7
Page 2A: Setup configurable login
Bernaldo Mihasi edited this page 1 year ago
Page 2A: Setup configurable login
If you want to integrate with other providers, you have to configure them so the application knows how to communicate with them.
Argos supports 2 protocols:
- OAuth2
- Saml2
All properties that have to be configured are in /dmp-backend/web/src/main/resources/configurableLoginProviders.json which is a json array specifying each provider
NOTE: The path to the package which correspond to this file is /dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/ConfigurableProvider
Properties:
| common | OAuth2 | Saml2 | |
|---|---|---|---|
| enabled | if this configurable login object is enabled | ||
| configurableLoginId | string identifier e.g. oauth2-localhost, keycloak-saml2 | ||
| type | type of protocol, 2 values allowed: a) oath2 b) saml2 | ||
| name | name of application | ||
| logoUrl | logo url of the provider | ||
| clientId | Provider API client id | ||
| clientSecret | Provider API client secret | ||
| redirect_uri | Redirect uri to the host, path: /login/configurable/:configurableLoginId e.g. if configurableLoginId = oauth2_test then redirect_uri = http(s)://host/login/configurable/oauth2_test | ||
| access_token_url | Provider API access token url | ||
| grant_type | Provider API grant type | ||
| token | Provider API token response fields: a) access_token b) expires_in | ||
| user | Provider API user, 4 fields: a) id b) name c) email d) user_info_url | ||
| oauthUrl | Provider API oauth url | ||
| scope | Provider API scope | ||
| state | Provider API state | ||
| spEntityId | Provider API sp entity id | ||
| idpEntityId | Provider API idp entity id | ||
| idpUrl | Provider API idp url | ||
| idpArtifactUrl | Provider API idp artifact url | ||
| idpMetadataUrl | Provider API idp metadata url | ||
| assertionEncrypted | if assertion is encrypted | ||
| keyFormat | key format, 2 values allowed: a) JKS, b) PKCS12 | ||
| keyAlias | key alias | ||
| credentialPath | path to credential-key used | ||
| archivePassword | archive password used | ||
| keyPassword | key password used | ||
| responseSigned | if saml response is signed | ||
| assertionSigned | if assertion is signed | ||
| signatureRequired | if argos requests to idp have to be signed | ||
| signatureKeyAlias | signature key alias | ||
| signaturePath | signature key path | ||
| signatureKeyStorePassword | signature keystore password | ||
| signatureKeyPassword | signature key password | ||
| usingFormat | format of saml attributes, 2 values allowed: a) name, b) friendly_name | ||
| attributeTypes | saml attribute types e.g "email":"XSString" | ||
| configurableUserFromAttributes | internal user properties mapped to saml attributes e.g. "name":"saml2NameDefinedByIdp" | ||
| binding | saml binding, 3 types implemented: a) Redirect, b) Artifact, c) Post | ||
| assertionConsumerServiceUrl | Provider API assertion consumer service url |