Update 'Page 2A: Setup configurable login'

2022-08-21 23:31:22 +02:00 · 2022-08-21 23:31:22 +02:00 · 01faa43e62
parent dca5d0a831
commit 01faa43e62
1 changed files with 55 additions and 0 deletions
--- a/Page-2A%3A-Setup-configurable-login.md
+++ b/Page-2A%3A-Setup-configurable-login.md
@ -0,0 +1,55 @@
+# Page 2A: Setup configurable login
+Argos supports 2 protocols:
+
+1. OAuth2
+2. Saml2
+
+All properties that have to be configured are in ***/dmp-backend/web/src/main/resources/configurableLoginProviders.json***
+
+NOTE: The path to the package which correspond to this file is ***/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/ConfigurableProvider***
+
+**Properties**:
+
+
+
+|  | common | OAuth2 | Saml2 |
+| -------- | -------- | -------- | -------- |
+| enabled | if this configurable login object is enabled | | |
+| configurableLoginId | string identifier e.g. oauth2-localhost, keycloak-saml2 | | |
+| type | type of protocol, 2 values allowed: a) oath2 b) saml2 | | |
+| name | name of application | | |
+| logoUrl | logo url of the provider | | |
+| clientId | | Provider API client id | |
+| clientSecret | | Provider API client secret | |
+| redirect_uri | | Provider API redirect uri | |
+| access_token_url | | Provider API access token url | |
+| grant_type | | Provider API grant type | |
+| token | | Provider API token, 2 fields: a) access_token b) expires_in | |
+| user | | Provider API user, 4 fields: a) id b) name c) email d) user_info_url | |
+| oauthUrl | | Provider API oauth url | |
+| scope | | Provider API scope | |
+| state | | Provider API state | |
+| spEntityId | | | Provider API sp entity id |
+| idpEntityId | | | Provider API idp entity id e.g. keycloak->http://localhost:8080/auth/realms/master|
+| idpUrl | | | Provider API idp url e.g. keycloak->http://localhost:8080/auth/realms/master/protocol/saml |
+| idpArtifactUrl | | | Provider API idp artifact url e.g. keycloak->http://localhost:8080/auth/realms/master/protocol/saml |
+| idpMetadataUrl | | | Provider API idp metadata url e.g. keycloak->http://localhost:8080/auth/realms/master/protocol/saml/descriptor |
+| assertionEncrypted | | | if assertion is encrypted |
+| keyFormat | | | key format, 2 values allowed: a) JKS, b) PKCS12 |
+| keyAlias | | | key alias |
+| credentialPath | | | path to credential-key used |
+| archivePassword | | | archive password used |
+| keyPassword | | | key password used |
+| responseSigned | | | if saml response is signed |
+| assertionSigned | | | if assertion is signed |
+| signatureRequired | | | if argos requests to idp have to be signed |
+| signatureKeyAlias | | | signature key alias |
+| signaturePath | | | signature key path |
+| signatureKeyStorePassword | | | signature keystore password |
+| signatureKeyPassword | | | signature key password |
+| usingFormat | | | format of saml attributes, 2 values allowed: a) name, b) friendly_name |
+| attributeTypes | | | saml attribute types e.g "email":XSString |
+| configurableUserFromAttributes | | | internal user properties mapped to saml attributes e.g. "name":"saml2NameDefinedByIdp" |
+| binding | | | saml binding, 3 types implemented: a) Redirect, b) Artifact, c) Post |
+| assertionConsumerServiceUrl | | | Provider API assertion consumer service url |
+