diff --git a/README.md b/README.md
index 48db622..d82f76d 100644
--- a/README.md
+++ b/README.md
@@ -33,16 +33,13 @@ Ensure you have [Maven](https://maven.apache.org/) and [GraalVM](https://www.gra
sdk install java 21.0.2-graal
sdk install maven 3.9.6
echo -e "\nexport GRAALVM_HOME="$HOME/.sdkman/candidates/java/21.0.2-graal/" >> $HOME/.zprofile
+echo -e "\nryuk.container.privileged=true" >> $HOME/.testcontainers.properties
```
## Running the application in dev mode
You can run your application in dev mode that enables live coding using:
```shell script
-cp .env.example .env
-docker compose build
-docker compose run --rm -e CMD="migrate;test-data" rems
-docker compose up -d
mvn compile quarkus:dev
```
@@ -81,6 +78,16 @@ If you want to learn more about building native executables, please consult http
All tests are automatically executed when you build a new package.
+## Running locally all the components
+
+Execute the commands below, if you want to test all the components, their integration and the native build.
+
+```shell script
+docker compose build
+docker compose run --rm -e CMD="migrate;test-data" rems
+docker compose up -d
+```
+
## License
- All original source code is licensed under [Apache-2.0](./LICENSES/Apache-2.0.txt).
diff --git a/_http/rems/01_create_application.http b/_http/rems/01_create_application.http
index c37f44d..79d3318 100644
--- a/_http/rems/01_create_application.http
+++ b/_http/rems/01_create_application.http
@@ -6,7 +6,7 @@ POST http://localhost:3000/api/applications/create
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"catalogue-item-ids": [9]
diff --git a/_http/rems/02_retrieve_application.http b/_http/rems/02_retrieve_application.http
index 57bcdfa..8da0f83 100644
--- a/_http/rems/02_retrieve_application.http
+++ b/_http/rems/02_retrieve_application.http
@@ -5,4 +5,4 @@
GET http://rems:3000/api/applications/25
Accept: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
diff --git a/_http/rems/03_accept_terms.http b/_http/rems/03_accept_terms.http
index ba75bde..654c3f6 100644
--- a/_http/rems/03_accept_terms.http
+++ b/_http/rems/03_accept_terms.http
@@ -6,7 +6,7 @@ POST http://rems:3000/api/applications/accept-licenses
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id": 28
diff --git a/_http/rems/04_add_member.http b/_http/rems/04_add_member.http
index 6b72b26..c4da12e 100644
--- a/_http/rems/04_add_member.http
+++ b/_http/rems/04_add_member.http
@@ -6,7 +6,7 @@ POST http://rems:3000/api/applications/invite-member
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id": 28
diff --git a/_http/rems/05_remove_member.http b/_http/rems/05_remove_member.http
index a573c2d..3229453 100644
--- a/_http/rems/05_remove_member.http
+++ b/_http/rems/05_remove_member.http
@@ -6,7 +6,7 @@ POST http://rems:3000/api/applications/uninvite-member
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id": 28
diff --git a/_http/rems/06_attach_file.http b/_http/rems/06_attach_file.http
index faafde3..aaae8fa 100644
--- a/_http/rems/06_attach_file.http
+++ b/_http/rems/06_attach_file.http
@@ -7,7 +7,7 @@ POST http://rems:3000/api/applications/add-attachment?application-id=28
Accept: application/json
Content-Type: multipart/form-data; boundary=MfnBoundry
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
--MfnBoundry
Content-Disposition: form-data; name="file"; filename="06_dummy_attachment.txt"
diff --git a/_http/rems/07_remove_attachment.http b/_http/rems/07_remove_attachment.http
index 2f7cb3b..65f184b 100644
--- a/_http/rems/07_remove_attachment.http
+++ b/_http/rems/07_remove_attachment.http
@@ -8,7 +8,7 @@ POST http://rems:3000/api/applications/save-draft
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id": 28
diff --git a/_http/rems/08_update_duos.http b/_http/rems/08_update_duos.http
index fd6d8e7..25c766b 100644
--- a/_http/rems/08_update_duos.http
+++ b/_http/rems/08_update_duos.http
@@ -6,7 +6,7 @@ POST http://rems:3000/api/applications/save-draft
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id": 28
diff --git a/_http/rems/09_save_forms.http b/_http/rems/09_save_forms.http
index fd6d8e7..25c766b 100644
--- a/_http/rems/09_save_forms.http
+++ b/_http/rems/09_save_forms.http
@@ -6,7 +6,7 @@ POST http://rems:3000/api/applications/save-draft
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id": 28
diff --git a/_http/rems/10_submit_application.http b/_http/rems/10_submit_application.http
index 7b9f4c2..5eecd6d 100644
--- a/_http/rems/10_submit_application.http
+++ b/_http/rems/10_submit_application.http
@@ -6,7 +6,7 @@ POST http://rems:3000/api/applications/submit
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id" : 25
diff --git a/_http/rems/11_copy_as_new_application.http b/_http/rems/11_copy_as_new_application.http
index 653dac7..4a88a03 100644
--- a/_http/rems/11_copy_as_new_application.http
+++ b/_http/rems/11_copy_as_new_application.http
@@ -6,7 +6,7 @@ POST http://localhost:3000/api/applications/copy-as-new
Accept: application/json
Content-Type: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
{
"application-id" : 25
diff --git a/_http/rems/12_my_applications.http b/_http/rems/12_my_applications.http
index 4a8f7b4..9105a05 100644
--- a/_http/rems/12_my_applications.http
+++ b/_http/rems/12_my_applications.http
@@ -5,4 +5,4 @@
GET http://rems:3000/api/my-applications
Accept: application/json
x-rems-api-key: 42
-x-rems-user-id: 52cacbab-c440-4385-9d5f-46aa4930b0e4
+x-rems-user-id: eb4123a3-b722-4798-9af5-8957f823657a
diff --git a/_http/rems/13_create_user.http b/_http/rems/13_create_user.http
index e3f2fc2..1522f88 100644
--- a/_http/rems/13_create_user.http
+++ b/_http/rems/13_create_user.http
@@ -8,7 +8,7 @@ x-rems-api-key: 42
x-rems-user-id: owner
{
- "userid": "52cacbab-c440-4385-9d5f-46aa4930b0e4",
+ "userid": "eb4123a3-b722-4798-9af5-8957f823657a",
"name": "CKAN Admin",
"email": "your_email@example.com"
}
diff --git a/keycloak/realms/ckan-realm.json b/keycloak/realms/ckan-realm.json
index 76884eb..256a85c 100644
--- a/keycloak/realms/ckan-realm.json
+++ b/keycloak/realms/ckan-realm.json
@@ -383,7 +383,7 @@
"webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
"webAuthnPolicyPasswordlessExtraOrigins" : [ ],
"users" : [ {
- "id" : "52cacbab-c440-4385-9d5f-46aa4930b0e4",
+ "id" : "eb4123a3-b722-4798-9af5-8957f823657a",
"createdTimestamp" : 1703107576892,
"username" : "ckan_admin",
"enabled" : true,
diff --git a/pom.xml b/pom.xml
index 9d9d0b4..d577bbe 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
4.0.0
- lu.lnds.daam
+ io.github.genomicdatainfrastructure
gdi-userportal-access-management-service
0.0.0
gdi-userportal-access-management-service
@@ -22,6 +22,8 @@
3.8.1
true
3.2.5
+ 3.0.0-M7
+ 1.3.0
@@ -69,14 +71,6 @@
io.quarkus
quarkus-rest-client-reactive-jackson
-
- io.quarkus
- quarkus-oidc-client-reactive-filter
-
-
- io.quarkus
- quarkus-security
-
io.quarkiverse.openapi.generator
quarkus-openapi-generator
@@ -105,10 +99,38 @@
io.quarkus
quarkus-junit5-mockito
+ test
+
+
+ io.quarkus
+ quarkus-test-keycloak-server
+ test
+
+
+ io.quarkiverse.wiremock
+ quarkus-wiremock
+ ${quarkus-wiremock.version}
+ provided
+
+
+ io.quarkiverse.wiremock
+ quarkus-wiremock-test
+ ${quarkus-wiremock.version}
+ test
+
+ maven-surefire-plugin
+ ${surefire.version}
+
+
+ org.jboss.logmanager.LogManager
+ ${maven.home}
+
+
+
${quarkus.platform.group-id}
quarkus-maven-plugin
@@ -156,7 +178,8 @@
- ${project.build.directory}/${project.build.finalName}-runner
+ ${project.build.directory}/${project.build.finalName}-runner
+
org.jboss.logmanager.LogManager
${maven.home}
diff --git a/src/main/java/lu/lnds/daam/api/ApplicationQueryApiImpl.java b/src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImpl.java
similarity index 71%
rename from src/main/java/lu/lnds/daam/api/ApplicationQueryApiImpl.java
rename to src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImpl.java
index f34a7dc..3d24b32 100644
--- a/src/main/java/lu/lnds/daam/api/ApplicationQueryApiImpl.java
+++ b/src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImpl.java
@@ -1,21 +1,18 @@
// SPDX-FileCopyrightText: 2024 PNED G.I.E.
