diff --git a/backoffice-bff/src/main/java/com/yas/backofficebff/Application.java b/backoffice-bff/src/main/java/com/yas/backofficebff/Application.java
index 4ea18b4ba0..d409217a82 100644
--- a/backoffice-bff/src/main/java/com/yas/backofficebff/Application.java
+++ b/backoffice-bff/src/main/java/com/yas/backofficebff/Application.java
@@ -2,12 +2,41 @@
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+
@SpringBootApplication
@EnableWebFluxSecurity
public class Application {
+ // TODO remove this bean after https://github.com/spring-projects/spring-security/issues/15989#issuecomment-2442660753 is fixed
+ @Bean
+ @Order(Ordered.HIGHEST_PRECEDENCE)
+ WebFilter writeableHeaders() {
+ return (exchange, chain) -> {
+ HttpHeaders writeableHeaders = HttpHeaders.writableHttpHeaders(
+ exchange.getRequest().getHeaders());
+ ServerHttpRequestDecorator writeableRequest = new ServerHttpRequestDecorator(
+ exchange.getRequest()) {
+ @Override
+ public HttpHeaders getHeaders() {
+ return writeableHeaders;
+ }
+ };
+ ServerWebExchange writeableExchange = exchange.mutate()
+ .request(writeableRequest)
+ .build();
+ return chain.filter(writeableExchange);
+ };
+ }
+
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
diff --git a/cart/src/test/java/com/yas/cart/controller/CartItemControllerTest.java b/cart/src/test/java/com/yas/cart/controller/CartItemControllerTest.java
index 64b869b92f..7a4c9cddb5 100644
--- a/cart/src/test/java/com/yas/cart/controller/CartItemControllerTest.java
+++ b/cart/src/test/java/com/yas/cart/controller/CartItemControllerTest.java
@@ -1,18 +1,5 @@
package com.yas.cart.controller;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.anyList;
-import static org.mockito.ArgumentMatchers.anyLong;
-import static org.mockito.Mockito.doNothing;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-
import com.fasterxml.jackson.databind.ObjectMapper;
import com.yas.cart.service.CartItemService;
import com.yas.cart.viewmodel.CartItemDeleteVm;
@@ -20,7 +7,7 @@
import com.yas.cart.viewmodel.CartItemPostVm;
import com.yas.cart.viewmodel.CartItemPutVm;
import com.yas.commonlibrary.exception.ApiExceptionHandler;
-import java.util.List;
+import jakarta.ws.rs.core.MediaType;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
@@ -29,12 +16,19 @@
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
import org.springframework.boot.test.mock.mockito.MockBean;
-import org.springframework.http.MediaType;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
+import java.util.List;
+
+import static org.mockito.ArgumentMatchers.*;
+import static org.mockito.Mockito.*;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
@ExtendWith(SpringExtension.class)
@WebMvcTest
@ContextConfiguration(classes = {CartItemController.class, ApiExceptionHandler.class})
diff --git a/common-library/src/test/resources/test-realm.json b/common-library/src/test/resources/test-realm.json
index ecf799f97d..2a20263180 100644
--- a/common-library/src/test/resources/test-realm.json
+++ b/common-library/src/test/resources/test-realm.json
@@ -2,6 +2,7 @@
"id" : "quarkus",
"realm" : "quarkus",
"notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
"revokeRefreshToken" : false,
"refreshTokenMaxReuse" : 0,
"accessTokenLifespan" : 300,
@@ -22,6 +23,8 @@
"accessCodeLifespanLogin" : 1800,
"actionTokenGeneratedByAdminLifespan" : 43200,
"actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
"enabled" : true,
"sslRequired" : "external",
"registrationAllowed" : false,
@@ -34,6 +37,7 @@
"editUsernameAllowed" : false,
"bruteForceProtected" : false,
"permanentLockout" : false,
+ "maxTemporaryLockouts" : 0,
"maxFailureWaitSeconds" : 900,
"minimumQuickLoginWaitSeconds" : 60,
"waitIncrementSeconds" : 60,
@@ -41,61 +45,68 @@
"maxDeltaTimeSeconds" : 43200,
"failureFactor" : 30,
"roles" : {
- "realm" : [
- {
- "id": "f2da71cd-654f-4beb-8ec8-fa78d6fc1219",
- "name": "default-roles-yas",
- "description": "${role_default-roles}",
- "composite": true,
- "composites": {
- "realm": [
- "offline_access",
- "uma_authorization"
- ]
- },
- "clientRole": false,
- "containerId": "Yas",
- "attributes": {}
+ "realm" : [ {
+ "id" : "5ae801de-cd65-42c1-ac5e-3b051abadcff",
+ "name" : "admin",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ }, {
+ "id" : "2bca19e3-c333-41fb-8549-526536f039fb",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ }, {
+ "id" : "c924843b-38ab-4c85-871c-86f6e0b47500",
+ "name" : "user",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ }, {
+ "id" : "f2da71cd-654f-4beb-8ec8-fa78d6fc1219",
+ "name" : "default-roles-yas",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ]
},
- {
- "id": "eadee165-c7b4-4508-bf60-937580c5d987",
- "name": "ADMIN",
- "composite": false,
- "clientRole": false,
- "containerId": "Yas",
- "attributes": {}
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ }, {
+ "id" : "c17986f0-52e2-48e8-a6e3-032404e39c7c",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-profile", "manage-account" ]
+ }
},
- {
- "id" : "5ae801de-cd65-42c1-ac5e-3b051abadcff",
- "name" : "admin",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "quarkus",
- "attributes" : { }
- }, {
- "id" : "2bca19e3-c333-41fb-8549-526536f039fb",
- "name" : "uma_authorization",
- "description" : "${role_uma_authorization}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "quarkus",
- "attributes" : { }
- }, {
- "id" : "c924843b-38ab-4c85-871c-86f6e0b47500",
- "name" : "user",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "quarkus",
- "attributes" : { }
- }, {
- "id" : "589c3954-acfd-4689-815d-d3e7ce172045",
- "name" : "offline_access",
- "description" : "${role_offline-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "quarkus",
- "attributes" : { }
- } ],
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ }, {
+ "id" : "eadee165-c7b4-4508-bf60-937580c5d987",
+ "name" : "ADMIN",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ }, {
+ "id" : "589c3954-acfd-4689-815d-d3e7ce172045",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "quarkus",
+ "attributes" : { }
+ } ],
"client" : {
"realm-management" : [ {
"id" : "1c1db47d-3e9f-4bcb-aa37-b5b4b0d67942",
@@ -237,7 +248,7 @@
"composite" : true,
"composites" : {
"client" : {
- "realm-management" : [ "view-identity-providers", "manage-identity-providers", "manage-authorization", "view-events", "manage-realm", "create-client", "manage-clients", "view-authorization", "query-realms", "query-clients", "view-clients", "manage-users", "view-realm", "impersonation", "query-groups", "view-users", "query-users", "manage-events" ]
+ "realm-management" : [ "view-identity-providers", "manage-identity-providers", "manage-authorization", "view-events", "manage-realm", "create-client", "manage-clients", "view-authorization", "query-realms", "query-clients", "manage-users", "view-clients", "view-realm", "impersonation", "query-groups", "view-users", "query-users", "manage-events" ]
}
},
"clientRole" : true,
