7
Page 2A: Setup configurable login
Bernaldo Mihasi edited this page 1 year ago
Page 2A: Setup configurable login
If you want to integrate with other providers, you have to configure them so the application knows how to communicate with them.
Argos supports 2 protocols:
- OAuth2
- Saml2
All properties that have to be configured are in /dmp-backend/web/src/main/resources/configurableLoginProviders.json which is a json array specifying each provider
NOTE: The path to the package which correspond to this file is /dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/ConfigurableProvider
Properties:
common | OAuth2 | Saml2 | |
---|---|---|---|
enabled | if this configurable login object is enabled | ||
configurableLoginId | string identifier e.g. oauth2-localhost, keycloak-saml2 | ||
type | type of protocol, 2 values allowed: a) oath2 b) saml2 | ||
name | name of application | ||
logoUrl | logo url of the provider | ||
clientId | Provider API client id | ||
clientSecret | Provider API client secret | ||
redirect_uri | Redirect uri to the host, path: /login/configurable/:configurableLoginId e.g. if configurableLoginId = oauth2_test then redirect_uri = http(s)://host/login/configurable/oauth2_test | ||
access_token_url | Provider API access token url | ||
grant_type | Provider API grant type | ||
token | Provider API token response fields: a) access_token b) expires_in | ||
user | Provider API user, 4 fields: a) id b) name c) email d) user_info_url | ||
oauthUrl | Provider API oauth url | ||
scope | Provider API scope | ||
state | Provider API state | ||
spEntityId | Provider API sp entity id | ||
idpEntityId | Provider API idp entity id | ||
idpUrl | Provider API idp url | ||
idpArtifactUrl | Provider API idp artifact url | ||
idpMetadataUrl | Provider API idp metadata url | ||
assertionEncrypted | if assertion is encrypted | ||
keyFormat | key format, 2 values allowed: a) JKS, b) PKCS12 | ||
keyAlias | key alias | ||
credentialPath | path to credential-key used | ||
archivePassword | archive password used | ||
keyPassword | key password used | ||
responseSigned | if saml response is signed | ||
assertionSigned | if assertion is signed | ||
signatureRequired | if argos requests to idp have to be signed | ||
signatureKeyAlias | signature key alias | ||
signaturePath | signature key path | ||
signatureKeyStorePassword | signature keystore password | ||
signatureKeyPassword | signature key password | ||
usingFormat | format of saml attributes, 2 values allowed: a) name, b) friendly_name | ||
attributeTypes | saml attribute types e.g "email":"XSString" | ||
configurableUserFromAttributes | internal user properties mapped to saml attributes e.g. "name":"saml2NameDefinedByIdp" | ||
binding | saml binding, 3 types implemented: a) Redirect, b) Artifact, c) Post | ||
assertionConsumerServiceUrl | Provider API assertion consumer service url |