7 Page 2A: Setup configurable login
Bernaldo Mihasi edited this page 4 weeks ago

Page 2A: Setup configurable login

If you want to integrate with other providers, you have to configure them so the application knows how to communicate with them.

Argos supports 2 protocols:

  1. OAuth2
  2. Saml2

All properties that have to be configured are in /dmp-backend/web/src/main/resources/configurableLoginProviders.json which is a json array specifying each provider

NOTE: The path to the package which correspond to this file is /dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/ConfigurableProvider

Properties:

common OAuth2 Saml2
enabled if this configurable login object is enabled
configurableLoginId string identifier e.g. oauth2-localhost, keycloak-saml2
type type of protocol, 2 values allowed: a) oath2 b) saml2
name name of application
logoUrl logo url of the provider
clientId Provider API client id
clientSecret Provider API client secret
redirect_uri Redirect uri to the host, path: /login/configurable/:configurableLoginId e.g. if configurableLoginId = oauth2_test then redirect_uri = http(s)://host/login/configurable/oauth2_test
access_token_url Provider API access token url
grant_type Provider API grant type
token Provider API token response fields: a) access_token b) expires_in
user Provider API user, 4 fields: a) id b) name c) email d) user_info_url
oauthUrl Provider API oauth url
scope Provider API scope
state Provider API state
spEntityId Provider API sp entity id
idpEntityId Provider API idp entity id
idpUrl Provider API idp url
idpArtifactUrl Provider API idp artifact url
idpMetadataUrl Provider API idp metadata url
assertionEncrypted if assertion is encrypted
keyFormat key format, 2 values allowed: a) JKS, b) PKCS12
keyAlias key alias
credentialPath path to credential-key used
archivePassword archive password used
keyPassword key password used
responseSigned if saml response is signed
assertionSigned if assertion is signed
signatureRequired if argos requests to idp have to be signed
signatureKeyAlias signature key alias
signaturePath signature key path
signatureKeyStorePassword signature keystore password
signatureKeyPassword signature key password
usingFormat format of saml attributes, 2 values allowed: a) name, b) friendly_name
attributeTypes saml attribute types e.g "email":"XSString"
configurableUserFromAttributes internal user properties mapped to saml attributes e.g. "name":"saml2NameDefinedByIdp"
binding saml binding, 3 types implemented: a) Redirect, b) Artifact, c) Post
assertionConsumerServiceUrl Provider API assertion consumer service url