context: | |
base: http://localhost:8081/ | |
system: | |
base: http://localhost:8081/opensaber/ | |
rootEntity: | |
type: Teacher | |
schema: | |
url: http://localhost:8081/_schemas/ | |
conditionalAccess: | |
internal: _internal | |
private: _private | |
search: | |
offset: 0 | |
limit: 2000 | |
expandInternal: true | |
providerName: io.opensaber.registry.service.ElasticSearchService | |
read: | |
providerName: io.opensaber.registry.service.NativeReadService | |
database: | |
uuidPropertyName: osid | |
provider: SQLG | |
shardProperty: none | |
shardAdvisorClassName: io.opensaber.registry.sink.shard.DefaultShardAdvisor | |
connectionInfo: | |
- shardId: shard1 | |
shardLabel: 1 | |
uri: jdbc:postgresql://localhost:5432/registry | |
username: postgres | |
password: postgres | |
frame: | |
file: frame.json | |
encryption: | |
enabled: false | |
base: http://localhost:8013 | |
uri: http://localhost:8013/encrypt | |
batch: | |
uri: http://localhost:8013/encrypt/obj | |
decryption: | |
uri: http://localhost:8013/decrypt | |
batch: | |
uri: http://localhost:8013/decrypt/obj | |
signature: | |
enabled: false | |
healthCheckURL: http://localhost:8013/ | |
signURL: http://localhost:8013/sign | |
verifyURL: http://localhost:8013/verify | |
keysURL: http://localhost:8013/keys/ | |
domain: https://w3id.org/security/v1/ | |
schema: | |
config: | |
name: SignatureShape | |
audit: | |
enabled: false | |
frame: | |
store: DATABASE | |
suffix: Audit | |
suffixSeparator: _ | |
keycloak: | |
auth-server-url: http://localhost:8080/auth | |
realm: sunbird | |
resource: sunbird | |
keycloak-admin: | |
client-id: sunbird | |
client-secret: ddcd9ae6-10a6-496c-96cc-158d64edc9e8 | |
keycloak-user: | |
default-password: test | |
claims: | |
url: http://localhost:8081 | |
authentication: | |
enabled: false | |
publicKey: xxxx | |
realm: | |
url: http://localhost:8443/auth | |
validation: | |
enabled: true | |
type: json | |
service: | |
connection: | |
timeout: 5000 | |
request: | |
timeout: 5000 | |
read: | |
timeout: 5000 | |
retry: | |
maxAttempts: 5 | |
backoff: | |
delay: 1000 | |
taskExecutor: | |
index: | |
threadPoolName: IndexThread- | |
corePoolSize: 2 | |
maxPoolSize: 2 | |
queueCapacity: 3 | |
auditTaskExecutor: | |
threadPoolName: AuditThread- | |
corePoolSize: 2 | |
maxPoolSize: 2 | |
queueCapacity: 3 | |
elastic: | |
search: | |
enabled: false | |
connection_url: http://localhost:9200 | |
filestorage: | |
url: http://localhost:9500 | |
accesskey: XXXXX | |
secretkey: XXXXX | |
bucketname: dummy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.9' | |
services: | |
es: | |
container_name: es | |
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.1 | |
environment: | |
- discovery.type=single-node | |
- 'ES_JAVA_OPTS=-Xms512m -Xmx512m' | |
ports: | |
- '9200:9200' | |
- '9300:9300' | |
db: | |
container_name: db | |
image: postgres | |
ports: | |
- '5432:5432' | |
environment: | |
- POSTGRES_DB=registry | |
- POSTGRES_USER=postgres | |
- POSTGRES_PASSWORD=postgres | |
keycloak: | |
container_name: kc | |
image: dockerhub/keycloak:1.23.3-generic | |
environment: | |
- DB_VENDOR=postgres | |
- DB_ADDR=db | |
- DB_PORT=5432 | |
- DB_DATABASE=registry | |
- DB_USER=postgres | |
- DB_PASSWORD=postgres | |
- KEYCLOAK_USER=admin | |
- KEYCLOAK_PASSWORD=admin | |
ports: | |
- '8080:8080' | |
- '9990:9990' | |
registry: | |
container_name: rg | |
image: openjdk:8 | |
ports: | |
- '8081:8081' | |
volumes: | |
- ./sources/core/java/registry/target/registry.jar:/registry.jar | |
command: | |
java -jar -Xms1024m -Xmx2048m -XX:+UseG1GC -XX:+UseGCLogFileRotation | |
-XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=50M | |
-Xloggc:logs/opensaber_gc.log /registry.jar | |
environment: | |
- sunbird_sso_url=http://kc:8080/auth | |
- sunbird_sso_realm=sunbird | |
- sunbird_sso_client_id=sunbird | |
- sunbird_sso_client_secret=ede412c7-08e3-4916-9aa4-28cc406ee112 | |
- connectionInfo_uri=jdbc:postgresql://db:5432/registry | |
- connectionInfo_username=postgres | |
- connectionInfo_password=postgres |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.9' | |
services: | |
es: | |
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.1 | |
environment: | |
- discovery.type=single-node | |
- 'ES_JAVA_OPTS=-Xms512m -Xmx512m' | |
ports: | |
- '9200:9200' | |
- '9300:9300' | |
healthcheck: | |
test: ['CMD', 'curl', '-f', 'localhost:9200/_cluster/health'] | |
interval: 30s | |
timeout: 10s | |
retries: 4 | |
db: | |
image: postgres | |
ports: | |
- '5432:5432' | |
environment: | |
- POSTGRES_DB=registry | |
- POSTGRES_USER=postgres | |
- POSTGRES_PASSWORD=postgres | |
keycloak: | |
image: dockerhub/keycloak:1.23.3-generic | |
environment: | |
- DB_VENDOR=postgres | |
- DB_ADDR=db | |
- DB_PORT=5432 | |
- DB_DATABASE=registry | |
- DB_USER=postgres | |
- DB_PASSWORD=postgres | |
- KEYCLOAK_USER=admin | |
- KEYCLOAK_PASSWORD=admin | |
healthcheck: | |
test: ['CMD', 'curl', '-f', 'http://localhost:9990'] | |
interval: 30s | |
timeout: 10s | |
retries: 4 | |
ports: | |
- '8080:8080' | |
- '9990:9990' | |
depends_on: | |
- db |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id": "sunbird", | |
"realm": "sunbird", | |
"notBefore": 0, | |
"revokeRefreshToken": false, | |
"refreshTokenMaxReuse": 0, | |
"accessTokenLifespan": 300, | |
"accessTokenLifespanForImplicitFlow": 900, | |
"ssoSessionIdleTimeout": 1800, | |
"ssoSessionMaxLifespan": 36000, | |
"ssoSessionIdleTimeoutRememberMe": 0, | |
"ssoSessionMaxLifespanRememberMe": 0, | |
"offlineSessionIdleTimeout": 2592000, | |
"offlineSessionMaxLifespanEnabled": false, | |
"offlineSessionMaxLifespan": 5184000, | |
"clientSessionIdleTimeout": 0, | |
"clientSessionMaxLifespan": 0, | |
"clientOfflineSessionIdleTimeout": 0, | |
"clientOfflineSessionMaxLifespan": 0, | |
"accessCodeLifespan": 60, | |
