ps.keycloak.1.0.5.source-code.cm.yml Maven / Gradle / Ivy
metadata:
annotations:
expose.config.fabric8.io/apiserver-url-key: apiserver.url
expose.service-key.config.fabric8.io/fabric8: fabric8.url
expose.service-key.config.fabric8.io/keycloak: keycloak.url
expose.service-key.config.fabric8.io/jenkins: jenkins.url
expose-full.service-key.config.fabric8.io/wit: wit.api.url
expose-no-path.service-key.config.fabric8.io/auth: auth.url
data:
db.url: keycloak-db
db.port: "5432"
apiserver.url: http://kubernetes
fabric8.url: http://fabric8
jenkins.url: http://jenkins
keycloak.url: http://keycloak
auth.api.url: http://auth
wit.api.url: http://wit
fabric8-realm.json: |-
{
"realm": "fabric8",
"enabled": true,
"loginTheme": "fabric8",
"privateKey": "${KEYCLOAK_PRIVATEKEY}",
"publicKey": "${KEYCLOAK_PUBLICKEY}",
"sslRequired": "external",
"accessTokenLifespan": 2592000,
"accessTokenLifespanForImplicitFlow": 1296000,
"ssoSessionIdleTimeout": 2592000,
"accessCodeLifespanUserAction": 36000,
"accessCodeLifespanLogin": 2592000,
"ssoSessionMaxLifespan": 2592000,
"offlineSessionIdleTimeout": 2592000,
"accessCodeLifespan": 60,
"clients": [
{
"clientId": "fabric8-online-platform",
"enabled": true,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"authorizationServicesEnabled": true,
"fullScopeAllowed": true,
"serviceAccountsEnabled": true,
"clientAuthenticatorType": "client-secret",
"secret": "${KEYCLOAK_CLIENTID_SECRET}",
"publicClient": true,
"adminUrl": "",
"baseUrl": "",
"redirectUris": [
"http://localhost:8080/api/login/*",
"${AUTH_URL}*",
"${WIT_URL}*",
"${JENKINS_URL}/securityRealm/finishLogin",
"${KEYCLOAK_URL}/*"
],
"webOrigins": [
"*"
],
"defaultRoles": [
"uma_protection"
],
"authorizationSettings": {
"allowRemoteResourceManagement": true,
"policyEnforcementMode": "ENFORCING",
"scopes": [
{
"name": "read:space"
},
{
"name": "admin:space"
}
]
},
"protocolMappers": [
{
"id": "0dc3e03b-f0c3-4e7e-b0c9-d99c46ba9161",
"name": "Approved",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "approved",
"id.token.claim": "false",
"access.token.claim": "true",
"claim.name": "approved",
"jsonType.label": "boolean"
}
},
{
"id" : "5f949838-20b6-4544-998c-96d066298b3d",
"name" : "email",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : true,
"consentText" : "${email}",
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email",
"jsonType.label" : "String"
}
}, {
"id" : "7bd87e1c-76a7-4856-ab58-a49d15ccdad8",
"name" : "given name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : true,
"consentText" : "${givenName}",
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "given_name",
"jsonType.label" : "String"
}
}, {
"id" : "fd7a276f-12bf-4cb9-86a5-d91dd00518e7",
"name" : "username",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : true,
"consentText" : "${username}",
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "preferred_username",
"jsonType.label" : "String"
}
}, {
"id" : "a7fd0801-be94-4540-af9f-45f0f8914224",
"name" : "role list",
"protocol" : "saml",
"protocolMapper" : "saml-role-list-mapper",
"consentRequired" : false,
"config" : {
"single" : "false",
"attribute.nameformat" : "Basic",
"attribute.name" : "Role"
}
}, {
"id" : "fbf2ac93-fb3b-4e15-afc8-585e5e8e1049",
"name" : "full name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-full-name-mapper",
"consentRequired" : true,
"consentText" : "${fullName}",
"config" : {
"id.token.claim" : "true",
"access.token.claim" : "true",
"userinfo.token.claim" : "true"
}
}, {
"id" : "3d6c2c1f-f048-45b1-b1cf-a0774397ad7f",
