From 893c0e9cd8930cb467d4068152597ae2dc7afa4b Mon Sep 17 00:00:00 2001 From: James Elson Date: Tue, 9 Jan 2024 12:43:12 -0800 Subject: [PATCH 01/13] Button for tiered access aligned, and more description given. --- .../api-product-item/api-product-item.tsx | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/src/nextapp/components/api-product-item/api-product-item.tsx b/src/nextapp/components/api-product-item/api-product-item.tsx index e97879ecc..8cdf7cbd4 100644 --- a/src/nextapp/components/api-product-item/api-product-item.tsx +++ b/src/nextapp/components/api-product-item/api-product-item.tsx @@ -82,23 +82,20 @@ const ApiProductItem: React.FC = ({ Limits - {data.description && ( - - Public access has a rate limit enforced. - - )} - For elevated access, please{' '} - + Public access has a rate limit enforced. + + + For elevated access, please request access. + )} From 65474bd1a4a6c0834e93ef32d5120587dda8d8b8 Mon Sep 17 00:00:00 2001 From: Elson9 Date: Fri, 9 Feb 2024 16:19:14 -0800 Subject: [PATCH 02/13] Update README.md --- e2e/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/e2e/README.md b/e2e/README.md index b3adacaff..4c66d1def 100644 --- a/e2e/README.md +++ b/e2e/README.md @@ -63,6 +63,11 @@ Install Cypress on your local machine by following [these instructions](https:// ## 3. Cypress on Windows +> [!NOTE] +> WSL2 now supports running Linux GUI apps. [Get setup here](https://learn.microsoft.com/en-us/windows/wsl/tutorials/gui-apps) and follow the regular instructions above for setting up Cypress + +### Legacy Instructions: + You will need a copy of the API Service Portal on both your local machine and within your WSL 2/Linux distribution. Instructions pertaining to either WSL 2 or your local machine are prefaced with `WSL` and `LM` respectively in the following sections. From 2282d60548fb203ec3737cb7c182887011c828e6 Mon Sep 17 00:00:00 2001 From: ike thecoder Date: Wed, 14 Feb 2024 14:48:49 -0800 Subject: [PATCH 03/13] 1)Update cypress to latest version to support execution on latest chrome and edge browser (#988) 1)Update cypress to latest version to support execution on latest chrome and edge browser (#988) 2)Update cypress tests to latest changes in aps portal and gwa cli 3)Update cypress tests to latest methods in latest cypress version to clear cookies and session storage Co-authored-by: Niraj Patel --- docker-compose.yml | 48 +-- e2e/Dockerfile | 2 +- e2e/cypress/pageObjects/apiDirectory.ts | 2 +- e2e/cypress/support/auth-commands.ts | 6 +- .../tests/01-api-key/01-create-api.cy.ts | 4 +- .../03-request-access-inactive-env.cy.ts | 25 +- ...cess-with-out-collecting-credentials.cy.ts | 3 - .../01-api-key/07-approve-pending-rqst.cy.ts | 2 - .../01-client-cred-team-access.cy.ts | 3 +- .../02-create_authorizarion_profile.cy.ts | 2 - .../05-cids-access-approve-api-rqst.cy.ts | 13 +- .../06-jwt-genkp-access-rqst.cy.ts | 3 - ...07-jwt-genkp-access-approve-api-rqst.cy.ts | 3 - .../08-jwks-url-gen-keys-access-rqst.cy.ts | 3 - ...09-jwks-url-access-approval-api-rqst.cy.ts | 3 - .../10-jwks-publicKey-access-rqst.cy.ts | 3 - ...t-publlicKey-access-approve-api-rqst.cy.ts | 3 - ...approve-pending-rqst-for-labels.spec.cy.ts | 2 - .../01-migrate-user-access.cy.ts | 16 - .../07-manage-control/01-ip-restriction.cy.ts | 4 - .../07-manage-control/02-rate-limiting.cy.ts | 2 - ...03-kong-api-only-apply-rate-limiting.cy.ts | 13 +- .../08-client-role/03-read-client-role.ts | 6 - .../08-client-role/04-write-client-role.ts | 6 - .../08-client-role/05-check-without-role.ts | 6 - ...01-client-credential-to-kong-acl-api.cy.ts | 10 - ...02-kong-acl-api-to-client-credential.cy.ts | 10 - .../03-apply-multiple-services.cy.ts | 10 - .../09-update-product-env/06-shared-idp.cy.ts | 4 - .../10-clear-resources/01-create-api.cy.ts | 2 +- .../11-activity-feed/01-activity-feed.cy.ts | 2 - .../02-activity-feed-failure.cy.ts | 8 - .../12-access-permission/01-create-api.cy.ts | 2 +- .../04-access-manager.cy.ts | 7 - .../05-namespace-manage.cy.ts | 8 - .../06-credential-issuer.cy.ts | 4 - .../07-namespace-view.cy.ts | 7 - .../08-gateway-config.cy.ts | 7 - .../01-create-api.cy.ts | 2 +- .../01-client-cred-team-access.ts | 22 +- .../02-multiple-org-admin.ts | 8 +- .../03-multiple-org-admin-org-unit.ts | 6 +- .../tests/15-aps-api/01-create-api.cy.ts | 3 +- .../tests/15-aps-api/02-organization.cy.ts | 58 ++-- .../15-aps-api/05-authorizationProfiles.cy.ts | 11 - .../tests/15-aps-api/06-products.cy.ts | 10 - .../tests/16-gwa-cli/01-cli-commands.ts | 2 +- .../16-gwa-cli/02-cli-generate-config.ts | 5 +- ...te-application-with-approved-request.cy.ts | 8 - .../04-delete-namespace-gwa.ts | 3 +- e2e/package-lock.json | 300 ++++++++++++------ e2e/package.json | 2 +- 52 files changed, 306 insertions(+), 398 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 445c2b9d9..994f8ebbf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -103,30 +103,30 @@ services: - ./local/feeder-init:/tmp networks: - aps-net - cypress: - image: aps-cypress-e2e:latest - container_name: cypress-e2e - entrypoint: sh -c "chmod +x /tmp/entrypoint.sh && /tmp/entrypoint.sh" - environment: - - CYPRESS_RECORD_KEY=${CY_RECORD_KEY} - - CYPRESS_PROJECT_ID=${CY_PROJECT_ID} - - RUN_ENV=${CY_EXECUTION_ENV} - - COMMIT_INFO_BRANCH=${CY_COMMIT_BRANCH} - - COMMIT_INFO_SHA=${CY_COMMIT_SHA} - - COMMIT_INFO_AUTHOR=${CY_COMMIT_AUTHOR} - - COMMIT_INFO_MESSAGE=${CY_COMMIT_MESSAGE} - - COMMIT_INFO_REMOTE=${CY_REPO_URL} - - COMMIT_INFO_EMAIL=${CY_COMMIT_AUTHOR_EMAIL} - depends_on: - - feeder-seeding - build: - context: ./e2e - dockerfile: Dockerfile - volumes: - - ./e2e/coverage:/e2e/coverage - - ./e2e/results:/e2e/results - networks: - - aps-net + # cypress: + # image: aps-cypress-e2e:latest + # container_name: cypress-e2e + # entrypoint: sh -c "chmod +x /tmp/entrypoint.sh && /tmp/entrypoint.sh" + # environment: + # - CYPRESS_RECORD_KEY=${CY_RECORD_KEY} + # - CYPRESS_PROJECT_ID=${CY_PROJECT_ID} + # - RUN_ENV=${CY_EXECUTION_ENV} + # - COMMIT_INFO_BRANCH=${CY_COMMIT_BRANCH} + # - COMMIT_INFO_SHA=${CY_COMMIT_SHA} + # - COMMIT_INFO_AUTHOR=${CY_COMMIT_AUTHOR} + # - COMMIT_INFO_MESSAGE=${CY_COMMIT_MESSAGE} + # - COMMIT_INFO_REMOTE=${CY_REPO_URL} + # - COMMIT_INFO_EMAIL=${CY_COMMIT_AUTHOR_EMAIL} + # depends_on: + # - feeder-seeding + # build: + # context: ./e2e + # dockerfile: Dockerfile + # volumes: + # - ./e2e/coverage:/e2e/coverage + # - ./e2e/results:/e2e/results + # networks: + # - aps-net kong-db: image: postgres:12.8 container_name: kong-db diff --git a/e2e/Dockerfile b/e2e/Dockerfile index 70df0662a..ec4ec7539 100644 --- a/e2e/Dockerfile +++ b/e2e/Dockerfile @@ -9,7 +9,7 @@ COPY package.json /e2e COPY package-lock.json /e2e COPY *.yml /e2e COPY entrypoint.sh /tmp -COPY gwa /usr/local/bin +# COPY gwa /usr/local/bin ADD cypress /e2e/cypress RUN npm install diff --git a/e2e/cypress/pageObjects/apiDirectory.ts b/e2e/cypress/pageObjects/apiDirectory.ts index f0911e67e..b7825311b 100644 --- a/e2e/cypress/pageObjects/apiDirectory.ts +++ b/e2e/cypress/pageObjects/apiDirectory.ts @@ -24,7 +24,7 @@ class ApiDirectoryPage { cy.contains('a', product.name, { timeout: 10000 }).should('be.visible'); cy.contains(product.name).click() if (elevatedAccess) { - cy.contains('For elevated access, please Request Access').should('be.visible'); + cy.contains('For elevated access, please request acces').should('be.visible'); } cy.get(this.rqstAccessBtn).click() cy.get(this.appSelect).select(app.name) diff --git a/e2e/cypress/support/auth-commands.ts b/e2e/cypress/support/auth-commands.ts index ee920d741..65263d7ff 100644 --- a/e2e/cypress/support/auth-commands.ts +++ b/e2e/cypress/support/auth-commands.ts @@ -91,7 +91,6 @@ Cypress.Commands.add('resetCredential', (accessRole: string) => { const login = new LoginPage() const home = new HomePage() const na = new NamespaceAccessPage() - cy.deleteAllCookies() cy.visit('/') cy.reload() cy.fixture('apiowner').as('apiowner') @@ -117,7 +116,6 @@ Cypress.Commands.add('getUserSessionTokenValue', (namespace: string, isNamespace const home = new HomePage() const na = new NamespaceAccessPage() let userSession: string - cy.deleteAllCookies() cy.visit('/') cy.reload() cy.fixture('apiowner').as('apiowner') @@ -201,8 +199,10 @@ Cypress.Commands.add('logout', () => { cy.log('< Logging out') cy.getSession().then(() => { cy.get('@session').then((res: any) => { + cy.visit('/') + cy.wait(3000) cy.get('[data-testid=auth-menu-user]').click({ force: true }) - cy.contains('Logout').click() + cy.get('[data-testid=auth-menu-signout-btn]').click({ force: true }) }) }) cy.log('> Logging out') diff --git a/e2e/cypress/tests/01-api-key/01-create-api.cy.ts b/e2e/cypress/tests/01-api-key/01-create-api.cy.ts index 9fe06b03c..68a1d7da4 100644 --- a/e2e/cypress/tests/01-api-key/01-create-api.cy.ts +++ b/e2e/cypress/tests/01-api-key/01-create-api.cy.ts @@ -14,9 +14,9 @@ describe('Create API Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() cy.resetState() + cy.deleteAllCookies() }) beforeEach(() => { @@ -180,7 +180,5 @@ it('Verify gwa gateway publish multiple config file', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts b/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts index 20479b2a8..bfe769346 100644 --- a/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts +++ b/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts @@ -48,8 +48,6 @@ describe('Change an Active environment to Inactive', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -60,13 +58,12 @@ describe('Verify enactive environment in rrequest access pop up', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { cy.preserveCookies() cy.fixture('developer').as('developer') + Cypress.session.clearAllSavedSessions() // cy.visit(login.path) }) @@ -96,8 +93,12 @@ describe('Verify enactive environment in rrequest access pop up', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() + // cy.clearLocalStorage({ log: true }) + // cy.deleteAllCookies() + // Cypress.session.clearAllSavedSessions() + // cy.clearCookie('_oauth2_proxy') + // cy.clearCookie('keystone.sid') + // debugger }) }) @@ -108,9 +109,12 @@ describe('Change an the environment back to active', () => { const pd = new Products() before(() => { + debugger + // cy.clearAllSessionStorage({log: true}) cy.visit('/') - cy.deleteAllCookies() - cy.reload() + // cy.deleteAllCookies() + // cy.clearCookies() + // cy.reload() }) beforeEach(() => { @@ -131,6 +135,7 @@ describe('Change an the environment back to active', () => { }) it('Navigate to Products Page', () => { + debugger cy.visit(pd.path) }) @@ -143,7 +148,7 @@ describe('Change an the environment back to active', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() + // cy.clearLocalStorage({ log: true }) + // cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts b/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts index 4eb63eb4c..85d5de5dd 100644 --- a/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts +++ b/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts @@ -11,7 +11,6 @@ describe('Request Access without colleting credential Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -39,7 +38,5 @@ describe('Request Access without colleting credential Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts b/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts index d48bc2e33..110bdbba4 100644 --- a/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts +++ b/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts @@ -72,8 +72,6 @@ describe('Approve Pending Request Spec', () => { }) after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts b/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts index c0ba4af3a..6af9f276b 100644 --- a/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts @@ -39,7 +39,8 @@ describe('Grant appropriate permissions to team members for client credential fl it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 5000, failOnNonZeroExit: false }).then((response) => { + debugger assert.isNotNaN(response.stdout) namespace = response.stdout cy.replaceWordInJsonObject('ccplatform', namespace, 'cc-service-gwa.yml') diff --git a/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts b/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts index e7b0ec4db..8a89f006d 100644 --- a/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts @@ -81,7 +81,5 @@ describe('Generate Authorization Profiles', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts index 37c0be416..ec83f1f72 100644 --- a/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts @@ -13,7 +13,6 @@ describe('Access manager approves developer access request for Client ID/Secret before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -51,8 +50,6 @@ describe('Access manager approves developer access request for Client ID/Secret after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -91,7 +88,6 @@ describe('Verify the selected client scoped is displayed in assigned default lis before(() => { cy.visit(Cypress.env('KEYCLOAK_URL')) - cy.deleteAllCookies() cy.reload() }) @@ -131,8 +127,6 @@ describe('Verify the selected client scoped is displayed in assigned default lis after(() => { cy.keycloakLogout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -144,7 +138,6 @@ describe('Deselect the scope from authorization tab', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -182,6 +175,9 @@ describe('Deselect the scope from authorization tab', () => { consumers.saveAppliedConfig() }) }) + after(() => { + cy.logout() + }) }) describe('Verify the selected client scoped is not displayed in assigned default list', () => { @@ -193,7 +189,6 @@ describe('Verify the selected client scoped is not displayed in assigned default before(() => { cy.visit(Cypress.env('KEYCLOAK_URL')) - cy.deleteAllCookies() cy.reload() }) @@ -233,8 +228,6 @@ describe('Verify the selected client scoped is not displayed in assigned default after(() => { cy.keycloakLogout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts index 9277a03a9..b51544eaa 100644 --- a/e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts @@ -11,7 +11,6 @@ describe('Developer creates an access request for JWT Generated Key Pair authent before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -53,7 +52,5 @@ describe('Developer creates an access request for JWT Generated Key Pair authent after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts index 140eb982e..be7cd48bb 100644 --- a/e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts @@ -11,7 +11,6 @@ describe('Access manager approves developer access request for JWT - Generated K before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -45,8 +44,6 @@ describe('Access manager approves developer access request for JWT - Generated K after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts index 3ab5a3929..01da22880 100644 --- a/e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts @@ -39,7 +39,6 @@ describe('Developer creates an access request for JWKS URL', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -80,7 +79,5 @@ describe('Developer creates an access request for JWKS URL', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts index a46bf0002..07aaef97d 100644 --- a/e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts @@ -12,7 +12,6 @@ describe('Access manager approves developer access request for JWKS URL flow', ( before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -46,8 +45,6 @@ describe('Access manager approves developer access request for JWKS URL flow', ( after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts index 798fdaef3..7d13d3986 100644 --- a/e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts @@ -13,7 +13,6 @@ describe('Generates public/private key and set public key to access request', () before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -71,7 +70,5 @@ describe('Generates public/private key and set public key to access request', () after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts index aa58e9d32..8542216b3 100644 --- a/e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts @@ -11,7 +11,6 @@ describe('Access manager approves developer access request for JWT - Generated K before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -46,8 +45,6 @@ describe('Access manager approves developer access request for JWT - Generated K after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts b/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts index 8acba76ce..5662562ee 100644 --- a/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts +++ b/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts @@ -64,8 +64,6 @@ describe('Approve Pending Request Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/05-migrate-user/01-migrate-user-access.cy.ts b/e2e/cypress/tests/05-migrate-user/01-migrate-user-access.cy.ts index bd817ab6e..29600e05e 100644 --- a/e2e/cypress/tests/05-migrate-user/01-migrate-user-access.cy.ts +++ b/e2e/cypress/tests/05-migrate-user/01-migrate-user-access.cy.ts @@ -10,8 +10,6 @@ describe('Assign Access to existing user Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -45,8 +43,6 @@ describe('Assign Access to existing user Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -57,8 +53,6 @@ describe('Authernticate with old user to initiate migration', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -81,8 +75,6 @@ describe('Authernticate with old user to initiate migration', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -94,8 +86,6 @@ describe('Verify that permission of old user is migrated to new user', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -138,8 +128,6 @@ describe('Verify that permission of old user is migrated to new user', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -151,8 +139,6 @@ describe('Verify that old user is no longer able to sign in', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -174,7 +160,5 @@ describe('Verify that old user is no longer able to sign in', () => { }) after(() => { - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/07-manage-control/01-ip-restriction.cy.ts b/e2e/cypress/tests/07-manage-control/01-ip-restriction.cy.ts index 2aeeb2f6e..4ea8283dc 100644 --- a/e2e/cypress/tests/07-manage-control/01-ip-restriction.cy.ts +++ b/e2e/cypress/tests/07-manage-control/01-ip-restriction.cy.ts @@ -9,8 +9,6 @@ describe('Manage Control-IP Restriction Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -226,7 +224,5 @@ describe('Manage Control -Apply IP Restriction to Global and Consumer at Route l after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts b/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts index c73464263..fa4805a7a 100644 --- a/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts +++ b/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts @@ -272,7 +272,5 @@ describe('Manage Control-Apply Rate limiting to Global and Consumer at Route lev after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts b/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts index ad0d5c8f8..72602f996 100644 --- a/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts +++ b/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts @@ -20,7 +20,6 @@ describe('Apply Kong API key only plugin', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -58,6 +57,7 @@ describe('Apply Kong API key only plugin', () => { it('Create a new consumer and save the consumer Id', () => { cy.makeKongGatewayRequest('consumers', 'createConsumer', 'POST').then((response) => { + debugger expect(response.status).to.be.equal(201) consumerID = response.body.id cy.saveState("consumersid", consumerID) @@ -106,6 +106,9 @@ describe('Apply Kong API key only plugin', () => { expect(response.status).to.be.equal(201) }) }) + after(() => { + cy.logout() + }) }) describe('Check the API key for free access', () => { @@ -138,8 +141,6 @@ describe('Check the API key for Elevated access', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -176,8 +177,6 @@ describe('Check the API key for Elevated access', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -188,8 +187,6 @@ describe('Approve Pending Request Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -247,8 +244,6 @@ describe('Approve Pending Request Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/08-client-role/03-read-client-role.ts b/e2e/cypress/tests/08-client-role/03-read-client-role.ts index b221da16f..5f81dc6d0 100644 --- a/e2e/cypress/tests/08-client-role/03-read-client-role.ts +++ b/e2e/cypress/tests/08-client-role/03-read-client-role.ts @@ -56,8 +56,6 @@ describe('Developer creates an access request for Client ID/Secret authenticator after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -68,8 +66,6 @@ describe('Access manager apply "Read" role and approves developer access request before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -108,8 +104,6 @@ describe('Access manager apply "Read" role and approves developer access request after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/08-client-role/04-write-client-role.ts b/e2e/cypress/tests/08-client-role/04-write-client-role.ts index f4250cd3f..f6eb74aef 100644 --- a/e2e/cypress/tests/08-client-role/04-write-client-role.ts +++ b/e2e/cypress/tests/08-client-role/04-write-client-role.ts @@ -55,8 +55,6 @@ describe('Developer creates an access request for Client ID/Secret authenticator after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -67,8 +65,6 @@ describe('Access manager apply "Write" role and approves developer access reques before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -107,8 +103,6 @@ describe('Access manager apply "Write" role and approves developer access reques after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/08-client-role/05-check-without-role.ts b/e2e/cypress/tests/08-client-role/05-check-without-role.ts index 2f2c86b91..fed1ead1f 100644 --- a/e2e/cypress/tests/08-client-role/05-check-without-role.ts +++ b/e2e/cypress/tests/08-client-role/05-check-without-role.ts @@ -71,8 +71,6 @@ describe('Reset Authorization profile to default (without any role)', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -82,8 +80,6 @@ describe('Check service access without applying any roles', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -132,7 +128,5 @@ describe('Check service access without applying any roles', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts b/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts index 7b5a35813..609f76633 100644 --- a/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts @@ -109,8 +109,6 @@ describe('Change Authorization profile', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -123,8 +121,6 @@ describe('Request service Access Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -162,8 +158,6 @@ describe('Request service Access Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -174,8 +168,6 @@ describe('Access manager approves developer access request for Kong API ACL auth before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -220,7 +212,5 @@ describe('Access manager approves developer access request for Kong API ACL auth after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts b/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts index 089bcf725..d1d94a6d0 100644 --- a/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts @@ -112,8 +112,6 @@ describe('Change Authorization profile from Kong ACL-API to Client Credential', after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -126,8 +124,6 @@ describe('Developer creates an access request for Client ID/Secret authenticator before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -168,8 +164,6 @@ describe('Developer creates an access request for Client ID/Secret authenticator after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -180,8 +174,6 @@ describe('Access manager approves developer access request for Client ID/Secret before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -214,8 +206,6 @@ describe('Access manager approves developer access request for Client ID/Secret after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts b/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts index 3cc4580bf..c0ddc9299 100644 --- a/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts @@ -90,8 +90,6 @@ describe('Apply multiple services to the product environment', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -153,8 +151,6 @@ describe('Developer creates an access request for Client ID/Secret authenticator before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -195,8 +191,6 @@ describe('Developer creates an access request for Client ID/Secret authenticator after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -207,8 +201,6 @@ describe('Access manager approves developer access request for Client ID/Secret before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -241,8 +233,6 @@ describe('Access manager approves developer access request for Client ID/Secret after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts b/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts index 9e5c3d28e..e59ae51d6 100644 --- a/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts @@ -74,8 +74,6 @@ describe('Apply Shared IDP while creating Authorization Profile', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -89,8 +87,6 @@ describe('Update IDP issuer for shared IDP profile', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { diff --git a/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts b/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts index 715ea8324..817781a88 100644 --- a/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts +++ b/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts @@ -42,7 +42,7 @@ describe('Create API Spec for Delete Resources', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.replaceWordInJsonObject('ns.deleteplatform', 'ns.' + namespace, 'service-clear-resources-gwa.yml') diff --git a/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts b/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts index 6ae592157..ccb75a9a5 100644 --- a/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts +++ b/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts @@ -96,8 +96,6 @@ describe('Verify the Activity filter for users', () => { before(() => { cy.visit('/') - // cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { diff --git a/e2e/cypress/tests/11-activity-feed/02-activity-feed-failure.cy.ts b/e2e/cypress/tests/11-activity-feed/02-activity-feed-failure.cy.ts index