diff --git a/.gitignore b/.gitignore index 092fc841b..886ef172a 100644 --- a/.gitignore +++ b/.gitignore @@ -14,6 +14,11 @@ out/ /scripts/helm/ort-server/charts/ /scripts/helm/*.tgz +# OpenTofu state +/scripts/docker/keycloak/tofu/.terraform +/scripts/docker/keycloak/tofu/.terraform.lock.hcl +/scripts/docker/keycloak/tofu/terraform.tfstate* + # Private environment for IDEA HTTP client http-client.private.env.json diff --git a/docker-compose.yml b/docker-compose.yml index 4b8a27cb5..4d270a383 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -61,7 +61,6 @@ services: keycloak: image: quay.io/keycloak/keycloak:24.0.4 restart: unless-stopped - entrypoint: /opt/keycloak_init/init-keycloak.sh command: - "start-dev" depends_on: @@ -88,6 +87,18 @@ services: source: ./scripts/docker/keycloak/ target: /opt/keycloak_init/ + config-keycloak: + image: ghcr.io/opentofu/opentofu:latest + restart: no + entrypoint: /srv/workspace/init-keycloak.sh + depends_on: + keycloak: + condition: service_healthy + volumes: + - type: bind + source: ./scripts/docker/keycloak/tofu + target: /srv/workspace + graphite: image: graphiteapp/graphite-statsd:1.1.10-5 restart: unless-stopped @@ -118,6 +129,8 @@ services: condition: service_healthy keycloak: condition: service_healthy + config-keycloak: + condition: service_completed_successfully rabbitmq: condition: service_healthy graphite: diff --git a/scripts/docker/keycloak/init-keycloak.sh b/scripts/docker/keycloak/init-keycloak.sh deleted file mode 100755 index d53b700c9..000000000 --- a/scripts/docker/keycloak/init-keycloak.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -# This script is used in a docker compose setup to initialize default KeyCloak entities. - -set -eu - -KEYCLOAK_SCRIPT=/opt/keycloak/bin/kc.sh - -if [[ $# -gt 1 ]] -then - KEYCLOAK_SCRIPT=$1 - shift -fi - -echo "Using Keycloak script: $KEYCLOAK_SCRIPT." - -# Import the preconfigured realm. -# To add new entities, do the following: -# 1. Start the container. -# 2. Get a shell in the container using `docker exec -it ort-server-keycloak-1 /bin/bash`. -# 3. Configure the new entities in the admin UI: `http://localhost:8081/admin` (username: `admin`, password: `admin`). -# 4. Export the configuration: -# `KC_HTTP_PORT=8081 /opt/keycloak/bin/kc.sh export --dir /opt/keycloak_init --users realm_file -$KEYCLOAK_SCRIPT build -$KEYCLOAK_SCRIPT import --file /opt/keycloak_init/master-realm.json - -# Start KeyCloak -$KEYCLOAK_SCRIPT "$@" diff --git a/scripts/docker/keycloak/master-realm.json b/scripts/docker/keycloak/master-realm.json deleted file mode 100644 index 4a824309f..000000000 --- a/scripts/docker/keycloak/master-realm.json +++ /dev/null @@ -1,1943 +0,0 @@ -{ - "id" : "0b009e14-6671-4ae5-8e3f-ddcc98049624", - "realm" : "master", - "displayName" : "Keycloak", - "displayNameHtml" : "
Keycloak
", - "notBefore" : 0, - "defaultSignatureAlgorithm" : "RS256", - "revokeRefreshToken" : false, - "refreshTokenMaxReuse" : 0, - "accessTokenLifespan" : 60, - "accessTokenLifespanForImplicitFlow" : 900, - "ssoSessionIdleTimeout" : 1800, - "ssoSessionMaxLifespan" : 36000, - "ssoSessionIdleTimeoutRememberMe" : 0, - "ssoSessionMaxLifespanRememberMe" : 0, - "offlineSessionIdleTimeout" : 2592000, - "offlineSessionMaxLifespanEnabled" : false, - "offlineSessionMaxLifespan" : 5184000, - "clientSessionIdleTimeout" : 0, - "clientSessionMaxLifespan" : 0, - "clientOfflineSessionIdleTimeout" : 0, - "clientOfflineSessionMaxLifespan" : 0, - "accessCodeLifespan" : 60, - "accessCodeLifespanUserAction" : 300, - "accessCodeLifespanLogin" : 1800, - "actionTokenGeneratedByAdminLifespan" : 43200, - "actionTokenGeneratedByUserLifespan" : 300, - "oauth2DeviceCodeLifespan" : 600, - "oauth2DevicePollingInterval" : 5, - "enabled" : true, - "sslRequired" : "external", - "registrationAllowed" : false, - "registrationEmailAsUsername" : false, - "rememberMe" : false, - "verifyEmail" : false, - "loginWithEmailAllowed" : true, - "duplicateEmailsAllowed" : false, - "resetPasswordAllowed" : false, - "editUsernameAllowed" : false, - "bruteForceProtected" : false, - "permanentLockout" : false, - "maxTemporaryLockouts" : 0, - "maxFailureWaitSeconds" : 900, - "minimumQuickLoginWaitSeconds" : 60, - "waitIncrementSeconds" : 60, - "quickLoginCheckMilliSeconds" : 1000, - "maxDeltaTimeSeconds" : 43200, - "failureFactor" : 30, - "roles" : { - "realm" : [ { - "id" : "c99b4606-c7e4-484d-950f-0e6dee275933", - "name" : "create-realm", - "description" : "${role_create-realm}", - "composite" : false, - "clientRole" : false, - "containerId" : "0b009e14-6671-4ae5-8e3f-ddcc98049624", - "attributes" : { } - }, { - "id" : "595652eb-720f-494d-a383-9736536b9278", - "name" : "uma_authorization", - "description" : "${role_uma_authorization}", - "composite" : false, - "clientRole" : false, - "containerId" : "0b009e14-6671-4ae5-8e3f-ddcc98049624", - "attributes" : { } - }, { - "id" : "14f10c6b-ccbf-456e-b268-cc868fbbfaa4", - "name" : "default-roles-master", - "description" : "${role_default-roles}", - "composite" : true, - "composites" : { - "realm" : [ "offline_access", "uma_authorization" ], - "client" : { - "account" : [ "view-profile", "manage-account" ] - } - }, - "clientRole" : false, - "containerId" : "0b009e14-6671-4ae5-8e3f-ddcc98049624", - "attributes" : { } - }, { - "id" : "af91bad7-de2e-4905-b9cc-d6d4729a56e4", - "name" : "admin", - "description" : "${role_admin}", - "composite" : true, - "composites" : { - "realm" : [ "create-realm" ], - "client" : { - "master-realm" : [ "impersonation", "manage-events", "manage-users", "manage-identity-providers", "view-realm", "query-users", "view-clients", "manage-realm", "view-authorization", "query-realms", "manage-clients", "view-identity-providers", "query-clients", "view-users", "create-client", "view-events", "query-groups", "manage-authorization" ] - } - }, - "clientRole" : false, - "containerId" : "0b009e14-6671-4ae5-8e3f-ddcc98049624", - "attributes" : { } - }, { - "id" : "10182c40-29a2-4612-8c3a-63e321ba5453", - "name" : "offline_access", - "description" : "${role_offline-access}", - "composite" : false, - "clientRole" : false, - "containerId" : "0b009e14-6671-4ae5-8e3f-ddcc98049624", - "attributes" : { } - } ], - "client" : { - "security-admin-console" : [ ], - "admin-cli" : [ ], - "react" : [ ], - "account-console" : [ ], - "ort-server" : [ { - "id" : "fe1e8021-77fc-463b-a069-da14ec5494db", - "name" : "superuser", - "description" : "This role is auto-generated, do not edit or remove.", - "composite" : false, - "clientRole" : true, - "containerId" : "6c48dfc4-9788-462c-ae28-4f3ce383f6a2", - "attributes" : { } - } ], - "broker" : [ { - "id" : "4cb48d75-ccb3-4c81-aa90-9f3d4c9f0c41", - "name" : "read-token", - "description" : "${role_read-token}", - "composite" : false, - "clientRole" : true, - "containerId" : "39d43b86-1d1b-4147-b7d4-4c237d22613f", - "attributes" : { } - } ], - "master-realm" : [ { - "id" : "9675415b-71cf-4753-91f1-f3795e31edfb", - "name" : "impersonation", - "description" : "${role_impersonation}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "4b238408-e7d7-4d96-a2cf-3c44db6eed16", - "name" : "manage-events", - "description" : "${role_manage-events}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "db9510ed-a42b-4261-ad3b-9d7864ab45ab", - "name" : "manage-users", - "description" : "${role_manage-users}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "9c7125b2-0e7f-4ee3-88c5-8f1ac8022749", - "name" : "manage-identity-providers", - "description" : "${role_manage-identity-providers}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "5d931ef1-78f7-45b4-a574-3d4747153f9c", - "name" : "view-realm", - "description" : "${role_view-realm}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "3ca64d92-b42c-4aba-88ce-173841c06728", - "name" : "query-users", - "description" : "${role_query-users}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "38c34b1d-a7c6-4186-9e75-abb0b9f09cf8", - "name" : "view-clients", - "description" : "${role_view-clients}", - "composite" : true, - "composites" : { - "client" : { - "master-realm" : [ "query-clients" ] - } - }, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "86aa5bd2-51c3-4fea-829c-577838b362d7", - "name" : "manage-realm", - "description" : "${role_manage-realm}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "18be96eb-52dd-4fa4-8fcb-76c9057f37bb", - "name" : "view-authorization", - "description" : "${role_view-authorization}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "3fd2cc72-d7f9-44b9-8147-97ea7fa47eaf", - "name" : "query-realms", - "description" : "${role_query-realms}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "41d04da7-49ac-4046-afda-694f2280b258", - "name" : "manage-clients", - "description" : "${role_manage-clients}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "1ac4a4c4-01f9-4dfd-be4f-1af70d81f733", - "name" : "view-identity-providers", - "description" : "${role_view-identity-providers}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "c0337e2c-1452-4204-a91d-cc7147071e67", - "name" : "query-clients", - "description" : "${role_query-clients}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "76c1996b-dd4c-4f76-8a8f-cbc7c5211edb", - "name" : "view-users", - "description" : "${role_view-users}", - "composite" : true, - "composites" : { - "client" : { - "master-realm" : [ "query-users", "query-groups" ] - } - }, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "9091ec54-dbde-47c2-a56c-4d66922aee08", - "name" : "create-client", - "description" : "${role_create-client}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "8ee68f18-91ee-40e4-8d04-46a7c26cfeca", - "name" : "view-events", - "description" : "${role_view-events}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "445b5f77-a829-45dc-877d-80939a3ad258", - "name" : "query-groups", - "description" : "${role_query-groups}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - }, { - "id" : "416167b5-6fa5-43db-b7dd-d8aab368e00a", - "name" : "manage-authorization", - "description" : "${role_manage-authorization}", - "composite" : false, - "clientRole" : true, - "containerId" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "attributes" : { } - } ], - "account" : [ { - "id" : "14bd2516-cf41-4a4b-ad46-c9677690b2bf", - "name" : "view-groups", - "description" : "${role_view-groups}", - "composite" : false, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "40502b9b-2600-4ca3-8378-b5eb56987e8d", - "name" : "delete-account", - "description" : "${role_delete-account}", - "composite" : false, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "8de630a0-3a4a-4f6c-b8fb-87baa7e12dc0", - "name" : "view-profile", - "description" : "${role_view-profile}", - "composite" : false, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "059641be-5110-43b2-b868-1bb4972535b2", - "name" : "manage-account", - "description" : "${role_manage-account}", - "composite" : true, - "composites" : { - "client" : { - "account" : [ "manage-account-links" ] - } - }, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "fa4bea7d-e4a0-4133-a175-c26560606eee", - "name" : "view-consent", - "description" : "${role_view-consent}", - "composite" : false, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "cca823a0-0a90-48f1-b19c-078170861359", - "name" : "manage-consent", - "description" : "${role_manage-consent}", - "composite" : true, - "composites" : { - "client" : { - "account" : [ "view-consent" ] - } - }, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "b8f3096d-16ae-4e18-8a4f-073266fafb2d", - "name" : "manage-account-links", - "description" : "${role_manage-account-links}", - "composite" : false, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - }, { - "id" : "ffb90cda-6dfe-41e6-8fc0-f2963abfefa1", - "name" : "view-applications", - "description" : "${role_view-applications}", - "composite" : false, - "clientRole" : true, - "containerId" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "attributes" : { } - } ] - } - }, - "groups" : [ { - "id" : "96f99c64-f68f-4b62-8f00-d9ad85e06b06", - "name" : "SUPERUSERS", - "path" : "/SUPERUSERS", - "subGroups" : [ ], - "attributes" : { }, - "realmRoles" : [ ], - "clientRoles" : { - "ort-server" : [ "superuser" ] - } - } ], - "defaultRole" : { - "id" : "14f10c6b-ccbf-456e-b268-cc868fbbfaa4", - "name" : "default-roles-master", - "description" : "${role_default-roles}", - "composite" : true, - "clientRole" : false, - "containerId" : "0b009e14-6671-4ae5-8e3f-ddcc98049624" - }, - "requiredCredentials" : [ "password" ], - "otpPolicyType" : "totp", - "otpPolicyAlgorithm" : "HmacSHA1", - "otpPolicyInitialCounter" : 0, - "otpPolicyDigits" : 6, - "otpPolicyLookAheadWindow" : 1, - "otpPolicyPeriod" : 30, - "otpPolicyCodeReusable" : false, - "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ], - "localizationTexts" : { }, - "webAuthnPolicyRpEntityName" : "keycloak", - "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], - "webAuthnPolicyRpId" : "", - "webAuthnPolicyAttestationConveyancePreference" : "not specified", - "webAuthnPolicyAuthenticatorAttachment" : "not specified", - "webAuthnPolicyRequireResidentKey" : "not specified", - "webAuthnPolicyUserVerificationRequirement" : "not specified", - "webAuthnPolicyCreateTimeout" : 0, - "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, - "webAuthnPolicyAcceptableAaguids" : [ ], - "webAuthnPolicyExtraOrigins" : [ ], - "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", - "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], - "webAuthnPolicyPasswordlessRpId" : "", - "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", - "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", - "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", - "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", - "webAuthnPolicyPasswordlessCreateTimeout" : 0, - "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, - "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], - "webAuthnPolicyPasswordlessExtraOrigins" : [ ], - "users" : [ { - "id" : "b4192f3c-d52a-43a8-8e5d-4ea429f08ca4", - "username" : "admin", - "emailVerified" : false, - "createdTimestamp" : 1660816938576, - "enabled" : true, - "totp" : false, - "credentials" : [ { - "id" : "ebe4eb86-b6af-4584-91a9-2b1916e82d8c", - "type" : "password", - "createdDate" : 1660816938824, - "secretData" : "{\"value\":\"+CHXQV46esRCKB8Ez7vds//OXDJeC3OJtJRCF6jbo9T0icynDyl8lUGz2aKKogl643tJvItUwRTZ4guYeXmLzQ==\",\"salt\":\"e+BKomuIQVx+IK5QtJ/O1w==\",\"additionalParameters\":{}}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "default-roles-master", "admin" ], - "notBefore" : 0, - "groups" : [ "/SUPERUSERS" ] - }, { - "id" : "dc908d80-5155-4b92-a34f-3c6bbed31893", - "username" : "ort-admin", - "firstName" : "", - "lastName" : "", - "emailVerified" : false, - "createdTimestamp" : 1660817443238, - "enabled" : true, - "totp" : false, - "credentials" : [ { - "id" : "5423885e-bbdd-469b-ba75-3045b18dc705", - "type" : "password", - "userLabel" : "My password", - "createdDate" : 1660817558290, - "secretData" : "{\"value\":\"LK9NQgoMz7cHea24vUfD9Uw2+ACURJdCrgAEIUHo9Q0kn+6k9r2s9/UsjbF/nM+koBKPK+q9jDdrutqsYm5QBw==\",\"salt\":\"jrsQvdIA6Ko5Qw+o2mnkFg==\",\"additionalParameters\":{}}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "default-roles-master" ], - "notBefore" : 0, - "groups" : [ "/SUPERUSERS" ] - } ], - "scopeMappings" : [ { - "clientScope" : "offline_access", - "roles" : [ "offline_access" ] - } ], - "clientScopeMappings" : { - "account" : [ { - "client" : "account-console", - "roles" : [ "manage-account", "view-groups" ] - } ] - }, - "clients" : [ { - "id" : "a7f4c697-ce5a-42f2-8456-db1da56f23ec", - "clientId" : "account", - "name" : "${client_account}", - "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/master/account/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/master/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "d23434a1-9041-4978-a912-55c83ecd6687", - "clientId" : "account-console", - "name" : "${client_account-console}", - "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/master/account/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/master/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+", - "pkce.code.challenge.method" : "S256" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "93c15780-e1f3-4af8-80ec-ac9bab4fe711", - "name" : "audience resolve", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-audience-resolve-mapper", - "consentRequired" : false, - "config" : { } - } ], - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "ebf08c73-0245-4f7d-a43f-9a342a144b7d", - "clientId" : "admin-cli", - "name" : "${client_admin-cli}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "39d43b86-1d1b-4147-b7d4-4c237d22613f", - "clientId" : "broker", - "name" : "${client_broker}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "7e1012ec-5b1d-4fa6-b9f4-fd5ac4d87669", - "clientId" : "master-realm", - "name" : "master Realm", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "6c48dfc4-9788-462c-ae28-4f3ce383f6a2", - "clientId" : "ort-server", - "name" : "ORT Server", - "description" : "", - "rootUrl" : "", - "adminUrl" : "", - "baseUrl" : "", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "http://localhost:8081/*", "http://localhost:8080/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : true, - "protocol" : "openid-connect", - "attributes" : { - "oidc.ciba.grant.enabled" : "false", - "backchannel.logout.session.required" : "true", - "post.logout.redirect.uris" : "+", - "display.on.consent.screen" : "false", - "oauth2.device.authorization.grant.enabled" : "false", - "backchannel.logout.revoke.offline.tokens" : "false" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "defaultClientScopes" : [ "ort-server-client", "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "90717130-1595-44ea-9658-0c8a507d4879", - "clientId" : "react", - "name" : "", - "description" : "", - "rootUrl" : "http://localhost:5173", - "adminUrl" : "", - "baseUrl" : "http://localhost:5173", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/*" ], - "webOrigins" : [ "+" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : true, - "protocol" : "openid-connect", - "attributes" : { - "access.token.lifespan" : "300", - "post.logout.redirect.uris" : "/*", - "oauth2.device.authorization.grant.enabled" : "false", - "backchannel.logout.revoke.offline.tokens" : "false", - "use.refresh.tokens" : "true", - "tls-client-certificate-bound-access-tokens" : "false", - "oidc.ciba.grant.enabled" : "false", - "backchannel.logout.session.required" : "true", - "client_credentials.use_refresh_token" : "false", - "acr.loa.map" : "{}", - "require.pushed.authorization.requests" : "false", - "display.on.consent.screen" : "false", - "token.response.type.bearer.lower-case" : "false" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "115c6dcc-fcba-460c-95bb-f2ad93a2aba3", - "clientId" : "security-admin-console", - "name" : "${client_security-admin-console}", - "rootUrl" : "${authAdminUrl}", - "baseUrl" : "/admin/master/console/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/admin/master/console/*" ], - "webOrigins" : [ "+" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+", - "pkce.code.challenge.method" : "S256" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "5c2fbe00-e1d9-491f-a2e3-d34a5fb05254", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" - } - } ], - "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - } ], - "clientScopes" : [ { - "id" : "149d1060-c3f6-4a79-aa73-f0baae477855", - "name" : "ort-server-client", - "description" : "Shared scope for clients interacting with the ORT Server", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "false", - "display.on.consent.screen" : "false" - }, - "protocolMappers" : [ { - "id" : "0cb3e2ef-2dde-4729-82e4-aa2b7138c1e9", - "name" : "ORT-server-audience-mapper", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-audience-mapper", - "consentRequired" : false, - "config" : { - "included.client.audience" : "ort-server", - "id.token.claim" : "false", - "access.token.claim" : "true", - "userinfo.token.claim" : "false" - } - } ] - }, { - "id" : "263aebaf-f926-4467-bf88-36c38254c729", - "name" : "email", - "description" : "OpenID Connect built-in scope: email", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${emailScopeConsentText}" - }, - "protocolMappers" : [ { - "id" : "46b77efe-9121-46ca-8d38-4977b431135b", - "name" : "email verified", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "emailVerified", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email_verified", - "jsonType.label" : "boolean" - } - }, { - "id" : "5c74f6c4-4470-4cfa-8867-762a75e3653e", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - } ] - }, { - "id" : "74722011-f256-40f8-bf2d-46a5fd2dd71e", - "name" : "acr", - "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "false", - "display.on.consent.screen" : "false" - }, - "protocolMappers" : [ { - "id" : "da143824-aaad-4418-b659-144f4c5de135", - "name" : "acr loa level", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-acr-mapper", - "consentRequired" : false, - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - } ] - }, { - "id" : "bf7d5ec2-e133-4a43-b6a6-5377cf4cc41f", - "name" : "web-origins", - "description" : "OpenID Connect scope for add allowed web origins to the access token", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "false", - "display.on.consent.screen" : "false", - "consent.screen.text" : "" - }, - "protocolMappers" : [ { - "id" : "1f07dd67-cf19-4a34-8cd3-ac0081e739ec", - "name" : "allowed web origins", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-allowed-origins-mapper", - "consentRequired" : false, - "config" : { } - } ] - }, { - "id" : "9e177545-054d-415a-8b6e-9c66ff3ce146", - "name" : "role_list", - "description" : "SAML role list", - "protocol" : "saml", - "attributes" : { - "consent.screen.text" : "${samlRoleListScopeConsentText}", - "display.on.consent.screen" : "true" - }, - "protocolMappers" : [ { - "id" : "09782c60-7722-4d22-b51e-69f1786b41ae", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - } ] - }, { - "id" : "6d7a74e9-029a-40c1-ac7b-4365bfa566ff", - "name" : "phone", - "description" : "OpenID Connect built-in scope: phone", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${phoneScopeConsentText}" - }, - "protocolMappers" : [ { - "id" : "56d28586-8d99-49f3-b113-5e912b7c92b5", - "name" : "phone number verified", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "phoneNumberVerified", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "phone_number_verified", - "jsonType.label" : "boolean" - } - }, { - "id" : "c69a646b-1ef9-411d-8a67-e26e54b0702e", - "name" : "phone number", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "phoneNumber", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "phone_number", - "jsonType.label" : "String" - } - } ] - }, { - "id" : "61da6eac-c833-49a8-ab87-cc0ddf9662f2", - "name" : "roles", - "description" : "OpenID Connect scope for add user roles to the access token", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "false", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${rolesScopeConsentText}" - }, - "protocolMappers" : [ { - "id" : "d9099df9-6427-40d6-bee0-7ed07fbd9547", - "name" : "client roles", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-client-role-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "foo", - "access.token.claim" : "true", - "claim.name" : "resource_access.${client_id}.roles", - "jsonType.label" : "String", - "multivalued" : "true" - } - }, { - "id" : "47debf09-34ce-4f09-ac93-3dd7412c66e8", - "name" : "realm roles", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-realm-role-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "foo", - "access.token.claim" : "true", - "claim.name" : "realm_access.roles", - "jsonType.label" : "String", - "multivalued" : "true" - } - }, { - "id" : "91e90aa5-a940-4347-a3bc-d142bb5ffe13", - "name" : "audience resolve", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-audience-resolve-mapper", - "consentRequired" : false, - "config" : { } - } ] - }, { - "id" : "f0899d33-ebb6-4515-af5e-80bbc126503e", - "name" : "address", - "description" : "OpenID Connect built-in scope: address", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${addressScopeConsentText}" - }, - "protocolMappers" : [ { - "id" : "314bfa20-6910-480e-95ae-6a32c1b1b04e", - "name" : "address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-address-mapper", - "consentRequired" : false, - "config" : { - "user.attribute.formatted" : "formatted", - "user.attribute.country" : "country", - "user.attribute.postal_code" : "postal_code", - "userinfo.token.claim" : "true", - "user.attribute.street" : "street", - "id.token.claim" : "true", - "user.attribute.region" : "region", - "access.token.claim" : "true", - "user.attribute.locality" : "locality" - } - } ] - }, { - "id" : "bcf78cfb-dd5d-43aa-8eb6-e54f1019e308", - "name" : "microprofile-jwt", - "description" : "Microprofile - JWT built-in scope", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "false" - }, - "protocolMappers" : [ { - "id" : "0ce60571-6613-4e21-9bd8-2e8a9e1080b8", - "name" : "groups", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-realm-role-mapper", - "consentRequired" : false, - "config" : { - "multivalued" : "true", - "userinfo.token.claim" : "true", - "user.attribute" : "foo", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "groups", - "jsonType.label" : "String" - } - }, { - "id" : "b475efe9-38b2-4580-8063-a9dc56e5bee9", - "name" : "upn", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "upn", - "jsonType.label" : "String" - } - } ] - }, { - "id" : "896c4818-544e-427e-9315-fdd1d9093686", - "name" : "offline_access", - "description" : "OpenID Connect built-in scope: offline_access", - "protocol" : "openid-connect", - "attributes" : { - "consent.screen.text" : "${offlineAccessScopeConsentText}", - "display.on.consent.screen" : "true" - } - }, { - "id" : "1632232b-223c-4491-915e-d1ea9af264ef", - "name" : "profile", - "description" : "OpenID Connect built-in scope: profile", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${profileScopeConsentText}" - }, - "protocolMappers" : [ { - "id" : "17057a09-5a16-425c-b3a8-10719f478caf", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" - } - }, { - "id" : "646126cf-4dda-49e7-93af-2b35d731b527", - "name" : "picture", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "picture", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "picture", - "jsonType.label" : "String" - } - }, { - "id" : "c015dcc8-20f8-4f21-b11e-c686abfef52b", - "name" : "profile", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "profile", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "profile", - "jsonType.label" : "String" - } - }, { - "id" : "dee747f7-7c42-4ab1-83a7-2e2d9b65733a", - "name" : "website", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "website", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "website", - "jsonType.label" : "String" - } - }, { - "id" : "e180258b-bd75-4d0e-af71-f63819ec4420", - "name" : "updated at", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "updatedAt", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "updated_at", - "jsonType.label" : "long" - } - }, { - "id" : "7915b513-4393-473e-b994-742e0960b9dc", - "name" : "zoneinfo", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "zoneinfo", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "zoneinfo", - "jsonType.label" : "String" - } - }, { - "id" : "b4e0fcf7-f85b-4c5d-a48a-15655d16c51e", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "c9666297-d6f8-4cf8-8bcd-a44a264b9a2e", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : false, - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "5f0e0aac-a86c-4c3b-92b2-e88d01ab496d", - "name" : "gender", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "gender", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "gender", - "jsonType.label" : "String" - } - }, { - "id" : "0a432e51-9b7b-41d4-a709-44721b679e8e", - "name" : "nickname", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "nickname", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "nickname", - "jsonType.label" : "String" - } - }, { - "id" : "f4d6757c-c385-4f9b-a6fa-299532b91364", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "f04df000-fb3d-434e-b48e-89901935afd9", - "name" : "middle name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "middleName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "middle_name", - "jsonType.label" : "String" - } - }, { - "id" : "9ebde328-fdf4-4365-83e2-c94f7c6c8c4d", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "cdf53d5c-cda5-4f93-b21a-c0f4d5ac92fc", - "name" : "birthdate", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "birthdate", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "birthdate", - "jsonType.label" : "String" - } - } ] - } ], - "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ], - "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], - "browserSecurityHeaders" : { - "contentSecurityPolicyReportOnly" : "", - "xContentTypeOptions" : "nosniff", - "referrerPolicy" : "no-referrer", - "xRobotsTag" : "none", - "xFrameOptions" : "SAMEORIGIN", - "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", - "xXSSProtection" : "1; mode=block", - "strictTransportSecurity" : "max-age=31536000; includeSubDomains" - }, - "smtpServer" : { }, - "eventsEnabled" : false, - "eventsListeners" : [ "jboss-logging" ], - "enabledEventTypes" : [ ], - "adminEventsEnabled" : false, - "adminEventsDetailsEnabled" : false, - "identityProviders" : [ ], - "identityProviderMappers" : [ ], - "components" : { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { - "id" : "cf1a7712-1331-41ac-9694-706f96a29538", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper" ] - } - }, { - "id" : "a4421fad-fa91-4f93-95bb-65ab2ec54e7a", - "name" : "Trusted Hosts", - "providerId" : "trusted-hosts", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "host-sending-registration-request-must-match" : [ "true" ], - "client-uris-must-match" : [ "true" ] - } - }, { - "id" : "fbf6b0bc-1e13-427c-937f-b53eb5edf3d2", - "name" : "Allowed Client Scopes", - "providerId" : "allowed-client-templates", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allow-default-scopes" : [ "true" ] - } - }, { - "id" : "d81d1979-3ba6-489b-9ab7-b728aed6a773", - "name" : "Consent Required", - "providerId" : "consent-required", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "996f80d0-1309-4ef7-801b-837b7c2e2e3c", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper" ] - } - }, { - "id" : "d3349d9b-0a14-435b-bbc9-eface1c6b5cf", - "name" : "Full Scope Disabled", - "providerId" : "scope", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "3e1b39f1-b3a4-4efa-a626-b54b241e0018", - "name" : "Max Clients Limit", - "providerId" : "max-clients", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "max-clients" : [ "200" ] - } - }, { - "id" : "15599823-17d6-43fc-9baa-41162975d1b5", - "name" : "Allowed Client Scopes", - "providerId" : "allowed-client-templates", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allow-default-scopes" : [ "true" ] - } - } ], - "org.keycloak.userprofile.UserProfileProvider" : [ { - "id" : "0304585b-0467-468d-8976-ca53831777ed", - "providerId" : "declarative-user-profile", - "subComponents" : { }, - "config" : { - "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ] - } - } ], - "org.keycloak.keys.KeyProvider" : [ { - "id" : "0d51e76f-7833-4cfd-8b44-9a1bb714bdd0", - "name" : "aes-generated", - "providerId" : "aes-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "cead3957-340a-4eb6-a0d3-34fa1e657486" ], - "secret" : [ "-k_WXMDwzyFiWATG6dsYew" ], - "priority" : [ "100" ] - } - }, { - "id" : "8006b68c-9b5f-4d54-9ba5-6f55c44afeb0", - "name" : "hmac-generated", - "providerId" : "hmac-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "8729d5db-49e6-4ebf-af0c-fe911a0fb31b" ], - "secret" : [ "-MtBldYciw3zRQo5z5rJNhodaV9IEyKlT2QdxdN8S1fJcTEoM5MDHsmkEhXuhKRHNVvWe9l1mm-WfaY49zPm9C4MAmugnlIy_ul9Mn4oGZm5HwlNFWiZwhKbM0kRlV4lpxTFeeETH1HnqOVaySVBBXmclTrIDf8Rh13S_kdHPuQ" ], - "priority" : [ "100" ], - "algorithm" : [ "HS256" ] - } - }, { - "id" : "df8105ac-b1bb-48bc-8fe7-84adab8a767d", - "name" : "hmac-generated-hs512", - "providerId" : "hmac-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "43487235-90f5-4272-9fca-cc9b595d6618" ], - "secret" : [ "S_LmNtpZQYV7jLSCjpZdK85u-ELWsACvs7x4oxCdcQEUENBqxOEwliF3JTtsWmIxuqMLc7gGeTnKn0tjUrXBFLKoRxqwuvnbJ2pae4PkJSGdlZXcrwoLmrlWwD3zZ4SpIgpmZNRgcVQaKwkeUwGBh5ytT2C3HRTjE2HZkWQv968" ], - "priority" : [ "100" ], - "algorithm" : [ "HS512" ] - } - }, { - "id" : "49a4189d-53f5-4cdf-90a1-c12ee470db43", - "name" : "rsa-generated", - "providerId" : "rsa-generated", - "subComponents" : { }, - "config" : { - "privateKey" : [ "MIIEpAIBAAKCAQEAntcH6cO38D1/EGrJ09BuFYsKuLxgvhart7alcD8gzD9qqfwMJ1Dd+x3VeawPwfJ4OUHSEYIV7U/eSRO1ZUTzagXoMFrHD3fF+67J+i6c4BaaYJAgEv6+yfnNDiPHdu6+wWNGbjol5P0uvzQCRs+EuM/Ckd0AN2lj2pYTagodp1J7497eWIPu52+APAPTYgs9+ZUakFC4b+B6rnpPymel0fwKZxyA204I5sh519zumzxYrokp3qrtFTVrklvIVw02rb9pnfU7NszD+xo0dthxZ+HFM08BrZxsq5627ZMIhUUanOJTPi0E3a8vOHcoey4sBCwh+8QW1SoT6eBSeJHiKQIDAQABAoIBAAcK82u0L7aEENtk/hWZXcWFwzrFW31s2uihPWejMkHsI+oX5gq45Vwfiq9uPMqgL3V2diksPUBRn20FEIYbebbUk+LPpkOIz4ClKN53bPbrTvquGUX5AUj0/a29Ug2eG1t5b+ODn4TY4aw8/ZwvJ6wxcL1FRnUD2Wy/5RTOuwQyrFdab6QLIy7UAxfPRBaPjmcKPLlT1vAXTTGeMtHhG84PrXNmHvfFL6cXtLsbQFOr2NzMuiscQ8ZGDpPPgzaVRXoDYOjXIpOCK549K9HVjV4JBl+TPNSDwSfvVDVnWs5aSoDC/h0tACvcjE2dLT4SK/cu03xTtunA/x6caI5tO7sCgYEA0ZKzQJfdGKC7LbDv2kJdhDZMcUYBPtKu2syn6bTlfK22gq7kR9zYJzQgUCoOhqpiY13OE0fA+a/vYRdFALPPHjRJMnR2fs5ZFUfKvRwTCXsl076Rb3/Y0R+ysyGydhwr/avQo382upnvgzzKBc1LjKxfhRYxMGAlp7VMAP4Ftq8CgYEAwgcoYu8OIJ6rG783KbIwSoPer0o7P2qTI6uMQ1ZAqGZgYm61rBM5N8KoxAPSTYwjqhw3UyguBGFtQgnnVixAg1eoynkeHSCwQPeEcA59LTqI5egCAK0h8jvP7Zb36gzos2yZNTcaleURQFd2UkZVNMkoEuQ0kchLC34ysLLRKqcCgYAfMpN0nibPr72tg5VxDEgXkm22vxEYZQyajbTBWah/8uwkcByThhC3ZU8aH+ihq2OSHzi6LghQIxyje29ON3YxrN7on+Wz4svoGxPXKwK6epaa+tdznbiNCQb1G6MRaggybw1UCXAAP0Ikazw3uOPyQQbHLRKNfQKeAKMb0rTPCQKBgQC0kPC20X42QTNACT2O4jMqxXoxa0WkCMyR/43zBIv7q/q64AjV8LXo/JEOiffnDyoJn2SlUNkyXnDNamYNvfTzxlpgw0KRHOCqNS7dEb7Qno7UVou2kWjsA1nH5B0nhYfxonkaGwP0x068sCh+/NFC5IkUu6donBuqwHDwHBmoNQKBgQC8DvpEhirMz8BhhURIuf2qLtMc9SqlGYyuLnQYmiY6kDBGwb0VxiFFVRDTrd6LSMbd6EL+fjbhMeleVQs3bRauHDdNr+3tRh79aE607eDs6AIpETx8aJpqWdpLqQkK45RgFMcGHec+f5jX1fDdYh2M+oivYjFUeal2ZtokCd+yNg==" ], - "keyUse" : [ "SIG" ], - "certificate" : [ "MIICmzCCAYMCBgGCsGdSYjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjIwODE4MTAwMDM3WhcNMzIwODE4MTAwMjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe1wfpw7fwPX8QasnT0G4Viwq4vGC+Fqu3tqVwPyDMP2qp/AwnUN37HdV5rA/B8ng5QdIRghXtT95JE7VlRPNqBegwWscPd8X7rsn6LpzgFppgkCAS/r7J+c0OI8d27r7BY0ZuOiXk/S6/NAJGz4S4z8KR3QA3aWPalhNqCh2nUnvj3t5Yg+7nb4A8A9NiCz35lRqQULhv4Hquek/KZ6XR/ApnHIDbTgjmyHnX3O6bPFiuiSnequ0VNWuSW8hXDTatv2md9Ts2zMP7GjR22HFn4cUzTwGtnGyrnrbtkwiFRRqc4lM+LQTdry84dyh7LiwELCH7xBbVKhPp4FJ4keIpAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAI8dMCGlE+2fRnEyRXBlB2IyGdkXVk9skH7gI+FbTse30bDH4Khz7ptYGbJBlv4oSfLAJz/1Q1y3p1qsxoZ8C71KkReALE+GTc0KYXvE4msXXdY6g6+aOG8Ut6MjIm9MszDWoYSI881R/ZLQFYvRjC/ABe3APA/WIq/jz68vwb92AkX0fITiLUOohx45Kp+CGGgYN/ItR8R0fQkUoe7NgeaYb80MNL/yNOTKbT6AqkSKc03X6tZQLzqKvYzV0VXcCVz1H3sUFctlk6+OSHVey7XgeHoVbQLnYh4UeG60RdRg5E8frFLuDWG2zA7ISYs5u4GdUoP9ottsn9PQbpOk5w4=" ], - "priority" : [ "100" ] - } - }, { - "id" : "f3558e32-d865-439e-81ef-d8f7a0f7377c", - "name" : "rsa-enc-generated", - "providerId" : "rsa-enc-generated", - "subComponents" : { }, - "config" : { - "privateKey" : [ "MIIEowIBAAKCAQEAthvdSvoXlJ78p4xE7kUJox+jcmzD4Q1xTbQl2SArXqivMQHff4C35TmUuWLT9C/sBK7CcdtPALSnlclf5UWM4G0eID2RNFEz81z6sNpxaHGoWocQlfd9tAxOI3tlWHYzAGXP3+BXgV7000EKteubjgXNBpgFwvRufy8fMOUU/uAYo7y8SkT3KtCPOqKF9Gunjbyown05gt2cFHnuoLFu2LWIN29xi+r1lLYRdc4x2zCUeyFlDttSgok5MO1F6oG+uQRN0h5K1wjN2uLeKexwg69aeFAzEWs3kA71Mpk3KBLKIXS+BgsbQO5Uihz+eFmTDT785PHeH9XhSOCp2sOufwIDAQABAoIBAEdfbWBE23gSxbgPCDcQVMIblM40ZaLvR1BqggjyjDzpxNvivYs10h0jb7Am1SZXn9uH+Mpx5ylCJIpWpeBwXVHaQlvldWL5TnCbqN8mhhsmrJJqbCwylxA5YGiUpLhCfyOxQ4MdZH5eTnr7e2yoXkuP53aln2B0t1feio15wzxOw6OK/M9AOnkkv4O+p8zcoh6Rzs9BNG906cdOdLGK6d5PimutxVpTSx2vGpV4I+2C8SwjLy9/nmOKfwccjqaNjlo/qWM/5yzdrVAXtBKToUTC+0ok6jzCHDbrAyH0wM8sGLRI8/omtx+0A5/kR9M+USeiB8DWcMHGj9kmqTdM+ekCgYEA5JRlOHA6AEjCnl7I3/8QiBQgY484g2z2reSoYtsrlhYNIcNm+iqnd+Q5jrvb9Y/VW4mDltpp2xvCksOJTxvK9qFpPs4oBIiWqd5p9wU/ycctPcJgQFJZnqXWes9Kg8OHc71LrmM4VtCRpDJd7wFMsPj321s/GuUUqKynQCmEjGkCgYEAy/RdnbufwVVJkfNqL2JfXS1LyQtXc6fi0mCiFugqgz0f7HftmxCWLOeJCobt68RMeElVu6PZHcoGkOIYSMM9gKru+h287pEYQQWEU/3uia3zChtIIoewsjwt+41F/f/TnMCgAE+ovW2a2lp32yZHVsKQXND0EEZoXJaEqvhApqcCgYAaB4gLSERimeaHsFWBpIMWa+xQShPua28f2EUQlNK+0Z4HNUA5xrexYGzpgx0GNq3eMaepew/I4r1ihx/QwWJ4eWMJwuItufwmNeytM4zTBnpxaPwa9wW7mjj1XTuoC5EWLf07S5Mz16ZuI0otGGHKWV+oPBjQkDutBZQ6K0Ar2QKBgQCWJa0xrOncU6RYvUFj5uDb4LfVJvNXorX6OMe7Y2nAuiQhWtzidmCIaF/cDx9inV3Kg/qIrAPvyUXyLXDBSHKjobNTEMeBPfIEFEKp7txIIXY174W4Xfp4DJOxh/yKFGc+FBT2ha5s3h7NNyLbhB+qwIu0uOOkg6Da4LiEgURfKwKBgAKTt3cVh1zYPsmRxbQmds7lxbfedtyvh/FdjXdH5AoGz7zdeCRSSVy7GWKQEmOG0joPN+QeHOaaP+4C1Hp4hVpyVwYSJ89zYBBt1N+564IgjRI94HR94f+nR+gtirjaVcg087JBQ9/e8FzCRCVa39D6dzz1orU5kVfBzS2/sSoM" ], - "keyUse" : [ "ENC" ], - "certificate" : [ "MIICmzCCAYMCBgGCsGdTUTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjIwODE4MTAwMDM3WhcNMzIwODE4MTAwMjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2G91K+heUnvynjETuRQmjH6NybMPhDXFNtCXZICteqK8xAd9/gLflOZS5YtP0L+wErsJx208AtKeVyV/lRYzgbR4gPZE0UTPzXPqw2nFocahahxCV9320DE4je2VYdjMAZc/f4FeBXvTTQQq165uOBc0GmAXC9G5/Lx8w5RT+4BijvLxKRPcq0I86ooX0a6eNvKjCfTmC3ZwUee6gsW7YtYg3b3GL6vWUthF1zjHbMJR7IWUO21KCiTkw7UXqgb65BE3SHkrXCM3a4t4p7HCDr1p4UDMRazeQDvUymTcoEsohdL4GCxtA7lSKHP54WZMNPvzk8d4f1eFI4Knaw65/AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGrvITURN60SRdW9ThP2mvtFO65gaxR/EpfOlmsDqpQt0foDDEaxuK2F9YEA+/BynW1BEt7rtd5AJNWJJGel0t53VpAkGthhboAPAES/RT6Syx42Btr4P2iDI9VxLRCHZKkppprXUB5xF7htwMLaCdT4urdxLFxyYs6FvqHB4JsW1r7tdWuN7OpuRu+FwNBfYngS3UfdemnrWdF6wy7zX87+HchA89Ii2vpp4YECyk9bSTlA4kQ4TwsFohGx5gDMvjjpvTF6AFC6m4bVGbIJVDatmYaADVSkuEAreEKAa/peJ55CuYewDfBpLoB0Ol/UC+QlZxbrcw9w5U1ctZD07ZE=" ], - "priority" : [ "100" ], - "algorithm" : [ "RSA-OAEP" ] - } - } ] - }, - "internationalizationEnabled" : false, - "supportedLocales" : [ ], - "authenticationFlows" : [ { - "id" : "de4c8575-4fff-4490-986d-f35db22c0c9c", - "alias" : "Account verification options", - "description" : "Method with which to verity the existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-email-verification", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "ALTERNATIVE", - "priority" : 20, - "autheticatorFlow" : true, - "flowAlias" : "Verify Existing Account by Re-authentication", - "userSetupAllowed" : false - } ] - }, { - "id" : "78ad7859-395e-49ae-9532-b419d4f4aaa0", - "alias" : "Browser - Conditional OTP", - "description" : "Flow to determine if the OTP is required for the authentication", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "auth-otp-form", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "fc512fa7-47bd-428b-a25d-0d4519e9fc85", - "alias" : "Direct Grant - Conditional OTP", - "description" : "Flow to determine if the OTP is required for the authentication", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "direct-grant-validate-otp", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "72e0e9bc-037f-44fc-b96b-03ef301f2a98", - "alias" : "First broker login - Conditional OTP", - "description" : "Flow to determine if the OTP is required for the authentication", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "auth-otp-form", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "2115e8fb-b81b-42e1-8962-66129383bd16", - "alias" : "Handle Existing Account", - "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-confirm-link", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : true, - "flowAlias" : "Account verification options", - "userSetupAllowed" : false - } ] - }, { - "id" : "2f3d9dd3-234c-43ac-b87b-3143303ca821", - "alias" : "Reset - Conditional OTP", - "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "reset-otp", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "689bf87a-9643-455b-8c82-7adfbd9fccf7", - "alias" : "User creation or linking", - "description" : "Flow for the existing/non-existing user alternatives", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "create unique user config", - "authenticator" : "idp-create-user-if-unique", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "ALTERNATIVE", - "priority" : 20, - "autheticatorFlow" : true, - "flowAlias" : "Handle Existing Account", - "userSetupAllowed" : false - } ] - }, { - "id" : "3f262831-afc5-4f0e-8c34-3157d5ff8e7f", - "alias" : "Verify Existing Account by Re-authentication", - "description" : "Reauthentication of existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-username-password-form", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "CONDITIONAL", - "priority" : 20, - "autheticatorFlow" : true, - "flowAlias" : "First broker login - Conditional OTP", - "userSetupAllowed" : false - } ] - }, { - "id" : "e03c30ea-db96-4ac6-92c3-cc49d5d95d11", - "alias" : "browser", - "description" : "browser based authentication", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-cookie", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "auth-spnego", - "authenticatorFlow" : false, - "requirement" : "DISABLED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "identity-provider-redirector", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 25, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "ALTERNATIVE", - "priority" : 30, - "autheticatorFlow" : true, - "flowAlias" : "forms", - "userSetupAllowed" : false - } ] - }, { - "id" : "c28194e2-09c0-4ef4-bafa-bcd71a8e6d40", - "alias" : "clients", - "description" : "Base authentication for clients", - "providerId" : "client-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "client-secret", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "client-jwt", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "client-secret-jwt", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 30, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "client-x509", - "authenticatorFlow" : false, - "requirement" : "ALTERNATIVE", - "priority" : 40, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "e587ba99-693d-41c1-9459-20a648ab9e87", - "alias" : "direct grant", - "description" : "OpenID Connect Resource Owner Grant", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "direct-grant-validate-username", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "direct-grant-validate-password", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "CONDITIONAL", - "priority" : 30, - "autheticatorFlow" : true, - "flowAlias" : "Direct Grant - Conditional OTP", - "userSetupAllowed" : false - } ] - }, { - "id" : "e7847ac3-1a00-4536-bbf1-e5ae7a142778", - "alias" : "docker auth", - "description" : "Used by Docker clients to authenticate against the IDP", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "docker-http-basic-authenticator", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "b44dd955-5578-479b-ba78-2a66894a8dc7", - "alias" : "first broker login", - "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "review profile config", - "authenticator" : "idp-review-profile", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : true, - "flowAlias" : "User creation or linking", - "userSetupAllowed" : false - } ] - }, { - "id" : "5776c71f-ded2-46a2-98ce-fd79833bc576", - "alias" : "forms", - "description" : "Username, password, otp and other auth forms.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-username-password-form", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "CONDITIONAL", - "priority" : 20, - "autheticatorFlow" : true, - "flowAlias" : "Browser - Conditional OTP", - "userSetupAllowed" : false - } ] - }, { - "id" : "77fc5048-55ea-4bf3-a800-905791ae5445", - "alias" : "registration", - "description" : "registration flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-page-form", - "authenticatorFlow" : true, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : true, - "flowAlias" : "registration form", - "userSetupAllowed" : false - } ] - }, { - "id" : "fa975ae7-5bfc-41b6-a88c-dafd1be205aa", - "alias" : "registration form", - "description" : "registration form", - "providerId" : "form-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-user-creation", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "registration-password-action", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 50, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "registration-recaptcha-action", - "authenticatorFlow" : false, - "requirement" : "DISABLED", - "priority" : 60, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - }, { - "id" : "d8cd1bf2-2e94-40ff-8378-dd6fc1269dc5", - "alias" : "reset credentials", - "description" : "Reset credentials for a user if they forgot their password or something", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "reset-credentials-choose-user", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "reset-credential-email", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 20, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticator" : "reset-password", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 30, - "autheticatorFlow" : false, - "userSetupAllowed" : false - }, { - "authenticatorFlow" : true, - "requirement" : "CONDITIONAL", - "priority" : 40, - "autheticatorFlow" : true, - "flowAlias" : "Reset - Conditional OTP", - "userSetupAllowed" : false - } ] - }, { - "id" : "dbd1665d-6596-4fc9-affb-c14db544a04f", - "alias" : "saml ecp", - "description" : "SAML ECP Profile Authentication Flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "http-basic-authenticator", - "authenticatorFlow" : false, - "requirement" : "REQUIRED", - "priority" : 10, - "autheticatorFlow" : false, - "userSetupAllowed" : false - } ] - } ], - "authenticatorConfig" : [ { - "id" : "27291dbe-5606-445f-86e7-8ba6a19ea500", - "alias" : "create unique user config", - "config" : { - "require.password.update.after.registration" : "false" - } - }, { - "id" : "4a9aa521-8a4c-403b-917c-5411a11774da", - "alias" : "review profile config", - "config" : { - "update.profile.on.first.login" : "missing" - } - } ], - "requiredActions" : [ { - "alias" : "CONFIGURE_TOTP", - "name" : "Configure OTP", - "providerId" : "CONFIGURE_TOTP", - "enabled" : true, - "defaultAction" : false, - "priority" : 10, - "config" : { } - }, { - "alias" : "TERMS_AND_CONDITIONS", - "name" : "Terms and Conditions", - "providerId" : "TERMS_AND_CONDITIONS", - "enabled" : false, - "defaultAction" : false, - "priority" : 20, - "config" : { } - }, { - "alias" : "UPDATE_PASSWORD", - "name" : "Update Password", - "providerId" : "UPDATE_PASSWORD", - "enabled" : true, - "defaultAction" : false, - "priority" : 30, - "config" : { } - }, { - "alias" : "UPDATE_PROFILE", - "name" : "Update Profile", - "providerId" : "UPDATE_PROFILE", - "enabled" : true, - "defaultAction" : false, - "priority" : 40, - "config" : { } - }, { - "alias" : "VERIFY_EMAIL", - "name" : "Verify Email", - "providerId" : "VERIFY_EMAIL", - "enabled" : true, - "defaultAction" : false, - "priority" : 50, - "config" : { } - }, { - "alias" : "delete_account", - "name" : "Delete Account", - "providerId" : "delete_account", - "enabled" : false, - "defaultAction" : false, - "priority" : 60, - "config" : { } - }, { - "alias" : "webauthn-register", - "name" : "Webauthn Register", - "providerId" : "webauthn-register", - "enabled" : true, - "defaultAction" : false, - "priority" : 70, - "config" : { } - }, { - "alias" : "webauthn-register-passwordless", - "name" : "Webauthn Register Passwordless", - "providerId" : "webauthn-register-passwordless", - "enabled" : true, - "defaultAction" : false, - "priority" : 80, - "config" : { } - }, { - "alias" : "delete_credential", - "name" : "Delete Credential", - "providerId" : "delete_credential", - "enabled" : true, - "defaultAction" : false, - "priority" : 100, - "config" : { } - }, { - "alias" : "update_user_locale", - "name" : "Update User Locale", - "providerId" : "update_user_locale", - "enabled" : true, - "defaultAction" : false, - "priority" : 1000, - "config" : { } - } ], - "browserFlow" : "browser", - "registrationFlow" : "registration", - "directGrantFlow" : "direct grant", - "resetCredentialsFlow" : "reset credentials", - "clientAuthenticationFlow" : "clients", - "dockerAuthenticationFlow" : "docker auth", - "firstBrokerLoginFlow" : "first broker login", - "attributes" : { - "cibaBackchannelTokenDeliveryMode" : "poll", - "cibaExpiresIn" : "120", - "cibaAuthRequestedUserHint" : "login_hint", - "oauth2DeviceCodeLifespan" : "600", - "clientOfflineSessionMaxLifespan" : "0", - "oauth2DevicePollingInterval" : "5", - "clientSessionIdleTimeout" : "0", - "parRequestUriLifespan" : "60", - "clientSessionMaxLifespan" : "0", - "clientOfflineSessionIdleTimeout" : "0", - "cibaInterval" : "5", - "realmReusableOtpCode" : "false" - }, - "keycloakVersion" : "24.0.3", - "userManagedAccessAllowed" : false, - "clientProfiles" : { - "profiles" : [ ] - }, - "clientPolicies" : { - "policies" : [ ] - } -} \ No newline at end of file diff --git a/scripts/docker/keycloak/tofu/init-keycloak.sh b/scripts/docker/keycloak/tofu/init-keycloak.sh new file mode 100755 index 000000000..a583b180a --- /dev/null +++ b/scripts/docker/keycloak/tofu/init-keycloak.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# This script is used in a docker compose setup to initialize default KeyCloak entities using OpenTofu. + +set -eu + +cd /srv/workspace +tofu init +tofu import keycloak_realm.realm master || true # this only needs to be done once +tofu apply --auto-approve diff --git a/scripts/docker/keycloak/tofu/keycloak.tf b/scripts/docker/keycloak/tofu/keycloak.tf new file mode 100644 index 000000000..40a21d757 --- /dev/null +++ b/scripts/docker/keycloak/tofu/keycloak.tf @@ -0,0 +1,126 @@ +terraform { + required_providers { + keycloak = { + source = "mrparkers/keycloak" + version = "4.4.0" + } + } +} + +provider "keycloak" { + client_id = "admin-cli" + username = "admin" + password = "admin" + url = "http://keycloak:8080" +} + +resource "keycloak_realm" "realm" { + realm = "master" + enabled = true +} + +resource "keycloak_openid_client" "ort_server" { + realm_id = keycloak_realm.realm.id + client_id = "ort-server" + name = "ORT Server" + enabled = true + + access_type = "PUBLIC" + valid_redirect_uris = [ + "http://localhost:8080/*", + "http://localhost:8081/*" + ] + + frontchannel_logout_enabled = true + direct_access_grants_enabled = true + standard_flow_enabled = true +} + +resource "keycloak_openid_client_scope" "ort_server_client_scope" { + realm_id = keycloak_realm.realm.id + name = "ort-server-client" + description = "Shared scope for clients interacting with the ORT Server" + include_in_token_scope = false + gui_order = 1 +} + +resource "keycloak_openid_audience_protocol_mapper" "ort_server_client" { + realm_id = keycloak_realm.realm.id + client_scope_id = keycloak_openid_client_scope.ort_server_client_scope.id + name = "ORT-server-audience-mapper" + + included_client_audience = keycloak_openid_client.ort_server.client_id +} + +resource "keycloak_openid_client_default_scopes" "ort_server_default_scopes" { + realm_id = keycloak_realm.realm.id + client_id = keycloak_openid_client.ort_server.id + + default_scopes = [ + "web-origins", + "acr", + "roles", + "profile", + "email", + keycloak_openid_client_scope.ort_server_client_scope.name, + ] +} + +resource "keycloak_role" "superuser" { + realm_id = keycloak_realm.realm.id + client_id = keycloak_openid_client.ort_server.id + name = "superuser" + description = "This role is auto-generated, do not edit or remove." +} + +resource "keycloak_generic_role_mapper" "client_role_mapper" { + realm_id = keycloak_realm.realm.id + client_id = keycloak_openid_client.ort_server.id + role_id = keycloak_role.superuser.id +} + +resource "keycloak_group" "superusers" { + realm_id = keycloak_realm.realm.id + name = "SUPERUSERS" +} + +resource "keycloak_user" "ort_admin" { + realm_id = keycloak_realm.realm.id + username = "ort-admin" + enabled = true + + email = "ort-admin@example.com" + first_name = "ORT" + last_name = "Admin" + + initial_password { + value = "admin" + temporary = false + } +} + +resource "keycloak_group_memberships" "superusers_members" { + realm_id = keycloak_realm.realm.id + group_id = keycloak_group.superusers.id + + members = [ + keycloak_user.ort_admin.username + ] +} + +resource "keycloak_openid_client" "react" { + realm_id = keycloak_realm.realm.id + client_id = "react" + enabled = true + + access_type = "PUBLIC" + root_url = "http://localhost:5173" + base_url = "http://localhost:5173" + valid_redirect_uris = ["/*"] + valid_post_logout_redirect_uris = ["/*"] + web_origins = ["+"] + access_token_lifespan = 300 + standard_flow_enabled = true + direct_access_grants_enabled = true + frontchannel_logout_enabled = true +} diff --git a/ui/src/routeTree.gen.ts b/ui/src/routeTree.gen.ts index 7549f9af7..7190ca563 100644 --- a/ui/src/routeTree.gen.ts +++ b/ui/src/routeTree.gen.ts @@ -10,97 +10,97 @@ // Import Routes -import { Route as rootRoute } from './routes/__root'; -import { Route as LayoutRouteImport } from './routes/_layout/route'; -import { Route as LayoutIndexImport } from './routes/_layout/index'; -import { Route as LayoutCreateOrganizationImport } from './routes/_layout/create-organization'; -import { Route as LayoutOrganizationsOrgIdRouteImport } from './routes/_layout/organizations/$orgId.route'; -import { Route as LayoutOrganizationsOrgIdIndexImport } from './routes/_layout/organizations/$orgId.index'; -import { Route as LayoutOrganizationsOrgIdEditImport } from './routes/_layout/organizations/$orgId.edit'; -import { Route as LayoutOrganizationsOrgIdCreateProductImport } from './routes/_layout/organizations/$orgId.create-product'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRouteImport } from './routes/_layout/organizations/$orgId.products.$productId.route'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdIndexImport } from './routes/_layout/organizations/$orgId.products.$productId.index'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdEditImport } from './routes/_layout/organizations/$orgId.products.$productId.edit'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdCreateRepositoryImport } from './routes/_layout/organizations/$orgId.products.$productId.create-repository'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.route'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.index'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdEditImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.edit'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.create-run'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.runs.$runId.route'; -import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.runs.$runId.index'; +import { Route as rootRoute } from './routes/__root' +import { Route as LayoutRouteImport } from './routes/_layout/route' +import { Route as LayoutIndexImport } from './routes/_layout/index' +import { Route as LayoutCreateOrganizationImport } from './routes/_layout/create-organization' +import { Route as LayoutOrganizationsOrgIdRouteImport } from './routes/_layout/organizations/$orgId.route' +import { Route as LayoutOrganizationsOrgIdIndexImport } from './routes/_layout/organizations/$orgId.index' +import { Route as LayoutOrganizationsOrgIdEditImport } from './routes/_layout/organizations/$orgId.edit' +import { Route as LayoutOrganizationsOrgIdCreateProductImport } from './routes/_layout/organizations/$orgId.create-product' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRouteImport } from './routes/_layout/organizations/$orgId.products.$productId.route' +import { Route as LayoutOrganizationsOrgIdProductsProductIdIndexImport } from './routes/_layout/organizations/$orgId.products.$productId.index' +import { Route as LayoutOrganizationsOrgIdProductsProductIdEditImport } from './routes/_layout/organizations/$orgId.products.$productId.edit' +import { Route as LayoutOrganizationsOrgIdProductsProductIdCreateRepositoryImport } from './routes/_layout/organizations/$orgId.products.$productId.create-repository' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.route' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.index' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdEditImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.edit' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.create-run' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.runs.