Update 'Page 2A: Setup configurable login'
parent
dca5d0a831
commit
01faa43e62
|
@ -0,0 +1,55 @@
|
|||
# Page 2A: Setup configurable login
|
||||
Argos supports 2 protocols:
|
||||
|
||||
1. OAuth2
|
||||
2. Saml2
|
||||
|
||||
All properties that have to be configured are in ***/dmp-backend/web/src/main/resources/configurableLoginProviders.json***
|
||||
|
||||
NOTE: The path to the package which correspond to this file is ***/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/ConfigurableProvider***
|
||||
|
||||
**Properties**:
|
||||
|
||||
|
||||
|
||||
| | common | OAuth2 | Saml2 |
|
||||
| -------- | -------- | -------- | -------- |
|
||||
| enabled | if this configurable login object is enabled | | |
|
||||
| configurableLoginId | string identifier e.g. oauth2-localhost, keycloak-saml2 | | |
|
||||
| type | type of protocol, 2 values allowed: a) oath2 b) saml2 | | |
|
||||
| name | name of application | | |
|
||||
| logoUrl | logo url of the provider | | |
|
||||
| clientId | | Provider API client id | |
|
||||
| clientSecret | | Provider API client secret | |
|
||||
| redirect_uri | | Provider API redirect uri | |
|
||||
| access_token_url | | Provider API access token url | |
|
||||
| grant_type | | Provider API grant type | |
|
||||
| token | | Provider API token, 2 fields: a) access_token b) expires_in | |
|
||||
| user | | Provider API user, 4 fields: a) id b) name c) email d) user_info_url | |
|
||||
| oauthUrl | | Provider API oauth url | |
|
||||
| scope | | Provider API scope | |
|
||||
| state | | Provider API state | |
|
||||
| spEntityId | | | Provider API sp entity id |
|
||||
| idpEntityId | | | Provider API idp entity id e.g. keycloak->http://localhost:8080/auth/realms/master|
|
||||
| idpUrl | | | Provider API idp url e.g. keycloak->http://localhost:8080/auth/realms/master/protocol/saml |
|
||||
| idpArtifactUrl | | | Provider API idp artifact url e.g. keycloak->http://localhost:8080/auth/realms/master/protocol/saml |
|
||||
| idpMetadataUrl | | | Provider API idp metadata url e.g. keycloak->http://localhost:8080/auth/realms/master/protocol/saml/descriptor |
|
||||
| assertionEncrypted | | | if assertion is encrypted |
|
||||
| keyFormat | | | key format, 2 values allowed: a) JKS, b) PKCS12 |
|
||||
| keyAlias | | | key alias |
|
||||
| credentialPath | | | path to credential-key used |
|
||||
| archivePassword | | | archive password used |
|
||||
| keyPassword | | | key password used |
|
||||
| responseSigned | | | if saml response is signed |
|
||||
| assertionSigned | | | if assertion is signed |
|
||||
| signatureRequired | | | if argos requests to idp have to be signed |
|
||||
| signatureKeyAlias | | | signature key alias |
|
||||
| signaturePath | | | signature key path |
|
||||
| signatureKeyStorePassword | | | signature keystore password |
|
||||
| signatureKeyPassword | | | signature key password |
|
||||
| usingFormat | | | format of saml attributes, 2 values allowed: a) name, b) friendly_name |
|
||||
| attributeTypes | | | saml attribute types e.g "email":XSString |
|
||||
| configurableUserFromAttributes | | | internal user properties mapped to saml attributes e.g. "name":"saml2NameDefinedByIdp" |
|
||||
| binding | | | saml binding, 3 types implemented: a) Redirect, b) Artifact, c) Post |
|
||||
| assertionConsumerServiceUrl | | | Provider API assertion consumer service url |
|
||||
|
Loading…
Reference in New Issue