//
// SPDX-License-Identifier: Apache-2.0
-package lu.lnds.daam.api;
-
-import static lu.lnds.daam.security.PostAuthenticationFilter.USER_ID_CLAIM;
+package io.github.genomicdatainfrastructure.daam.api;
+import io.github.genomicdatainfrastructure.daam.model.ListedApplication;
+import io.github.genomicdatainfrastructure.daam.model.RetrievedApplication;
+import io.github.genomicdatainfrastructure.daam.security.PostAuthenticationFilter;
+import io.github.genomicdatainfrastructure.daam.services.ListApplicationsService;
import io.quarkus.oidc.runtime.OidcJwtCallerPrincipal;
-import io.quarkus.security.Authenticated;
import io.quarkus.security.identity.SecurityIdentity;
import java.io.File;
import java.util.List;
import lombok.RequiredArgsConstructor;
-import lu.lnds.daam.model.ListedApplication;
-import lu.lnds.daam.model.RetrievedApplication;
-import lu.lnds.daam.services.ListApplicationsService;
-@Authenticated
@RequiredArgsConstructor
public class ApplicationQueryApiImpl implements ApplicationQueryApi {
@@ -25,7 +22,8 @@ public class ApplicationQueryApiImpl implements ApplicationQueryApi {
@Override
public List listApplicationsV1() {
var principal = (OidcJwtCallerPrincipal) identity.getPrincipal();
- return listApplicationsService.listApplications(principal.getClaim(USER_ID_CLAIM));
+ return listApplicationsService.listApplications(principal.getClaim(
+ PostAuthenticationFilter.USER_ID_CLAIM));
}
@Override
@@ -36,6 +34,7 @@ public RetrievedApplication retrieveApplicationV1(String id) {
@Override
public File retrieveAttachmentFromApplicationV1(String id, String attachmentId) {
throw new UnsupportedOperationException(
- "Unimplemented method 'retrieveAttachmentFromApplicationV1'");
+ "Unimplemented method 'retrieveAttachmentFromApplicationV1'"
+ );
}
}
diff --git a/src/main/java/lu/lnds/daam/security/PostAuthenticationFilter.java b/src/main/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilter.java
similarity index 83%
rename from src/main/java/lu/lnds/daam/security/PostAuthenticationFilter.java
rename to src/main/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilter.java
index 4b058b7..c4f726f 100644
--- a/src/main/java/lu/lnds/daam/security/PostAuthenticationFilter.java
+++ b/src/main/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilter.java
@@ -1,8 +1,9 @@
// SPDX-FileCopyrightText: 2024 PNED G.I.E.
//
// SPDX-License-Identifier: Apache-2.0
-package lu.lnds.daam.security;
+package io.github.genomicdatainfrastructure.daam.security;
+import io.github.genomicdatainfrastructure.daam.services.CreateRemsUserService;
import io.quarkus.oidc.runtime.OidcJwtCallerPrincipal;
import io.quarkus.security.identity.SecurityIdentity;
import jakarta.annotation.Priority;
@@ -11,7 +12,6 @@
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.ext.Provider;
-import lu.lnds.daam.services.CreateRemsUserService;
@Provider
@Priority(Priorities.AUTHENTICATION)
@@ -25,8 +25,9 @@ public class PostAuthenticationFilter implements ContainerRequestFilter {
private final CreateRemsUserService createRemsUserService;
@Inject
- public PostAuthenticationFilter(
- SecurityIdentity identity, CreateRemsUserService createRemsUserService) {
+ public PostAuthenticationFilter(SecurityIdentity identity,
+ CreateRemsUserService createRemsUserService
+ ) {
this.identity = identity;
this.createRemsUserService = createRemsUserService;
}
diff --git a/src/main/java/lu/lnds/daam/services/CreateRemsUserService.java b/src/main/java/io/github/genomicdatainfrastructure/daam/services/CreateRemsUserService.java
similarity index 79%
rename from src/main/java/lu/lnds/daam/services/CreateRemsUserService.java
rename to src/main/java/io/github/genomicdatainfrastructure/daam/services/CreateRemsUserService.java
index b11eb10..3f9d8bc 100644
--- a/src/main/java/lu/lnds/daam/services/CreateRemsUserService.java
+++ b/src/main/java/io/github/genomicdatainfrastructure/daam/services/CreateRemsUserService.java
@@ -1,12 +1,12 @@
// SPDX-FileCopyrightText: 2024 PNED G.I.E.
//
// SPDX-License-Identifier: Apache-2.0
-package lu.lnds.daam.services;
+package io.github.genomicdatainfrastructure.daam.services;
+import io.github.genomicdatainfrastructure.daam.remote.rems.api.RemsUsersApi;
+import io.github.genomicdatainfrastructure.daam.remote.rems.model.CreateUserCommand;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
-import lu.lnds.daam.remote.rems.api.RemsUsersApi;
-import lu.lnds.daam.remote.rems.model.CreateUserCommand;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.eclipse.microprofile.rest.client.inject.RestClient;
@@ -21,7 +21,8 @@ public class CreateRemsUserService {
public CreateRemsUserService(
@ConfigProperty(name = "quarkus.rest-client.rems_yaml.api-key") String remsApiKey,
@ConfigProperty(name = "quarkus.rest-client.rems_yaml.bot-user") String remsBotUser,
- @RestClient RemsUsersApi usersApi) {
+ @RestClient RemsUsersApi usersApi
+ ) {
this.remsApiKey = remsApiKey;
this.remsBotUser = remsBotUser;
this.usersApi = usersApi;
diff --git a/src/main/java/lu/lnds/daam/services/ListApplicationsService.java b/src/main/java/io/github/genomicdatainfrastructure/daam/services/ListApplicationsService.java
similarity index 77%
rename from src/main/java/lu/lnds/daam/services/ListApplicationsService.java
rename to src/main/java/io/github/genomicdatainfrastructure/daam/services/ListApplicationsService.java
index 0e6354d..53657f9 100644
--- a/src/main/java/lu/lnds/daam/services/ListApplicationsService.java
+++ b/src/main/java/io/github/genomicdatainfrastructure/daam/services/ListApplicationsService.java
@@ -1,14 +1,14 @@
// SPDX-FileCopyrightText: 2024 PNED G.I.E.
//
// SPDX-License-Identifier: Apache-2.0
-package lu.lnds.daam.services;
+package io.github.genomicdatainfrastructure.daam.services;
+import io.github.genomicdatainfrastructure.daam.model.ListedApplication;
+import io.github.genomicdatainfrastructure.daam.remote.rems.api.RemsApplicationsApi;
+import io.github.genomicdatainfrastructure.daam.remote.rems.model.ApplicationOverview;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import java.util.List;
-import lu.lnds.daam.model.ListedApplication;
-import lu.lnds.daam.remote.rems.api.RemsApplicationsApi;
-import lu.lnds.daam.remote.rems.model.ApplicationOverview;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.eclipse.microprofile.rest.client.inject.RestClient;
@@ -21,7 +21,8 @@ public class ListApplicationsService {
@Inject
public ListApplicationsService(
@ConfigProperty(name = "quarkus.rest-client.rems_yaml.api-key") String remsApiKey,
- @RestClient RemsApplicationsApi applicationsApi) {
+ @RestClient RemsApplicationsApi applicationsApi
+ ) {
this.remsApiKey = remsApiKey;
this.applicationsApi = applicationsApi;
}
diff --git a/src/main/java/lu/lnds/daam/services/CreateApplicationService.java b/src/main/java/lu/lnds/daam/services/CreateApplicationService.java
deleted file mode 100644
index 12af2fa..0000000
--- a/src/main/java/lu/lnds/daam/services/CreateApplicationService.java
+++ /dev/null
@@ -1,15 +0,0 @@
-// SPDX-FileCopyrightText: 2024 PNED G.I.E.
-//
-// SPDX-License-Identifier: Apache-2.0
-package lu.lnds.daam.services;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import lu.lnds.daam.model.CreateApplication;
-
-@ApplicationScoped
-public class CreateApplicationService {
-
- public void createApplication(CreateApplication createApplication) {
-
- }
-}
diff --git a/src/main/openapi/rems.yaml b/src/main/openapi/rems.yaml
index 118e0b9..d72e413 100644
--- a/src/main/openapi/rems.yaml
+++ b/src/main/openapi/rems.yaml
@@ -144,7 +144,7 @@ components:
type: string
format: date-time
application/accepted-licenses:
- $ref: '#/components/schemas/Response10953AcceptedLicenses'
+ $ref: '#/components/schemas/ApplicationAcceptedLicenses'
application/invited-members:
uniqueItems: true
type: array
@@ -384,7 +384,9 @@ components:
properties:
value:
type: string
- Response10953AcceptedLicenses:
+ ApplicationAcceptedLicenses:
+ type: object
+ additionalProperties:
uniqueItems: true
type: array
items:
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 7895076..cf444f1 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -3,23 +3,24 @@
# SPDX-License-Identifier: Apache-2.0
quarkus.swagger-ui.always-include=true
quarkus.native.additional-build-args=-march=compatibility
-
quarkus.openapi-generator.codegen.spec.openapi_yaml.enable-security-generation=false
quarkus.openapi-generator.codegen.spec.openapi_yaml.additional-model-type-annotations=@lombok.Data;@lombok.NoArgsConstructor;@lombok.AllArgsConstructor;@lombok.Builder
-quarkus.openapi-generator.codegen.spec.openapi_yaml.base-package=lu.lnds.daam
-
+quarkus.openapi-generator.codegen.spec.openapi_yaml.base-package=io.github.genomicdatainfrastructure.daam
quarkus.openapi-generator.codegen.spec.rems_yaml.enable-security-generation=false
-quarkus.openapi-generator.codegen.spec.rems_yaml.base-package=lu.lnds.daam.remote.rems
+quarkus.openapi-generator.codegen.spec.rems_yaml.base-package=io.github.genomicdatainfrastructure.daam.remote.rems
quarkus.openapi-generator.codegen.spec.rems_yaml.additional-model-type-annotations=@lombok.Data;@lombok.NoArgsConstructor;@lombok.AllArgsConstructor;@lombok.Builder
-
quarkus.rest-client.rems_yaml.api-key=42
quarkus.rest-client.rems_yaml.bot-user=owner
-quarkus.rest-client.rems_yaml.url=http://localhost:3000
-
-quarkus.oidc.auth-server-url=http://localhost:8180/realms/ckan
-quarkus.oidc.client-id=ckan
-quarkus.oidc.credentials.secret=wb4nT5D6LxNJm1648QHCrB0XTcsf2zja
-
+quarkus.rest-client.rems_yaml.url=http://localhost:4000
%dev.quarkus.rest-client.logging.scope=request-response
%dev.quarkus.rest-client.logging.body-limit=10000
%dev.quarkus.log.category."org.jboss.resteasy.reactive.client.logging".level=DEBUG
+quarkus.keycloak.devservices.realm-path=quarkus-realm.json
+quarkus.keycloak.devservices.port=32794
+quarkus.wiremock.devservices.port=4000
+quarkus.oidc.client-id=backend-service
+quarkus.oidc.credentials.secret=secret
+# Enable Policy Enforcement
+quarkus.http.auth.permission.authenticated.paths=/api/*
+quarkus.http.auth.permission.authenticated.policy=authenticated
+quarkus.keycloak.policy-enforcer.lazy-load-paths=false
diff --git a/src/main/resources/quarkus-realm.json b/src/main/resources/quarkus-realm.json
new file mode 100644
index 0000000..99c18ac
--- /dev/null
+++ b/src/main/resources/quarkus-realm.json
@@ -0,0 +1,2009 @@
+{
+ "id" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "realm" : "quarkus",
+ "notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
+ "revokeRefreshToken" : false,
+ "refreshTokenMaxReuse" : 0,
+ "accessTokenLifespan" : 300,
+ "accessTokenLifespanForImplicitFlow" : 900,
+ "ssoSessionIdleTimeout" : 1800,
+ "ssoSessionMaxLifespan" : 36000,
+ "ssoSessionIdleTimeoutRememberMe" : 0,
+ "ssoSessionMaxLifespanRememberMe" : 0,
+ "offlineSessionIdleTimeout" : 2592000,
+ "offlineSessionMaxLifespanEnabled" : false,
+ "offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
+ "accessCodeLifespan" : 60,
+ "accessCodeLifespanUserAction" : 300,
+ "accessCodeLifespanLogin" : 1800,
+ "actionTokenGeneratedByAdminLifespan" : 43200,
+ "actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
+ "enabled" : true,
+ "sslRequired" : "external",
+ "registrationAllowed" : false,
+ "registrationEmailAsUsername" : false,
+ "rememberMe" : false,
+ "verifyEmail" : false,
+ "loginWithEmailAllowed" : true,
+ "duplicateEmailsAllowed" : false,
+ "resetPasswordAllowed" : false,
+ "editUsernameAllowed" : false,
+ "bruteForceProtected" : false,
+ "permanentLockout" : false,
+ "maxFailureWaitSeconds" : 900,
+ "minimumQuickLoginWaitSeconds" : 60,
+ "waitIncrementSeconds" : 60,
+ "quickLoginCheckMilliSeconds" : 1000,
+ "maxDeltaTimeSeconds" : 43200,
+ "failureFactor" : 30,
+ "roles" : {
+ "realm" : [
+ {
+ "id" : "3fc80564-13ac-4e7b-9986-322f571e82bc",
+ "name" : "confidential",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ }, {
+ "id" : "8c1abe12-62fe-4a06-ae0d-f5fb67dddbb0",
+ "name" : "admin",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ }, {
+ "id" : "5afce544-6a3c-495f-b805-fd737cf5081e",
+ "name" : "user",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ },
+ {
+ "id" : "2b6632ed-9e3b-4e28-86ed-1d0239c7cefc",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ }, {
+ "id" : "d70f9032-c77a-4aca-88d8-d914ee2905a4",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ],
+ "client" : {
+ "account" : [ "manage-account", "view-profile" ]
+ }
+ },
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ }, {
+ "id" : "5dbf8bd3-db6f-4394-94f9-b311d08baf4c",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ } ],
+ "client" : {
+ "realm-management" : [ {
+ "id" : "6c2447e9-a8ca-402b-953c-944123312933",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "d321086a-5816-404d-bcc7-7984dd83d36b",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "6073c9f6-b1c2-4680-9d28-ab1254618b7b",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "e2f20b42-23d3-4e88-a2ef-1bfeb6716020",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-groups", "query-users" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "f07629cf-203d-4beb-8dbf-ec8aa1f035b3",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "832b6db4-d305-4141-b56c-6e93a78a3e68",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "bfc8e0e6-341f-4355-bebb-da64f28ff13f",
+ "name" : "realm-admin",
+ "description" : "${role_realm-admin}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-clients", "view-identity-providers", "manage-authorization", "view-users", "impersonation", "create-client", "manage-events", "query-groups", "view-authorization", "query-users", "manage-realm", "manage-identity-providers", "view-realm", "view-clients", "manage-clients", "query-realms", "view-events", "manage-users" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "894aaa75-29f9-452c-9ea3-429a51404575",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "d6e53477-0d1f-46f6-ace8-0b81e658196a",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "d7141f22-ae51-489e-861c-9cb12f943fec",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "692bf834-049f-4f15-95cf-7b40cadf4272",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "1cc2c76c-6b2f-47d0-bf0a-e260247f2e73",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "a3f00bf1-2b0e-4127-bbd7-f2c8f9005ea9",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "349db29b-1e3f-4e94-91a5-3afb1f1ce789",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "e454c0c4-846e-4af3-8f27-2c864e30517f",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "d085f668-dae1-4908-b755-39b223c16d29",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-clients" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "ba4367d7-94bb-43d8-b175-7842dbfe3102",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "632628d0-f783-4114-97b2-2622a76e5674",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "7ec35cf2-029b-47ac-a570-e32dfb4821e8",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ } ],