"accessCodeLifespanUserAction": 300, | |
"accessCodeLifespanLogin": 1800, | |
"actionTokenGeneratedByAdminLifespan": 43200, | |
"actionTokenGeneratedByUserLifespan": 300, | |
"enabled": true, | |
"sslRequired": "external", | |
"registrationAllowed": true, | |
"registrationEmailAsUsername": false, | |
"rememberMe": false, | |
"verifyEmail": false, | |
"loginWithEmailAllowed": true, | |
"duplicateEmailsAllowed": false, | |
"resetPasswordAllowed": false, | |
"editUsernameAllowed": false, | |
"bruteForceProtected": false, | |
"permanentLockout": false, | |
"maxFailureWaitSeconds": 900, | |
"minimumQuickLoginWaitSeconds": 60, | |
"waitIncrementSeconds": 60, | |
"quickLoginCheckMilliSeconds": 1000, | |
"maxDeltaTimeSeconds": 43200, | |
"failureFactor": 30, | |
"roles": { | |
"realm": [ | |
{ | |
"id": "3d62b698-228f-484d-8b87-68c967ae3d0b", | |
"name": "offline_access", | |
"description": "${role_offline-access}", | |
"composite": false, | |
"clientRole": false, | |
"containerId": "sunbird", | |
"attributes": {} | |
}, | |
{ | |
"id": "70982ff5-246c-4333-9301-edd1f4e545be", | |
"name": "uma_authorization", | |
"description": "${role_uma_authorization}", | |
"composite": false, | |
"clientRole": false, | |
"containerId": "sunbird", | |
"attributes": {} | |
} | |
], | |
"client": { | |
"realm-management": [ | |
{ | |
"id": "caa97cac-da7e-4a5d-aae2-3331ae4040ca", | |
"name": "view-users", | |
"description": "${role_view-users}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"realm-management": [ | |
"query-users", | |
"query-groups" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "1491e380-0029-4ba5-8544-b83c7410761a", | |
"name": "view-events", | |
"description": "${role_view-events}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "237b55e1-bd72-45db-93d7-c8f3a401664e", | |
"name": "query-clients", | |
"description": "${role_query-clients}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "e921b552-178e-4e99-89ed-da55e45c0151", | |
"name": "manage-realm", | |
"description": "${role_manage-realm}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "9e2eb56b-c75c-4bdb-8a08-37d6ff418ebb", | |
"name": "manage-events", | |
"description": "${role_manage-events}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "f94e0523-bdd1-4c45-b9f0-35a56cfcf906", | |
"name": "manage-clients", | |
"description": "${role_manage-clients}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "b49d8667-b9b8-4788-830e-381ccbe8176a", | |
"name": "query-realms", | |
"description": "${role_query-realms}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "5e9f3e38-d37f-4e66-b8dd-013bb707f529", | |
"name": "query-groups", | |
"description": "${role_query-groups}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "13729c44-366b-43d4-9f6a-b540229a6272", | |
"name": "manage-identity-providers", | |
"description": "${role_manage-identity-providers}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "fea5f090-af72-4850-9242-c874eb8b078f", | |
"name": "impersonation", | |
"description": "${role_impersonation}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "8490aabe-bc55-46f3-b83a-3c2b55091df3", | |
"name": "manage-authorization", | |
"description": "${role_manage-authorization}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "df64983a-1bf4-4357-b5d0-03c2d34cdefc", | |
"name": "view-authorization", | |
"description": "${role_view-authorization}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "ea7beac0-b515-488e-912a-d6688d92cd9a", | |
"name": "view-clients", | |
"description": "${role_view-clients}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"realm-management": [ | |
"query-clients" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "ff267c43-3d0c-4143-ab1e-072e8c05a987", | |
"name": "query-users", | |
"description": "${role_query-users}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "d6bc4764-2609-44ec-8cab-0019f6bdaec6", | |
"name": "view-realm", | |
"description": "${role_view-realm}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "fe13de99-78e5-4b9f-82d3-b71221e58624", | |
"name": "view-identity-providers", | |
"description": "${role_view-identity-providers}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "90527d26-de29-46fc-a788-1ad8920e2f3b", | |
"name": "realm-admin", | |
"description": "${role_realm-admin}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"realm-management": [ | |
"view-users", | |
"view-events", | |
"query-clients", | |
"manage-realm", | |
"manage-events", | |
"manage-clients", | |
"query-realms", | |
"query-groups", | |
"manage-identity-providers", | |
"impersonation", | |
"manage-authorization", | |
"view-authorization", | |
"view-clients", | |
"query-users", | |
"view-realm", | |
"view-identity-providers", | |
"create-client", | |
"manage-users" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "a0e03543-7eb5-40da-aa6d-7904e1087074", | |
"name": "create-client", | |
"description": "${role_create-client}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
}, | |
{ | |
"id": "b7cef0ba-d3ed-4b2e-aea5-d8dc9d04877f", | |
"name": "manage-users", | |
"description": "${role_manage-users}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"attributes": {} | |
} | |
], | |
"security-admin-console": [], | |
"admin-cli": [], | |
"sunbird": [ | |
{ | |
"id": "873b127b-2c29-4828-be41-e5cce718d026", | |
"name": "uma_protection", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "c8069a2e-9004-4a85-8dbc-2751984d3fc5", | |
"attributes": {} | |
} | |
], | |
"account-console": [], | |
"broker": [ | |
{ | |
"id": "23e000c8-61b2-49fc-ac52-7624139ab08b", | |
"name": "read-token", | |
"description": "${role_read-token}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "23f870cd-257f-4c26-992d-493c2df55b53", | |
"attributes": {} | |
} | |
], | |
"account": [ | |
{ | |