c6fd120ab..a9ad76d3b 100644 --- a/e2e/cypress/tests/11-activity-feed/02-activity-feed-failure.cy.ts +++ b/e2e/cypress/tests/11-activity-feed/02-activity-feed-failure.cy.ts @@ -20,8 +20,6 @@ describe('Make the access request for invalid profile', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -56,8 +54,6 @@ describe('Make the access request for invalid profile', () => { // }) after(() => { cy.logout() - cy.clearLocalStorage({log:true}) - cy.deleteAllCookies() }) }) @@ -73,8 +69,6 @@ describe('Create API, Product, and Authorization Profiles; Apply Auth Profiles t before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -123,7 +117,5 @@ describe('Create API, Product, and Authorization Profiles; Apply Auth Profiles t after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts b/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts index a5488bb92..fd9186e62 100644 --- a/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts +++ b/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts @@ -42,7 +42,7 @@ describe('Create API Spec', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.replaceWordInJsonObject('ns.permission', 'ns.' + namespace, 'service-permission-gwa.yml') diff --git a/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts b/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts index 9a22515ea..0e71be9d6 100644 --- a/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts +++ b/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts @@ -42,8 +42,6 @@ describe('Grant Access Manager Role', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -58,7 +56,6 @@ describe('Verify that Mark is able to view the pending request', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -91,11 +88,7 @@ describe('Verify that Mark is able to view the pending request', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() cy.resetCredential('Mark') cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts b/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts index 79fa205cc..93f743788 100644 --- a/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts +++ b/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts @@ -14,7 +14,6 @@ describe('Grant Namespace Manage Role', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -48,8 +47,6 @@ describe('Grant Namespace Manage Role', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -64,7 +61,6 @@ describe('Verify that Wendy is able to see all the options for the Namespace', ( before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -94,11 +90,7 @@ describe('Verify that Wendy is able to see all the options for the Namespace', ( after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() cy.resetCredential('Wendy') cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts b/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts index 5903a618a..1998de81a 100644 --- a/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts +++ b/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts @@ -13,7 +13,6 @@ describe('Grant Credential Issuer Role', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -46,8 +45,6 @@ describe('Grant Credential Issuer Role', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -62,7 +59,6 @@ describe('Verify that Wendy is able to generate authorization profile', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) diff --git a/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts b/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts index 05f1621cc..dafef02e6 100644 --- a/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts +++ b/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts @@ -45,8 +45,6 @@ describe('Grant Namespace View Role to Mark', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -60,7 +58,6 @@ describe('Verify that Mark is unable to create service account', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -107,11 +104,7 @@ describe('Verify that Mark is unable to create service account', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() cy.resetCredential('Mark') cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts b/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts index ec94ec380..3021c5e61 100644 --- a/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts +++ b/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts @@ -48,8 +48,6 @@ describe('Grant Gateway Config Role to Wendy', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -64,7 +62,6 @@ describe('Verify that Wendy is able to generate authorization profile', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -97,11 +94,7 @@ describe('Verify that Wendy is able to generate authorization profile', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() cy.resetCredential('Wendy') cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts b/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts index 42e545761..3e2fd2a42 100644 --- a/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts +++ b/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts @@ -42,7 +42,7 @@ describe('Create API Spec', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.updateJsonValue('common-testdata.json', 'namespacePreview.namespace', namespace) diff --git a/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts b/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts index 29fc44462..5f6d92d93 100644 --- a/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts +++ b/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts @@ -50,7 +50,7 @@ describe('Add Organization to publish API', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.updateJsonValue('common-testdata.json', 'orgAssignment.namespace', namespace) @@ -131,8 +131,6 @@ describe('Add Organization to publish API', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -144,9 +142,6 @@ describe('Org Admin approves the request', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() - cy.resetState() }) beforeEach(() => { @@ -179,8 +174,6 @@ describe('Org Admin approves the request', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -193,9 +186,6 @@ describe('Activate the API to make it visible in API Directory', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() - cy.resetState() }) beforeEach(() => { @@ -241,8 +231,6 @@ describe('Activate the API to make it visible in API Directory', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -254,8 +242,6 @@ describe('Request service Access Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -293,8 +279,6 @@ describe('Request service Access Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -305,8 +289,6 @@ describe('Access manager approves developer access request for Kong API ACL auth before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { @@ -348,7 +330,5 @@ describe('Access manager approves developer access request for Kong API ACL auth after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts b/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts index 1abe74e2a..059a70431 100644 --- a/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts +++ b/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts @@ -53,8 +53,6 @@ describe('Give a user org admin access at organization level', () => { after(() => { cy.keycloakLogout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -71,8 +69,6 @@ describe('Multiple Org Adming for the organization', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() cy.resetState() }) @@ -100,7 +96,7 @@ describe('Multiple Org Adming for the organization', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.updateJsonValue('common-testdata.json', 'orgAssignment.namespace', namespace) @@ -147,7 +143,5 @@ describe('Multiple Org Adming for the organization', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts b/e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts index 2fa19e811..193ea09b6 100644 --- a/e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts +++ b/e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts @@ -70,8 +70,6 @@ describe('Give a user org admin access at organization unit level', () => { after(() => { cy.keycloakLogout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -88,8 +86,6 @@ describe('Multiple Org Admin for the organization', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() cy.resetState() }) @@ -116,7 +112,7 @@ describe('Multiple Org Admin for the organization', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.updateJsonValue('common-testdata.json', 'orgAssignment.namespace', namespace) diff --git a/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts b/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts index e85a6fff4..0f39c82ec 100644 --- a/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts +++ b/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts @@ -42,7 +42,7 @@ describe('Create API Spec', () => { it('create