mirror of
https://github.com/Alfresco/alfresco-content-app.git
synced 2025-07-24 17:31:52 +00:00
c8b99b9d29
* remove deprecated file * [ACA-1904] Language labels (#879) * [ACA-2083] reset router cache on login/logout (#867) * reset router cache on login/logout * Update src/app/app.routes.strategy.ts Co-Authored-By: DenysVuika <denys.vuika@gmail.com> * merge suggestion * [ACA-2083] reset content filters on logout * [ACA-2083] unit tests * [ACA-2067] Side navigation - highlight element with children only when not expanded (#880) * highlight parent element condition * update test * e2e * add context menu (#881) * [ACA-2107] upgrade to ADF latest beta (#882) * [ACA-2107] upgrade ADF to latest beta * fix adf sidenav class name * [ACA-2107] update is-selected to adf-is-selected * [ACA-2107] add 'adf' prefix to classes name * [ACA-2107] remove ADF duplicate css style * [ACA-2107] use 'adf-full-width' class * [ACA-2107] add 'adf' prefix * [ACA-1928] e2e improvements - part1 (#883) * refactor Mark as favourite tests rename method to be more clear create separate methods for some checks and actions * forgot some changes * refactor delete-undo tests * some more refactoring * fix * [ACA-1928] e2e improvements - part2 (#884) * refactor Mark as favourite tests rename method to be more clear create separate methods for some checks and actions * forgot some changes * refactor delete-undo tests * some more refactoring * fix * small improvements / refactoring * upgrade 3rd party dependencies (#886) * upgrade 3rd party dependencies * update datepicker * update code * remove duplicated strings, use ADF instead (#887) * extension recommendations * [ACA-1558] cache busting for index.html (#888) * use dynamic columns from ADF (#889) * upgrade to latest ADF 3.0.0 alpha * migrate to ADF column components * use dynamic column from ADF * fix e2e tests * [ACA-2122] automatic code formatting on commit (#890) * [ACA-2120] update library toolbar (#891) * [ACA-2131] fix leave library icon for context menu * remove moment-es6 usage (#892) * [ACA] Create Library - switch to ADF component (#893) * use adf component * fix component name locator * update extension registration docs * fix SSO defaults * fix pre-commit issue with partial commits * [ACA-2116] search results available actions (#895) * add item.id to File Libraries * add method to wait for node to be indexed * create separate methods in queries API to wait for sites or wait for nodes * improvements, renaming * renaming * fix * add tests for actions on search results * add wait and use new method * fix * another fix * use correct method * more fixes * create method for clickView button * fixes * no message * unified format for viewer sub-menus (#901) * unified format for viewer sub-menus * fix tests * update prettier * [ACA-2157] Added basic ABN metadata (#902) * upgrade to latest JS-API and ADF (#896) * improved update script and latest ADF libs * upgrade to latest js-api and ADF * upgrade tests * update viewer code * use @alfresco/js-api * update to latest adf * fix deprecation issues * update viewer * fix copy/move dialog * change expect * fix remove site from favorites * fix unit test * update adf version * use ADF upload dialog * [ACA-820] add tests for Copy content (#899) * add tests for Copy content * fix * forgot some ids * update expected favorites number * support for SSO settings (#905) * [ACA-2157] Fixed structure, markup and links (#904) * [ACA-2157] Added brief description and updated links * [ACA-2157] Fixed broken image URL * [ADF-2157] Added YAML index file for ABN (#903) * [e2e] new reporter (#906) * try new reporter * run specific suite for testing purposes * change folder output for report * more report settings * remove fdescribe * remove package and update package-lock * remove disabled tests not needed by the new reporter * try to identify cause of travis failure * run only specific tests for investigation purpose * remove sleep and increase retry delay * try a different fix * revert to previous fix * try different expects * call different js-api method * remove parameter not needed anymore * upgrade dependencies (#907) * add tests for Move content (#908) * [ACA-213] Edit Offline (#909) * WRITE_LOCK evaluator * evaluate actions for WRITE_LOCK * edit offline action * DL icon for WRITE_LOCK files * edit offline directive * custom name column * localisation * toggle offline edit extension * move takeUntil operator * add tooltip * better selector to differentiate Edit folder from Edit Offline * default to empty object for null properties object * isPersonalFiles evaluator * isLibraryFiles evaluator * isLibraryFiles evaluator * isPersonalFiles evaluator * update canEditLockedFile rule * upgrade libraries (#910) * upgrade libraries * fix breaking changes * fix divider * remove header workarounds * update repository to 6.1.2-ga, SSO example (#914) * remove old compose, update to 6.1.2-ga * SSO with vanilla keycloak * [ACA-2162] allow custom icons with navbar (#917) * allow custom icons with navbar * fix breaking change * update protractor settings * pin typescript version, regenerate lock file * [ACA-2168] auto-generate licenses for docker image (#918) * auto-generate licenses for docker image * update version label * make app agnostic * [ACA-213] Edit Offline - permissions (#911) * edit offline action rules * unlock node error message * update extensions rules * lock unlock evaluators * LockNodeDirective over EditOfflineDirective * disable tests failing cause of unrelated bug * isUserWriteLockOwner over isUserWriteLock * fix lock icon for retina displays * [ACA-2164] Node version action (#916) * export upload effects and actions * remove node version effect and action * remove node version theme * change old version manager implementation * get node info from store selection * upload version dialog container * node version form * update app module * upload version effect and action * update version action * internationalization * refresh on upload version * remove old implementation tests * remove adf-version-manager dialog implementation * revert adf version component * fix viewer version action * [ACA-2160] add tests for Edit offline actions availability (#921) * add tests for Edit offline actions availability * fix delete / undo delete tests * Keensoft AOS extension (#920) * aos extension * update karma * lint improvements and fixes * update script * update scripts * update scripts * reduce about 56.4 kB of polyfills for modern browsers * deficated aosHost value to have AOS on separate servers * context menu and toolbar * visibility evaluator * code improvements and fixes * support locking, lock checks * [ACA-2193] Lock node - unlock after new version is uploaded (#924) * unlock node api call * unlock action and effect * unlock node after version upload * check if locked * clear version input on dialog cancel event * update viewer on node version upload * update viewer on file upload delete * test * update tests * update tests * rename evaluators * update docs * minor script improvements * update AOS extension docs and version * update package configuration for AOS ext * update AOS extension details * Search on mobile opens Sidemenu (#929) * Added a check for mobile pages to prevent sidemenu opening * [ACA-2200] Upgrade to 3.0.0-beta9 ADF (#931) * upgrade to latest ADF 3.0.0-alpha - remove selectedFacetQueries check - renamed hasPermission from ADF ContentService to hasAllowableOperations * update to ADF 3.0.0-beta9 * [ACA-2200] mincount workaround - until we get the fix for the facet update issue (ADF-3401) * [ACA-2171] enable copy and move to library tests (#933) * [ACA-2198 ACA-2206] Node version - align dialog with XD (#937) * make comment field not required * make Minor default version option * tests * fix form version options label * test form state on initialization * [ACA-2210] Version Dialog - update button text (#939) * dialog action buttons text to uppercase * dialog text Cancel over Close * update translation reference * [ACA-213] Upload Version - version options use boolean values (#940) * version form data interface * subscribe value data type * use form data boolean value * update tests * [ACA-2208] Hide app menu on swipe (#934) * mobile: hide app menu on swipe left * check for mobile screen size * space for click out on small devices * added test * fix test * [ACA-2199] Upload Version - granular permission (#938) * canUploadVersion evaluator * change upload version action rule * update docs * simplify condition * unit tests and code fixes * [ACA-2211] auth guard: add support for withCredentials (#942) * auth guard: add support for withCredentials * formatting fixes * remove fdescribe * [ACA-2204] Upgrade to ADF 3.0.0 release (#949) * upgrade to ADF 3.0.0 * update unit tests * disable versioning tab in info drawer (#941) * [ACA-213] Version Dialog - tests (#948) * enable Esc action to close dialog * version dialog form tests * test fix * [ACA-2193] Upload new content version - unsubscribe upload event (#925) * remove console log * unsubscribe upload event after new version * unit tests * update AOS extension to ADF 3.0.0 * Upgrade libs (#952) * update libs * remove i18n workaround * node locking enhancements and fixes (#955) * optimize image resolver * allow previewing locked files * allow selecting locked nodes * fix comments and metadata tabs * improved lock checks * remove obsolete "experimental" directive * [ACA-2177] Actions - rearrange actions order (#922) * rearange actions * remove separator duplication * don't show last divider element * update e2e * update e2e * Update toolbar-single-selection.test.ts remove fdescribe * move comment as well * edit folder locator * edit folder action * edit folder action from toolbar more menu * edit folder context menu id * dont render versions tab * [ACA-2199] fix Upload New Version action availability (#959) * fix Upload New Version action availability * update unit tests * remove workaround * add catch for tests failing on Bamboo * add new line * add tests for Upload New Version (#960) * remove separator between Favorite and Edit folder (#963) * [ACA-2221] Lock node - check selection is not null (#966) * check selection is not null * test * add tests for downloading a single