"id": "0e2aacdf-25b2-4cfd-903e-125549ad8190", | |
"name": "view-profile", | |
"description": "${role_view-profile}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"attributes": {} | |
}, | |
{ | |
"id": "96fbe8c3-b8de-4aab-a07c-ba73785aa450", | |
"name": "manage-account-links", | |
"description": "${role_manage-account-links}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"attributes": {} | |
}, | |
{ | |
"id": "aa89f500-487a-4cc5-9780-763dec8d0da5", | |
"name": "manage-account", | |
"description": "${role_manage-account}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"account": [ | |
"manage-account-links" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"attributes": {} | |
}, | |
{ | |
"id": "639d5575-0ea1-47a1-87f5-d1b665e2e655", | |
"name": "view-consent", | |
"description": "${role_view-consent}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"attributes": {} | |
}, | |
{ | |
"id": "226973a9-6c08-4f43-a1d2-cc487e9cc928", | |
"name": "view-applications", | |
"description": "${role_view-applications}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"attributes": {} | |
}, | |
{ | |
"id": "224c5b29-5826-4cc4-9f41-a064121fd43f", | |
"name": "manage-consent", | |
"description": "${role_manage-consent}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"account": [ | |
"view-consent" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"attributes": {} | |
} | |
] | |
} | |
}, | |
"groups": [], | |
"defaultRoles": [ | |
"offline_access", | |
"uma_authorization" | |
], | |
"requiredCredentials": [ | |
"password" | |
], | |
"otpPolicyType": "totp", | |
"otpPolicyAlgorithm": "HmacSHA1", | |
"otpPolicyInitialCounter": 0, | |
"otpPolicyDigits": 6, | |
"otpPolicyLookAheadWindow": 1, | |
"otpPolicyPeriod": 30, | |
"otpSupportedApplications": [ | |
"FreeOTP", | |
"Google Authenticator" | |
], | |
"webAuthnPolicyRpEntityName": "keycloak", | |
"webAuthnPolicySignatureAlgorithms": [ | |
"ES256" | |
], | |
"webAuthnPolicyRpId": "", | |
"webAuthnPolicyAttestationConveyancePreference": "not specified", | |
"webAuthnPolicyAuthenticatorAttachment": "not specified", | |
"webAuthnPolicyRequireResidentKey": "not specified", | |
"webAuthnPolicyUserVerificationRequirement": "not specified", | |
"webAuthnPolicyCreateTimeout": 0, | |
"webAuthnPolicyAvoidSameAuthenticatorRegister": false, | |
"webAuthnPolicyAcceptableAaguids": [], | |
"webAuthnPolicyPasswordlessRpEntityName": "keycloak", | |
"webAuthnPolicyPasswordlessSignatureAlgorithms": [ | |
"ES256" | |
], | |
"webAuthnPolicyPasswordlessRpId": "", | |
"webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", | |
"webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", | |
"webAuthnPolicyPasswordlessRequireResidentKey": "not specified", | |
"webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", | |
"webAuthnPolicyPasswordlessCreateTimeout": 0, | |
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, | |
"webAuthnPolicyPasswordlessAcceptableAaguids": [], | |
"users": [ | |
{ | |
"id": "d717e382-7a5c-4e7c-8ab6-eb7b2631612e", | |
"createdTimestamp": 1633171909256, | |
"username": "service-account-sunbird", | |
"enabled": true, | |
"totp": false, | |
"emailVerified": false, | |
"serviceAccountClientId": "sunbird", | |
"disableableCredentialTypes": [], | |
"requiredActions": [], | |
"realmRoles": [ | |
"offline_access", | |
"uma_authorization" | |
], | |
"clientRoles": { | |
"sunbird": [ | |
"uma_protection" | |
], | |
"account": [ | |
"view-profile", | |
"manage-account" | |
] | |
}, | |
"notBefore": 0, | |
"groups": [] | |
} | |
], | |
"scopeMappings": [ | |
{ | |
"clientScope": "offline_access", | |
"roles": [ | |
"offline_access" | |
] | |
} | |
], | |
"clientScopeMappings": { | |
"account": [ | |
{ | |
"client": "account-console", | |
"roles": [ | |
"manage-account" | |
] | |
} | |
] | |
}, | |
"clients": [ | |
{ | |
"id": "924ebeca-88d6-48a2-9683-4e97eb2377d8", | |
"clientId": "account", | |
"name": "${client_account}", | |
"rootUrl": "${authBaseUrl}", | |
"baseUrl": "/realms/sunbird/account/", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"defaultRoles": [ | |
"view-profile", | |
"manage-account" | |
], | |
"redirectUris": [ | |
"/realms/sunbird/account/*" | |
], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "4e73b2c7-ea70-45a4-9d28-63e9158d234d", | |
"clientId": "account-console", | |
"name": "${client_account-console}", | |
"rootUrl": "${authBaseUrl}", | |
"baseUrl": "/realms/sunbird/account/", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [ | |
"/realms/sunbird/account/*" | |
], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"pkce.code.challenge.method": "S256" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"protocolMappers": [ | |
{ | |
"id": "fb2b2d91-0391-4e7b-b558-2d4363ce6c62", | |
"name": "audience resolve", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-audience-resolve-mapper", | |
"consentRequired": false, | |
"config": {} | |
} | |
], | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "c219f367-c597-438a-b9a4-4caee0816106", | |
"clientId": "admin-cli", | |
"name": "${client_admin-cli}", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": false, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": true, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "23f870cd-257f-4c26-992d-493c2df55b53", | |
"clientId": "broker", | |
"name": "${client_broker}", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "492a4d2a-7e14-4602-a588-565912ade32a", | |
"clientId": "realm-management", | |
"name": "${client_realm-management}", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": true, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "4a6a13aa-7b10-4d84-83fb-5eb0c18177f2", | |
"clientId": "security-admin-console", | |
"name": "${client_security-admin-console}", | |
"rootUrl": "${authAdminUrl}", | |