@@ -267,7 +278,14 @@
} ],
"security-admin-console" : [ ],
"admin-cli" : [ ],
- "quarkus-service" : [ ],
+ "quarkus-service" : [ {
+ "id" : "99fe1276-bafe-4923-8817-d370339c63a1",
+ "name" : "uma_protection",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "56443d41-f71f-490f-872c-5daa01b31a28",
+ "attributes" : { }
+ } ],
"account-console" : [ ],
"broker" : [ {
"id" : "7a996641-0139-4e46-9cf8-96273e57d0ba",
@@ -294,6 +312,14 @@
"clientRole" : true,
"containerId" : "b2ef7463-a161-4bd7-a9d3-361633512bce",
"attributes" : { }
+ }, {
+ "id" : "6f8031dc-b539-4ff8-b100-200b9872f72e",
+ "name" : "view-groups",
+ "description" : "${role_view-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b2ef7463-a161-4bd7-a9d3-361633512bce",
+ "attributes" : { }
}, {
"id" : "ee3d20f8-544f-49d9-b98c-0e46589c67f1",
"name" : "view-profile",
@@ -348,6 +374,14 @@
}
},
"groups" : [ ],
+ "defaultRole" : {
+ "id" : "c17986f0-52e2-48e8-a6e3-032404e39c7c",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "quarkus"
+ },
"requiredCredentials" : [ "password" ],
"otpPolicyType" : "totp",
"otpPolicyAlgorithm" : "HmacSHA1",
@@ -355,7 +389,9 @@
"otpPolicyDigits" : 6,
"otpPolicyLookAheadWindow" : 1,
"otpPolicyPeriod" : 30,
- "otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ],
+ "otpPolicyCodeReusable" : false,
+ "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
+ "localizationTexts" : { },
"webAuthnPolicyRpEntityName" : "keycloak",
"webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
"webAuthnPolicyRpId" : "",
@@ -366,6 +402,7 @@
"webAuthnPolicyCreateTimeout" : 0,
"webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
"webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyExtraOrigins" : [ ],
"webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
"webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
"webAuthnPolicyPasswordlessRpId" : "",
@@ -376,16 +413,17 @@
"webAuthnPolicyPasswordlessCreateTimeout" : 0,
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
"webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
"users" : [ {
"id" : "7d40c686-612a-4b49-93fd-e28244f40136",
- "createdTimestamp" : 1617800939748,
"username" : "admin",
- "enabled" : true,
- "totp" : false,
- "emailVerified" : false,
"firstName" : "Admin",
"lastName" : "Admin",
"email" : "admin@localhost",
+ "emailVerified" : false,
+ "createdTimestamp" : 1617800939748,
+ "enabled" : true,
+ "totp" : false,
"credentials" : [ {
"id" : "b68a1141-f42e-4cba-8c7a-97a47fb81857",
"type" : "password",
@@ -395,7 +433,7 @@
} ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
- "realmRoles": ["default-roles-yas", "ADMIN"],
+ "realmRoles" : [ "default-roles-yas", "ADMIN" ],
"clientRoles" : {
"account" : [ "view-profile", "manage-account" ]
},
@@ -403,14 +441,14 @@
"groups" : [ ]
}, {
"id" : "af9b247a-ff16-424b-af38-e7473c16a406",
- "createdTimestamp" : 1617800970630,
"username" : "john",
- "enabled" : true,
- "totp" : false,
- "emailVerified" : false,
"firstName" : "John",
"lastName" : "Doe",
"email" : "john@localhost",
+ "emailVerified" : false,
+ "createdTimestamp" : 1617800970630,
+ "enabled" : true,
+ "totp" : false,
"credentials" : [ {
"id" : "e86c9af1-5e25-4918-bc70-457a3aade97b",
"type" : "password",
@@ -426,6 +464,23 @@
},
"notBefore" : 0,
"groups" : [ ]
+ }, {
+ "id" : "1bdb5de1-c678-4798-a364-ddc81a0d373b",
+ "username" : "service-account-quarkus-service",
+ "emailVerified" : false,
+ "createdTimestamp" : 1730174216098,
+ "enabled" : true,
+ "totp" : false,
+ "serviceAccountClientId" : "quarkus-service",
+ "credentials" : [ ],
+ "disableableCredentialTypes" : [ ],
+ "requiredActions" : [ ],
+ "realmRoles" : [ "default-roles-quarkus" ],
+ "clientRoles" : {
+ "quarkus-service" : [ "uma_protection" ]
+ },
+ "notBefore" : 0,
+ "groups" : [ ]
} ],
"scopeMappings" : [ {
"clientScope" : "offline_access",
@@ -434,7 +489,7 @@
"clientScopeMappings" : {
"account" : [ {
"client" : "account-console",
- "roles" : [ "manage-account" ]
+ "roles" : [ "manage-account", "view-groups" ]
} ]
},
"clients" : [ {
@@ -448,7 +503,6 @@
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"secret" : "46c49daf-fa62-4744-883d-d32e810cfb9c",
- "defaultRoles" : [ "view-profile", "manage-account" ],
"redirectUris" : [ "/realms/quarkus/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -461,11 +515,14 @@
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "0e2c27dd-f217-4926-a575-4c59171f9f39",
@@ -477,7 +534,6 @@
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "134ac396-96f5-432a-8241-faf3de2711f6",
"redirectUris" : [ "/realms/quarkus/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -491,6 +547,8 @@
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
@@ -504,7 +562,7 @@
"consentRequired" : false,
"config" : { }
} ],
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "6f9a7a50-f05f-4833-8dba-2492a2a70b40",
@@ -514,7 +572,6 @@
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "8caf9d87-7e94-4597-931a-4cb5357e72b2",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -527,11 +584,15 @@
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "realm_client" : "false",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
"authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
+ "fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "d4c8f765-b8b3-44fa-a99c-4001172f98f3",
@@ -554,11 +615,14 @@
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "56443d41-f71f-490f-872c-5daa01b31a28",
@@ -577,7 +641,7 @@
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : true,
"serviceAccountsEnabled" : true,
- "authorizationServicesEnabled": true,
+ "authorizationServicesEnabled" : true,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
@@ -586,13 +650,14 @@
"saml.multivalued.roles" : "false",
"saml.force.post.binding" : "false",
"saml.encrypt" : "false",
- "post.logout.redirect.uris": "+",
- "oauth2.device.authorization.grant.enabled": "false",
+ "post.logout.redirect.uris" : "+",
+ "oauth2.device.authorization.grant.enabled" : "false",
"backchannel.logout.revoke.offline.tokens" : "false",
"saml.server.signature" : "false",
"saml.server.signature.keyinfo.ext" : "false",
"exclude.session.state.from.auth.response" : "false",
- "oidc.ciba.grant.enabled": "false",
+ "realm_client" : "false",
+ "oidc.ciba.grant.enabled" : "false",
"backchannel.logout.session.required" : "true",
"client_credentials.use_refresh_token" : "false",
"saml_force_name_id_format" : "false",
@@ -605,84 +670,109 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : -1,
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "protocolMappers" : [ {
+ "id" : "de79a43c-2046-452d-a8d8-7d9da6fcf3f1",
+ "name" : "Client IP Address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientAddress",
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientAddress",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d62d6180-3826-459a-87f5-8c4b78ee6c96",
+ "name" : "Client Host",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientHost",
