keycloak enabled - properties and configuration updated
This commit is contained in:
parent
673b0d2e55
commit
9d7d56ed0a
|
@ -12,6 +12,7 @@ public class Properties {
|
||||||
private String accessToken;
|
private String accessToken;
|
||||||
private String redirect;
|
private String redirect;
|
||||||
private String authoritiesMapper;
|
private String authoritiesMapper;
|
||||||
|
private Boolean keycloak;
|
||||||
|
|
||||||
public Properties() {
|
public Properties() {
|
||||||
}
|
}
|
||||||
|
@ -71,4 +72,12 @@ public class Properties {
|
||||||
public void setAuthoritiesMapper(String authoritiesMapper) {
|
public void setAuthoritiesMapper(String authoritiesMapper) {
|
||||||
this.authoritiesMapper = authoritiesMapper;
|
this.authoritiesMapper = authoritiesMapper;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Boolean getKeycloak() {
|
||||||
|
return keycloak;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setKeycloak(Boolean keycloak) {
|
||||||
|
this.keycloak = keycloak;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +1,13 @@
|
||||||
package eu.dnetlib.loginservice.security.initiliazers;
|
package eu.dnetlib.loginservice.security.initiliazers;
|
||||||
|
|
||||||
|
import com.sun.org.apache.xpath.internal.operations.Bool;
|
||||||
import eu.dnetlib.loginservice.properties.Properties;
|
import eu.dnetlib.loginservice.properties.Properties;
|
||||||
import eu.dnetlib.loginservice.utils.ScopeReader;
|
import eu.dnetlib.loginservice.utils.ScopeReader;
|
||||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||||
import org.mitre.oauth2.model.RegisteredClient;
|
import org.mitre.oauth2.model.RegisteredClient;
|
||||||
import org.mitre.openid.connect.config.ServerConfiguration;
|
import org.mitre.openid.connect.config.ServerConfiguration;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
|
@ -28,10 +30,20 @@ public class Configurations {
|
||||||
String issuer = properties.getOidc().getIssuer();
|
String issuer = properties.getOidc().getIssuer();
|
||||||
ServerConfiguration serverConfiguration = new ServerConfiguration();
|
ServerConfiguration serverConfiguration = new ServerConfiguration();
|
||||||
serverConfiguration.setIssuer(issuer);
|
serverConfiguration.setIssuer(issuer);
|
||||||
serverConfiguration.setAuthorizationEndpointUri(issuer + "authorize");
|
Boolean keycloak = properties.getKeycloak();
|
||||||
serverConfiguration.setTokenEndpointUri(issuer + "token");
|
|
||||||
serverConfiguration.setUserInfoUri(issuer + "userinfo");
|
if(keycloak) {
|
||||||
serverConfiguration.setJwksUri(issuer + "jwk");
|
serverConfiguration.setAuthorizationEndpointUri(issuer + "/protocol/openid-connect/auth");
|
||||||
|
serverConfiguration.setTokenEndpointUri(issuer + "/protocol/openid-connect/token");
|
||||||
|
serverConfiguration.setUserInfoUri(issuer + "/protocol/openid-connect/userinfo");
|
||||||
|
serverConfiguration.setJwksUri(issuer + "/protocol/openid-connect/certs");
|
||||||
|
} else {
|
||||||
|
serverConfiguration.setAuthorizationEndpointUri(issuer + "authorize");
|
||||||
|
serverConfiguration.setTokenEndpointUri(issuer + "token");
|
||||||
|
serverConfiguration.setUserInfoUri(issuer + "userinfo");
|
||||||
|
serverConfiguration.setJwksUri(issuer + "jwk");
|
||||||
|
}
|
||||||
|
|
||||||
serverConfiguration.setRevocationEndpointUri(issuer + "revoke");
|
serverConfiguration.setRevocationEndpointUri(issuer + "revoke");
|
||||||
return serverConfiguration;
|
return serverConfiguration;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,12 +1,24 @@
|
||||||
authentication.domain=di.uoa.gr
|
authentication.domain=di.uoa.gr
|
||||||
|
|
||||||
|
#keycloak
|
||||||
|
#authentication.keycloak=true
|
||||||
|
#authentication.oidc.issuer=https://aai-dev.egi.eu/auth/realms/egi
|
||||||
|
#authentication.oidc.logout=https://aai-dev.egi.eu/auth/realms/egi/protocol/openid-connect/logout
|
||||||
|
|
||||||
|
#openid connect
|
||||||
|
authentication.keycloak=false
|
||||||
authentication.oidc.issuer=https://aai.openaire.eu/oidc/
|
authentication.oidc.issuer=https://aai.openaire.eu/oidc/
|
||||||
authentication.oidc.logout=https://aai.openaire.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=
|
authentication.oidc.logout=https://aai-dev.egi.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=
|
||||||
authentication.oidc.home=http://mpagasas.di.uoa.gr:8090/openid_connect_login
|
|
||||||
authentication.oidc.scope=openid,profile,email,eduperson_entitlement
|
authentication.oidc.home=http://rudie.di.uoa.gr:8580/openid_connect_login
|
||||||
authentication.oidc.id=id
|
authentication.oidc.scope=openid,profile,email,eduperson_entitlement,eduperson_scoped_affiliation,eduperson_unique_id,offline_access
|
||||||
authentication.oidc.secret=secret
|
authentication.oidc.id=a8ec6e5c-7bee-46aa-9a6f-18baca923582
|
||||||
authentication.session=openAIRESession
|
authentication.oidc.secret=2A91F53A1551AC33
|
||||||
authentication.accessToken=AccessToken
|
|
||||||
authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload
|
authentication.session=EGISession
|
||||||
|
authentication.accessToken=EGIAccessToken
|
||||||
|
|
||||||
|
authentication.redirect=http://scoobydoo.di.uoa.gr:4000/reload
|
||||||
# Currently, this is the only available mapper, set to null or anything else will ignore this.
|
# Currently, this is the only available mapper, set to null or anything else will ignore this.
|
||||||
authentication.authorities-mapper=openAIREMapper
|
authentication.authorities-mapper=null
|
||||||
|
server.port=8580
|
Loading…
Reference in New Issue