keycloak enabled - properties and configuration updated
This commit is contained in:
parent
673b0d2e55
commit
9d7d56ed0a
|
@ -12,6 +12,7 @@ public class Properties {
|
|||
private String accessToken;
|
||||
private String redirect;
|
||||
private String authoritiesMapper;
|
||||
private Boolean keycloak;
|
||||
|
||||
public Properties() {
|
||||
}
|
||||
|
@ -71,4 +72,12 @@ public class Properties {
|
|||
public void setAuthoritiesMapper(String authoritiesMapper) {
|
||||
this.authoritiesMapper = authoritiesMapper;
|
||||
}
|
||||
|
||||
public Boolean getKeycloak() {
|
||||
return keycloak;
|
||||
}
|
||||
|
||||
public void setKeycloak(Boolean keycloak) {
|
||||
this.keycloak = keycloak;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
package eu.dnetlib.loginservice.security.initiliazers;
|
||||
|
||||
import com.sun.org.apache.xpath.internal.operations.Bool;
|
||||
import eu.dnetlib.loginservice.properties.Properties;
|
||||
import eu.dnetlib.loginservice.utils.ScopeReader;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
import org.mitre.openid.connect.config.ServerConfiguration;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
|
@ -28,10 +30,20 @@ public class Configurations {
|
|||
String issuer = properties.getOidc().getIssuer();
|
||||
ServerConfiguration serverConfiguration = new ServerConfiguration();
|
||||
serverConfiguration.setIssuer(issuer);
|
||||
serverConfiguration.setAuthorizationEndpointUri(issuer + "authorize");
|
||||
serverConfiguration.setTokenEndpointUri(issuer + "token");
|
||||
serverConfiguration.setUserInfoUri(issuer + "userinfo");
|
||||
serverConfiguration.setJwksUri(issuer + "jwk");
|
||||
Boolean keycloak = properties.getKeycloak();
|
||||
|
||||
if(keycloak) {
|
||||
serverConfiguration.setAuthorizationEndpointUri(issuer + "/protocol/openid-connect/auth");
|
||||
serverConfiguration.setTokenEndpointUri(issuer + "/protocol/openid-connect/token");
|
||||
serverConfiguration.setUserInfoUri(issuer + "/protocol/openid-connect/userinfo");
|
||||
serverConfiguration.setJwksUri(issuer + "/protocol/openid-connect/certs");
|
||||
} else {
|
||||
serverConfiguration.setAuthorizationEndpointUri(issuer + "authorize");
|
||||
serverConfiguration.setTokenEndpointUri(issuer + "token");
|
||||
serverConfiguration.setUserInfoUri(issuer + "userinfo");
|
||||
serverConfiguration.setJwksUri(issuer + "jwk");
|
||||
}
|
||||
|
||||
serverConfiguration.setRevocationEndpointUri(issuer + "revoke");
|
||||
return serverConfiguration;
|
||||
}
|
||||
|
|
|
@ -1,12 +1,24 @@
|
|||
authentication.domain=di.uoa.gr
|
||||
|
||||
#keycloak
|
||||
#authentication.keycloak=true
|
||||
#authentication.oidc.issuer=https://aai-dev.egi.eu/auth/realms/egi
|
||||
#authentication.oidc.logout=https://aai-dev.egi.eu/auth/realms/egi/protocol/openid-connect/logout
|
||||
|
||||
#openid connect
|
||||
authentication.keycloak=false
|
||||
authentication.oidc.issuer=https://aai.openaire.eu/oidc/
|
||||
authentication.oidc.logout=https://aai.openaire.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=
|
||||
authentication.oidc.home=http://mpagasas.di.uoa.gr:8090/openid_connect_login
|
||||
authentication.oidc.scope=openid,profile,email,eduperson_entitlement
|
||||
authentication.oidc.id=id
|
||||
authentication.oidc.secret=secret
|
||||
authentication.session=openAIRESession
|
||||
authentication.accessToken=AccessToken
|
||||
authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload
|
||||
authentication.oidc.logout=https://aai-dev.egi.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=
|
||||
|
||||
authentication.oidc.home=http://rudie.di.uoa.gr:8580/openid_connect_login
|
||||
authentication.oidc.scope=openid,profile,email,eduperson_entitlement,eduperson_scoped_affiliation,eduperson_unique_id,offline_access
|
||||
authentication.oidc.id=a8ec6e5c-7bee-46aa-9a6f-18baca923582
|
||||
authentication.oidc.secret=2A91F53A1551AC33
|
||||
|
||||
authentication.session=EGISession
|
||||
authentication.accessToken=EGIAccessToken
|
||||
|
||||
authentication.redirect=http://scoobydoo.di.uoa.gr:4000/reload
|
||||
# Currently, this is the only available mapper, set to null or anything else will ignore this.
|
||||
authentication.authorities-mapper=openAIREMapper
|
||||
authentication.authorities-mapper=null
|
||||
server.port=8580
|
Loading…
Reference in New Issue