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientHost",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "1138c06e-87da-4064-a381-abdb888b9b8a",
+ "name" : "Client ID",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "client_id",
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "client_id",
+ "jsonType.label" : "String"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ],
- "authorizationSettings": {
- "allowRemoteResourceManagement": true,
- "policyEnforcementMode": "ENFORCING",
- "resources": [
- {
- "name": "Admin Resource",
- "ownerManagedAccess": false,
- "attributes": {},
- "_id": "d2b855d4-61f6-4159-9b89-b0257ad380c9",
- "uris": [
- "/admin/*"
- ],
- "icon_uri": ""
- },
- {
- "name": "User Resource",
- "ownerManagedAccess": false,
- "attributes": {},
- "_id": "6f589c2e-160c-487b-8e8c-8141dc441b2a",
- "uris": [
- "/users/*"
- ],
- "icon_uri": ""
+ "authorizationSettings" : {
+ "allowRemoteResourceManagement" : true,
+ "policyEnforcementMode" : "ENFORCING",
+ "resources" : [ {
+ "name" : "Admin Resource",
+ "ownerManagedAccess" : false,
+ "attributes" : { },
+ "uris" : [ "/admin/*" ],
+ "icon_uri" : ""
+ }, {
+ "name" : "User Resource",
+ "ownerManagedAccess" : false,
+ "attributes" : { },
+ "uris" : [ "/users/*" ],
+ "icon_uri" : ""
+ } ],
+ "policies" : [ {
+ "name" : "Any User Policy",
+ "description" : "Any user granted with the user role can access something",
+ "type" : "role",
+ "logic" : "POSITIVE",
+ "decisionStrategy" : "UNANIMOUS",
+ "config" : {
+ "roles" : "[{\"id\":\"user\",\"required\":false}]"
}
- ],
- "policies": [
- {
- "id": "2aaaff19-710d-479d-80b8-ef57e4e258d8",
- "name": "Any User Policy",
- "description": "Any user granted with the user role can access something",
- "type": "role",
- "logic": "POSITIVE",
- "decisionStrategy": "UNANIMOUS",
- "config": {
- "roles": "[{\"id\":\"user\",\"required\":false}]"
- }
- },
- {
- "id": "43b4ae35-5fc4-45d7-b0a2-501e772ecb84",
- "name": "Only Admins",
- "description": "Only administrators can access",
- "type": "role",
- "logic": "POSITIVE",
- "decisionStrategy": "UNANIMOUS",
- "config": {
- "roles": "[{\"id\":\"admin\",\"required\":false}]"
- }
- },
- {
- "id": "06fc24d8-1f84-46f4-ae7b-e13a505195f1",
- "name": "User Resource Permission",
- "description": "",
- "type": "resource",
- "logic": "POSITIVE",
- "decisionStrategy": "UNANIMOUS",
- "config": {
- "defaultResourceType": "",
- "resources": "[\"User Resource\"]",
- "applyPolicies": "[\"Any User Policy\"]"
- }
- },
- {
- "id": "d75310e2-8b14-4c88-9148-2fa82220e30b",
- "name": "Admin Resource Permission",
- "description": "",
- "type": "resource",
- "logic": "POSITIVE",
- "decisionStrategy": "UNANIMOUS",
- "config": {
- "resources": "[\"Admin Resource\"]",
- "applyPolicies": "[\"Only Admins\"]"
- }
+ }, {
+ "name" : "Only Admins",
+ "description" : "Only administrators can access",
+ "type" : "role",
+ "logic" : "POSITIVE",
+ "decisionStrategy" : "UNANIMOUS",
+ "config" : {
+ "roles" : "[{\"id\":\"admin\",\"required\":false}]"
+ }
+ }, {
+ "name" : "User Resource Permission",
+ "description" : "",
+ "type" : "resource",
+ "logic" : "POSITIVE",
+ "decisionStrategy" : "UNANIMOUS",
+ "config" : {
+ "defaultResourceType" : "",
+ "resources" : "[\"User Resource\"]",
+ "applyPolicies" : "[\"Any User Policy\"]"
+ }
+ }, {
+ "name" : "Admin Resource Permission",
+ "description" : "",
+ "type" : "resource",
+ "logic" : "POSITIVE",
+ "decisionStrategy" : "UNANIMOUS",
+ "config" : {
+ "resources" : "[\"Admin Resource\"]",
+ "applyPolicies" : "[\"Only Admins\"]"
}
- ],
- "scopes": [],
- "decisionStrategy": "UNANIMOUS"
+ } ],
+ "scopes" : [ ],
+ "decisionStrategy" : "UNANIMOUS"
}
}, {
"id" : "752904b5-c4f5-473e-ba84-7d214afdf792",
@@ -692,7 +782,6 @@
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "70fd3aa0-f353-4860-9a67-5eb86684e0a8",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -705,11 +794,14 @@
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "defaultClientScopes" : [ "web-origins", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "b720bc75-35bf-4dcd-a5a9-90d1267a3b04",
@@ -721,7 +813,6 @@
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "55fbb9e1-4410-48b7-b1ad-7b043144b859",
"redirectUris" : [ "/admin/quarkus/console/*" ],
"webOrigins" : [ "+" ],
"notBefore" : 0,
@@ -735,10 +826,13 @@
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
+ "realm_client" : "false",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
+ "fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "44e02e60-ae62-4b32-b20b-226565749528",
@@ -747,463 +841,520 @@
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
- "jsonType.label" : "String"
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
} ],
- "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
- "id" : "0110b627-1823-4aa2-9c12-e25eb8bc1d24",
- "name" : "offline_access",
- "description" : "OpenID Connect built-in scope: offline_access",
- "protocol" : "openid-connect",
- "attributes" : {
- "consent.screen.text" : "${offlineAccessScopeConsentText}",
- "display.on.consent.screen" : "true"
- }
- }, {
- "id" : "14a58948-73a4-4679-ae93-93e7cf91f337",
- "name" : "role_list",
- "description" : "SAML role list",
- "protocol" : "saml",
- "attributes" : {
- "consent.screen.text" : "${samlRoleListScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "203f72b9-e269-4433-a1d6-5067a82e6029",
- "name" : "role list",
- "protocol" : "saml",
- "protocolMapper" : "saml-role-list-mapper",
- "consentRequired" : false,
- "config" : {
- "single" : "false",
- "attribute.nameformat" : "Basic",
- "attribute.name" : "Role"
- }
- } ]
- }, {
- "id" : "e8d6fa1d-5d10-4388-a815-b8cc269cf521",
- "name" : "profile",
- "description" : "OpenID Connect built-in scope: profile",
+ "id" : "183a7265-5d2a-41bd-baf0-dd376b366063",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${profileScopeConsentText}"
+ "consent.screen.text" : "${emailScopeConsentText}",
+ "display.on.consent.screen" : "true"
},
"protocolMappers" : [ {
- "id" : "e0d1b63e-956f-43aa-8bf0-5331d2b6160c",
- "name" : "given name",
+ "id" : "887b7325-71e4-4eac-a197-6948862cb928",
+ "name" : "email verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "firstName",
+ "user.attribute" : "emailVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "given_name",
- "jsonType.label" : "String"
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean",
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "dfa55ca4-9c69-4238-bebf-9bcc9144508e",
- "name" : "username",
+ "id" : "7f540ab7-f7b6-41d7-b56c-5b63ec354abe",
+ "name" : "email",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "username",
+ "user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "preferred_username",
- "jsonType.label" : "String"
+ "claim.name" : "email",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
- }, {
- "id" : "bae556b2-5a2e-4eea-b5cb-717e0c4cbf5f",
- "name" : "gender",
+ } ]
+ }, {
+ "id" : "31584bc1-4d32-4f1e-b04c-3e66d501e62d",