file (#967) * [ACA-833] automate tests for download as zip (#968) * add tests for downloading a single file * automate tests for download as zip * [ACA-2216] Shared link preview - use extension actions (#964) * isSharedFileViewer evaluator * navigation evaluators tests * update docs * fallback for SharedLink entry * shared link view use extensions * rules for link shared view actions * dedicated extension definition for shared link action toolbar * resolve selection and actions * update tests * remove un used imports * nest shared link viewer toolbar actions in to viewer structure * [ACA-2180] Viewer toolbar - rearrange actions layout (#962) * merge action in toolbar submenu * viewer add info drawer action * toggle infoDrawer extension action * hide viewer toolbar info drawer action * fix typo * allow to unsubscribe from infoDrawerOpened event * [ACA-2207] Upload Dialog - restore previous version on delete (#951) * restore version over delete node * apply prettier * clean up unnecessary dependencies * remove style file * set CANCEL status on on deleted node version instances * Update upload.module.ts remove extra licence text * fix typo * remove duplicate strings * [ACA-2212] allow "edit in office" only for basic auth (#971) * allow AOS only for basic auth for now * bump aos extension version * [ACA-2208] Hide app menu on swipe (#970) * [ACA-2220] simple "search in fields" support (#972) * simple "search in fields" support * unit tests * add separator (#974) * [ACA-2222] add e2e tests for pagination on Favorite Libraries (#969) * add tests for pagination on Favorite Libraries * add TestRail ids add tests for pagination for empty page and single page * Delete package-lock.json * Revert "Delete package-lock.json" This reverts commit 41eba0c57532373d87d454372273b54ba00e880a. * restore package-lock * [ACA-2219] support more precise searching (#976) * support more precise searching * exact term matching * remove fdescribe * update docs * [ACA-1259] automate remaining tests for sidebar (#977) * automate remaining tests for sidebar * formatting * reload active doclist via NgRx actions (#978) * doclist reload action and effect * deprecate folderEdited event * deprecate "favoriteToggle" event * deprecate "favoriteRemoved" event * update docs * unified reload function * deprecate "nodesRestored" event * deprecate "nodesPurged" event * test fixes * deprecate "nodesMoved" event * reduce the use of "nodesDeleted" * [ACA-2229] run aca nginx as non-root (#979) * run aca nginx as non-root * remove edit permissions from html folder * [ACA-2229] docker security fixes (#980) * docker permission fixes * remove index.html edit permissions * support repository info with app state (#984) * [ACA-2214] Sharing URL being constructed from ECM Host incorrectly (#981) * fix baseShareUrl defaults * allow controlling full path * unit test * update tomcat settings * use single slash * simplify documentation * [ACA-2194] better custom aspects in metadata tab (#985) * better custom aspects in metadata tab * update test * fix lockby position (#986) * compatibility matrix (#989) * [ACA-2228] Add PipeModule to AppTestingModule (#993) - fixes unit tests after upgrade to 3.1.0-beta4 * responsive breadcrumb (#990) * [ACA-2239] initial localisation support for AOS extension (#988) * setup i18n for aos extension * translate action names, generic icon * unit tests and bug fixes * use AOS testing with CI * [ACA-2242] add old style back (#994) fixes missing buttons styles issue until ADF 3.1.0 will fix it * upgrade libs to latest versions (#996) * Windows compatibility * [ACA-2195] fix redirect on login after page reload (#997) * fix build script for Windows * update evaluator docs, workspace snippet (#995) * add missing docs and code hints * update app evaluator docs and code hints * fix route url special characters (#1000) * revert change for AOS related to lock owners * [ACA-2215] toggle search filter (#998) * support for toggling search filter * update docs * disable e2e test * update e2e * [ACA-2133] fix application ready event for kerberos (#1002) * fix application ready event for kerberos * format file * spellcheck fixes * hide AOS when in trashcan * fix broken test * [ACA] Search - show error message on error (#1003) * show error message * remove fdescribe * add documentation on SSO, minor docs fixes (#1005) * menu filter disabled items (#1009) * 1.7.0 * [ACA-2261] improve UX on search input (#1004) * Remove search on change - search call would be triggered only on submit or on option change * clicking search icon triggers search * caches user changes for a possible future search * caches non-empty user changes for a possible future search * close search options menu on submit * update queryBuilder and navigate to new search url * add setting to enable/disable searching after typing on search input * fix double search call * Apply suggestions from code review - custom name to distinguish between ADF and ACA settings Co-Authored-By: suzanadirla <dirla.silvia.suzana@gmail.com> * [ACA-2264] fix loading on search (#1011) - do nothing on null built query * readme update * update readme * [ACA-1627] add automated tests for Comments (#1012) * bump runtime version for core extension * json schema fixes * [ACA-2260] Open in Office - action breaks application in IE (#1014) * ie office luncher workaround * open office without location navigation * check instance before remove * various bug fixes (#1010) * various bug fixes * use 'remove favorite' label where appropriate * fix toggle favorite component labels * e2e type check and fixes * favorite library label * support toggle favorite component selectors * update tests * update e2e tests * update e2e * e2e update * update e2e * [ACA-2259] Edit in Microsoft Office - check update permissions (#1015) * [ACA-2259] Edit in Microsoft Office - check update permissions * [ACA-2259] check update permissions - unit tests * [ACA-2259] refactor - check allowableOperationsOnTarget from service * [ACA-2259] add back check only on target for SharedFiles * [ACA-2259] SharedLinks are not folders * type-safe api for node permissions * workaround for shared files * use hasOwnProperty function * fix visibility evaluation for create menu (#1017) * [ACA-2270] allow add comments on folder (#1018) * [ACA-2270] allow add comments on folder * [ACA-2270] fix return on else * [ACA-2270] add unit tests * update translations (#1023) * assert file extension validity first (#1025) * hide empty metadata by default (#1024) * update copyright year (#1022) * update copyright year * forgot a file * update year on licence header * extensions flag inside settings page * support "disabled" rules for Viewer extensions * set relevance descending by default (#1027) * [ACA-2284] Shared Link - Error when trying to download a shared file (#1026) * shared link content download action * use same action and effect * call appropriate api baes on location * remove unused property * remove unneeded divider from toolbar (#1028) * use LTS node.js (#1031) * Update README.md (#1032) * Update README.md * Update README.md * Update introduction-to-extending.md * Update search-results.md (#1034) * Update document-list-layout.md (#1035) * Update README.md (#1033) * Update README.md (#1036) * [ACA-2299] fix search error translation (#1030) * fix search error translation * fix translation fallback * remove fdescribe
1674 lines
52 KiB
JSON
1674 lines
52 KiB
JSON
{
|
|
"id": "alfresco",
|
|
"realm": "alfresco",
|
|
"notBefore": 0,
|
|
"revokeRefreshToken": false,
|
|
"refreshTokenMaxReuse": 0,
|
|
"accessTokenLifespan": 300,
|
|
"accessTokenLifespanForImplicitFlow": 900,
|
|
"ssoSessionIdleTimeout": 1800,
|
|
"ssoSessionMaxLifespan": 36000,
|
|
"offlineSessionIdleTimeout": 2592000,
|
|
"accessCodeLifespan": 60,
|
|
"accessCodeLifespanUserAction": 300,
|
|
"accessCodeLifespanLogin": 1800,
|
|
"actionTokenGeneratedByAdminLifespan": 43200,
|
|
"actionTokenGeneratedByUserLifespan": 300,
|
|
"enabled": true,
|
|
"sslRequired": "none",
|
|
"registrationAllowed": false,
|
|
"registrationEmailAsUsername": false,
|
|
"rememberMe": false,
|
|
"verifyEmail": false,
|
|
"loginWithEmailAllowed": true,
|
|
"duplicateEmailsAllowed": false,
|
|
"resetPasswordAllowed": false,
|
|
"editUsernameAllowed": false,
|
|
"bruteForceProtected": false,
|
|
"permanentLockout": false,
|
|
"maxFailureWaitSeconds": 900,
|
|
"minimumQuickLoginWaitSeconds": 60,
|
|
"waitIncrementSeconds": 60,
|
|
"quickLoginCheckMilliSeconds": 1000,
|
|
"maxDeltaTimeSeconds": 43200,
|
|
"failureFactor": 30,
|
|
"roles": {
|
|
"realm": [
|
|
{
|
|
"id": "39654467-e529-418e-bd27-354a0414fb52",
|
|
"name": "admin",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "alfresco"
|
|
},
|
|
{
|
|
"id": "5b481c9b-38fe-474a-a047-50c3935262cb",
|
|
"name": "uma_authorization",
|
|
"description": "${role_uma_authorization}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "alfresco"
|
|
},
|
|
{
|
|
"id": "86db4867-8c3c-4cdf-8950-e18790f5bf6a",
|
|
"name": "offline_access",
|
|
"description": "${role_offline-access}",
|
|
"scopeParamRequired": true,
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "alfresco"
|
|
}
|
|
],
|
|
"client": {
|
|
"realm-management": [
|
|
{
|
|
"id": "a637f20f-fd3e-4db6-9d2a-c91acb1e14e8",
|
|
"name": "create-client",
|
|
"description": "${role_create-client}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "4232f8bf-dab4-4b4a-8ccf-28b8984f8ae7",
|
|
"name": "realm-admin",
|
|
"description": "${role_realm-admin}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [
|
|
"create-client",
|
|
"view-authorization",
|
|
"manage-events",
|
|
"query-users",
|
|
"manage-authorization",
|
|
"view-realm",
|
|
"view-clients",
|
|
"query-clients",
|
|
"query-groups",
|
|
"impersonation",
|
|
"manage-users",
|
|
"manage-clients",
|
|
"manage-identity-providers",
|
|
"view-users",
|
|
"query-realms",
|
|
"view-identity-providers",
|
|
"view-events",
|
|
"manage-realm"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "ae0da5c2-643c-480e-8900-59bdca3581b3",
|
|
"name": "view-authorization",
|
|
"description": "${role_view-authorization}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "8a69ec22-4fe9-43e0-b4f0-16b632c2d324",
|
|
"name": "manage-events",
|
|
