From 41bbec0fa7d767536d892c4ad76dadcb54aa796f Mon Sep 17 00:00:00 2001
From: Sam Huang <sam.huang@yoppworks.com>
Date: Tue, 23 Mar 2021 10:16:47 -0600
Subject: Add keycloak integration

Issue-ID: AAI-3298
Signed-off-by: Sam Huang <sam.huang@yoppworks.com>
Change-Id: I2d99769ab8d189d61de610ec020b15a8fe0aa652
---
 .../src/main/resources/application-keycloak.properties      | 13 +++++++++++++
 aai-traversal/src/main/resources/application.properties     | 11 +++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)
 create mode 100644 aai-traversal/src/main/resources/application-keycloak.properties

(limited to 'aai-traversal/src/main/resources')

diff --git a/aai-traversal/src/main/resources/application-keycloak.properties b/aai-traversal/src/main/resources/application-keycloak.properties
new file mode 100644
index 0000000..86adb59
--- /dev/null
+++ b/aai-traversal/src/main/resources/application-keycloak.properties
@@ -0,0 +1,13 @@
+spring.autoconfigure.exclude=\
+  org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\
+  org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+multi.tenancy.enabled=true
+keycloak.auth-server-url=http://localhost:8180/auth
+keycloak.realm=aai-traversal
+keycloak.resource=aai-traversal-app
+keycloak.public-client=false
+keycloak.principal-attribute=preferred_username
+
+keycloak.ssl-required=external
+keycloak.bearer-only=true
diff --git a/aai-traversal/src/main/resources/application.properties b/aai-traversal/src/main/resources/application.properties
index 14d6b64..a22f708 100644
--- a/aai-traversal/src/main/resources/application.properties
+++ b/aai-traversal/src/main/resources/application.properties
@@ -9,7 +9,11 @@ spring.jersey.type=filter
 spring.main.allow-bean-definition-overriding=true
 
 server.servlet.context-path=/
-spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+spring.autoconfigure.exclude=\
+  org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,\
+  org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,\
+  org.keycloak.adapters.springboot.KeycloakAutoConfiguration,\
+  org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
 
 spring.jersey.application-path=${schema.uri.base.path}
 
@@ -27,7 +31,7 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
 
 server.port=8446
 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-
+server.compression.excluded-user-agents=
 # By default spring boot jetty will exclude the following ciphers
 # We need to specifically add this to support tls v1.1
 server.ssl.ciphers=^.*_(MD5|SHA|SHA1)$
@@ -35,7 +39,10 @@ server.ssl.client-auth=want
 server.ssl.key-store-type=JKS
 
 # Start of Internal Specific Properties
+# Switch to one-way-ssl
 spring.profiles.active=production,one-way-ssl
+# Switch to keycloak
+#spring.profiles.active=production, keycloak
 ###
 server.certs.location=${server.local.startpath}etc/auth/
 server.keystore.name.pkcs12=aai_keystore
-- 
cgit 1.2.3-korg