"baseUrl": "/admin/sunbird/console/", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [ | |
"/admin/sunbird/console/*" | |
], | |
"webOrigins": [ | |
"+" | |
], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"pkce.code.challenge.method": "S256" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"protocolMappers": [ | |
{ | |
"id": "dcbe3b7d-4b39-4c6a-a2b7-98e16dc37357", | |
"name": "locale", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "locale", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "locale", | |
"jsonType.label": "String" | |
} | |
} | |
], | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "c8069a2e-9004-4a85-8dbc-2751984d3fc5", | |
"clientId": "sunbird", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [ | |
"http://localhost:8081/sso/login" | |
], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": true, | |
"serviceAccountsEnabled": true, | |
"authorizationServicesEnabled": true, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"saml.assertion.signature": "false", | |
"saml.force.post.binding": "false", | |
"saml.multivalued.roles": "false", | |
"saml.encrypt": "false", | |
"saml.server.signature": "false", | |
"saml.server.signature.keyinfo.ext": "false", | |
"exclude.session.state.from.auth.response": "false", | |
"saml_force_name_id_format": "false", | |
"saml.client.signature": "false", | |
"tls.client.certificate.bound.access.tokens": "false", | |
"saml.authnstatement": "false", | |
"display.on.consent.screen": "false", | |
"saml.onetimeuse.condition": "false" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": true, | |
"nodeReRegistrationTimeout": -1, | |
"protocolMappers": [ | |
{ | |
"id": "4afc60fc-468f-498b-b3c9-b32047faf2bd", | |
"name": "Client Host", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usersessionmodel-note-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.session.note": "clientHost", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "clientHost", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "ace45035-c6b0-49cb-863f-d245df012013", | |
"name": "Client IP Address", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usersessionmodel-note-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.session.note": "clientAddress", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "clientAddress", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "1d91e494-227a-4ba4-bb61-a3329b11749e", | |
"name": "Client ID", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usersessionmodel-note-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.session.note": "clientId", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "clientId", | |
"jsonType.label": "String" | |
} | |
} | |
], | |
"defaultClientScopes": [ | |
"web-origins", | |
"role_list", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
], | |
"authorizationSettings": { | |
"allowRemoteResourceManagement": true, | |
"policyEnforcementMode": "ENFORCING", | |
"resources": [ | |
{ | |
"name": "Default Resource", | |
"type": "urn:sunbird:resources:default", | |
"ownerManagedAccess": false, | |
"attributes": {}, | |
"_id": "5a621dfb-f4e1-495c-8c96-be7dc678ba94", | |
"uris": [ | |
"/*" | |
] | |
} | |
], | |
"policies": [ | |
{ | |
"id": "d6e94886-721d-42c0-9332-977a9f6c0e47", | |
"name": "Default Policy", | |
"description": "A policy that grants access only for users within this realm", | |
"type": "js", | |
"logic": "POSITIVE", | |
"decisionStrategy": "AFFIRMATIVE", | |
"config": { | |
"code": "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" | |
} | |
}, | |
{ | |
"id": "3ea48cf1-c64d-4e11-93f7-6bf102ef1537", | |
"name": "Default Permission", | |
"description": "A permission that applies to the default resource type", | |
"type": "resource", | |
"logic": "POSITIVE", | |
"decisionStrategy": "UNANIMOUS", | |
"config": { | |
"defaultResourceType": "urn:sunbird:resources:default", | |
"applyPolicies": "[\"Default Policy\"]" | |
} | |
} | |
], | |
"scopes": [], | |
"decisionStrategy": "UNANIMOUS" | |
} | |
} | |
], | |
"clientScopes": [ | |
{ | |
"id": "d0ce3460-d174-4fdb-a2e1-46249efa79c2", | |
"name": "offline_access", | |
"description": "OpenID Connect built-in scope: offline_access", | |
"protocol": "openid-connect", | |
"attributes": { | |
"consent.screen.text": "${offlineAccessScopeConsentText}", | |
"display.on.consent.screen": "true" | |
} | |
}, | |
{ | |
"id": "146a1dec-5231-4019-94b6-88bde7b7fbdd", | |
"name": "role_list", | |
"description": "SAML role list", | |
"protocol": "saml", | |
"attributes": { | |
"consent.screen.text": "${samlRoleListScopeConsentText}", | |
"display.on.consent.screen": "true" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "8693a986-5410-4cda-bba9-b39bf280b60e", | |
"name": "role list", | |
"protocol": "saml", | |
"protocolMapper": "saml-role-list-mapper", | |
"consentRequired": false, | |
"config": { | |
"single": "false", | |
"attribute.nameformat": "Basic", | |
"attribute.name": "Role" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "f9b761fd-0b5c-4041-9fca-ec1437f0ce15", | |
"name": "profile", | |
"description": "OpenID Connect built-in scope: profile", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${profileScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "03f1d057-4465-46db-a05e-3ac4d816546e", | |
"name": "family name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "lastName", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "family_name", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "3a0f8a57-d695-4970-b3f5-8f1a8b3e2d67", | |
"name": "picture", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "picture", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "picture", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "27e3e84c-9c1f-4e3e-b403-a661d8ee5a4c", | |