"name" : "Client IP Address",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"consentText" : "",
"config" : {
"user.session.note" : "clientAddress",
"userinfo.token.claim" : "true",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientAddress",
"jsonType.label" : "String"
}
}, {
"id" : "57ec513a-aa97-46b8-b888-4c2f9197d6db",
"name" : "family name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : true,
"consentText" : "${familyName}",
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "family_name",
"jsonType.label" : "String"
}
}, {
"id" : "bdc1ad99-471f-4c83-aa2e-03fbcf620954",
"name" : "Client ID",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"consentText" : "",
"config" : {
"user.session.note" : "clientId",
"userinfo.token.claim" : "true",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientId",
"jsonType.label" : "String"
}
}, {
"id" : "1fa76490-354b-4b62-a6d0-b767a165d2a1",
"name" : "Client Host",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"consentText" : "",
"config" : {
"user.session.note" : "clientHost",
"userinfo.token.claim" : "true",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientHost",
"jsonType.label" : "String"
}
}
]
},
{
"clientId": "che",
"enabled": true,
"redirectUris": [
"*"
],
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"publicClient": true,
"protocol": "openid-connect",
"fullScopeAllowed": true
}
],
"users": [
{
"username": "service-account-fabric8-online-platform",
"enabled": true,
"totp": false,
"emailVerified": false,
"email": "[email protected]",
"serviceAccountClientId": "fabric8-online-platform",
"credentials": [],
"disableableCredentialTypes": [],
"requiredActions": [],
"realmRoles": [
"offline_access",
"uma_authorization"
],
"clientRoles": {
"realm-management": [
"view-users",
"manage-authorization"
],
"broker": [
"read-token"
],
"fabric8-online-platform": [
"uma_protection"
],
"account": [
"manage-account",
"view-profile"
]
},
"groups": []
}
],
"clientScopeMappings": {
"realm-management": [
{
"client": "fabric8-online-platform",
"roles": [
"view-users"
]
},
{
"client": "fabric8-online-platform",
"roles": [
"manage-authorization"
]
}
],
"broker": [
{
"client": "fabric8-online-platform",
"roles": [
"read-token"
]
}
]
},
"roles": {
"realm": [
{
"name": "read:space",
"description": "Read space"
},
{
"name": "admin:space",
"description": "Admin space"
}
]
},
"identityProviders": [
{
"alias": "openshift-v3",
"providerId": "openshift-v3",
"enabled": true,
"updateProfileFirstLogin": "true",
"storeToken": "true",
"addReadTokenRoleOnCreate": true,
"config": {
"hideOnLoginPage": "${HIDE_OPENSHIFT_BTN}",
"baseUrl": "${K8S_API_SERVER}",
"clientId": "fabric8-online-platform",
"defaultScope": "user:full",
"clientSecret": "fabric8"
}
},
{
"alias": "github",
"providerId": "github",
"enabled": true,
"updateProfileFirstLogin": "true",
"storeToken": "true",
"trustEmail": true,
"addReadTokenRoleOnCreate": true,
"config": {
"hideOnLoginPage": "${HIDE_GITHUB_BTN}",
"clientSecret": "${GITHUB_OAUTH_CLIENT_SECRET}",
"clientId": "${GITHUB_OAUTH_CLIENT_ID}",
"defaultScope": "admin:repo_hook read:org repo user gist",
"useJwksUrl": "true"
}
}
],
"identityProviderMappers": [
{
"name": "approved",
"identityProviderAlias": "openshift-v3",
"identityProviderMapper": "hardcoded-attribute-idp-mapper",
"config": {
"attribute.value": "true",
"attribute": "approved"
}
},
{
"name": "approved",
"identityProviderAlias": "github",
"identityProviderMapper": "hardcoded-attribute-idp-mapper",
"config": {
"attribute.value": "true",
"attribute": "approved"
}
}
]
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy