1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
|
{
"id": "ONAP",
"realm": "ONAP",
"enabled": true,
"clients": [
{
"clientId": "portal-app",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"http://localhost/*"
],
"webOrigins": [
"*"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"backchannel.logout.session.required": "true",
"backchannel.logout.revoke.offline.tokens": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"protocolMappers": [
{
"name": "User-Roles",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-realm-role-mapper",
"consentRequired": false,
"config": {
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "roles",
"multivalued": "true",
"userinfo.token.claim": "true"
}
},
{
"name": "SDC-User",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "sdc_user",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "sdc_user",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [
"web-origins",
"acr",
"profile",
"roles",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
]
}, {
"clientId" : "portal-bff",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"secret" : "pKOuVH1bwRZoNzp5P5t4GV8CqcCJYVtr",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : false,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : true,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"saml.force.post.binding" : "false",
"saml.multivalued.roles" : "false",
"frontchannel.logout.session.required" : "false",
"oauth2.device.authorization.grant.enabled" : "false",
"backchannel.logout.revoke.offline.tokens" : "false",
"saml.server.signature.keyinfo.ext" : "false",
"use.refresh.tokens" : "true",
"oidc.ciba.grant.enabled" : "false",
"backchannel.logout.session.required" : "true",
"client_credentials.use_refresh_token" : "false",
"require.pushed.authorization.requests" : "false",
"saml.client.signature" : "false",
"saml.allow.ecp.flow" : "false",
"id.token.as.detached.signature" : "false",
"saml.assertion.signature" : "false",
"client.secret.creation.time" : "1665048112",
"saml.encrypt" : "false",
"saml.server.signature" : "false",
"exclude.session.state.from.auth.response" : "false",
"saml.artifact.binding" : "false",
"saml_force_name_id_format" : "false",
"acr.loa.map" : "{}",
"tls.client.certificate.bound.access.tokens" : "false",
"saml.authnstatement" : "false",
"display.on.consent.screen" : "false",
"token.response.type.bearer.lower-case" : "false",
"saml.onetimeuse.condition" : "false"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : -1,
"protocolMappers" : [ {
"name" : "Client Host",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"config" : {
"user.session.note" : "clientHost",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientHost",
"jsonType.label" : "String"
}
}, {
"name" : "Client IP Address",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"config" : {
"user.session.note" : "clientAddress",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientAddress",
"jsonType.label" : "String"
}
} ],
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}],
"users": [
{
"createdTimestamp" : 1664965113698,
"username" : "onap-admin",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"attributes" : {
"sdc_user" : [ "cs0008" ]
},
"credentials" : [ {
"type" : "password",
"createdDate" : 1664965134586,
"secretData" : "{\"value\":\"nD4K4x8HEgk6xlWIAgzZOE+EOjdbovJfEa7N3WXwIMCWCfdXpn7Riys7hZhI1NbKcc9QPI9j8LQB/JSuZVcXKA==\",\"salt\":\"T8X9A9tT2cyLvEjHFo+zuQ==\",\"additionalParameters\":{}}",
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
} ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-onap", "onap_admin" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"createdTimestamp" : 1665048354760,
"username" : "onap-designer",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"attributes" : {
"sec_user" : [ "cs0008" ]
},
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-onap", "onap_designer" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"createdTimestamp" : 1665048547054,
"username" : "onap-operator",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"attributes" : {
"sdc_user" : [ "cs0008" ]
},
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-onap", "onap_operator" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"createdTimestamp" : 1665048112458,
"username" : "service-account-portal-bff",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"serviceAccountClientId" : "portal-bff",
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-onap" ],
"clientRoles" : {
"realm-management" : [ "manage-realm", "manage-users" ]
},
"notBefore" : 0,
"groups" : [ ]
}
],
"attributes": {
"frontendUrl": "http://localhost:8080/auth/"
}
}
|