"name": "gender", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "gender", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "gender", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "a4adb4d9-af37-474d-bb7c-f34f8edc0a64", | |
"name": "updated at", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "updatedAt", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "updated_at", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "33a54cf9-4db0-4637-b428-c6217f7295c2", | |
"name": "username", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "username", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "preferred_username", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "465d0e1b-c9fb-4057-90ce-1a66ec3e4ec7", | |
"name": "given name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "firstName", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "given_name", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "ab9ccd9b-3e6d-4866-9892-f3fe67dbc2b6", | |
"name": "birthdate", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "birthdate", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "birthdate", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "4b44f3a2-218a-4164-91e1-807fa481c676", | |
"name": "nickname", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "nickname", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "nickname", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "9642ac8f-c5c1-41f1-a36c-19206fb3574b", | |
"name": "locale", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "locale", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "locale", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "5cf6bee5-0305-432d-b886-9fd56f66b6f4", | |
"name": "full name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-full-name-mapper", | |
"consentRequired": false, | |
"config": { | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"userinfo.token.claim": "true" | |
} | |
}, | |
{ | |
"id": "62a63591-b925-466a-a117-fa1400648e56", | |
"name": "website", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "website", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "website", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "22bb9a7e-c311-4bf7-8f43-d66cc20f3d4e", | |
"name": "zoneinfo", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "zoneinfo", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "zoneinfo", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "8f833493-b99d-41a7-9dee-69351721cba8", | |
"name": "profile", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "profile", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "profile", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "07fd1983-8f16-4dac-9d80-bcd5d049a8af", | |
"name": "middle name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "middleName", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "middle_name", | |
"jsonType.label": "String" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "c68a41dc-c771-420e-85e1-cbb2712ef808", | |
"name": "email", | |
"description": "OpenID Connect built-in scope: email", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${emailScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "dbd189f4-617c-4a1e-8dbd-59803e967fec", | |
"name": "email", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "email", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "email", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "f0eeef1e-17a7-4888-a5f8-f5bed5a19833", | |
"name": "email verified", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "emailVerified", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "email_verified", | |
"jsonType.label": "boolean" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "60366cbc-0a39-471f-af08-376fc5574c4e", | |
"name": "address", | |
"description": "OpenID Connect built-in scope: address", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${addressScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "d68c8dba-0a1e-45c6-9459-3f831bb83b32", | |
"name": "address", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-address-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.attribute.formatted": "formatted", | |
"user.attribute.country": "country", | |
"user.attribute.postal_code": "postal_code", | |
"userinfo.token.claim": "true", | |
"user.attribute.street": "street", | |
"id.token.claim": "true", | |
"user.attribute.region": "region", | |
"access.token.claim": "true", | |
"user.attribute.locality": "locality" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "ea000402-f64f-4eaf-8874-ecd1c7de96cb", | |
"name": "phone", | |
"description": "OpenID Connect built-in scope: phone", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${phoneScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "3675aae1-ca6b-4e2f-9a01-1c807829d808", | |
"name": "phone number", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "phoneNumber", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "phone_number", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "e90d106c-2947-4d45-bffd-1bbb6350e8a5", | |
"name": "phone number verified", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "phoneNumberVerified", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "phone_number_verified", | |
"jsonType.label": "boolean" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "2bf2cb5a-613c-4cf3-b3f5-8d24b3f5698f", | |
"name": "roles", | |
"description": "OpenID Connect scope for add user roles to the access token", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "false", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${rolesScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "c9b01802-1cbf-471d-83d0-a5570a2a1a88", | |
"name": "client roles", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-client-role-mapper", | |
"consentRequired": false, | |
"config": { | |
"multivalued": "true", | |