+ "security-admin-console" : [ ],
+ "admin-cli" : [ ],
+ "backend-service" : [ {
+ "id" : "df147a91-6da7-4bbc-866c-f30cf99b2637",
+ "name" : "uma_protection",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc",
+ "attributes" : { }
+ } ],
+ "account-console" : [ ],
+ "broker" : [ {
+ "id" : "fa00b5ce-10f0-4643-91f4-4092121a55ec",
+ "name" : "read-token",
+ "description" : "${role_read-token}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "371a2b90-ebb3-4255-9d2e-bc3949d5bd2a",
+ "attributes" : { }
+ } ],
+ "account" : [ {
+ "id" : "1b242c4a-3141-40c5-bd67-66e6c21ad91b",
+ "name" : "manage-account",
+ "description" : "${role_manage-account}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "manage-account-links" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "4943cb69-5dc1-42ba-a7b4-60b841b49a92",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "b910b7e5-7f8f-4c7f-ab9a-27a9df77e062",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "db73da06-3099-4b11-97c6-13c403dab0ae",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-consent" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "2d40ac4f-48be-47f9-bf1f-458354158de9",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "2713bb5d-2760-44f4-a276-28bcf6bdbe8e",
+ "name" : "manage-account-links",
+ "description" : "${role_manage-account-links}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "228b74ca-9239-4fdc-a81c-59f324a9e4e8",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ } ]
+ }
+ },
+ "groups" : [ ],
+ "defaultRole" : {
+ "id" : "d70f9032-c77a-4aca-88d8-d914ee2905a4",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800"
+ },
+ "requiredCredentials" : [ "password" ],
+ "otpPolicyType" : "totp",
+ "otpPolicyAlgorithm" : "HmacSHA1",
+ "otpPolicyInitialCounter" : 0,
+ "otpPolicyDigits" : 6,
+ "otpPolicyLookAheadWindow" : 1,
+ "otpPolicyPeriod" : 30,
+ "otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ],
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
+ "scopeMappings" : [ {
+ "clientScope" : "offline_access",
+ "roles" : [ "offline_access" ]
+ } ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account" ]
+ } ]
+ },
+ "clients" : [ {
+ "id" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "clientId" : "account",
+ "name" : "${client_account}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/quarkus/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/quarkus/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "1148f171-a813-463d-bc3d-61b47c300a31",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/quarkus/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/quarkus/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "32fb140b-17b0-4c5c-9138-d9a9bc2d3eb1",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "16fb473f-45e3-40bb-81bf-4c7f69b92ae2",
+ "clientId" : "admin-cli",
+ "name" : "${client_admin-cli}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : false,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : { },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "371a2b90-ebb3-4255-9d2e-bc3949d5bd2a",
+ "clientId" : "broker",
+ "name" : "${client_broker}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : { },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc",
+ "clientId" : "backend-service",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "clientAuthenticatorType" : "client-secret",
+ "secret" : "secret",
+ "redirectUris" : ["*"],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : true,
+ "authorizationServicesEnabled" : true,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : { },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : -1,
+ "protocolMappers" : [ {
+ "id" : "3eac903f-c16b-4a78-a7e8-eb8f4d402b71",
+ "name" : "Client ID",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientId",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientId",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "8422cefe-7f42-4f3b-abad-5f06f7d4b748",
+ "name" : "Client IP Address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientAddress",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientAddress",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "988e47d6-2055-45eb-82d6-0b8b25c629fc",
+ "name" : "Client Host",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientHost",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientHost",
+ "jsonType.label" : "String"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ],
+ "authorizationSettings" : {
+ "allowRemoteResourceManagement": true,
+ "policyEnforcementMode": "ENFORCING",
+ "resources": [
+ {
+ "name": "User Resource",
+ "ownerManagedAccess": false,
+ "attributes": {},
+ "_id": "df1b74a9-3f10-499d-a581-368de48e512b",
+ "uris": [
+ "/api/users/*"
+ ]
+ },
+ {
+ "name": "Administration Resource",
+ "ownerManagedAccess": false,
+ "attributes": {},
+ "_id": "7124e2f1-e6dc-44b4-87ab-24b010090b97",
+ "uris": [
+ "/api/admin/*"
+ ]
+ }
+ ],
+ "policies": [
+ {
+ "id": "b8710fa6-160e-4de0-adf3-398c7007a0af",
+ "name": "Any User Policy",
+ "description": "Any user granted with the user role can access something",
+ "type": "role",
+ "logic": "POSITIVE",
+ "decisionStrategy": "UNANIMOUS",
+ "config": {
+ "roles": "[{\"id\":\"user\",\"required\":false}]"
+ }
+ },
+ {
+ "id": "fcef30b2-68b2-4b78-9f3d-9162c6cdf5cb",
+ "name": "Only Administrators",
+ "description": "Only administrators can access",
+ "type": "role",
+ "logic": "POSITIVE",
+ "decisionStrategy": "UNANIMOUS",
+ "config": {
+ "roles": "[{\"id\":\"admin\",\"required\":false}]"
+ }
+ },
+ {
+ "id": "3479dd56-02e9-4222-94fe-6a13cd065195",
+ "name": "User Resource Permission",
+ "type": "resource",
+ "logic": "POSITIVE",
+ "decisionStrategy": "UNANIMOUS",
+ "config": {
+ "resources": "[\"User Resource\"]",
+ "applyPolicies": "[\"Any User Policy\"]"
+ }
+ },
+ {
+ "id": "60188298-d55b-4066-b231-6a7c56ff7cc5",
+ "name": "Administration Resource Permission",
+ "type": "resource",
+ "logic": "POSITIVE",
+ "decisionStrategy": "UNANIMOUS",
+ "config": {
+ "resources": "[\"Administration Resource\"]",
+ "applyPolicies": "[\"Only Administrators\"]"
+ }
+ }
+ ],
+ "scopes": [],
+ "decisionStrategy": "UNANIMOUS"
+ }
+ }, {
+ "id" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "clientId" : "realm-management",
+ "name" : "${client_realm-management}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : { },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "36f4981a-8b47-45ec-a24c-0d6832dce7a6",
+ "clientId" : "security-admin-console",
+ "name" : "${client_security-admin-console}",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/quarkus/console/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/admin/quarkus/console/*" ],
+ "webOrigins" : [ "+" ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "5ae0eba8-8f29-4048-8b57-b5b3878df79c",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ } ],
+ "clientScopes" : [ {
+ "id" : "e17e3fdf-518f-44d8-9a8e-5743fe656c26",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "e12d0fe6-2aa8-4809-a8f5-69fc5d41ba0d",
+ "name" : "phone number",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumber",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "005aa9ba-7a81-49be-b14f-fecbbfc22111",
+ "name" : "phone number verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumberVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean"
+ }
+ } ]
+ }, {
+ "id" : "c0c00c6d-85fc-40ed-b15a-693825b9f3a8",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "9c4af8e8-d303-4520-ae81-f87190c2bbc6",
+ "name" : "realm roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ }, {
+ "id" : "03a3006b-c808-4b19-a5ec-b01a14b3b00e",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ }, {
+ "id" : "e606f224-24c8-46e3-ac5a-01e7fadb1562",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "74626818-9744-416e-ae77-d13be8940fee",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "13e76b05-7d24-43f4-ad4e-1d7655853512",
+ "name" : "upn",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "upn",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "0adad4c2-dbea-4105-a0c0-a6062c60a3f6",
+ "name" : "groups",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "multivalued" : "true",
+ "user.attribute" : "foo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "groups",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "bd050b86-7be1-42a0-b2f6-b681183e560a",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false",
+ "consent.screen.text" : ""
+ },
+ "protocolMappers" : [ {
+ "id" : "cc7f1c4e-c15b-425a-b2c4-c21e180f882f",
+ "name" : "allowed web origins",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "47595a41-97d2-48b9-84e9-f66d9820ea9d",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "9150603e-ebc9-467e-a254-72d910622fa7",
+ "name" : "email verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "emailVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean"
+ }
+ }, {
+ "id" : "4f028250-4036-498d-894a-d356d251110a",
+ "name" : "email",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "email",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "e7401ec2-c877-4522-b390-d7ac13abfd22",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "90848608-3013-47dc-b6bd-e7d16e150cdd",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "dad89a6f-c6d3-485c-87c0-79bf304310dd",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "8070e658-3ed6-444c-b117-372b0d3e76bc",
+ "name" : "birthdate",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "birthdate",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "birthdate",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "861faee7-38c1-4040-9bae-a1f9d24c4f60",
+ "name" : "middle name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "middleName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "middle_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "7b1b5c7e-45ff-4052-b937-73b5a3689498",
+ "name" : "picture",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "picture",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "picture",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "ef20556e-624d-4c08-9aac-3e8ef9cb5c57",
+ "name" : "gender",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "gender",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "gender",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "03a03973-8d8d-495a-99af-f483e31eafcb",
+ "name" : "website",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "website",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "website",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "a64f2a47-50b6-4c55-9d0f-b5971ae63992",
+ "name" : "given name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "firstName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "75f1df3a-0843-4786-ab2b-49c3b719eb92",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "1b582634-b01b-4900-a7d4-9ee95fb4012c",
+ "name" : "updated at",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "updatedAt",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long"
+ }
+ }, {
+ "id" : "0c4f4ea2-2d31-4ab1-bf97-e46344ff4336",
+ "name" : "nickname",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "nickname",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "nickname",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "55b83e07-ed5b-4441-980e-01b9234db5fe",
+ "name" : "profile",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "profile",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "profile",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "e8e2523e-5044-47d4-863f-50b46e32307b",
+ "name" : "family name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "family_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "233f533d-40a4-4df2-b5a7-4536c8fdc3b8",
+ "name" : "zoneinfo",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "zoneinfo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "zoneinfo",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "ec6d80f6-3093-4b8f-b4a4-97b0ce8567b6",
+ "name" : "username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "preferred_username",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "aae53b7f-83fb-4aff-85f4-93fc5f69b213",
+ "name" : "full name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-full-name-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "08d32803-c052-4b0a-98c4-538e627857b3",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ }
+ }, {
+ "id" : "8cd9bda9-eff5-42e7-8e62-b9d2e0f37416",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "3bf71763-9a1f-413c-b52d-bf99f611a211",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
+ "access.token.claim" : "true",
+ "user.attribute.locality" : "locality"
+ }
+ } ]
+ }, {
+ "id" : "1a4f1401-2b80-47c9-922a-80f0d1537507",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "e80cfa11-e49b-46e5-a61d-633cc0e27e07",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
+ }
+ } ]
+ } ],
+ "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
+ "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
+ "browserSecurityHeaders" : {
+ "contentSecurityPolicyReportOnly" : "",
+ "xContentTypeOptions" : "nosniff",
+ "xRobotsTag" : "none",
+ "xFrameOptions" : "SAMEORIGIN",
+ "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
+ "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
+ },
+ "smtpServer" : { },
+ "eventsEnabled" : false,
+ "eventsListeners" : [ "jboss-logging" ],
+ "enabledEventTypes" : [ ],
+ "adminEventsEnabled" : false,
+ "adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
+ "components" : {
+ "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
+ "id" : "486bf667-5362-4333-82e8-6057d5b3c37a",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "c4b992b7-5969-4dab-845b-87b7f876f571",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "max-clients" : [ "200" ]
+ }
+ }, {
+ "id" : "6844e33b-6421-4633-a808-d06856bda363",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-user-property-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper" ]
+ }
+ }, {
+ "id" : "8b7dd0da-a538-49db-b120-5386fc3846cf",
+ "name" : "Full Scope Disabled",
+ "providerId" : "scope",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "d5a9a762-12a0-445f-b460-511d04e11445",
+ "name" : "Consent Required",
+ "providerId" : "consent-required",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "cb11bd78-941b-4596-99e5-5ce4a41d6dc1",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper" ]
+ }
+ }, {
+ "id" : "174400f3-6a13-4818-99a2-cf0f1a5ece0f",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "d4455215-c88c-47a5-8527-9c21fef02a98",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ } ],
+ "org.keycloak.keys.KeyProvider" : [ {
+ "id" : "620e8030-7114-450c-b188-f2307fa9eaac",
+ "name" : "hmac-generated",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "6b97cca4-f3d2-41f6-a225-ba846090df11" ],
+ "secret" : [ "7cJw81x86C-kGsDRw3mJzd_M6pPO3fecUlXlL1TYRUlUR7lK6hngmkxK05LiG6swheQIZYs6UkTM1nLORncEJA" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS256" ]
+ }
+ }, {
+ "id" : "e4432af5-5db8-4e30-8a0d-150a5ed675b5",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEowIBAAKCAQEAwVW0ULkeQ4JidUfS6+AWndVr9YqFd5zIO8iM0UXfyOesPfvwccmdJdSVTtEJTe99TujfUARRRdl3uIXr+q0E+mQyVWf0v+nzFfcQpVYq29XtfwXQK0JzvGUbWki+JnCcvXvSRnc/fjLy20psaupBT6YxYyIcvHi1JCaA7dk5iyi6FPLFkJrF0i605z+PfeWfdm07uZl4ZZ9D/+dKM4V7dnYwg8kB3x32rcIevujGs621a5ZYyl8QzJM9LMyehe3t3whNX/86vJxpg63YZyk7uhZRBvSXHZWru6Je+PEN+9rq5GYPZjg1GhCf9ty5YQ1rihAKInE1hmGIkPSUqAfXbQIDAQABAoIBABWmzvxRVwHResxOoGD5Jh9D9QS5ICxemxAS7C5NqHu78k64xdtAbIB9l8ENaQDY5swtCUFRUnbDnYRFP0HCGbIfAYIOE9tgTHBzzGHvzfnzsdbNZFxL42FAY3lPdzgf2XXhBZINrcco1ojXg1/P30OXxaUn/1beH88uHrdEYgzi719VRuoB73gyIF9P7jrl1n8UTE6wlPAOi5ZD2ERRM2bs2AW2v+dNB38CmhkWqpvjWkEEQl7JSaFDxm9mkdUopL2CPKTOM6YW3k/IVU9nMuRy1/xKDZyPO1AvNqzfMqTqDRVphAJRL+EIY6NAa6uv32g0AT1zCc3FrOuoDRvhOwMCgYEA6GkNOtu8+qqnTUdgBWUnmbcpTgw0g7tBjEzZcI4KpZfXt8IdnNBnuOtI7/Gv3fhSP9yyp60Kzl/M+JwzxbDYNuQZh9ETMFOUrdtdcyIftanttf/HhXv8yA15My3gZXSo4Zk5R15KfEAUPQyYbIY3QZkl/f3koenl2kc6/5Ncps8CgYEA1PVQNoOoAoEG7D1PU91W9NnMby+xCp4SUejS2ZajveKoEMKwYOM4Gw2Mczql+KKYDs6UU7ACrbsMSC+qgWX1b+PTXkuXkEBOt4BjnHDzVHEHZwAPKbY3dQttqZEQgDQEkhNvANseY9MNipGH2PsC+yWwvfGmXIIClsjuselIrQMCgYA0PHhWxFDDXlvgCKzSSZwO9pX4DtI20X24FQXCQIqwEWLQ0HZraoQFkgyAsae/kjKaW/ZjrYcCP5IIRsN0KX1PSRFb72gKsp52PRnR6NeLszfUcjrcC7QTGsQk9qi65O+YVSIEonLHXneuCQixS7FbsxpQ7iHXKoUY/G2MSAjJDQKBgHCHJ9mGfBLGpyfRxcck4DwFklb2NnDL0hZiFnhPdzpxOCmTFqw7pHv3Ds4coXLeR8cbNZl7Gg8/FWBXf5tcivKSyi+7dd0NfgrM1tXlgU6PYz/z8g8yb99zKIE/XB7CXd/qUO982XQaI7+i4suu54ZaBih4NlYPhNq0VhzAjlyNAoGBAKb3SZqb3wHSE+cR8fDP8hs3v7HPhPbPIpdFyzV3RKvW+3cLtSABImwcxPbk/P0CoFWkIq9kxYOVLSJNFA5ptWuG49kTpJFaYiPDu3UHOKGl2tmPLjOLp6aBVvnQb+1rfLYtNxyK8tneBaG0lSoamqoGgXuhiEeoCjgVxkSUA9dd" ],
+ "keyUse" : [ "ENC" ],
+ "certificate" : [ "MIICnTCCAYUCBgGCxUsqLDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIyMDgyMjExMjE1M1oXDTMyMDgyMjExMjMzM1owEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFVtFC5HkOCYnVH0uvgFp3Va/WKhXecyDvIjNFF38jnrD378HHJnSXUlU7RCU3vfU7o31AEUUXZd7iF6/qtBPpkMlVn9L/p8xX3EKVWKtvV7X8F0CtCc7xlG1pIviZwnL170kZ3P34y8ttKbGrqQU+mMWMiHLx4tSQmgO3ZOYsouhTyxZCaxdIutOc/j33ln3ZtO7mZeGWfQ//nSjOFe3Z2MIPJAd8d9q3CHr7oxrOttWuWWMpfEMyTPSzMnoXt7d8ITV//OrycaYOt2GcpO7oWUQb0lx2Vq7uiXvjxDfva6uRmD2Y4NRoQn/bcuWENa4oQCiJxNYZhiJD0lKgH120CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAUPXLzC6jIMVNboJeMo5THOLKqAIihwyfyESQWduZeiuSbX7fFxGRBM6oLNOnAbd08yuQnBlyNcfvTTN5vTc9LADy0bn9ukS4ZPwTNOSXWa6FcopzoKALwlVAY3JzGxoFOHK9bImlUNAbpel1xkJt0z+/yGdUWvYsRYRhLuMidb34Spi8Kt5gbbY+EQcgkHK99GNamSOqrUR1pEKOWCpncFUqXhSSSOzZlv+pbXUwEbQwUYVhS1n8kRfzkXMjuN+Ke++YFOfB314MT0pSgCtSDEboOrXIAm4HmPMyek7YZdrQqGAIWEYUafx132D954JNytzQEElKeyvbmdQJWapoWA==" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
+ }
+ }, {
+ "id" : "fdb97a8d-439a-4ead-adf9-a80696fbceab",
+ "name" : "aes-generated",
+ "providerId" : "aes-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "15eca0bc-c3dd-48b9-a184-374691b3f1b2" ],
+ "secret" : [ "qQMFjvi_x6lbFNJBiyJV6Q" ],
+ "priority" : [ "100" ]
+ }
+ }, {
+ "id" : "b6090ad3-b34f-4bc9-b331-ca0e734bfc09",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEpQIBAAKCAQEApBKpDmj7d6UubF1b1NUnrRYKKDaJQDitv/7cGP2Erq7apdDdT2qdtRAhyAgBlNHT8mOL3fR0NM5/s+TNE7jtD07pSffcWpsyemILvoxfNxlqHVRjzbkW6qsrwjoVcAjVuKTdfZu3Egpcn53piiRbbOjcACuTQ4MN6B51s7indLWEjDMXMXcA4QsGoOr8Gcsj1azucz+JXrettgKlwmmjf4ciiSm+zvYtcXzj1TlM9tKji9G1vxRgc8vFVj7wgqtr0XU3sEQtHJsKuxQpmzOW7kfwD9+tOQdQs+zG3YAftsdM5xdCG2d98dxTMFekH+zyCTphjqw9nBJyZxgpNPQQNQIDAQABAoIBAALaE5x4y9GbJbMj7W2PDu7rjAI4pQYXUYuLXRiX0crfggu2FWdE1tzsQW6iqY/NgnS/1aNmTBSCU4HsH1WRSHRv8vxrlaXMYxSDyFbDRdxp49FwaBOyfMRYBwr5gleZCyTTVoCIJBR7VsTQoiUjIKTWjQxnIzYnM5SuJ24qShNsXk3FsqD3xGMAy5yEaezk/PwqnCI2x6n1rY+6nUGcjMgrBiAd1PloiNVUGPkfOS4A765/1SStivlD0sLZf4Hx385JUwNpXlo3B+NxYYig2nvjg99wCJL8rv/bzNMxtSPSakRRmchAjI5Ibl8Bu+Q7P6GSbaVIyQtd01skzlNW7sECgYEA1GzWQCCrUKb6cld3UrzMGafjfyZBgaavR+Mv26RW/5f/G9cCkpqreTUurS4XhPmmQ+VLge6eVqzRv4Ym0P+gOpmhtjyVRswckrHfXlyAsxDDEVWCqd+55TVaP58xXfwDmvM2cNX3VV8GBWz3CpxRjg39POqS9V5XYENckZcv+20CgYEAxbqu33St+fU5aAJNjPIj7DDU3FWl1boK8f71oERSDeFIVFMiPYTKnh1Gso7yAaEi4JR2W+Tq+e3Fr9CMtcHJPeUxR3+rKhV/FnXygPQQxSKblttjPRmU4x8r1VrCxV3j6G3niWP9v+tJmp5vCZDmGJvPtvkUElX/rQzGHQJa4ukCgYEAp6ZaFXRzII0YPeOwBbmBb4IkNvZvXq65yYeQ/s0d6E0ChutTWXb+fAOwGfe1kjohsZYm2J4FkyyDwZ9TxUDqKTWU/imkOqLerhv5yRRCcpB5E5YkMIOkyDQqTOoL4TwDcGghAD6uHE+JhgCwnEwwxWdfBJOxdjuFxDCFv1XOBaUCgYEAk9YIebpbedAHo+RU51UD1syL2lGPNEVteZIPREzQrOALnECsESL/+0gYW9jUyLMZyKA3/m0h4swMSm+7RQom1MhQGA00hLqd0sVNE21oPHyrqBdQE5bU4xujQloh1j9k75t8yhSg3KWm2pwqmRRldXDJ1RxWDX+PMmuilH32RkECgYEAuf1N0W7MKWNbnM/0elcdm+IIYI0kg4qRUKNyLg2vrmOTxwGTFzh1qeJK5x8vUMonnLW5vP7wIX7cTrgh79fz+W7gxXoNeuljnoZiFdk1Qu4qLFFk+c7MOGTDZZiKXTdYSgGutWptcGtgYli+x7TetFXVOxS3ppszgGdZ61onCSI=" ],
+ "keyUse" : [ "SIG" ],
+ "certificate" : [ "MIICnTCCAYUCBgGCxUspezANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIyMDgyMjExMjE1M1oXDTMyMDgyMjExMjMzM1owEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQSqQ5o+3elLmxdW9TVJ60WCig2iUA4rb/+3Bj9hK6u2qXQ3U9qnbUQIcgIAZTR0/Jji930dDTOf7PkzRO47Q9O6Un33FqbMnpiC76MXzcZah1UY825FuqrK8I6FXAI1bik3X2btxIKXJ+d6YokW2zo3AArk0ODDegedbO4p3S1hIwzFzF3AOELBqDq/BnLI9Ws7nM/iV63rbYCpcJpo3+HIokpvs72LXF849U5TPbSo4vRtb8UYHPLxVY+8IKra9F1N7BELRybCrsUKZszlu5H8A/frTkHULPsxt2AH7bHTOcXQhtnffHcUzBXpB/s8gk6YY6sPZwScmcYKTT0EDUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAiscT2FdZOg4rWVvL2IuDsDI6hzLJaoImDKfzSD00eY9SbqxjjUpVJlXkj+KUkJtgk+wh01gSY5s0ePW/S54T5kSAL8GNbfnRr/d6X7TmfQPgZ/+BvVwjdl5PKMtN4ISoLZqdMqjCXEXsYgrd3t+2TUfXD66DoUMRUqaQ8mqsfa1kpZOgXaJKZveiOPer4Y/SsJmp2p7CKoaSCRFMEjv2N98PiYx3TQxWtNx8BOs/3NKmIQiW5IM7PfSTV3Zxutd+LQkii0xLh5heOHHi7WP166n5Mq31OBRcm/u6k9GdPAMxPXh0JGqzKrRZPiXw3Mip9v4VXyQvo9xjrtIThQn5uQ==" ],
+ "priority" : [ "100" ]
+ }
+ } ]
+ },
+ "internationalizationEnabled" : false,
+ "supportedLocales" : [ ],
+ "authenticationFlows" : [ {
+ "id" : "aa90914c-d3f2-41b7-a3db-31bf9d56f159",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "8f9aca4e-1af0-4d3a-acc0-3dea78658f3f",
+ "alias" : "Authentication Options",
+ "description" : "Authentication options.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "basic-auth",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "basic-auth-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "2f6b23b9-2c59-4b65-ab00-2789b296f300",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "e53b15a7-5bf9-4064-8db6-8a82e8320f47",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "898b7008-e384-4df8-bca4-add09c5551d3",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "31fb288c-b29e-4370-93cf-ae6eca103063",
+ "alias" : "Handle Existing Account",
+ "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "0fc26a54-e662-4bfc-8bad-b16e4f9702a3",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "fed7521d-4732-4959-84f8-cff994343b90",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "e7013c43-177c-48ce-bcc8-b1d3e6f57280",