$runId.route' +import { Route as LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexImport } from './routes/_layout/organizations/$orgId.products.$productId.repositories.$repoId.runs.$runId.index' // Create/Update Routes const LayoutRouteRoute = LayoutRouteImport.update({ id: '/_layout', getParentRoute: () => rootRoute, -} as any); +} as any) const LayoutIndexRoute = LayoutIndexImport.update({ path: '/', getParentRoute: () => LayoutRouteRoute, -} as any); +} as any) const LayoutCreateOrganizationRoute = LayoutCreateOrganizationImport.update({ path: '/create-organization', getParentRoute: () => LayoutRouteRoute, -} as any); +} as any) const LayoutOrganizationsOrgIdRouteRoute = LayoutOrganizationsOrgIdRouteImport.update({ path: '/organizations/$orgId', getParentRoute: () => LayoutRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdIndexRoute = LayoutOrganizationsOrgIdIndexImport.update({ path: '/', getParentRoute: () => LayoutOrganizationsOrgIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdEditRoute = LayoutOrganizationsOrgIdEditImport.update({ path: '/edit', getParentRoute: () => LayoutOrganizationsOrgIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdCreateProductRoute = LayoutOrganizationsOrgIdCreateProductImport.update({ path: '/create-product', getParentRoute: () => LayoutOrganizationsOrgIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdProductsProductIdRouteRoute = LayoutOrganizationsOrgIdProductsProductIdRouteImport.update({ path: '/products/$productId', getParentRoute: () => LayoutOrganizationsOrgIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdProductsProductIdIndexRoute = LayoutOrganizationsOrgIdProductsProductIdIndexImport.update({ path: '/', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdProductsProductIdEditRoute = LayoutOrganizationsOrgIdProductsProductIdEditImport.update({ path: '/edit', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdProductsProductIdCreateRepositoryRoute = LayoutOrganizationsOrgIdProductsProductIdCreateRepositoryImport.update({ path: '/create-repository', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteRoute = LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport.update( { path: '/repositories/$repoId', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRouteRoute, - } as any - ); + } as any, + ) const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexRoute = LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexImport.update( @@ -108,15 +108,15 @@ const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexRoute = path: '/', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteRoute, - } as any - ); + } as any, + ) const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdEditRoute = LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdEditImport.update({ path: '/edit', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteRoute, - } as any); + } as any) const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunRoute = LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunImport.update( @@ -124,8 +124,8 @@ const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunRoute path: '/create-run', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteRoute, - } as any - ); + } as any, + ) const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteRoute = LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport.update( @@ -133,8 +133,8 @@ const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteR path: '/runs/$runId', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteRoute, - } as any - ); + } as any, + ) const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexRoute = LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexImport.update( @@ -142,81 +142,81 @@ const LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexR path: '/', getParentRoute: () => LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteRoute, - } as any - ); + } as any, + ) // Populate the FileRoutesByPath interface declare module '@tanstack/react-router' { interface FileRoutesByPath { '/_layout': { - preLoaderRoute: typeof LayoutRouteImport; - parentRoute: typeof rootRoute; - }; + preLoaderRoute: typeof LayoutRouteImport + parentRoute: typeof rootRoute + } '/_layout/create-organization': { - preLoaderRoute: typeof LayoutCreateOrganizationImport; - parentRoute: typeof LayoutRouteImport; - }; + preLoaderRoute: typeof LayoutCreateOrganizationImport + parentRoute: typeof LayoutRouteImport + } '/_layout/': { - preLoaderRoute: typeof LayoutIndexImport; - parentRoute: typeof LayoutRouteImport; - }; + preLoaderRoute: typeof LayoutIndexImport + parentRoute: typeof LayoutRouteImport + } '/_layout/organizations/$orgId': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdRouteImport; - parentRoute: typeof LayoutRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdRouteImport + parentRoute: typeof LayoutRouteImport + } '/_layout/organizations/$orgId/create-product': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdCreateProductImport; - parentRoute: typeof LayoutOrganizationsOrgIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdCreateProductImport + parentRoute: typeof LayoutOrganizationsOrgIdRouteImport + } '/_layout/organizations/$orgId/edit': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdEditImport; - parentRoute: typeof LayoutOrganizationsOrgIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdEditImport + parentRoute: typeof LayoutOrganizationsOrgIdRouteImport + } '/_layout/organizations/$orgId/': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdIndexImport; - parentRoute: typeof LayoutOrganizationsOrgIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdIndexImport + parentRoute: typeof LayoutOrganizationsOrgIdRouteImport + } '/_layout/organizations/$orgId/products/$productId': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport; - parentRoute: typeof LayoutOrganizationsOrgIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport + parentRoute: typeof LayoutOrganizationsOrgIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/create-repository': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdCreateRepositoryImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdCreateRepositoryImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/edit': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdEditImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdEditImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdIndexImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdIndexImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/repositories/$repoId': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/repositories/$repoId/create-run': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdCreateRunImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/repositories/$repoId/edit': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdEditImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdEditImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/repositories/$repoId/': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdIndexImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/repositories/$repoId/runs/$runId': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRouteImport + } '/_layout/organizations/$orgId/products/$productId/repositories/$repoId/runs/$runId/': { - preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexImport; - parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport; - }; + preLoaderRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexImport + parentRoute: typeof LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteImport + } } } @@ -242,13 +242,13 @@ export const routeTree = rootRoute.addChildren([ LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdRouteRoute.addChildren( [ LayoutOrganizationsOrgIdProductsProductIdRepositoriesRepoIdRunsRunIdIndexRoute, - ] + ], ), - ] + ], ), ]), ]), ]), -]); +]) /* prettier-ignore-end */