"user.attribute": "foo", | |
"access.token.claim": "true", | |
"claim.name": "resource_access.${client_id}.roles", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "1f0369d8-e781-4d6d-a3b0-aa3e1286582d", | |
"name": "audience resolve", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-audience-resolve-mapper", | |
"consentRequired": false, | |
"config": {} | |
}, | |
{ | |
"id": "8e280f4e-683f-441c-bcd0-419557b908a5", | |
"name": "realm roles", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-realm-role-mapper", | |
"consentRequired": false, | |
"config": { | |
"multivalued": "true", | |
"user.attribute": "foo", | |
"access.token.claim": "true", | |
"claim.name": "realm_access.roles", | |
"jsonType.label": "String" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "66c5c75a-49c5-4cb7-aec6-9344aafdab8a", | |
"name": "web-origins", | |
"description": "OpenID Connect scope for add allowed web origins to the access token", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "false", | |
"display.on.consent.screen": "false", | |
"consent.screen.text": "" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "5822be07-721e-4cb8-8daf-dcec1db36fd6", | |
"name": "allowed web origins", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-allowed-origins-mapper", | |
"consentRequired": false, | |
"config": {} | |
} | |
] | |
}, | |
{ | |
"id": "60cbc7bb-43e7-4396-84e8-0120547759d1", | |
"name": "microprofile-jwt", | |
"description": "Microprofile - JWT built-in scope", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "false" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "1405f51a-4638-42db-8a9e-441ea4251e05", | |
"name": "groups", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-realm-role-mapper", | |
"consentRequired": false, | |
"config": { | |
"multivalued": "true", | |
"user.attribute": "foo", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "groups", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "f6b3393e-9278-4310-a1b1-518888b69c0e", | |
"name": "upn", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "username", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "upn", | |
"jsonType.label": "String" | |
} | |
} | |
] | |
} | |
], | |
"defaultDefaultClientScopes": [ | |
"role_list", | |
"profile", | |
"email", | |
"roles", | |
"web-origins" | |
], | |
"defaultOptionalClientScopes": [ | |
"offline_access", | |
"address", | |
"phone", | |
"microprofile-jwt" | |
], | |
"browserSecurityHeaders": { | |
"contentSecurityPolicyReportOnly": "", | |
"xContentTypeOptions": "nosniff", | |
"xRobotsTag": "none", | |
"xFrameOptions": "SAMEORIGIN", | |
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", | |
"xXSSProtection": "1; mode=block", | |
"strictTransportSecurity": "max-age=31536000; includeSubDomains" | |
}, | |
"smtpServer": {}, | |
"eventsEnabled": false, | |
"eventsListeners": [ | |
"jboss-logging" | |
], | |
"enabledEventTypes": [], | |
"adminEventsEnabled": false, | |
"adminEventsDetailsEnabled": false, | |
"components": { | |
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ | |
{ | |
"id": "7fa13927-d9de-44c3-bb50-b6fb6e7e066a", | |
"name": "Allowed Protocol Mapper Types", | |
"providerId": "allowed-protocol-mappers", | |
"subType": "authenticated", | |
"subComponents": {}, | |
"config": { | |
"allowed-protocol-mapper-types": [ | |
"oidc-sha256-pairwise-sub-mapper", | |
"oidc-usermodel-attribute-mapper", | |
"oidc-address-mapper", | |
"oidc-full-name-mapper", | |
"saml-user-property-mapper", | |
"saml-user-attribute-mapper", | |
"saml-role-list-mapper", | |
"oidc-usermodel-property-mapper" | |
] | |
} | |
}, | |
{ | |
"id": "6630fbc5-a59f-4950-842a-11f0aa846a39", | |
"name": "Max Clients Limit", | |
"providerId": "max-clients", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"max-clients": [ | |
"200" | |
] | |
} | |
}, | |
{ | |
"id": "88a9648c-d09f-429b-af2a-cba2d96a46cb", | |
"name": "Allowed Client Scopes", | |
"providerId": "allowed-client-templates", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"allow-default-scopes": [ | |
"true" | |
] | |
} | |
}, | |
{ | |
"id": "0a51d3e7-7aa7-4985-a1b1-870cf5d988e1", | |
"name": "Trusted Hosts", | |
"providerId": "trusted-hosts", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"host-sending-registration-request-must-match": [ | |
"true" | |
], | |
"client-uris-must-match": [ | |
"true" | |
] | |
} | |
}, | |
{ | |
"id": "1722c24d-6e5a-4ab7-bf61-7db71b50b993", | |
"name": "Consent Required", | |
"providerId": "consent-required", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": {} | |
}, | |
{ | |
"id": "222e182b-14e0-4e91-8f0c-bfbc036bc7ae", | |
"name": "Allowed Client Scopes", | |
"providerId": "allowed-client-templates", | |
"subType": "authenticated", | |
"subComponents": {}, | |
"config": { | |
"allow-default-scopes": [ | |
"true" | |
] | |
} | |
}, | |
{ | |
"id": "63346402-dd57-453d-9558-30e787e3e407", | |
"name": "Allowed Protocol Mapper Types", | |
"providerId": "allowed-protocol-mappers", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"allowed-protocol-mapper-types": [ | |
"oidc-full-name-mapper", | |
"oidc-sha256-pairwise-sub-mapper", | |
"oidc-usermodel-attribute-mapper", | |
"oidc-usermodel-property-mapper", | |
"saml-user-attribute-mapper", | |
"saml-user-property-mapper", | |
"oidc-address-mapper", | |
"saml-role-list-mapper" | |
] | |
} | |
}, | |
{ | |
"id": "4d1416a4-258b-4da8-81d1-4f9a11bdf5f3", | |
"name": "Full Scope Disabled", | |
"providerId": "scope", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": {} | |
} | |
], | |
"org.keycloak.keys.KeyProvider": [ | |
{ | |
"id": "f3f0b893-d3d7-49ed-9143-b3d79b107a1a", | |
"name": "rsa-generated", | |
"providerId": "rsa-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
] | |
} | |
}, | |
{ | |
"id": "3d4f6edf-00b6-4f41-851d-ff9992ef5876", | |