+ "alias" : "Verify Existing Account by Re-authentication",
+ "description" : "Reauthentication of existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "497b288a-1cf1-4974-bbed-747b0ee5c1f8",
+ "alias" : "browser",
+ "description" : "browser based authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 25,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "forms",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "27505ab1-6d4c-43a0-aede-d21ea45cb785",
+ "alias" : "clients",
+ "description" : "Base authentication for clients",
+ "providerId" : "client-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "client-secret",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-x509",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 40,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "6bfb83ac-b5de-47f9-bc4f-9f27b44d05fb",
+ "alias" : "direct grant",
+ "description" : "OpenID Connect Resource Owner Grant",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "228dbd4d-831b-486e-900b-294b9b82766c",
+ "alias" : "docker auth",
+ "description" : "Used by Docker clients to authenticate against the IDP",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "f4eab5c7-a717-4646-9b3d-751e72ebbea6",
+ "alias" : "first broker login",
+ "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "review profile config",
+ "authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "e63a23e9-60f0-4d94-8481-3a3355d36ac3",
+ "alias" : "forms",
+ "description" : "Username, password, otp and other auth forms.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "0e1f6a40-583d-4db5-8516-bf1f7b2f1656",
+ "alias" : "http challenge",
+ "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "no-cookie-redirect",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Authentication Options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "5380b8c5-e19f-4cca-9c66-383f05385136",
+ "alias" : "registration",
+ "description" : "registration flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : true,
+ "flowAlias" : "registration form",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "1a7bcec3-694c-4934-b164-09754f9eb926",
+ "alias" : "registration form",
+ "description" : "registration form",
+ "providerId" : "form-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-profile-action",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 40,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 50,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 60,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "57b0d393-33ff-46cc-bba0-ea476ce09b36",
+ "alias" : "reset credentials",
+ "description" : "Reset credentials for a user if they forgot their password or something",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 40,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "35a457ca-fb99-4d62-9020-0c3bda5452ab",
+ "alias" : "saml ecp",
+ "description" : "SAML ECP Profile Authentication Flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ } ],
+ "authenticatorConfig" : [ {
+ "id" : "19668cee-4ea3-4045-9b56-a8c1ff191de9",
+ "alias" : "create unique user config",
+ "config" : {
+ "require.password.update.after.registration" : "false"
+ }
+ }, {
+ "id" : "70a075e5-e708-4da9-8ae8-d6ea0c87b144",
+ "alias" : "review profile config",
+ "config" : {
+ "update.profile.on.first.login" : "missing"
+ }
+ } ],
+ "requiredActions" : [ {
+ "alias" : "CONFIGURE_TOTP",
+ "name" : "Configure OTP",
+ "providerId" : "CONFIGURE_TOTP",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 10,
+ "config" : { }
+ }, {
+ "alias" : "terms_and_conditions",
+ "name" : "Terms and Conditions",
+ "providerId" : "terms_and_conditions",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 20,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PASSWORD",
+ "name" : "Update Password",
+ "providerId" : "UPDATE_PASSWORD",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 30,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PROFILE",
+ "name" : "Update Profile",
+ "providerId" : "UPDATE_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 40,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_EMAIL",
+ "name" : "Verify Email",
+ "providerId" : "VERIFY_EMAIL",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 50,
+ "config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
+ } ],
+ "browserFlow" : "browser",
+ "registrationFlow" : "registration",
+ "directGrantFlow" : "direct grant",
+ "resetCredentialsFlow" : "reset credentials",
+ "clientAuthenticationFlow" : "clients",
+ "dockerAuthenticationFlow" : "docker auth",
+ "attributes" : {
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaExpiresIn" : "120",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "oauth2DeviceCodeLifespan" : "600",
+ "oauth2DevicePollingInterval" : "5",
+ "parRequestUriLifespan" : "60",
+ "cibaInterval" : "5"
+ },
+ "users" : [ {
+ "id" : "af134cab-f41c-4675-b141-205f975db679",
+ "username" : "admin",
+ "enabled" : true,
+ "totp" : false,
+ "emailVerified" : false,
+ "credentials" : [ {
+ "type" : "password",
+ "hashedSaltedValue" : "NICTtwsvSxJ5hL8hLAuleDUv9jwZcuXgxviMXvR++cciyPtiIEStEaJUyfA9DOir59awjPrHOumsclPVjNBplA==",
+ "salt" : "T/2P5o5oxFJUEk68BRURRg==",
+ "hashIterations" : 27500,
+ "counter" : 0,
+ "algorithm" : "pbkdf2-sha256",
+ "digits" : 0,
+ "period" : 0,
+ "createdDate" : 1554245879354,
+ "config" : { }
+ } ],
+ "disableableCredentialTypes" : [ "password" ],
+ "requiredActions" : [ ],
+ "realmRoles" : [ "admin", "user" ],
+ "notBefore" : 0,
+ "groups" : [ ]
+ }, {
+ "id" : "eb4123a3-b722-4798-9af5-8957f823657a",
+ "username" : "alice",
+ "enabled" : true,
+ "totp" : false,
+ "emailVerified" : false,
+ "credentials" : [ {
+ "type" : "password",
+ "hashedSaltedValue" : "A3okqV2T/ybXTVEgKfosoSjP8Yc9IZbFP/SY4cEd6hag7TABQrQ6nUSuwagGt96l8cw1DTijO75PqX6uiTXMzw==",
+ "salt" : "sl4mXx6T9FypPH/s9TngfQ==",
+ "hashIterations" : 27500,
+ "counter" : 0,
+ "algorithm" : "pbkdf2-sha256",
+ "digits" : 0,
+ "period" : 0,
+ "createdDate" : 1554245879116,
+ "config" : { }
+ } ],
+ "disableableCredentialTypes" : [ "password" ],
+ "requiredActions" : [ ],
+ "realmRoles" : [ "user" ],
+ "notBefore" : 0,
+ "groups" : [ ]
+ }, {
+ "id" : "1eed6a8e-a853-4597-b4c6-c4c2533546a0",
+ "username" : "jdoe",
+ "enabled" : true,
+ "totp" : false,
+ "emailVerified" : false,
+ "credentials" : [ {
+ "type" : "password",
+ "hashedSaltedValue" : "JV3DUNLjqOadjbBOtC4rvacQI553CGaDGAzBS8MR5ReCr7SwF3E6CsW3T7/XO8ITZAsch8+A/6loeuCoVLLJrg==",
+ "salt" : "uCbOH7HZtyDtMd0E9DG/nw==",
+ "hashIterations" : 27500,
+ "counter" : 0,
+ "algorithm" : "pbkdf2-sha256",
+ "digits" : 0,
+ "period" : 0,
+ "createdDate" : 1554245879227,
+ "config" : { }
+ } ],
+ "disableableCredentialTypes" : [ "password" ],
+ "requiredActions" : [ ],
+ "realmRoles" : [ "confidential", "user" ],
+ "notBefore" : 0,
+ "groups" : [ ]
+ }],
+ "keycloakVersion" : "19.0.1",
+ "userManagedAccessAllowed" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
+ },
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
+}
\ No newline at end of file
diff --git a/src/main/resources/quarkus-realm.json.license b/src/main/resources/quarkus-realm.json.license
new file mode 100644
index 0000000..c8d4da6
--- /dev/null
+++ b/src/main/resources/quarkus-realm.json.license
@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2024 PNED G.I.E.