+ "name" : "basic",
+ "description" : "OpenID Connect scope for add all basic claims to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "620ac386-60b3-4762-9624-cce08544ad7b",
+ "name" : "auth_time",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "gender",
+ "user.session.note" : "AUTH_TIME",
"id.token.claim" : "true",
+ "introspection.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "gender",
- "jsonType.label" : "String"
+ "claim.name" : "auth_time",
+ "jsonType.label" : "long"
}
}, {
- "id" : "9a4b7133-a0f3-4043-884e-b9bf571c81d7",
- "name" : "locale",
+ "id" : "5144c762-3481-4e7b-af93-f4934e38f4eb",
+ "name" : "sub",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-sub-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "locale",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "locale",
- "jsonType.label" : "String"
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
}
- }, {
- "id" : "6164139c-c1f4-44bb-9c22-800e2d21ca09",
- "name" : "zoneinfo",
+ } ]
+ }, {
+ "id" : "abed9a36-8900-4eec-9d58-9528f6f284ac",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "ef60ce57-9cfa-449c-9624-f74a16944327",
+ "name" : "phone number",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "zoneinfo",
+ "user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "zoneinfo",
- "jsonType.label" : "String"
+ "claim.name" : "phone_number",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "527d79d0-1966-4b90-92f0-0b54c623d596",
- "name" : "updated at",
+ "id" : "b3636e01-5cb1-4ce2-b08a-913f15bbc738",
+ "name" : "phone number verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "updatedAt",
+ "user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "updated_at",
- "jsonType.label" : "String"
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean",
+ "userinfo.token.claim" : "true"
}
- }, {
- "id" : "39655902-2b3a-4205-a8db-03ad38bb4df6",
- "name" : "birthdate",
+ } ]
+ }, {
+ "id" : "616b9e4e-3434-4789-a5a6-4cc0c84157ca",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "40fd413c-352f-421b-b13a-44feadbeb3bd",
+ "name" : "acr loa level",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-acr-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "birthdate",
"id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "birthdate",
- "jsonType.label" : "String"
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
}
- }, {
- "id" : "3e9b71e1-0829-4a57-80ff-09f2718abf13",
- "name" : "full name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-full-name-mapper",
+ } ]
+ }, {
+ "id" : "bf8af7d9-fff7-427e-880e-62ea16ab94e9",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "cd85be29-34ed-47e2-b0ce-2270f8061f09",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
"consentRequired" : false,
"config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
"id.token.claim" : "true",
+ "user.attribute.region" : "region",
"access.token.claim" : "true",
- "userinfo.token.claim" : "true"
+ "user.attribute.locality" : "locality"
}
- }, {
- "id" : "d6f5b49a-df41-4fee-93ec-246e5202fdff",
- "name" : "family name",
+ } ]
+ }, {
+ "id" : "2036bd5e-f33d-442d-8ed0-6bf9a50ad45d",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "consent.screen.text" : "${rolesScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "73ac1825-7ac3-40ad-8f38-b2620808b02f",
+ "name" : "realm roles",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "lastName",
- "id.token.claim" : "true",
+ "user.attribute" : "foo",
"access.token.claim" : "true",
- "claim.name" : "family_name",
- "jsonType.label" : "String"
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
}
}, {
- "id" : "5a648f3a-07d2-4c8d-afe8-c1accb9b1187",
- "name" : "profile",
+ "id" : "0d0ca6ec-e6cc-425f-ba92-2ed4b7778faf",
+ "name" : "audience resolve",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
"consentRequired" : false,
- "config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "profile",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "profile",
- "jsonType.label" : "String"
- }
+ "config" : { }
}, {
- "id" : "b7e2d1ac-2517-4df1-b9a9-afb925339731",
- "name" : "middle name",
+ "id" : "aa5d7eab-30e5-49eb-a4fe-4ad425fffd64",
+ "name" : "client roles",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "middleName",
- "id.token.claim" : "true",
+ "user.attribute" : "foo",
"access.token.claim" : "true",
- "claim.name" : "middle_name",
- "jsonType.label" : "String"
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
}
- }, {
- "id" : "0c2ab3b5-f6c6-45d8-8894-3cf71dc6fb38",
- "name" : "nickname",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ } ]
+ }, {
+ "id" : "0110b627-1823-4aa2-9c12-e25eb8bc1d24",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ }
+ }, {
+ "id" : "14a58948-73a4-4679-ae93-93e7cf91f337",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "203f72b9-e269-4433-a1d6-5067a82e6029",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "nickname",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "nickname",
- "jsonType.label" : "String"
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
}
- }, {
- "id" : "9e7b6084-7a84-4699-9b51-d619094f4ff9",
- "name" : "website",
+ } ]
+ }, {
+ "id" : "4c7b020d-ab2d-4cee-a9c1-26b5a28453df",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "consent.screen.text" : "",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "9762fd5d-17bf-4666-b538-0adee5f584c3",
+ "name" : "allowed web origins",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "92cb2a60-3a1f-4bf1-94b9-078e80cff964",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "1354aade-9a9f-41db-a462-f2071532fd6f",
+ "name" : "groups",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
+ "multivalued" : "true",
"userinfo.token.claim" : "true",
- "user.attribute" : "website",
+ "user.attribute" : "foo",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "website",
+ "claim.name" : "groups",
"jsonType.label" : "String"
}
}, {
- "id" : "61ab8691-6995-4d4f-8917-67093c8aedfb",
- "name" : "picture",
+ "id" : "0e78dfa6-86dd-4960-a23b-44c3329df528",
+ "name" : "upn",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "picture",
+ "user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "picture",
- "jsonType.label" : "String"
+ "claim.name" : "upn",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
} ]
}, {
- "id" : "183a7265-5d2a-41bd-baf0-dd376b366063",
- "name" : "email",
- "description" : "OpenID Connect built-in scope: email",
+ "id" : "e8d6fa1d-5d10-4388-a815-b8cc269cf521",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${emailScopeConsentText}"
+ "consent.screen.text" : "${profileScopeConsentText}",
+ "display.on.consent.screen" : "true"
},
"protocolMappers" : [ {
- "id" : "887b7325-71e4-4eac-a197-6948862cb928",
- "name" : "email verified",
+ "id" : "e0d1b63e-956f-43aa-8bf0-5331d2b6160c",
+ "name" : "given name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "emailVerified",
+ "user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "email_verified",
- "jsonType.label" : "boolean"
+ "claim.name" : "given_name",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "7f540ab7-f7b6-41d7-b56c-5b63ec354abe",
- "name" : "email",
+ "id" : "dfa55ca4-9c69-4238-bebf-9bcc9144508e",
+ "name" : "username",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "email",
+ "user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "email",
- "jsonType.label" : "String"
+ "claim.name" : "preferred_username",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
- } ]
- }, {
- "id" : "bf8af7d9-fff7-427e-880e-62ea16ab94e9",
- "name" : "address",
- "description" : "OpenID Connect built-in scope: address",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${addressScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "cd85be29-34ed-47e2-b0ce-2270f8061f09",
- "name" : "address",
+ }, {
+ "id" : "bae556b2-5a2e-4eea-b5cb-717e0c4cbf5f",
+ "name" : "gender",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-address-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "user.attribute.formatted" : "formatted",
- "user.attribute.country" : "country",
- "user.attribute.postal_code" : "postal_code",
- "userinfo.token.claim" : "true",
- "user.attribute.street" : "street",
+ "user.attribute" : "gender",
"id.token.claim" : "true",
- "user.attribute.region" : "region",
"access.token.claim" : "true",
- "user.attribute.locality" : "locality"
+ "claim.name" : "gender",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
- } ]
- }, {
- "id" : "abed9a36-8900-4eec-9d58-9528f6f284ac",
- "name" : "phone",
- "description" : "OpenID Connect built-in scope: phone",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "ef60ce57-9cfa-449c-9624-f74a16944327",
- "name" : "phone number",
+ }, {
+ "id" : "9a4b7133-a0f3-4043-884e-b9bf571c81d7",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "6164139c-c1f4-44bb-9c22-800e2d21ca09",
+ "name" : "zoneinfo",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "zoneinfo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "zoneinfo",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "527d79d0-1966-4b90-92f0-0b54c623d596",
+ "name" : "updated at",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "updatedAt",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "updated_at",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "39655902-2b3a-4205-a8db-03ad38bb4df6",
+ "name" : "birthdate",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumber",
+ "user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "phone_number",
- "jsonType.label" : "String"
+ "claim.name" : "birthdate",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "b3636e01-5cb1-4ce2-b08a-913f15bbc738",
- "name" : "phone number verified",
+ "id" : "3e9b71e1-0829-4a57-80ff-09f2718abf13",
+ "name" : "full name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-full-name-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "phone_number_verified",
- "jsonType.label" : "boolean"
+ "userinfo.token.claim" : "true"
}
- } ]
- }, {
- "id" : "2036bd5e-f33d-442d-8ed0-6bf9a50ad45d",
- "name" : "roles",
- "description" : "OpenID Connect scope for add user roles to the access token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${rolesScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "73ac1825-7ac3-40ad-8f38-b2620808b02f",
- "name" : "realm roles",
+ }, {
+ "id" : "d6f5b49a-df41-4fee-93ec-246e5202fdff",
+ "name" : "family name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "user.attribute" : "foo",
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "realm_access.roles",
+ "claim.name" : "family_name",
"jsonType.label" : "String",
- "multivalued" : "true"
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "0d0ca6ec-e6cc-425f-ba92-2ed4b7778faf",
- "name" : "audience resolve",
+ "id" : "5a648f3a-07d2-4c8d-afe8-c1accb9b1187",
+ "name" : "profile",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
- "config" : { }
+ "config" : {
+ "user.attribute" : "profile",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "profile",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
}, {
- "id" : "aa5d7eab-30e5-49eb-a4fe-4ad425fffd64",
- "name" : "client roles",
+ "id" : "b7e2d1ac-2517-4df1-b9a9-afb925339731",
+ "name" : "middle name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "user.attribute" : "foo",
+ "user.attribute" : "middleName",
+ "id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "resource_access.${client_id}.roles",
+ "claim.name" : "middle_name",
"jsonType.label" : "String",
- "multivalued" : "true"
+ "userinfo.token.claim" : "true"
}
- } ]
- }, {
- "id" : "4c7b020d-ab2d-4cee-a9c1-26b5a28453df",
- "name" : "web-origins",
- "description" : "OpenID Connect scope for add allowed web origins to the access token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false",
- "consent.screen.text" : ""
- },
- "protocolMappers" : [ {
- "id" : "9762fd5d-17bf-4666-b538-0adee5f584c3",
- "name" : "allowed web origins",
+ }, {
+ "id" : "0c2ab3b5-f6c6-45d8-8894-3cf71dc6fb38",
+ "name" : "nickname",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-allowed-origins-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
- "config" : { }
- } ]
- }, {
- "id" : "92cb2a60-3a1f-4bf1-94b9-078e80cff964",
- "name" : "microprofile-jwt",
- "description" : "Microprofile - JWT built-in scope",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "1354aade-9a9f-41db-a462-f2071532fd6f",
- "name" : "groups",
+ "config" : {
+ "user.attribute" : "nickname",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "nickname",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "9e7b6084-7a84-4699-9b51-d619094f4ff9",
+ "name" : "website",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "multivalued" : "true",
- "user.attribute" : "foo",
+ "user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "groups",
- "jsonType.label" : "String"
+ "claim.name" : "website",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "0e78dfa6-86dd-4960-a23b-44c3329df528",
- "name" : "upn",
+ "id" : "61ab8691-6995-4d4f-8917-67093c8aedfb",
+ "name" : "picture",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "username",
+ "user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "upn",
- "jsonType.label" : "String"
+ "claim.name" : "picture",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
}
} ]
} ],
- "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins" ],
+ "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr", "basic" ],
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
"xContentTypeOptions" : "nosniff",
+ "referrerPolicy" : "no-referrer",
"xRobotsTag" : "none",
"xFrameOptions" : "SAMEORIGIN",
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
@@ -1220,6 +1371,34 @@
"identityProviderMappers" : [ ],
"components" : {
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