"description": "${role_manage-events}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "1c2c870c-5428-4144-ab12-c7304d1a7d2d",
|
|
"name": "query-users",
|
|
"description": "${role_query-users}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "9884df61-b63f-4f8b-8fba-650db69c8784",
|
|
"name": "manage-authorization",
|
|
"description": "${role_manage-authorization}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "003ae8b9-e32a-4c0b-b319-d2a985249348",
|
|
"name": "view-realm",
|
|
"description": "${role_view-realm}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "d0d2eaa3-e737-4a7e-990d-4c6efa323cc3",
|
|
"name": "view-clients",
|
|
"description": "${role_view-clients}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": ["query-clients"]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "d9f0638c-e045-4d92-b4ff-e0c71f68f4ba",
|
|
"name": "query-clients",
|
|
"description": "${role_query-clients}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "02d5937c-929b-4928-8a55-b0de4c9b4924",
|
|
"name": "query-groups",
|
|
"description": "${role_query-groups}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "c74d9c9b-65e4-4847-a47a-3edbb2fce0fb",
|
|
"name": "impersonation",
|
|
"description": "${role_impersonation}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "e681501e-a8da-4653-861c-c37e2e1f8609",
|
|
"name": "manage-users",
|
|
"description": "${role_manage-users}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "067b5e3c-9918-4713-85ca-749c6aae13e1",
|
|
"name": "manage-clients",
|
|
"description": "${role_manage-clients}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "5b395e85-f5fa-4af9-b573-497cc9b1e694",
|
|
"name": "manage-identity-providers",
|
|
"description": "${role_manage-identity-providers}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "b4ec253f-4d52-425e-b091-ed51aac7bd4c",
|
|
"name": "view-users",
|
|
"description": "${role_view-users}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": ["query-groups", "query-users"]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "574e930a-07d5-446f-9628-3d7568eb483a",
|
|
"name": "query-realms",
|
|
"description": "${role_query-realms}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "0cb1c9c8-55ce-4f22-b6d5-b6882c8b74fd",
|
|
"name": "view-identity-providers",
|
|
"description": "${role_view-identity-providers}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "5d07f2b1-9f28-4e8b-8f91-7d68699d327c",
|
|
"name": "view-events",
|
|
"description": "${role_view-events}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "53ccf3c9-4391-4d43-9d9e-6e644b989e9f",
|
|
"name": "manage-realm",
|
|
"description": "${role_manage-realm}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
}
|
|
],
|
|
"security-admin-console": [],
|
|
"alfresco": [],
|
|
"admin-cli": [],
|
|
"broker": [
|
|
{
|
|
"id": "560b729f-ebc7-4ce6-967b-045611d35cde",
|
|
"name": "read-token",
|
|
"description": "${role_read-token}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "887e537f-4a97-4374-a5de-45ad37bfe2df"
|
|
}
|
|
],
|
|
"account": [
|
|
{
|
|
"id": "86de6e40-74c1-4aa6-9a8b-bff434fb9a18",
|
|
"name": "manage-account-links",
|
|
"description": "${role_manage-account-links}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "140feb9e-fd73-4d02-97f6-928ed67020f1"
|
|
},
|
|
{
|
|
"id": "6a95ddc1-2b12-4e59-8d14-01a98c0fad71",
|
|
"name": "manage-account",
|
|
"description": "${role_manage-account}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"account": ["manage-account-links"]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "140feb9e-fd73-4d02-97f6-928ed67020f1"
|
|
},
|
|
{
|
|
"id": "a8e8d710-1f71-4481-93a1-db030533b64a",
|
|
"name": "view-profile",
|
|
"description": "${role_view-profile}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "140feb9e-fd73-4d02-97f6-928ed67020f1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"groups": [
|
|
{
|
|
"id": "21cd4641-e7cb-456f-846d-214589cef3da",
|
|
"name": "admin",
|
|
"path": "/admin",
|
|
"attributes": {},
|
|
"realmRoles": [],
|
|
"clientRoles": {},
|
|
"subGroups": []
|
|
}
|
|
],
|
|
"defaultRoles": ["offline_access", "uma_authorization"],
|
|
"requiredCredentials": ["password"],
|
|
"otpPolicyType": "totp",
|
|
"otpPolicyAlgorithm": "HmacSHA256",
|
|
"otpPolicyInitialCounter": 0,
|
|
"otpPolicyDigits": 6,
|
|
"otpPolicyLookAheadWindow": 1,
|
|
"otpPolicyPeriod": 30,
|
|
"otpSupportedApplications": ["FreeOTP"],
|
|
"clients": [
|
|
{
|
|
"id": "fca5da6d-fd90-4596-a754-346d872b779f",
|
|
"clientId": "security-admin-console",
|
|
"name": "${client_security-admin-console}",
|
|
"baseUrl": "/auth/admin/alfresco/console/index.html",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": ["/auth/admin/alfresco/console/*"],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "50435a57-d933-4392-aa63-c7b93969cb77",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "9d065ef2-ac16-4314-bdce-6df1e32b45da",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "f21fa9c5-090a-4873-a059-5a714e186e08",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "1d28c5e3-d1ab-4563-838d-06c61e96fd3c",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "0fd5ed6e-65af-4661-9d40-09a0dc90d705",