"name": "aes-generated", | |
"providerId": "aes-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
] | |
} | |
}, | |
{ | |
"id": "0a06e7c5-7574-4515-81c8-db8ed44eec4f", | |
"name": "hmac-generated", | |
"providerId": "hmac-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
], | |
"algorithm": [ | |
"HS256" | |
] | |
} | |
} | |
] | |
}, | |
"internationalizationEnabled": false, | |
"supportedLocales": [], | |
"authenticationFlows": [ | |
{ | |
"id": "40a3e792-dd34-4469-90ae-065e693e19bf", | |
"alias": "Account verification options", | |
"description": "Method with which to verity the existing account", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "idp-email-verification", | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "ALTERNATIVE", | |
"priority": 20, | |
"flowAlias": "Verify Existing Account by Re-authentication", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "a2b6fbaf-1879-4d9e-8578-f37645939f19", | |
"alias": "Authentication Options", | |
"description": "Authentication options.", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "basic-auth", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "basic-auth-otp", | |
"requirement": "DISABLED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-spnego", | |
"requirement": "DISABLED", | |
"priority": 30, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "d3ff51d3-fca0-4ae9-8922-c4f36eae81d5", | |
"alias": "Browser - Conditional OTP", | |
"description": "Flow to determine if the OTP is required for the authentication", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-otp-form", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "a0399efd-9a67-4f9c-89ea-000d04bd48d1", | |
"alias": "Direct Grant - Conditional OTP", | |
"description": "Flow to determine if the OTP is required for the authentication", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "direct-grant-validate-otp", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "ae243456-b794-4fca-876d-60f216b5fca9", | |
"alias": "First broker login - Conditional OTP", | |
"description": "Flow to determine if the OTP is required for the authentication", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-otp-form", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "c3c0f2b5-1821-4d9a-9c36-bf7266179a64", | |
"alias": "Handle Existing Account", | |
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "idp-confirm-link", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"flowAlias": "Account verification options", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "92c109df-78f2-4470-839c-61ac1bfe91c1", | |
"alias": "Reset - Conditional OTP", | |
"description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "reset-otp", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "490bfa05-9968-486d-ba13-303834a89e54", | |
"alias": "User creation or linking", | |
"description": "Flow for the existing/non-existing user alternatives", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticatorConfig": "create unique user config", | |
"authenticator": "idp-create-user-if-unique", | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "ALTERNATIVE", | |
"priority": 20, | |
"flowAlias": "Handle Existing Account", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "340193ac-0619-4634-b12f-9b1586bde55b", | |
"alias": "Verify Existing Account by Re-authentication", | |
"description": "Reauthentication of existing account", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "idp-username-password-form", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "CONDITIONAL", | |
"priority": 20, | |
"flowAlias": "First broker login - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "0dceb04d-091f-4ebf-8a1a-4ab5eeaba573", | |
"alias": "browser", | |
"description": "browser based authentication", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "auth-cookie", | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-spnego", | |
"requirement": "DISABLED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "identity-provider-redirector", | |
"requirement": "ALTERNATIVE", | |
"priority": 25, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "ALTERNATIVE", | |
"priority": 30, | |
"flowAlias": "forms", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "3002c324-794a-403e-8ff9-c803da46e231", | |
"alias": "clients", | |
"description": "Base authentication for clients", | |
"providerId": "client-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "client-secret", | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "client-jwt", | |
"requirement": "ALTERNATIVE", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "client-secret-jwt", | |
"requirement": "ALTERNATIVE", | |
"priority": 30, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "client-x509", | |
"requirement": "ALTERNATIVE", | |
"priority": 40, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "00225636-67c3-47d8-a320-0626083d9695", | |
"alias": "direct grant", | |
"description": "OpenID Connect Resource Owner Grant", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "direct-grant-validate-username", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "direct-grant-validate-password", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "CONDITIONAL", | |
"priority": 30, | |
"flowAlias": "Direct Grant - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "f025db2b-1fff-4db7-8cd8-dbd2eb69c456", | |
"alias": "docker auth", | |
"description": "Used by Docker clients to authenticate against the IDP", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "docker-http-basic-authenticator", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "32cc2395-bf05-4d7f-a413-50edf4be660e", | |
"alias": "first broker login", | |
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticatorConfig": "review profile config", | |
