MaDgIK
/
login-service
13
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

keycloak enabled - properties and configuration updated

This commit is contained in:
Katerina 2022-07-01 11:51:45 +03:00
parent 673b0d2e55
commit 9d7d56ed0a
3 changed files with 46 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/java/eu/dnetlib/loginservice/properties/Properties.java
View File

@ -12,6 +12,7 @@ public class Properties {
private String accessToken; private String accessToken;
private String redirect; private String redirect;
private String authoritiesMapper; private String authoritiesMapper;
private Boolean keycloak;
public Properties() { public Properties() {
} }
@ -71,4 +72,12 @@ public class Properties {
public void setAuthoritiesMapper(String authoritiesMapper) { public void setAuthoritiesMapper(String authoritiesMapper) {
this.authoritiesMapper = authoritiesMapper; this.authoritiesMapper = authoritiesMapper;
} }
public Boolean getKeycloak() {
return keycloak;
}
public void setKeycloak(Boolean keycloak) {
this.keycloak = keycloak;
}
} }

20
src/main/java/eu/dnetlib/loginservice/security/initiliazers/Configurations.java
View File

@ -1,11 +1,13 @@
package eu.dnetlib.loginservice.security.initiliazers; package eu.dnetlib.loginservice.security.initiliazers;
import com.sun.org.apache.xpath.internal.operations.Bool;
import eu.dnetlib.loginservice.properties.Properties; import eu.dnetlib.loginservice.properties.Properties;
import eu.dnetlib.loginservice.utils.ScopeReader; import eu.dnetlib.loginservice.utils.ScopeReader;
import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration; import org.mitre.openid.connect.config.ServerConfiguration;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
@ -28,10 +30,20 @@ public class Configurations {
String issuer = properties.getOidc().getIssuer(); String issuer = properties.getOidc().getIssuer();
ServerConfiguration serverConfiguration = new ServerConfiguration(); ServerConfiguration serverConfiguration = new ServerConfiguration();
serverConfiguration.setIssuer(issuer); serverConfiguration.setIssuer(issuer);
serverConfiguration.setAuthorizationEndpointUri(issuer + "authorize"); Boolean keycloak = properties.getKeycloak();
serverConfiguration.setTokenEndpointUri(issuer + "token");
serverConfiguration.setUserInfoUri(issuer + "userinfo"); if(keycloak) {
serverConfiguration.setJwksUri(issuer + "jwk"); serverConfiguration.setAuthorizationEndpointUri(issuer + "/protocol/openid-connect/auth");
serverConfiguration.setTokenEndpointUri(issuer + "/protocol/openid-connect/token");
serverConfiguration.setUserInfoUri(issuer + "/protocol/openid-connect/userinfo");
serverConfiguration.setJwksUri(issuer + "/protocol/openid-connect/certs");
} else {
serverConfiguration.setAuthorizationEndpointUri(issuer + "authorize");
serverConfiguration.setTokenEndpointUri(issuer + "token");
serverConfiguration.setUserInfoUri(issuer + "userinfo");
serverConfiguration.setJwksUri(issuer + "jwk");
}
serverConfiguration.setRevocationEndpointUri(issuer + "revoke"); serverConfiguration.setRevocationEndpointUri(issuer + "revoke");
return serverConfiguration; return serverConfiguration;
} }

30
src/main/resources/authentication.properties
View File

@ -1,12 +1,24 @@
authentication.domain=di.uoa.gr authentication.domain=di.uoa.gr
#keycloak
#authentication.keycloak=true
#authentication.oidc.issuer=https://aai-dev.egi.eu/auth/realms/egi
#authentication.oidc.logout=https://aai-dev.egi.eu/auth/realms/egi/protocol/openid-connect/logout
#openid connect
authentication.keycloak=false
authentication.oidc.issuer=https://aai.openaire.eu/oidc/ authentication.oidc.issuer=https://aai.openaire.eu/oidc/
authentication.oidc.logout=https://aai.openaire.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo= authentication.oidc.logout=https://aai-dev.egi.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=
authentication.oidc.home=http://mpagasas.di.uoa.gr:8090/openid_connect_login
authentication.oidc.scope=openid,profile,email,eduperson_entitlement authentication.oidc.home=http://rudie.di.uoa.gr:8580/openid_connect_login
authentication.oidc.id=id authentication.oidc.scope=openid,profile,email,eduperson_entitlement,eduperson_scoped_affiliation,eduperson_unique_id,offline_access
authentication.oidc.secret=secret authentication.oidc.id=a8ec6e5c-7bee-46aa-9a6f-18baca923582
authentication.session=openAIRESession authentication.oidc.secret=2A91F53A1551AC33
authentication.accessToken=AccessToken
authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload authentication.session=EGISession
authentication.accessToken=EGIAccessToken
authentication.redirect=http://scoobydoo.di.uoa.gr:4000/reload
# Currently, this is the only available mapper, set to null or anything else will ignore this. # Currently, this is the only available mapper, set to null or anything else will ignore this.
authentication.authorities-mapper=openAIREMapper authentication.authorities-mapper=null
server.port=8580