+ "id" : "3e836a32-ff93-46e6-8e1f-7e320507388f",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "2b9ca142-85a0-448d-bde9-800f7823cac1",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "6ab250a9-d27b-4c5c-8cdf-0b8adee370d4",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper" ]
+ }
+ }, {
"id" : "a033e338-3cfe-4440-85dd-ec4a332742fd",
"name" : "Consent Required",
"providerId" : "consent-required",
@@ -1233,16 +1412,7 @@
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-user-property-mapper" ]
- }
- }, {
- "id" : "3e836a32-ff93-46e6-8e1f-7e320507388f",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
- "subType" : "authenticated",
- "subComponents" : { },
- "config" : {
- "allow-default-scopes" : [ "true" ]
+ "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper" ]
}
}, {
"id" : "bad9c53c-6b7b-431f-a4f4-62970f9af1e2",
@@ -1262,16 +1432,6 @@
"config" : {
"allow-default-scopes" : [ "true" ]
}
- }, {
- "id" : "2b9ca142-85a0-448d-bde9-800f7823cac1",
- "name" : "Trusted Hosts",
- "providerId" : "trusted-hosts",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "host-sending-registration-request-must-match" : [ "true" ],
- "client-uris-must-match" : [ "true" ]
- }
}, {
"id" : "4271132b-929b-4b76-a94e-aeafa71715ec",
"name" : "Full Scope Disabled",
@@ -1279,28 +1439,16 @@
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
- }, {
- "id" : "6ab250a9-d27b-4c5c-8cdf-0b8adee370d4",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
- "subType" : "authenticated",
+ } ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "f2ef38cf-0dd6-4fc7-bf51-50615eb722ef",
+ "providerId" : "declarative-user-profile",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper" ]
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
}
} ],
"org.keycloak.keys.KeyProvider" : [ {
- "id" : "e7f99358-99f3-4fb6-a65d-5771a0c07f38",
- "name" : "hmac-generated",
- "providerId" : "hmac-generated",
- "subComponents" : { },
- "config" : {
- "kid" : [ "a7c0b05e-7852-492d-a712-30ce7c6e48a6" ],
- "secret" : [ "gh6Ab3iAF2CiWam3ly0OZcwfMPRNn6s0lgqmn177iHBSebirfHRkahPjJGmGVHS9fmqRidaOV8v1YoxF0lhv5Q" ],
- "priority" : [ "100" ],
- "algorithm" : [ "HS256" ]
- }
- }, {
"id" : "30fe7115-b6e4-4ed8-b350-73a160895f4c",
"name" : "rsa-generated",
"providerId" : "rsa-generated",
@@ -1310,6 +1458,28 @@
"certificate" : [ "MIICnTCCAYUCBgF4rE75SjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIxMDQwNzEyMjc0MFoXDTMxMDQwNzEyMjkyMFowEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ07FglCqMNX8Mp/6d/DDO0n7ktSswxhljy3K7eK+h8trzxvBuqbAAW5ANvon+cvuteL4yymhtoN921ODpKFTnBrSEjDfhXNifovxXdudD2iwnvPbkc6x3Nqvum4DLrzpzbXDiakfmPma7N+JBtIs1nvnR0za4Gr+Fim6SswEd2ZQjSJFVPNZtixvrujMkCaTd0YjmngQv77cQhhzzuAUxwOHAnl1XfD/RnM4eVqkh/hLOXUEcXy4lgy21fgXgHg7ySISavMri5IwQZ6tcOUwElX/FPi7FVVgsFMv5Q1w1+xthFVPgUavYX0T0ZIl3DfgooGVa+m/CV3VB+CofzxdkMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEACWVoMh1jB64LEiOzHrwDWeWDHRZMrb1TBcfC6ALjFDBako0AbSHxBqN6FJgN6C3BhzCBcI4LR6I8bpqGuZ9y9zE8hRj8oAtEAXnPdMSWsWEBBFdbSBDeBE9Q8jXJ5LCk+Iz/5HcPJTgUpkJdKmzIWqp1hI4zOb1+GZrERg04Ue+xP6DTCOZkcofA3twzqM0Eifig8UoSUlejUKXCISbcO39slcFNGbPDPsUNjWUgVG79TZExtF02KmbzEifh+aQi0jb3/d5gSPEOSW+n8CC/zW0woDZQ4ZhspDUeQyIafy0JPlgZljsWBbWpJ0ZJIiWVTWxO7T1ogiyFtLoX2sinJA==" ],
"priority" : [ "100" ]
}
+ }, {
+ "id" : "200a9375-b029-4be2-a26d-7c6ced7f1174",
+ "name" : "hmac-generated-hs512",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "a27eaae5-cb6e-4b0c-9193-07a4b0db676b" ],
+ "secret" : [ "OMQm5xuEt7-Wd_72CQWAwpRrpI7ZMr4QIgBfHU42mtZzamEZlzFfuQ-LBJx5NlNnl3PoPTwY8Sq5qfiuTpVg7NUB_X3pBpiczQINkWon82JQIF3PbqLXl-MQ6II8hkWwWbkznhH_GkmIg44Z-YGfzm4txtqLWBTcszpzMEZCZGo" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS512" ]
+ }
+ }, {
+ "id" : "e7f99358-99f3-4fb6-a65d-5771a0c07f38",
+ "name" : "hmac-generated",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "b31692e3-2ec5-4137-8d87-65a8b6b2bac0" ],
+ "secret" : [ "wUKc084729tsWgAX2wD4OVR_a22CHGQ2jrcKUXViCEOsUHVuw1ehWtyWUGnHf2bw1EZyYga5X4ljkh8RkLchLnNJMlykfmdFIZ2ctHE8-K-NLkQ9CfqjPN51hFkJDe_XBGecrONhNdMBNobqfdTGXQGtp9YNJrxt09wQtWgceFQ" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS256" ]
+ }
}, {
"id" : "1d927d6c-779e-4fea-a2a4-a3dd194c1a8f",
"name" : "aes-generated",
@@ -1333,42 +1503,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 20,
+ "autheticatorFlow" : true,
"flowAlias" : "Verify Existing Account by Re-authentication",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
- } ]
- }, {
- "id" : "b7f60e5e-94c8-4ede-ab61-ced8b2fea44a",
- "alias" : "Authentication Options",
- "description" : "Authentication options.",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "basic-auth",
- "requirement" : "REQUIRED",
- "priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "basic-auth-otp",
- "requirement" : "DISABLED",
- "priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "auth-spnego",
- "requirement" : "DISABLED",
- "priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "userSetupAllowed" : false
} ]
}, {
"id" : "423fe6a4-3445-4731-8ac3-23e348b08743",
@@ -1379,16 +1525,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "c60ff278-6c63-4d7e-ad1c-7c4e825199a6",
@@ -1399,16 +1547,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "d5bde955-3a6e-47d2-9289-fdd28e1d1c45",
@@ -1419,16 +1569,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "2fc18574-8dc9-4a4f-9dbf-f7b221a978bc",
@@ -1439,16 +1591,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
+ "autheticatorFlow" : true,
"flowAlias" : "Account verification options",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "306c3c73-3d32-44ce-8781-e2cde85d7823",
@@ -1459,16 +1613,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "ee1b35cd-1378-4d4d-b47b-f769afafb8a8",
@@ -1480,16 +1636,18 @@
"authenticationExecutions" : [ {
"authenticatorConfig" : "create unique user config",
"authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 20,
+ "autheticatorFlow" : true,
"flowAlias" : "Handle Existing Account",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "3c4a0468-ac42-4f2c-9fc5-34520bac4645",
@@ -1500,16 +1658,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 20,
+ "autheticatorFlow" : true,
"flowAlias" : "First broker login - Conditional OTP",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "8115c879-0792-4557-896c-91a529d68cf6",
@@ -1520,28 +1680,32 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 25,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 30,
+ "autheticatorFlow" : true,
"flowAlias" : "forms",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "a407f9a2-8671-4fe0-b5c6-03e29e115337",
@@ -1552,28 +1716,32 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "client-secret",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-x509",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "0f232cb6-6904-4c1f-948e-e221300fa518",
@@ -1584,22 +1752,25 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 30,
+ "autheticatorFlow" : true,
"flowAlias" : "Direct Grant - Conditional OTP",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "a57ab792-c919-4f99-b662-a4e142d7c035",