"authenticator": "idp-review-profile", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"flowAlias": "User creation or linking", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "5e3c4423-aecf-4096-9b3a-c0efb224afb8", | |
"alias": "forms", | |
"description": "Username, password, otp and other auth forms.", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "auth-username-password-form", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "CONDITIONAL", | |
"priority": 20, | |
"flowAlias": "Browser - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "a4070e9d-9720-46c5-aad8-6bdc0d542112", | |
"alias": "http challenge", | |
"description": "An authentication flow based on challenge-response HTTP Authentication Schemes", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "no-cookie-redirect", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"flowAlias": "Authentication Options", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "7be86764-ccd5-4df1-a047-f258ea0088c8", | |
"alias": "registration", | |
"description": "registration flow", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "registration-page-form", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"flowAlias": "registration form", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "6ca83039-d6c8-4a80-8e62-6b837b5a25ac", | |
"alias": "registration form", | |
"description": "registration form", | |
"providerId": "form-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "registration-user-creation", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "registration-profile-action", | |
"requirement": "REQUIRED", | |
"priority": 40, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "registration-password-action", | |
"requirement": "REQUIRED", | |
"priority": 50, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "registration-recaptcha-action", | |
"requirement": "DISABLED", | |
"priority": 60, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "f833be97-c7ce-43eb-b409-e959d8c806b8", | |
"alias": "reset credentials", | |
"description": "Reset credentials for a user if they forgot their password or something", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "reset-credentials-choose-user", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "reset-credential-email", | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "reset-password", | |
"requirement": "REQUIRED", | |
"priority": 30, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"requirement": "CONDITIONAL", | |
"priority": 40, | |
"flowAlias": "Reset - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "74010dd2-8a73-4727-bdce-bd7a5af32b0d", | |
"alias": "saml ecp", | |
"description": "SAML ECP Profile Authentication Flow", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "http-basic-authenticator", | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
} | |
], | |
"authenticatorConfig": [ | |
{ | |
"id": "775d88a0-b8a3-4eb8-acaa-730615a35099", | |
"alias": "create unique user config", | |
"config": { | |
"require.password.update.after.registration": "false" | |
} | |
}, | |
{ | |
"id": "e69684d4-8497-4693-b737-47130c18a669", | |
"alias": "review profile config", | |
"config": { | |
"update.profile.on.first.login": "missing" | |
} | |
} | |
], | |
"requiredActions": [ | |
{ | |
"alias": "CONFIGURE_TOTP", | |
"name": "Configure OTP", | |
"providerId": "CONFIGURE_TOTP", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 10, | |
"config": {} | |
}, | |
{ | |
"alias": "terms_and_conditions", | |
"name": "Terms and Conditions", | |
"providerId": "terms_and_conditions", | |
"enabled": false, | |
"defaultAction": false, | |
"priority": 20, | |
"config": {} | |
}, | |
{ | |
"alias": "UPDATE_PASSWORD", | |
"name": "Update Password", | |
"providerId": "UPDATE_PASSWORD", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 30, | |
"config": {} | |
}, | |
{ | |
"alias": "UPDATE_PROFILE", | |
"name": "Update Profile", | |
"providerId": "UPDATE_PROFILE", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 40, | |
"config": {} | |
}, | |
{ | |
"alias": "VERIFY_EMAIL", | |
"name": "Verify Email", | |
"providerId": "VERIFY_EMAIL", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 50, | |
"config": {} | |
}, | |
{ | |
"alias": "update_user_locale", | |
"name": "Update User Locale", | |
"providerId": "update_user_locale", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 1000, | |
"config": {} | |
} | |
], | |
"browserFlow": "browser", | |
"registrationFlow": "registration", | |
"directGrantFlow": "direct grant", | |
"resetCredentialsFlow": "reset credentials", | |
"clientAuthenticationFlow": "clients", | |
"dockerAuthenticationFlow": "docker auth", | |
"attributes": { | |
"clientOfflineSessionMaxLifespan": "0", | |
"clientSessionIdleTimeout": "0", | |
"clientSessionMaxLifespan": "0", | |
"clientOfflineSessionIdleTimeout": "0" | |
}, | |
"keycloakVersion": "11.0.3", | |
"userManagedAccessAllowed": false | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Create a directory | |
mkdir sunbird-rc-sources | |
cd $_ | |
# Clone the sunbird repo | |
git clone https://github.com/Sunbird-RC/sunbird-rc-core.git core | |
# Fetch the docker-compose and config files | |
git clone https://gist.github.com/055875c27d3af1bb27c408223b390767.git tools | |
# Start postgress, elastic search and keycloak | |
cd tools/ | |
docker-compose up -d db es keycloak | |
echo "Import sunbird-rc-sources/tools/realm-export.json as a new realm into the keycloak console on http://localhost:8080/auth/admin" | |
cd ../ | |
# Build the registry jar | |
cd core/ | |
./configure-dependencies.sh | |
cd java/ | |
cp ../../tools/application.yaml ./registry/src/main/resources/application.yml | |
mvn clean install -DskipTests | |
java -jar registry/target/registry.jar |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment