diff options
Diffstat (limited to 'aai-traversal/src/it/resources')
-rw-r--r-- | aai-traversal/src/it/resources/application-keycloak-test.properties | 17 | ||||
-rw-r--r-- | aai-traversal/src/it/resources/multi-tenancy-realm.json | 173 |
2 files changed, 190 insertions, 0 deletions
diff --git a/aai-traversal/src/it/resources/application-keycloak-test.properties b/aai-traversal/src/it/resources/application-keycloak-test.properties new file mode 100644 index 0000000..0959099 --- /dev/null +++ b/aai-traversal/src/it/resources/application-keycloak-test.properties @@ -0,0 +1,17 @@ +test.keycloak.realm.json=multi-tenancy-realm.json +test.keycloak.client.secret=secret +test.keycloak.admin.cli=admin-cli +test.keycloak.auth-server-port=58181 + +keycloak.auth-server-url=http://localhost:58181/auth +keycloak.realm=aai-resources +keycloak.resource=aai-resources-app +keycloak.public-client=true +keycloak.principal-attribute=preferred_username + +keycloak.ssl-required=external +keycloak.bearer-only=true + +multi.tenancy.enabled=true +spring.profiles.active=production,keycloak +schema.version.list=v10,v11,v12,v13,v14,v15,v23 diff --git a/aai-traversal/src/it/resources/multi-tenancy-realm.json b/aai-traversal/src/it/resources/multi-tenancy-realm.json new file mode 100644 index 0000000..401187b --- /dev/null +++ b/aai-traversal/src/it/resources/multi-tenancy-realm.json @@ -0,0 +1,173 @@ +{ + "id": "aai-resources", + "realm": "aai-resources", + "notBefore": 0, + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "users": [ + { + "username": "admin", + "enabled": true, + "credentials": [ + { + "type": "password", + "value": "admin" + } + ], + "clientRoles": { + "realm-management": ["manage-users", "view-clients", "view-realm", "view-users"] + } + }, + { + "id": "ran", + "username": "ran", + "enabled": true, + "credentials": [ + { + "type": "password", + "value": "ran" + } + ], + "realmRoles": [ + "operator" + ] + }, + { + "id": "bob", + "username": "bob", + "enabled": true, + "credentials": [ + { + "type": "password", + "value": "bob" + } + ], + "realmRoles": [ + "operator_readOnly" + ] + }, + { + "id": "ted", + "username": "ted", + "enabled": true, + "credentials": [ + { + "type": "password", + "value": "ted" + } + ], + "realmRoles": [ + "selector" + ] + } + ], + "roles": { + "realm": [ + { + "name": "operator", + "description": "Operator privileges" + }, + { + "name": "operator_readOnly", + "description": "Operator's read only privileges" + }, + { + "name": "selector", + "description": "Selector privileges" + }, + { + "name": "selector_readOnly", + "description": "Selector's read only privileges" + }, + { + "name": "admin", + "description": "Administrator privileges" + } + ] + }, + "clients": [ + { + "clientId": "aai-resources-app", + "enabled": true, + "secret": "secret", + "directAccessGrantsEnabled": true, + "authorizationServicesEnabled": true, + "authorizationSettings": { + "allowRemoteResourceManagement": true, + "policyEnforcementMode": "ENFORCING" + } + } + ], + "defaultDefaultClientScopes": [ + "roles", + "email", + "web-origins", + "profile", + "role_list" + ], + "clientScopes": [ + { + "id": "0f7dfd8b-c230-4664-8d77-da85bcc4fe2a", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "4b9f8798-8990-4c0d-87d3-034e72655e3b", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String" + } + } + ] + } + ] +}
\ No newline at end of file |