+
+SPDX-License-Identifier: Apache-2.0
\ No newline at end of file
diff --git a/src/test/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImplIT.java b/src/test/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImplIT.java
new file mode 100644
index 0000000..a04a9a1
--- /dev/null
+++ b/src/test/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImplIT.java
@@ -0,0 +1,11 @@
+// SPDX-FileCopyrightText: 2024 PNED G.I.E.
+//
+// SPDX-License-Identifier: Apache-2.0
+package io.github.genomicdatainfrastructure.daam.api;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+
+@QuarkusIntegrationTest
+public class ApplicationQueryApiImplIT {
+
+}
diff --git a/src/test/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImplTest.java b/src/test/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImplTest.java
new file mode 100644
index 0000000..f17204b
--- /dev/null
+++ b/src/test/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImplTest.java
@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2024 PNED G.I.E.
+//
+// SPDX-License-Identifier: Apache-2.0
+package io.github.genomicdatainfrastructure.daam.api;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.Matchers.equalTo;
+
+import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.keycloak.client.KeycloakTestClient;
+import org.junit.jupiter.api.Test;
+
+@QuarkusTest
+public class ApplicationQueryApiImplTest {
+
+ private final KeycloakTestClient keycloakClient = new KeycloakTestClient();
+
+ @Test
+ void unauthorized_when_no_user() {
+ given().when().get("/api/v1/applications").then().statusCode(401);
+ }
+
+ @Test
+ void ok_when_authenticated() {
+ given()
+ .auth()
+ .oauth2(getAccessToken("alice"))
+ .when()
+ .get("/api/v1/applications")
+ .then()
+ .statusCode(200)
+ .body("[0].id", equalTo("25"))
+ .body("[0].title", equalTo("2024/14"))
+ .body("[0].currentState", equalTo("application.state/draft"))
+ .body("[0].stateChangedAt", equalTo("2024-03-05T19:44:46.208Z"));
+ }
+
+ @Test
+ public void ok_when_public_resource() {
+ given().when().get("/").then().statusCode(200);
+ }
+
+ private String getAccessToken(String userName) {
+ return keycloakClient.getAccessToken(userName);
+ }
+}
diff --git a/src/test/java/lu/lnds/damm/security/PostAuthenticationFilterTest.java b/src/test/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilterTest.java
similarity index 81%
rename from src/test/java/lu/lnds/damm/security/PostAuthenticationFilterTest.java
rename to src/test/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilterTest.java
index 0952e50..fa835bf 100644
--- a/src/test/java/lu/lnds/damm/security/PostAuthenticationFilterTest.java
+++ b/src/test/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilterTest.java
@@ -1,18 +1,17 @@
// SPDX-FileCopyrightText: 2024 PNED G.I.E.
//
// SPDX-License-Identifier: Apache-2.0
-package lu.lnds.damm.security;
+package io.github.genomicdatainfrastructure.daam.security;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
+import io.github.genomicdatainfrastructure.daam.services.CreateRemsUserService;
import io.quarkus.oidc.runtime.OidcJwtCallerPrincipal;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.test.InjectMock;
import io.quarkus.test.junit.QuarkusTest;
import jakarta.inject.Inject;
-import lu.lnds.daam.security.PostAuthenticationFilter;
-import lu.lnds.daam.services.CreateRemsUserService;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
@@ -20,11 +19,14 @@
@QuarkusTest
public class PostAuthenticationFilterTest {
- @Inject private PostAuthenticationFilter underTest;
+ @Inject
+ private PostAuthenticationFilter underTest;
- @InjectMock private SecurityIdentity securityIdentity;
+ @InjectMock
+ private SecurityIdentity securityIdentity;
- @InjectMock private CreateRemsUserService createRemsUserService;
+ @InjectMock
+ private CreateRemsUserService createRemsUserService;
@BeforeEach
private void setUp() {
diff --git a/src/test/resources/mappings/create_user.json b/src/test/resources/mappings/create_user.json
new file mode 100644
index 0000000..a746ddd
--- /dev/null
+++ b/src/test/resources/mappings/create_user.json
@@ -0,0 +1,15 @@
+{
+ "request": {
+ "method": "POST",
+ "url": "/api/users/create"
+ },
+ "response": {
+ "status": 200,
+ "headers": {
+ "Content-Type": "application/json"
+ },
+ "jsonBody": {
+ "success": true
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/test/resources/mappings/create_user.json.license b/src/test/resources/mappings/create_user.json.license
new file mode 100644
index 0000000..c8d4da6
--- /dev/null
+++ b/src/test/resources/mappings/create_user.json.license
@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2024 PNED G.I.E.
+
+SPDX-License-Identifier: Apache-2.0
\ No newline at end of file
diff --git a/src/test/resources/mappings/my_applications.json b/src/test/resources/mappings/my_applications.json
new file mode 100644
index 0000000..a824df2
--- /dev/null
+++ b/src/test/resources/mappings/my_applications.json
@@ -0,0 +1,71 @@
+{
+ "request": {
+ "method": "GET",
+ "url": "/api/my-applications"
+ },
+ "response": {
+ "status": 200,
+ "headers": {
+ "Content-Type": "application/json"
+ },
+ "jsonBody": [
+ {
+ "application/workflow": {
+ "workflow/id": 4,
+ "workflow/type": "workflow/master"
+ },
+ "application/external-id": "2024/14",
+ "application/blacklist": [],
+ "application/id": 25,
+ "application/applicant": {
+ "userid": "eb4123a3-b722-4798-9af5-8957f823657a",
+ "name": "alice",
+ "email": null
+ },
+ "application/todo": null,
+ "application/members": [],
+ "application/resources": [
+ {
+ "catalogue-item/end": null,
+ "catalogue-item/expired": false,
+ "catalogue-item/enabled": true,
+ "resource/id": 1,
+ "catalogue-item/title": {
+ "en": "Auto-approve workflow"
+ },
+ "catalogue-item/infourl": {
+ "en": "http://www.google.com"
+ },
+ "resource/ext-id": "urn:nbn:fi:lb-201403262",
+ "catalogue-item/start": "2024-03-05T15:16:17.176Z",
+ "catalogue-item/archived": false,
+ "catalogue-item/id": 9
+ }
+ ],
+ "application/accepted-licenses": {},
+ "application/invited-members": [],
+ "application/description": "",
+ "application/generated-external-id": "2024/14",
+ "application/permissions": [
+ "application.command/copy-as-new",
+ "application.command/invite-member",
+ "application.command/submit",
+ "application.command/remove-member",
+ "application.command/accept-licenses",
+ "application.command/uninvite-member",
+ "application.command/delete",
+ "application.command/save-draft",
+ "application.command/change-resources"
+ ],
+ "application/last-activity": "2024-03-05T19:44:46.208Z",
+ "application/roles": [
+ "applicant"
+ ],
+ "application/attachments": [],
+ "application/created": "2024-03-05T19:44:46.208Z",
+ "application/state": "application.state/draft",
+ "application/modified": "2024-03-05T19:44:46.208Z"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/src/test/resources/mappings/my_applications.json.license b/src/test/resources/mappings/my_applications.json.license
new file mode 100644
index 0000000..c8d4da6
--- /dev/null
+++ b/src/test/resources/mappings/my_applications.json.license
@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2024 PNED G.I.E.
+
+SPDX-License-Identifier: Apache-2.0
\ No newline at end of file