|
|
"name": "locale",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"consentText": "${locale}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "locale",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "locale",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "47febcd5-e6e8-4c83-8ea0-551f66cbef51",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "fc891ffd-b5b7-4d56-b1cd-60ae25ec0040",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "be13165d-2792-43aa-abdb-2c6cdb627184",
|
|
"clientId": "alfresco",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": ["*"],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": true,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "202b6b67-dea4-440b-b250-867fa7eb7333",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "cdb53973-5bf0-4de4-945d-901de3205016",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8dd3c664-426e-44e7-931f-5e0700ed9e7f",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "aa1a443c-4716-424b-b695-49961d9cf98a",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "b29201a7-e442-47f6-a589-1b6faaf27b20",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "292f1e75-3216-447d-886a-6ab91b0dee1d",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "887e537f-4a97-4374-a5de-45ad37bfe2df",
|
|
"clientId": "broker",
|
|
"name": "${client_broker}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "865fd86a-4c5e-4900-80de-34f30feb55b8",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "80b5d7cc-1ec3-4d73-8344-d0479bb4178a",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "54578e9a-e782-4a83-8f24-13da2b2f598c",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "a8cd846c-f538-4001-ba5f-e37d77ff87cd",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "a259f058-dbda-473a-b96e-2998958f8510",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "c7aed2b8-6716-4770-a936-31d973bdc557",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "c1f65e94-ed07-4bba-bafd-413db402a5f2",
|
|
"clientId": "realm-management",
|
|
"name": "${client_realm-management}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": true,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "b51a2178-2121-42c8-9ae1-7a6f356377c0",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "091f3317-7f74-417f-9854-1726ede0fba8",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "033aeb3f-f04f-460b-9eeb-fd9376b1f639",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "5e3d143c-1792-41c1-bf10-2ece9684a8fc",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "e0464a63-f5ac-4fb8-9cf5-dc671badf59e",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "b68aec8b-327d-4238-8021-cefda0f66690",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "140feb9e-fd73-4d02-97f6-928ed67020f1",
|
|
"clientId": "account",
|
|
"name": "${client_account}",
|
|
"baseUrl": "/auth/realms/alfresco/account",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"defaultRoles": ["view-profile", "manage-account"],
|
|
"redirectUris": ["/auth/realms/alfresco/account/*"],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "fbda389d-78dd-4566-8238-c49a8809a3ac",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "88b68fdb-7f1b-459b-9013-2c1dfcb4ab87",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "9d129b38-1b18-4c79-a987-088ec7460d8d",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "6ca7c6ca-4d2f-4fbe-8288-c65ec1f1a2ef",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "dcaaafc2-72d0-41b1-9df1-250aa82c3aa3",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "64a2de57-3811-415f-a6b9-b550c3dfd8b0",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "b5947c98-5a51-47f4-b7c9-935c491d17e9",
|
|
"clientId": "admin-cli",
|
|
"name": "${client_admin-cli}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": false,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "3a7400ad-d225-401f-bdb7-91d60db990f6",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "e4353798-aaac-40fa-967d-64aea182dd69",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8fe5f0fa-b9f3-41c4-9a52-b195582d9239",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "44872cc3-57b5-41d3-aae1-825dd2c350c0",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "29d794ba-6708-49cd-8a83-c50d6fc0e293",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "4c266a5c-cb5f-407a-876e-18f002b7792a",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
}
|
|
],
|
|
"browserSecurityHeaders": {
|
|
"xContentTypeOptions": "nosniff",
|
|
"xRobotsTag": "none",
|
|
"xFrameOptions": "SAMEORIGIN",
|
|
"xXSSProtection": "1; mode=block",
|
|
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';"
|
|
},
|
|
"smtpServer": {},
|
|
"loginTheme": "keycloak",
|
|
"eventsEnabled": false,
|
|
"eventsListeners": ["jboss-logging"],
|
|
"enabledEventTypes": [],
|
|
"adminEventsEnabled": false,
|
|
"adminEventsDetailsEnabled": false,
|
|
"components": {
|
|
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
|
|
{
|
|
"id": "20f304be-9abc-4fa2-801e-c02440148d1b",
|
|
"name": "Trusted Hosts",
|
|