@@ -1610,10 +1781,11 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "d0327c66-d41e-45d1-898c-0dae3dc3a149",
@@ -1625,16 +1797,18 @@
"authenticationExecutions" : [ {
"authenticatorConfig" : "review profile config",
"authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
+ "autheticatorFlow" : true,
"flowAlias" : "User creation or linking",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "7af247e0-a6b9-4fed-857d-d14258acd2b8",
@@ -1645,36 +1819,18 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 20,
+ "autheticatorFlow" : true,
"flowAlias" : "Browser - Conditional OTP",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
- } ]
- }, {
- "id" : "12c84fcd-ed90-4b34-b8be-5208945939ef",
- "alias" : "http challenge",
- "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "no-cookie-redirect",
- "requirement" : "REQUIRED",
- "priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "requirement" : "REQUIRED",
- "priority" : 20,
- "flowAlias" : "Authentication Options",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "c2c34d02-e57f-4341-8c05-272b5fef9f60",
@@ -1685,11 +1841,12 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 10,
+ "autheticatorFlow" : true,
"flowAlias" : "registration form",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "ee5eb12c-033b-481b-9a91-466f3bc02581",
@@ -1700,28 +1857,25 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "registration-profile-action",
- "requirement" : "REQUIRED",
- "priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 50,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 60,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
"id" : "320a7e68-e3ab-4142-a660-e2a25a434287",
@@ -1732,28 +1886,32 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-password",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 40,
+ "autheticatorFlow" : true,
"flowAlias" : "Reset - Conditional OTP",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
"id" : "1ad6cd70-f740-4411-bd1c-35628d7878b3",
@@ -1764,10 +1922,11 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
} ],
"authenticatorConfig" : [ {
@@ -1792,9 +1951,9 @@
"priority" : 10,
"config" : { }
}, {
- "alias" : "terms_and_conditions",
+ "alias" : "TERMS_AND_CONDITIONS",
"name" : "Terms and Conditions",
- "providerId" : "terms_and_conditions",
+ "providerId" : "TERMS_AND_CONDITIONS",
"enabled" : false,
"defaultAction" : false,
"priority" : 20,
@@ -1831,6 +1990,14 @@
"defaultAction" : false,
"priority" : 60,
"config" : { }
+ }, {
+ "alias" : "delete_credential",
+ "name" : "Delete Credential",
+ "providerId" : "delete_credential",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 100,
+ "config" : { }
}, {
"alias" : "update_user_locale",
"name" : "Update User Locale",
@@ -1846,12 +2013,28 @@
"resetCredentialsFlow" : "reset credentials",
"clientAuthenticationFlow" : "clients",
"dockerAuthenticationFlow" : "docker auth",
+ "firstBrokerLoginFlow" : "first broker login",
"attributes" : {
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaExpiresIn" : "120",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "oauth2DeviceCodeLifespan" : "600",
"clientOfflineSessionMaxLifespan" : "0",
+ "oauth2DevicePollingInterval" : "5",
"clientSessionIdleTimeout" : "0",
+ "parRequestUriLifespan" : "60",
"clientSessionMaxLifespan" : "0",
- "clientOfflineSessionIdleTimeout" : "0"
+ "clientOfflineSessionIdleTimeout" : "0",
+ "cibaInterval" : "5",
+ "realmReusableOtpCode" : "false"
+ },
+ "keycloakVersion" : "26.0.0",
+ "userManagedAccessAllowed" : false,
+ "organizationsEnabled" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
},
- "keycloakVersion" : "12.0.1",
- "userManagedAccessAllowed" : false
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
}
\ No newline at end of file
diff --git a/customer/src/main/java/com/yas/customer/service/CustomerService.java b/customer/src/main/java/com/yas/customer/service/CustomerService.java
index 3f6a47d71a..281f673f6a 100644
--- a/customer/src/main/java/com/yas/customer/service/CustomerService.java
+++ b/customer/src/main/java/com/yas/customer/service/CustomerService.java
@@ -6,18 +6,9 @@
import com.yas.commonlibrary.exception.WrongEmailFormatException;
import com.yas.customer.config.KeycloakPropsConfig;
import com.yas.customer.utils.Constants;
-import com.yas.customer.viewmodel.customer.CustomerAdminVm;
-import com.yas.customer.viewmodel.customer.CustomerListVm;
-import com.yas.customer.viewmodel.customer.CustomerPostVm;
-import com.yas.customer.viewmodel.customer.CustomerProfileRequestVm;
-import com.yas.customer.viewmodel.customer.CustomerVm;
-import com.yas.customer.viewmodel.customer.GuestUserVm;
-import java.security.SecureRandom;
-import java.util.Base64;
-import java.util.Collections;
-import java.util.List;
-import javax.ws.rs.ForbiddenException;
-import javax.ws.rs.core.Response;
+import com.yas.customer.viewmodel.customer.*;
+import jakarta.ws.rs.ForbiddenException;
+import jakarta.ws.rs.core.Response;
import org.apache.commons.validator.routines.EmailValidator;
import org.keycloak.admin.client.CreatedResponseUtil;
import org.keycloak.admin.client.Keycloak;
@@ -29,6 +20,11 @@
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
+import java.security.SecureRandom;
+import java.util.Base64;
+import java.util.Collections;
+import java.util.List;
+
@Service
public class CustomerService {
@@ -90,7 +86,7 @@ public CustomerAdminVm getCustomerByEmail(String email) {
if (searchResult.isEmpty()) {
throw new NotFoundException(Constants.ErrorCode.USER_WITH_EMAIL_NOT_FOUND, email);
}
- return CustomerAdminVm.fromUserRepresentation(searchResult.get(0));
+ return CustomerAdminVm.fromUserRepresentation(searchResult.getFirst());
} else {
throw new WrongEmailFormatException(Constants.ErrorCode.WRONG_EMAIL_FORMAT, email);
}
diff --git a/customer/src/test/java/com/yas/customer/service/CustomerServiceTest.java b/customer/src/test/java/com/yas/customer/service/CustomerServiceTest.java
index b414536ee4..c933519179 100644
--- a/customer/src/test/java/com/yas/customer/service/CustomerServiceTest.java
+++ b/customer/src/test/java/com/yas/customer/service/CustomerServiceTest.java
@@ -1,48 +1,33 @@
package com.yas.customer.service;
-import static com.yas.customer.util.SecurityContextUtils.setUpSecurityContext;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.junit.jupiter.api.Assertions.assertTrue;
-import static org.mockito.ArgumentMatchers.anyBoolean;
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.any;
-import static org.mockito.Mockito.anyInt;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
+import com.yas.commonlibrary.exception.AccessDeniedException;
import com.yas.commonlibrary.exception.DuplicatedException;
import com.yas.commonlibrary.exception.NotFoundException;
-import com.yas.customer.config.KeycloakPropsConfig;
-import com.yas.commonlibrary.exception.AccessDeniedException;
import com.yas.commonlibrary.exception.WrongEmailFormatException;