"providerId": "trusted-hosts",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"host-sending-registration-request-must-match": ["true"],
|
|
"client-uris-must-match": ["true"]
|
|
}
|
|
},
|
|
{
|
|
"id": "dd0ae9d2-7af3-4d38-b8e7-d9c5825d3b1f",
|
|
"name": "Full Scope Disabled",
|
|
"providerId": "scope",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "b3099bb7-0064-4315-85d9-cdbcc0bfef71",
|
|
"name": "Consent Required",
|
|
"providerId": "consent-required",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "7f35ed4a-2140-478b-b2f8-46585315b71f",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [
|
|
"saml-user-attribute-mapper",
|
|
"oidc-usermodel-property-mapper",
|
|
"saml-role-list-mapper",
|
|
"saml-user-property-mapper",
|
|
"oidc-address-mapper",
|
|
"oidc-full-name-mapper",
|
|
"oidc-sha256-pairwise-sub-mapper",
|
|
"oidc-usermodel-attribute-mapper"
|
|
],
|
|
"consent-required-for-all-mappers": ["true"]
|
|
}
|
|
},
|
|
{
|
|
"id": "30ac8e1b-b8e4-4877-aeab-42af7c2af5ff",
|
|
"name": "Allowed Client Templates",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "db5b54f2-258b-40f9-92f9-ef83a887d1fa",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [
|
|
"saml-user-attribute-mapper",
|
|
"oidc-usermodel-attribute-mapper",
|
|
"oidc-usermodel-property-mapper",
|
|
"saml-role-list-mapper",
|
|
"oidc-address-mapper",
|
|
"saml-user-property-mapper",
|
|
"oidc-full-name-mapper",
|
|
"oidc-sha256-pairwise-sub-mapper"
|
|
],
|
|
"consent-required-for-all-mappers": ["true"]
|
|
}
|
|
},
|
|
{
|
|
"id": "cd68d51f-9c85-4560-b1d6-9379bf3fce54",
|
|
"name": "Allowed Client Templates",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "cd3bfc37-cc55-40dc-8d83-98b76ad5a521",
|
|
"name": "Max Clients Limit",
|
|
"providerId": "max-clients",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"max-clients": ["200"]
|
|
}
|
|
}
|
|
],
|
|
"org.keycloak.keys.KeyProvider": [
|
|
{
|
|
"id": "14b13815-a8b1-412c-a98d-0da235e8c8f9",
|
|
"name": "rsa-generated",
|
|
"providerId": "rsa-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": ["100"]
|
|
}
|
|
},
|
|
{
|
|
"id": "306d8c4c-9ad1-444e-af1a-d6c67dffc5b7",
|
|
"name": "hmac-generated",
|
|
"providerId": "hmac-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": ["100"]
|
|
}
|
|
},
|
|
{
|
|
"id": "bff7cf8c-001f-4cfb-8d47-9a8bd5bc48d3",
|
|
"name": "aes-generated",
|
|
"providerId": "aes-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": ["100"]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"internationalizationEnabled": true,
|
|
"supportedLocales": [
|
|
"de",
|
|
"no",
|
|
"ru",
|
|
"sv",
|
|
"pt-BR",
|
|
"lt",
|
|
"en",
|
|
"it",
|
|
"fr",
|
|
"zh-CN",
|
|
"es",
|
|
"ja",
|
|
"ca",
|
|
"nl"
|
|
],
|
|
"defaultLocale": "en",
|
|
"authenticationFlows": [
|
|
{
|
|
"id": "ac4ffcd4-6547-4e1c-90ac-aa56304011fb",
|
|
"alias": "Handle Existing Account",
|
|
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-confirm-link",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "idp-email-verification",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "Verify Existing Account by Re-authentication",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "affb11d0-0542-4824-a433-a41e90295ec1",
|
|
"alias": "Verify Existing Account by Re-authentication",
|
|
"description": "Reauthentication of existing account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-username-password-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "19c7907b-c38a-4cbf-b106-f42ae613fce7",
|
|
"alias": "browser",
|
|
"description": "browser based authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-cookie",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-spnego",
|
|
"requirement": "DISABLED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "identity-provider-redirector",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 25,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "forms",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "5d678091-c1f9-4100-866f-fe35b032ae9d",
|
|
"alias": "clients",
|
|
"description": "Base authentication for clients",
|
|
"providerId": "client-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "client-secret",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "client-jwt",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "d41512a5-3b62-477c-9590-badbe9f8044d",
|
|
"alias": "direct grant",
|
|
"description": "OpenID Connect Resource Owner Grant",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "direct-grant-validate-username",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-password",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-otp",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "34c91e7e-dc6c-495a-889f-f033c9311911",
|
|
"alias": "docker auth",
|
|
"description": "Used by Docker clients to authenticate against the IDP",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "docker-http-basic-authenticator",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "d28bb33e-87a2-4712-a62c-01015ddfdf57",
|
|
"alias": "first broker login",
|
|
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticatorConfig": "review profile config",
|
|