-import com.yas.customer.viewmodel.customer.CustomerAdminVm;
-import com.yas.customer.viewmodel.customer.CustomerListVm;
-import com.yas.customer.viewmodel.customer.CustomerPostVm;
-import com.yas.customer.viewmodel.customer.CustomerProfileRequestVm;
-import com.yas.customer.viewmodel.customer.CustomerVm;
-import com.yas.customer.viewmodel.customer.GuestUserVm;
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import javax.ws.rs.core.Response;
+import com.yas.customer.config.KeycloakPropsConfig;
+import com.yas.customer.viewmodel.customer.*;
+import jakarta.ws.rs.core.Response;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.keycloak.admin.client.Keycloak;
-import org.keycloak.admin.client.resource.RealmResource;
-import org.keycloak.admin.client.resource.RoleMappingResource;
-import org.keycloak.admin.client.resource.RoleResource;
-import org.keycloak.admin.client.resource.RoleScopeResource;
-import org.keycloak.admin.client.resource.RolesResource;
-import org.keycloak.admin.client.resource.UserResource;
-import org.keycloak.admin.client.resource.UsersResource;
+import org.keycloak.admin.client.resource.*;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.mockito.ArgumentCaptor;
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import static com.yas.customer.util.SecurityContextUtils.setUpSecurityContext;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.ArgumentMatchers.anyBoolean;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.*;
+
class CustomerServiceTest {
private UsersResource usersResource;
diff --git a/docker-compose.yml b/docker-compose.yml
index ac94a3a6ff..7fd7bd450b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.9"
services:
nginx:
- image: nginx:1.25.3
+ image: nginx:1.27.2
restart: unless-stopped
volumes:
- ./nginx/templates:/etc/nginx/templates
@@ -12,12 +12,11 @@ services:
networks:
- yas-network
identity:
- image: quay.io/keycloak/keycloak:21.0.2
- command: [ 'start-dev --import-realm' ]
+ image: quay.io/keycloak/keycloak:26.0.2
+ command: 'start-dev --import-realm'
environment:
- KEYCLOAK_ADMIN: admin
- KEYCLOAK_ADMIN_PASSWORD: admin
- KC_PROXY: passthrough
+ KC_BOOTSTRAP_ADMIN_USERNAME: admin
+ KC_BOOTSTRAP_ADMIN_PASSWORD: admin
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
KC_DB_USERNAME: admin
@@ -31,7 +30,7 @@ services:
backoffice:
build: ./backoffice-bff
image: ghcr.io/nashtech-garage/yas-backoffice-bff:latest
- entrypoint: ["./wait-for-it.sh", "identity:80", "--timeout=300", "--", "java", "-jar", "/app.jar"]
+# entrypoint: ["./wait-for-it.sh", "identity:80", "--timeout=300", "--", "java", "-jar", "/app.jar"]
environment:
- SPRING_PROFILES_ACTIVE=prod
- SERVER_PORT
@@ -61,7 +60,7 @@ services:
storefront:
build: ./storefront-bff
image: ghcr.io/nashtech-garage/yas-storefront-bff:latest
- entrypoint: ["./wait-for-it.sh", "identity:80", "--timeout=300", "--", "java", "-jar", "/app.jar"]
+# entrypoint: ["./wait-for-it.sh", "identity:80", "--timeout=300", "--", "java", "-jar", "/app.jar"]
environment:
- SPRING_PROFILES_ACTIVE=prod
- YAS_SERVICES_CUSTOMER
@@ -532,7 +531,7 @@ services:
networks:
- yas-network
swagger-ui:
- image: swaggerapi/swagger-ui:v4.16.0
+ image: swaggerapi/swagger-ui:v5.17.14
environment:
- BASE_URL=/swagger-ui
- URLS
@@ -541,7 +540,7 @@ services:
networks:
- yas-network
postgres:
- image: debezium/postgres:15-alpine
+ image: debezium/postgres:16-alpine
build: ./docker/postgres
hostname: ${POSTGRES_HOST}
ports:
@@ -557,7 +556,7 @@ services:
networks:
- yas-network
pgadmin:
- image: dpage/pgadmin4:6.20
+ image: dpage/pgadmin4:2024-10-19-2
volumes:
- pgadmin:/var/lib/pgadmin
environment:
@@ -566,7 +565,7 @@ services:
networks:
- yas-network
zookeeper:
- image: debezium/zookeeper:2.2
+ image: debezium/zookeeper:2.7.3.Final
restart: always
ports:
- 2181:2181
@@ -575,7 +574,7 @@ services:
networks:
- yas-network
kafka:
- image: confluentinc/cp-kafka:7.0.9
+ image: confluentinc/cp-kafka:7.7.1
hostname: ${KAFKA_SERVICE_HOST}
depends_on:
- zookeeper
@@ -592,7 +591,7 @@ services:
networks:
- yas-network
kafka-connect:
- image: debezium/connect:2.2
+ image: debezium/connect:2.7.3.Final
restart: always
ports:
- 8083:8083
@@ -607,7 +606,7 @@ services:
networks:
- yas-network
akhq:
- image: tchiotludo/akhq:0.24.0
+ image: tchiotludo/akhq:0.25.1
environment:
AKHQ_CONFIGURATION: |
akhq:
diff --git a/media/src/it/java/com/yas/media/controller/MediaControllerIT.java b/media/src/it/java/com/yas/media/controller/MediaControllerIT.java
index 38cb0b5421..85cbe68864 100644
--- a/media/src/it/java/com/yas/media/controller/MediaControllerIT.java
+++ b/media/src/it/java/com/yas/media/controller/MediaControllerIT.java
@@ -21,7 +21,8 @@
import java.io.IOException;
import java.io.InputStream;
import javax.imageio.ImageIO;
-import javax.ws.rs.core.MediaType;
+
+import jakarta.ws.rs.core.MediaType;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
diff --git a/pom.xml b/pom.xml
index 705390b5e7..d52043550c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
org.springframework.boot
spring-boot-starter-parent
- 3.3.2
+ 3.3.5
com.yas
@@ -49,22 +49,23 @@
https://sonarcloud.io
nashtech-garage_yas-yas-parent
2.0.2
- 1.4.1.Final
- 1.18.30
+ 1.6.2
+ 1.18.34
0.2.0
- 7.4
- 1.30.0-alpha
+ 8.0
+ 2.9.0-alpha
2023.0.3
- 2.0.2
- 21.0.2
- 16.1.0
- 1.7
- 8.14.0
+ 2.6.0
+ 25.0.3
+ 26.0.1
+ 25.0.3
+ 1.9.0
+ 8.15.3
2.0.0
- 3.3.0
- 5.4.0
- 4.8.1
- 5.7.1
+ 3.5.1
+ 5.5.0
+ 5.0.2
+ 5.9
@@ -108,7 +109,7 @@
org.keycloak
keycloak-spring-boot-starter
- ${org.keycloak.version}
+ ${keycloak-spring-boot-starter.version}
org.keycloak
diff --git a/storefront-bff/src/main/java/com/yas/storefrontbff/StorefrontBffApplication.java b/storefront-bff/src/main/java/com/yas/storefrontbff/StorefrontBffApplication.java
index 2aa22f8f92..c27ac2f223 100644
--- a/storefront-bff/src/main/java/com/yas/storefrontbff/StorefrontBffApplication.java
+++ b/storefront-bff/src/main/java/com/yas/storefrontbff/StorefrontBffApplication.java
@@ -4,13 +4,41 @@
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
@SpringBootApplication
@EnableWebFluxSecurity
@EnableConfigurationProperties(ServiceUrlConfig.class)
public class StorefrontBffApplication {
+ // TODO remove this bean after https://github.com/spring-projects/spring-security/issues/15989#issuecomment-2442660753 is fixed
+ @Bean
+ @Order(Ordered.HIGHEST_PRECEDENCE)
+ WebFilter writeableHeaders() {
+ return (exchange, chain) -> {
+ HttpHeaders writeableHeaders = HttpHeaders.writableHttpHeaders(
+ exchange.getRequest().getHeaders());
+ ServerHttpRequestDecorator writeableRequest = new ServerHttpRequestDecorator(
+ exchange.getRequest()) {
+ @Override
+ public HttpHeaders getHeaders() {
+ return writeableHeaders;
+ }
+ };
+ ServerWebExchange writeableExchange = exchange.mutate()
+ .request(writeableRequest)
+ .build();
+ return chain.filter(writeableExchange);
+ };
+ }
+
public static void main(String[] args) {
SpringApplication.run(StorefrontBffApplication.class, args);
}