"authenticator": "idp-review-profile",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticatorConfig": "create unique user config",
|
|
"authenticator": "idp-create-user-if-unique",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "Handle Existing Account",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "e65923ea-0c5b-43e3-9ebb-648391445207",
|
|
"alias": "forms",
|
|
"description": "Username, password, otp and other auth forms.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-username-password-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "2d8d3a79-2e44-4d52-9aa2-919a400e0ab0",
|
|
"alias": "registration",
|
|
"description": "registration flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-page-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"flowAlias": "registration form",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "5043cb5e-d76e-4a57-a0db-98366acb6bf7",
|
|
"alias": "registration form",
|
|
"description": "registration form",
|
|
"providerId": "form-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-user-creation",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-profile-action",
|
|
"requirement": "REQUIRED",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-password-action",
|
|
"requirement": "REQUIRED",
|
|
"priority": 50,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-recaptcha-action",
|
|
"requirement": "DISABLED",
|
|
"priority": 60,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "79f99e59-6a78-4262-a86a-231e0c69d4bd",
|
|
"alias": "reset credentials",
|
|
"description": "Reset credentials for a user if they forgot their password or something",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "reset-credentials-choose-user",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-credential-email",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-password",
|
|
"requirement": "REQUIRED",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-otp",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "62e8ccd7-e995-4226-bee4-4ef9f1d6edc1",
|
|
"alias": "saml ecp",
|
|
"description": "SAML ECP Profile Authentication Flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "http-basic-authenticator",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"authenticatorConfig": [
|
|
{
|
|
"id": "d1eae692-c7d2-4d52-ac4d-7b1231ce0a22",
|
|
"alias": "create unique user config",
|
|
"config": {
|
|
"require.password.update.after.registration": "false"
|
|
}
|
|
},
|
|
{
|
|
"id": "c6f89a26-2c86-4b6b-aee9-a483370fa20a",
|
|
"alias": "review profile config",
|
|
"config": {
|
|
"update.profile.on.first.login": "missing"
|
|
}
|
|
}
|
|
],
|
|
"requiredActions": [
|
|
{
|
|
"alias": "CONFIGURE_TOTP",
|
|
"name": "Configure OTP",
|
|
"providerId": "CONFIGURE_TOTP",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PASSWORD",
|
|
"name": "Update Password",
|
|
"providerId": "UPDATE_PASSWORD",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PROFILE",
|
|
"name": "Update Profile",
|
|
"providerId": "UPDATE_PROFILE",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "VERIFY_EMAIL",
|
|
"name": "Verify Email",
|
|
"providerId": "VERIFY_EMAIL",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "terms_and_conditions",
|
|
"name": "Terms and Conditions",
|
|
"providerId": "terms_and_conditions",
|
|
"enabled": false,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
}
|
|
],
|
|
"browserFlow": "browser",
|
|
"registrationFlow": "registration",
|
|
"directGrantFlow": "direct grant",
|
|
"resetCredentialsFlow": "reset credentials",
|
|
"clientAuthenticationFlow": "clients",
|
|
"dockerAuthenticationFlow": "docker auth",
|
|
"attributes": {
|
|
"_browser_header.xXSSProtection": "1; mode=block",
|
|
"_browser_header.xFrameOptions": "SAMEORIGIN",
|
|
"permanentLockout": "false",
|
|
"quickLoginCheckMilliSeconds": "1000",
|
|
"_browser_header.xRobotsTag": "none",
|
|
"maxFailureWaitSeconds": "900",
|
|
"minimumQuickLoginWaitSeconds": "60",
|
|
"failureFactor": "30",
|
|
"actionTokenGeneratedByUserLifespan": "300",
|
|
"maxDeltaTimeSeconds": "43200",
|
|
"_browser_header.xContentTypeOptions": "nosniff",
|
|
"actionTokenGeneratedByAdminLifespan": "43200",
|
|
"bruteForceProtected": "false",
|
|
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
|
|
"waitIncrementSeconds": "60"
|
|
},
|
|
"users": [
|
|
{
|
|
"id": "9c978d30-c9ad-4dcb-b61c-840fe56f72f2",
|
|
"createdTimestamp": 1533234734911,
|
|
"username": "admin",
|
|
"enabled": true,
|
|
"totp": false,
|
|
"emailVerified": true,
|
|
"firstName": "admin",
|
|
"lastName": "admin",
|
|
"email": "admin.adf@alfresco.com",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "admin"
|
|
}
|
|
],
|
|
"disableableCredentialTypes": ["password"],
|
|
"requiredActions": [],
|
|
"realmRoles": ["uma_authorization", "user", "offline_access"],
|
|
"clientRoles": {
|
|
"realm-management": [
|
|
"view-clients",
|
|
"manage-users",
|
|
"manage-clients",
|
|
"view-users",
|
|
"manage-realm",
|
|
"view-realm"
|
|
],
|
|
"account": ["manage-account", "view-profile"]
|
|
},
|
|
"groups": ["/admin"]
|
|
}
|
|
],
|
|
"keycloakVersion": "4.8.3.Final"
|
|
}
|