namespace using gwa cli command', () => { var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout cy.updateJsonValue('common-testdata.json', 'apiTest.namespace', namespace) @@ -69,6 +69,5 @@ describe('Create API Spec', () => { after(() => { cy.logout() cy.clearLocalStorage({log:true}) - cy.deleteAllCookies() }) }) diff --git a/e2e/cypress/tests/15-aps-api/02-organization.cy.ts b/e2e/cypress/tests/15-aps-api/02-organization.cy.ts index 105dba5ad..29bc1df5c 100644 --- a/e2e/cypress/tests/15-aps-api/02-organization.cy.ts +++ b/e2e/cypress/tests/15-aps-api/02-organization.cy.ts @@ -3,6 +3,35 @@ import LoginPage from "../../pageObjects/login" let userSession: any var nameSpace: string +describe('Get the user session token', () => { + + const login = new LoginPage() + const home = new HomePage() + + before(() => { + cy.visit('/') + cy.deleteAllCookies() + cy.reload() + // cy.getUserSessionTokenValue() + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('apiowner').as('apiowner') + cy.fixture('common-testdata').as('common-testdata') + // cy.visit(login.path) + }) + + it('authenticates Janis (api owner) to get the user session token', () => { + cy.get('@common-testdata').then(({ apiTest }: any) => { + cy.getUserSessionTokenValue(apiTest.namespace).then((value) => { + userSession = value + }) + }) + }) +}) + + describe('API Tests to verify the Organization details in the response', () => { beforeEach(() => { @@ -62,33 +91,6 @@ describe('Verify /Organization/{Org} end point', () => { }) }) -describe('Get the user session token', () => { - - const login = new LoginPage() - const home = new HomePage() - - before(() => { - cy.visit('/') - cy.deleteAllCookies() - cy.reload() - // cy.getUserSessionTokenValue() - }) - - beforeEach(() => { - cy.preserveCookies() - cy.fixture('apiowner').as('apiowner') - cy.fixture('common-testdata').as('common-testdata') - cy.visit(login.path) - }) - - it('authenticates Janis (api owner) to get the user session token', () => { - cy.get('@common-testdata').then(({ apiTest }: any) => { - cy.getUserSessionTokenValue(apiTest.namespace).then((value) => { - userSession = value - }) - }) - }) -}) describe('Get the Organization Role', () => { @@ -262,7 +264,5 @@ describe('Add and Get Organization Access', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/15-aps-api/05-authorizationProfiles.cy.ts b/e2e/cypress/tests/15-aps-api/05-authorizationProfiles.cy.ts index 256295862..d60901552 100644 --- a/e2e/cypress/tests/15-aps-api/05-authorizationProfiles.cy.ts +++ b/e2e/cypress/tests/15-aps-api/05-authorizationProfiles.cy.ts @@ -100,11 +100,6 @@ testData.forEach((testCase: any) => { }) }) }) - - after(() => { - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() - }) }) describe('API Tests for Authorization Profiles created with inheritFrom attribute set to a valid shared Issuer', () => { @@ -211,8 +206,6 @@ describe('Published a shared authorization profile', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -225,7 +218,6 @@ describe('Deleted shared auth profile', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -264,8 +256,6 @@ describe('Deleted shared auth profile', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -277,7 +267,6 @@ describe('Verify that client ID of deleted shared auth profile in IDP', () => { before(() => { cy.visit(Cypress.env('KEYCLOAK_URL')) - cy.deleteAllCookies() cy.reload() }) diff --git a/e2e/cypress/tests/15-aps-api/06-products.cy.ts b/e2e/cypress/tests/15-aps-api/06-products.cy.ts index b76fcdbd7..52c955747 100644 --- a/e2e/cypress/tests/15-aps-api/06-products.cy.ts +++ b/e2e/cypress/tests/15-aps-api/06-products.cy.ts @@ -97,7 +97,6 @@ describe('Verify that created Product is displayed in UI', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -109,15 +108,6 @@ describe('Verify that created Product is displayed in UI', () => { cy.visit(login.path) }) - it('authenticates Janis (api owner) to get the user session token', () => { - cy.get('@common-testdata').then(({ apiTest }: any) => { - cy.getUserSessionTokenValue(apiTest.namespace).then((value) => { - home.useNamespace(apiTest.namespace) - userSession = value - }) - }) - }) - it('Verify that the product is visible in Manage Product Page', () => { cy.visit(pd.path) cy.get('@api').then(({ products }: any) => { diff --git a/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts b/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts index 28be88935..0031c0e07 100644 --- a/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts +++ b/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts @@ -77,7 +77,7 @@ describe('Verify CLI commands', () => { }) it('Check gwa command to create namespace', () => { - cy.executeCliCommand('gwa namespace create --host ' + cleanedUrl + ' --scheme http').then((response) => { + cy.executeCliCommand('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http').then((response) => { assert.isNotNaN(response.stdout) namespace = response.stdout }); diff --git a/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts b/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts index 282a3e65f..12a5d5d18 100644 --- a/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts +++ b/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts @@ -21,7 +21,6 @@ describe('Verify CLI commands for generate/apply config', () => { before(() => { // cy.visit('/') - cy.deleteAllCookies() cy.reload() }) @@ -47,7 +46,7 @@ describe('Verify CLI commands for generate/apply config', () => { it('Check gwa command to generate config for client credential template', () => { cy.executeCliCommand('gwa generate-config --template client-credentials-shared-idp --service my-service --upstream https://httpbin.org --org ministry-of-health --org-unit planning-and-innovation-division').then((response) => { - assert.equal(response.stdout, "File gw-config.yml created") + expect(response.stdout).to.contain("File gw-config.yml created") }); }) @@ -87,8 +86,6 @@ describe('Verify CLI commands for generate/apply config', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) \ No newline at end of file diff --git a/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts b/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts index e94e77f2e..c6f6da735 100644 --- a/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts +++ b/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts @@ -48,8 +48,6 @@ describe('Delete application which has approved request spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -60,8 +58,6 @@ describe('Approve Pending Request Spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() // cy.getServiceOrRouteID('services') // cy.getServiceOrRouteID('routes') }) @@ -96,8 +92,6 @@ describe('Approve Pending Request Spec', () => { after(() => { cy.logout() - cy.clearLocalStorage({ log: true }) - cy.deleteAllCookies() }) }) @@ -110,8 +104,6 @@ describe('Delete application which has approved request spec', () => { before(() => { cy.visit('/') - cy.deleteAllCookies() - cy.reload() }) beforeEach(() => { diff --git a/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts b/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts index ac18faa89..e452d6282 100644 --- a/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts +++ b/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts @@ -33,7 +33,8 @@ describe('Verify namespace delete using gwa command', () => { }) it('Create namespace using gwa cli command', () => { - cy.executeCliCommand('gwa namespace create').then((response) => { + var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { assert.isNotNaN(response.stdout) _namespace = response.stdout }); diff --git a/e2e/package-lock.json b/e2e/package-lock.json index 5df9ae714..b5e216adf 100644 --- a/e2e/package-lock.json +++ b/e2e/package-lock.json @@ -40,7 +40,7 @@ "@types/request": "^2.48.7", "@typescript-eslint/eslint-plugin": "^4.28.1", "@typescript-eslint/parser": "^4.28.1", - "cypress": "^12.4.0", + "cypress": "^13.6.3", "cypress-iframe": "^1.0.1", "cypress-mochawesome-reporter": "^3.2.3", "cypress-slow-down": "^1.2.1", @@ -1957,9 +1957,9 @@ "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" }, "node_modules/@cypress/request": { - "version": "2.88.10", - "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.10.tgz", - "integrity": "sha512-Zp7F+R93N0yZyG34GutyTNr+okam7s/Fzc1+i3kcqOP8vk6OuajuE9qZJ6Rs+10/1JFtXFYMdyarnU1rZuJesg==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.1.tgz", + "integrity": "sha512-TWivJlJi8ZDx2wGOw1dbLuHJKUYX7bWySw377nlnGOW3hP9/MUKIsEdXT/YngWxVdgNCHRBmFlBipE+5/2ZZlQ==", "dev": true, "dependencies": { "aws-sign2": "~0.7.0", @@ -1975,9 +1975,9 @@ "json-stringify-safe": "~5.0.1", "mime-types": "~2.1.19", "performance-now": "^2.1.0", - "qs": "~6.5.2", + "qs": "6.10.4", "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", + "tough-cookie": "^4.1.3", "tunnel-agent": "^0.6.0", "uuid": "^8.3.2" }, @@ -1999,6 +1999,45 @@ "node": ">= 0.12" } }, + "node_modules/@cypress/request/node_modules/qs": { + "version": "6.10.4", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.4.tgz", + "integrity": "sha512-OQiU+C+Ds5qiH91qh/mg0w+8nwQuLjM4F4M/PbmhDOoYehPh+Fb0bDjtR1sOvy7YKxvj28Y/M0PhP5uVX0kB+g==", + "dev": true, + "dependencies": { + "side-channel": "^1.0.4" + }, + "engines": { + "node": ">=0.6" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/@cypress/request/node_modules/tough-cookie": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.3.tgz", + "integrity": "sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==", + "dev": true, + "dependencies": { + "psl": "^1.1.33", + "punycode": "^2.1.1", + "universalify": "^0.2.0", + "url-parse": "^1.5.3" + }, + "engines": { + "node": ">=6" + } + }, + "node_modules/@cypress/request/node_modules/universalify": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.2.0.tgz", + "integrity": "sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==", + "dev": true, + "engines": { + "node": ">= 4.0.0" + } + }, "node_modules/@cypress/webpack-preprocessor": { "version": "5.17.0", "resolved": "https://registry.npmjs.org/@cypress/webpack-preprocessor/-/webpack-preprocessor-5.17.0.tgz", @@ -3832,9 +3871,9 @@ } }, "node_modules/commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/commander/-/commander-6.2.1.tgz", + "integrity": "sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==", "dev": true, "engines": { "node": ">= 6" @@ -3943,15 +3982,14 @@ "integrity": "sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==" }, "node_modules/cypress": { - "version": "12.4.0", - "resolved": "https://registry.npmjs.org/cypress/-/cypress-12.4.0.tgz", - "integrity": "sha512-//h93K/yGC/7pxv1KamlkADbKHLp5h3f9rZDE2McRjXZDagMETH0sXowOOanvhsH8cFt/JWspIcK+p9cuaoAqg==", + "version": "13.6.3", + "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.6.3.tgz", + "integrity": "sha512-d/pZvgwjAyZsoyJ3FOsJT5lDsqnxQ/clMqnNc++rkHjbkkiF2h9s0JsZSyyH4QXhVFW3zPFg82jD25roFLOdZA==", "dev": true, "hasInstallScript": true, "dependencies": { - "@cypress/request": "^2.88.10", + "@cypress/request": "^3.0.0", "@cypress/xvfb": "^1.2.4", - "@types/node": "^14.14.31", "@types/sinonjs__fake-timers": "8.1.1", "@types/sizzle": "^2.3.2", "arch": "^2.2.0", @@ -3963,10 +4001,10 @@ "check-more-types": "^2.24.0", "cli-cursor": "^3.1.0", "cli-table3": "~0.6.1", - "commander": "^5.1.0", + "commander": "^6.2.1", "common-tags": "^1.8.0", "dayjs": "^1.10.4", - "debug": "^4.3.2", + "debug": "^4.3.4", "enquirer": "^2.3.6", "eventemitter2": "6.4.7", "execa": "4.1.0", @@ -3981,12 +4019,13 @@ "listr2": "^3.8.3", "lodash": "^4.17.21", "log-symbols": "^4.0.0", - "minimist": "^1.2.6", + "minimist": "^1.2.8", "ospath": "^1.2.2", "pretty-bytes": "^5.6.0", + "process": "^0.11.10", "proxy-from-env": "1.0.0", "request-progress": "^3.0.0", - "semver": "^7.3.2", + "semver": "^7.5.3", "supports-color": "^8.1.1", "tmp": "~0.2.1", "untildify": "^4.0.0", @@ -3996,7 +4035,7 @@ "cypress": "bin/cypress" }, "engines": { - "node": "^14.0.0 || ^16.0.0 || >=18.0.0" + "node": "^16.0.0 || ^18.0.0 || >=20.0.0" } }, "node_modules/cypress-iframe": { @@ -4136,12 +4175,6 @@ "resolved": "https://registry.npmjs.org/cypress-xpath/-/cypress-xpath-1.6.2.tgz", "integrity": "sha512-mtwJPl840GQPGtb480fKR5vDIcijBHhAVwby5/AIPIT/UVT7UJhM2L42/R+venR7N01I0PoOJErb6UiMbCyUxg==" }, - "node_modules/cypress/node_modules/@types/node": { - "version": "14.18.12", - "resolved": "https://registry.npmjs.org/@types/node/-/node-14.18.12.tgz", - "integrity": "sha512-q4jlIR71hUpWTnGhXWcakgkZeHa3CCjcQcnuzU8M891BAWA2jHiziiWEPEkdS5pFsz7H9HJiy8BrK7tBRNrY7A==", - "dev": true - }, "node_modules/cypress/node_modules/buffer": { "version": "5.7.1", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", @@ -4166,10 +4199,33 @@ "ieee754": "^1.1.13" } }, + "node_modules/cypress/node_modules/debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dev": true, + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/cypress/node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, "node_modules/cypress/node_modules/semver": { - "version": "7.3.7", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz", - "integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==", + "version": "7.5.4", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", + "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", "dev": true, "dependencies": { "lru-cache": "^6.0.0" @@ -7332,10 +7388,13 @@ } }, "node_modules/minimist": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", - "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", - "dev": true + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", + "dev": true, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } }, "node_modules/minipass": { "version": "3.3.6", @@ -8765,6 +8824,14 @@ "once": "^1.3.1" } }, + "node_modules/punycode": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==", + "engines": { + "node": ">=6" + } + }, "node_modules/qs": { "version": "6.5.3", "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", @@ -8773,6 +8840,12 @@ "node": ">=0.6" } }, + "node_modules/querystringify": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz", + "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==", + "dev": true + }, "node_modules/queue-microtask": { "version": "1.2.3", "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", @@ -9106,6 +9179,12 @@ "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==" }, + "node_modules/requires-port": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz", + "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==", + "dev": true + }, "node_modules/resolve": { "version": "1.22.0", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.0.tgz", @@ -10007,14 +10086,6 @@ "node": ">=0.8" } }, - "node_modules/tough-cookie/node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" - } - }, "node_modules/tsconfig-paths": { "version": "3.14.1", "resolved": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.14.1.tgz", @@ -10293,12 +10364,14 @@ "punycode": "^2.1.0" } }, - "node_modules/uri-js/node_modules/punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", - "engines": { - "node": ">=6" + "node_modules/url-parse": { + "version": "1.5.10", + "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz", + "integrity": "sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==", + "dev": true, + "dependencies": { + "querystringify": "^2.1.1", + "requires-port": "^1.0.0" } }, "node_modules/util-deprecate": { @@ -12112,9 +12185,9 @@ } }, "@cypress/request": { - "version": "2.88.10", - "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.10.tgz", - "integrity": "sha512-Zp7F+R93N0yZyG34GutyTNr+okam7s/Fzc1+i3kcqOP8vk6OuajuE9qZJ6Rs+10/1JFtXFYMdyarnU1rZuJesg==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.1.tgz", + "integrity": "sha512-TWivJlJi8ZDx2wGOw1dbLuHJKUYX7bWySw377nlnGOW3hP9/MUKIsEdXT/YngWxVdgNCHRBmFlBipE+5/2ZZlQ==", "dev": true, "requires": { "aws-sign2": "~0.7.0", @@ -12130,9 +12203,9 @@ "json-stringify-safe": "~5.0.1", "mime-types": "~2.1.19", "performance-now": "^2.1.0", - "qs": "~6.5.2", + "qs": "6.10.4", "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", + "tough-cookie": "^4.1.3", "tunnel-agent": "^0.6.0", "uuid": "^8.3.2" }, @@ -12147,6 +12220,33 @@ "combined-stream": "^1.0.6", "mime-types": "^2.1.12" } + }, + "qs": { + "version": "6.10.4", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.4.tgz", + "integrity": "sha512-OQiU+C+Ds5qiH91qh/mg0w+8nwQuLjM4F4M/PbmhDOoYehPh+Fb0bDjtR1sOvy7YKxvj28Y/M0PhP5uVX0kB+g==", + "dev": true, + "requires": { + "side-channel": "^1.0.4" + } + }, + "tough-cookie": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.3.tgz", + "integrity": "sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==", + "dev": true, + "requires": { + "psl": "^1.1.33", + "punycode": "^2.1.1", + "universalify": "^0.2.0", + "url-parse": "^1.5.3" + } + }, + "universalify": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.2.0.tgz", + "integrity": "sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==", + "dev": true } } }, @@ -13560,9 +13660,9 @@ } }, "commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/commander/-/commander-6.2.1.tgz", + "integrity": "sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==", "dev": true }, "common-tags": { @@ -13651,14 +13751,13 @@ "integrity": "sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==" }, "cypress": { - "version": "12.4.0", - "resolved": "https://registry.npmjs.org/cypress/-/cypress-12.4.0.tgz", - "integrity": "sha512-//h93K/yGC/7pxv1KamlkADbKHLp5h3f9rZDE2McRjXZDagMETH0sXowOOanvhsH8cFt/JWspIcK+p9cuaoAqg==", + "version": "13.6.3", + "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.6.3.tgz", + "integrity": "sha512-d/pZvgwjAyZsoyJ3FOsJT5lDsqnxQ/clMqnNc++rkHjbkkiF2h9s0JsZSyyH4QXhVFW3zPFg82jD25roFLOdZA==", "dev": true, "requires": { - "@cypress/request": "^2.88.10", + "@cypress/request": "^3.0.0", "@cypress/xvfb": "^1.2.4", - "@types/node": "^14.14.31", "@types/sinonjs__fake-timers": "8.1.1", "@types/sizzle": "^2.3.2", "arch": "^2.2.0", @@ -13670,10 +13769,10 @@ "check-more-types": "^2.24.0", "cli-cursor": "^3.1.0", "cli-table3": "~0.6.1", - "commander": "^5.1.0", + "commander": "^6.2.1", "common-tags": "^1.8.0", "dayjs": "^1.10.4", - "debug": "^4.3.2", + "debug": "^4.3.4", "enquirer": "^2.3.6", "eventemitter2": "6.4.7", "execa": "4.1.0", @@ -13688,24 +13787,19 @@ "listr2": "^3.8.3", "lodash": "^4.17.21", "log-symbols": "^4.0.0", - "minimist": "^1.2.6", + "minimist": "^1.2.8", "ospath": "^1.2.2", "pretty-bytes": "^5.6.0", + "process": "^0.11.10", "proxy-from-env": "1.0.0", "request-progress": "^3.0.0", - "semver": "^7.3.2", + "semver": "^7.5.3", "supports-color": "^8.1.1", "tmp": "~0.2.1", "untildify": "^4.0.0", "yauzl": "^2.10.0" }, "dependencies": { - "@types/node": { - "version": "14.18.12", - "resolved": "https://registry.npmjs.org/@types/node/-/node-14.18.12.tgz", - "integrity": "sha512-q4jlIR71hUpWTnGhXWcakgkZeHa3CCjcQcnuzU8M891BAWA2jHiziiWEPEkdS5pFsz7H9HJiy8BrK7tBRNrY7A==", - "dev": true - }, "buffer": { "version": "5.7.1", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", @@ -13716,10 +13810,25 @@ "ieee754": "^1.1.13" } }, + "debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dev": true, + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, "semver": { - "version": "7.3.7", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz", - "integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==", + "version": "7.5.4", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", + "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", "dev": true, "requires": { "lru-cache": "^6.0.0" @@ -16211,9 +16320,9 @@ } }, "minimist": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", - "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", "dev": true }, "minipass": { @@ -17272,11 +17381,22 @@ "once": "^1.3.1" } }, + "punycode": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==" + }, "qs": { "version": "6.5.3", "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz", "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==" }, + "querystringify": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz", + "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==", + "dev": true + }, "queue-microtask": { "version": "1.2.3", "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", @@ -17536,6 +17656,12 @@ "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==" }, + "requires-port": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz", + "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==", + "dev": true + }, "resolve": { "version": "1.22.0", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.0.tgz", @@ -18205,13 +18331,6 @@ "requires": { "psl": "^1.1.28", "punycode": "^2.1.1" - }, - "dependencies": { - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - } } }, "tsconfig-paths": { @@ -18414,13 +18533,16 @@ "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", "requires": { "punycode": "^2.1.0" - }, - "dependencies": { - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - } + } + }, + "url-parse": { + "version": "1.5.10", + "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz", + "integrity": "sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==", + "dev": true, + "requires": { + "querystringify": "^2.1.1", + "requires-port": "^1.0.0" } }, "util-deprecate": { diff --git a/e2e/package.json b/e2e/package.json index 9ed7e4bb4..f1dfe23c7 100644 --- a/e2e/package.json +++ b/e2e/package.json @@ -31,7 +31,7 @@ "@types/request": "^2.48.7", "@typescript-eslint/eslint-plugin": "^4.28.1", "@typescript-eslint/parser": "^4.28.1", - "cypress": "^12.4.0", + "cypress": "^13.6.3", "cypress-iframe": "^1.0.1", "cypress-mochawesome-reporter": "^3.2.3", "cypress-slow-down": "^1.2.1", From 122b41e915c1a67a5865c685a12210a519a4a6d4 Mon Sep 17 00:00:00 2001 From: ike thecoder Date: Wed, 14 Feb 2024 15:18:01 -0800 Subject: [PATCH 04/13] add support for protected externally (#981) * add support for protected externally * adj api directory page * validate product env, no template * filter out flow from request dialog * local setup enhancement (#984) * local setup enhancement * fix feeder for shared idp * add gwa cli support for local * upd e2e dockerfile and cypress kc url * upd cypress dockerfile with x86 gwa cli * upd cypress e2e * upd readme --------- Co-authored-by: Russell Vinegar --- .env.local | 8 +- .github/workflows/aps-cypress-e2e.yaml | 57 +- README.md | 92 +- docker-compose.yml | 62 +- e2e/Dockerfile | 12 +- e2e/cypress.config.ts | 6 +- e2e/cypress/fixtures/api.json | 12 +- e2e/cypress/fixtures/apiowner.json | 10 +- e2e/cypress/fixtures/credential-issuer.json | 4 +- e2e/cypress/fixtures/state/regen.json | 2 +- .../test_data/authorizationProfile.json | 6 +- .../fixtures/test_data/gwa-issuer.yaml | 2 +- e2e/entrypoint.sh | 4 +- e2e/package.json | 2 +- local/feeder-init/init.sh | 4 +- local/feeder-init/platform-authz-profile.yaml | 4 +- local/feeder-init/platform-gwa-api.yaml | 2 +- local/feeder-init/shared-idp-copy.yaml | 4 +- local/feeder-init/shared-idp.yaml | 4 +- local/gwa-api/.env.local | 4 +- local/gwa-api/entrypoint.sh | 2 +- local/gwa-cli/gw-config.yml | 99 + local/keycloak/master-realm.json | 6934 +++++++++-------- local/oauth2-proxy/oauth2-proxy-local.cfg | 12 +- src/batch/data-rules.js | 1 + src/controllers/v2/openapi.yaml | 1 + src/controllers/v2/routes.ts | 2 +- src/controllers/v2/types.ts | 2 +- src/lists/Environment.js | 1 + src/mocks/index.js | 5 +- .../access-request-form.tsx | 4 +- .../api-product-item/api-product-item.tsx | 9 +- .../environment-config/environment-config.tsx | 1 + .../environment-edit/authorization-flow.tsx | 3 +- .../environments-list/edit-environment.tsx | 1 + src/nextapp/shared/services/utils.ts | 3 + src/package.json | 2 +- src/server.ts | 7 +- .../workflow/validate-active-environment.ts | 2 +- 39 files changed, 4163 insertions(+), 3229 deletions(-) create mode 100644 local/gwa-cli/gw-config.yml diff --git a/.env.local b/.env.local index 0d0241fc0..11f701031 100644 --- a/.env.local +++ b/.env.local @@ -1,3 +1,5 @@ +LOG_LEVEL=info +DISABLE_LOGGING='true' AUTH_STRATEGY=Oauth2Proxy KNEX_HOST=kong-db KNEX_PORT=5432 @@ -9,18 +11,18 @@ MONGO_URL=mongodb://mongodb:27017/keystonedb4 MONGO_USER= MONGO_PASSWORD= KONG_URL=http://kong.localtest.me:8001 -JWKS_URL=http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/certs +JWKS_URL=http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/certs FEEDER_URL=http://feeder.localtest.me:6000 NEXT_PUBLIC_API_ROOT=http://oauth2proxy.localtest.me:4180 GWA_API_URL=http://gwa-api.localtest.me:2000 GWA_PROD_ENV_SLUG=E0000000 GWA_RES_SVR_CLIENT_ID=gwa-api GWA_RES_SVR_CLIENT_SECRET=18900468-3db1-43f7-a8af-e75f079eb742 -KEYCLOAK_AUTH_URL=http://keycloak.localtest.me:9080/auth +KEYCLOAK_AUTH_URL=http://keycloak.localtest.me:9081/auth KEYCLOAK_REALM=master EMAIL_ENABLED=false EXTERNAL_URL=http://oauth2proxy.localtest.me:4180 -OIDC_ISSUER=http://keycloak.localtest.me:9080/auth/realms/master +OIDC_ISSUER=http://keycloak.localtest.me:9081/auth/realms/master LOCAL_ENV=true WORKING_PATH=/tmp DESTINATION_URL= diff --git a/.github/workflows/aps-cypress-e2e.yaml b/.github/workflows/aps-cypress-e2e.yaml index 5b5eea26e..e1ea49e21 100644 --- a/.github/workflows/aps-cypress-e2e.yaml +++ b/.github/workflows/aps-cypress-e2e.yaml @@ -2,7 +2,7 @@ name: Build and Deploy Cypress and Execute Tests on: push: - branches: ['test', 'cypress*'] + branches: ['test', 'cypress*', 'local-dev'] env: DASHBOARD_PROJECT_ID: ${{ secrets.CY_DASHBOARD_PRJ_ID }} @@ -27,36 +27,35 @@ jobs: - name: Checkout Portal uses: actions/checkout@v2 + # - name: Determine Download file name + # id: set_variable + # run: | + # echo ${{ runner.arch }} + # if [ "${{ runner.arch }}" == "X64" ]; then + # echo "::set-output name=my_variable::gwa_Linux_x86_64.tgz" + # elif [ "${{ runner.arch }}" == "ARM64" ]; then + # echo "::set-output name=my_variable::gwa_Linux_arm64.tgz" + # else + # echo "unsupported architecture" + # fi - - name: Determine Download file name - id: set_variable - run: | - echo ${{ runner.arch }} - if [ "${{ runner.arch }}" == "X64" ]; then - echo "::set-output name=my_variable::gwa_Linux_x86_64.tgz" - elif [ "${{ runner.arch }}" == "ARM64" ]; then - echo "::set-output name=my_variable::gwa_Linux_arm64.tgz" - else - echo "unsupported architecture" - fi - - - name: Download Binar - uses: robinraju/release-downloader@v1.8 - with: - repository: "bcgov/gwa-cli" - latest: true - fileName: ${{ steps.set_variable.outputs.my_variable }} - out-file-path: "${{ github.workspace }}/e2e" + # - name: Download Binary + # uses: robinraju/release-downloader@v1.8 + # with: + # repository: "bcgov/gwa-cli" + # latest: true + # fileName: ${{ steps.set_variable.outputs.my_variable }} + # out-file-path: "${{ github.workspace }}/e2e" + + # - name: Unzip file + # run: | + # cd ${{ github.workspace }}/e2e + # tar xvzf ${{ steps.set_variable.outputs.my_variable }} - - name: Unzip file - run: | - cd ${{ github.workspace }}/e2e - tar xvzf ${{ steps.set_variable.outputs.my_variable }} - - name: Build Docker Images run: | - docker-compose build - + docker compose --profile testsuite build + - name: Spin up API Services Portal and Run E2E Tests run: | export CY_EXECUTION_ENV=${{ env.EXECUTION_ENV }} @@ -68,14 +67,14 @@ jobs: export CY_COMMIT_MESSAGE="${{ env.GIT_COMMIT_MESSAGE }}" export CY_REPO_URL=${{ env.GIT_REPO_URL }} export CY_COMMIT_AUTHOR_EMAIL=$(git --no-pager show -s --format='%ae' ${{ env.GIT_COMMIT_SHA }}) - docker-compose up -d + docker compose --profile testsuite up -d - name: Execute Tests & Clean Up run: | while true; do if [ "$(docker ps -aq -f status=exited -f name=cypress-e2e)" ]; then # cleanup - docker-compose down + docker compose down break else echo "Waiting for Cypress to Complete E2E Tests....." diff --git a/README.md b/README.md index 931b0f838..c6253189d 100644 --- a/README.md +++ b/README.md @@ -10,66 +10,69 @@ The `API Services Portal` is a frontend for API Providers to manage the lifecycle of their APIs and for Developers to discover and access these APIs. It works in combination with the Kong Community Edition Gateway and Keycloak IAM solution. -## Running the Project. +## Running the Project ### Installation -#### 1. Manual +#### 1. Docker -To run this project first run `npm install`. +##### Steps -This application requires to have an Authentication proxy in front of it. Go to [oauth2-proxy](oauth2-proxy) for instructions on starting the proxy locally. +1. Run build steps [here](https://github.com/bcgov/api-services-portal/tree/dev/e2e#build-gateway-api-image) +2. Run `docker compose --profile testsuite build` +3. Run `docker compose up` to spin up a local development environment with services (Postgres, Keycloak, OAuth2-proxy, APS-Portal, Feeder and Kong Gateway) +4. Go to: http://oauth2proxy.localtest.me:4180 +5. To login, use username `local` and password `local`, or username `janis@idir` and password `awsummer` +6. `docker compose down` : Removes all the hosted services + +> To run the Cypress test automation suite, run `docker compose --profile testsuite up` +> +> To use the `gwa` command line, configure it with: +> +> `gwa config set host oauth2proxy.localtest.me:4180` +> +> `gwa config set scheme http` +> +> `gwa login` +> +> `gwa namespace create --name gw-12345` +> +> `gwa apply -i local/gwa-cli/gw-config.yml` +> +> `curl http://oauthproxy.localtest.me:8000/headers -H "Host: my-service.dev.api.gov.bc.ca"` + +**Note:** -You can then run `npm run dev` to start the application on port 3000. The proxy runs on port 4180. +- Please wait until keycloak service starts and is initialized with `master` realm. The realm configuration is saved in `./keycloak/master-realm.json`. It also creates a realm user `local` with admin privileges. +- You may want to run `docker compose build` if there are new changes that are not reflected in the last time you built the container images -``` -hostip=$(ifconfig en0 | awk '$1 == "inet" {print $2}') +#### 2. Development using Docker backend -export AUTH_STRATEGY=Oauth2Proxy -export ADAPTER=knex -export KNEX_HOST=$hostip -export KNEX_DATABASE=keystonejs -export KNEX_USER="" -export KNEX_PASSWORD="" -export MONGO_URL=mongodb://$hostip:17017/keystonedb3 -export MONGO_USER="" -export MONGO_PASSWORD="" +Use the following configuration to run the Portal locally against the components deployed with docker-compose. -export FEEDER_URL=http://localhost:6000 +To run this project first run `npm install`. Note: You may need to add `--legacy-peer-deps` to `npm install` if using Node version greater than `17`. -export KONG_URL="" -export OIDC_ISSUER="" -export JWKS_URL=${OIDC_ISSUER}/protocol/openid-connect/certs +To run the portal locally and leverage the `oauth2-proxy` that is running in docker: -export NEXT_PUBLIC_API_ROOT=http://localhost:4180 -export SSR_API_ROOT=http://localhost:4180 -export EXTERNAL_URL="http://localhost:4180" +- turn off the docker compose Portal: `docker stop apsportal` +- update the `oauth2-proxy/oauth2-proxy-local.cfg` `upstreams` to be `hostip=$(ifconfig en0 | awk '$1 == "inet" {print $2}')` +- restart the oauth2-proxy `docker compose restart oauth2-proxy` -export GWA_API_URL=http://localhost:2000 +Then run the following to start the Portal locally: + +```sh +cd src +set -o allexport +source ../.env.local +LOG_LEVEL=debug +KNEX_HOST=kong-db.localtest.me +NEXT_PUBLIC_MOCKS=off +set +o allexport npm run dev ``` -Once running, the `api services portal` application is reachable via `localhost:4180`. - -#### 2. Docker - -##### Steps - -1. Create a `.env` from `.env.local` file -2. Create a `.env` from `.env.local` file under `feeds` directory -3. Remove cypress from docker-compose file (L106-129 & L217-229) -4. Run build steps [here](https://github.com/bcgov/api-services-portal/tree/dev/e2e#build-gateway-api-image) -5. Run `docker-compose build` -5. Run `docker-compose up` to spin up a local development environment with services (Postgres, Keycloak, OAuth2-proxy, APS-Portal, Feeder and Kong Gateway) -6. Go to: http://oauth2proxy.localtest.me:4180 -7. To login, use username `local` and password `local`, or username `janis@idir` and password `awsummer` -8. `docker-compose down` : Removes all the hosted services - -##### Note: - -- Please wait until keycloak service starts and is initialized with `master` realm. The realm configuration is saved in `./keycloak/master-realm.json`. It also creates a realm user `local` with admin privileges. -- You may want to run `docker-compose build` if there are new changes that are not reflected in the last time you built the container images +Go to: http://oauth2proxy.localtest.me:4180 ## Design @@ -255,4 +258,3 @@ select 'drop table "' || tablename || '" cascade;' from pg_tables where schemana ``` In the mean time, it is possible to drop the tables and re-run the `init-aps-portal-keystonejs-batch-job`. - diff --git a/docker-compose.yml b/docker-compose.yml index 994f8ebbf..c5eb616f2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,7 +9,7 @@ x-common-variables: &common-variables services: keycloak: - image: jboss/keycloak:11.0.3 + image: jboss/keycloak:15.1.1 container_name: keycloak hostname: keycloak depends_on: @@ -18,7 +18,7 @@ services: [ '-b', '0.0.0.0', - '-Djboss.socket.binding.port-offset=1000', + '-Djboss.socket.binding.port-offset=1001', '-Dkeycloak.migration.action=import', '-Dkeycloak.migration.provider=singleFile', '-Dkeycloak.migration.file=/tmp/realm-config/master-realm.json', @@ -26,7 +26,7 @@ services: '-Dkeycloak.profile.feature.upload_scripts=enabled', ] ports: - - 9080:9080/tcp + - 9081:9081/tcp environment: #KEYCLOAK_USER: local #KEYCLOAK_PASSWORD: local @@ -103,30 +103,6 @@ services: - ./local/feeder-init:/tmp networks: - aps-net - # cypress: - # image: aps-cypress-e2e:latest - # container_name: cypress-e2e - # entrypoint: sh -c "chmod +x /tmp/entrypoint.sh && /tmp/entrypoint.sh" - # environment: - # - CYPRESS_RECORD_KEY=${CY_RECORD_KEY} - # - CYPRESS_PROJECT_ID=${CY_PROJECT_ID} - # - RUN_ENV=${CY_EXECUTION_ENV} - # - COMMIT_INFO_BRANCH=${CY_COMMIT_BRANCH} - # - COMMIT_INFO_SHA=${CY_COMMIT_SHA} - # - COMMIT_INFO_AUTHOR=${CY_COMMIT_AUTHOR} - # - COMMIT_INFO_MESSAGE=${CY_COMMIT_MESSAGE} - # - COMMIT_INFO_REMOTE=${CY_REPO_URL} - # - COMMIT_INFO_EMAIL=${CY_COMMIT_AUTHOR_EMAIL} - # depends_on: - # - feeder-seeding - # build: - # context: ./e2e - # dockerfile: Dockerfile - # volumes: - # - ./e2e/coverage:/e2e/coverage - # - ./e2e/results:/e2e/results - # networks: - # - aps-net kong-db: image: postgres:12.8 container_name: kong-db @@ -141,7 +117,9 @@ services: - ./local/db/database-init.sql:/docker-entrypoint-initdb.d/1-init.sql - ./local/db/keystone-init.sql:/docker-entrypoint-initdb.d/2-init.sql networks: - - aps-net + aps-net: + aliases: + - kong-db.localtest.me kong-migrations: image: kong:kong-local command: kong migrations bootstrap @@ -189,7 +167,7 @@ services: restart: on-failure:5 redis: image: bitnami/redis:latest - container_name: redis + container_name: redis-master environment: - REDIS_PASSWORD=s3cr3t restart: on-failure @@ -227,5 +205,31 @@ services: aps-net: aliases: - cypress-jwks-url.localtest.me + cypress: + image: aps-cypress-e2e:latest + container_name: cypress-e2e + entrypoint: sh -c "chmod +x /tmp/entrypoint.sh && /tmp/entrypoint.sh" + environment: + - CYPRESS_RECORD_KEY=${CY_RECORD_KEY} + - CYPRESS_PROJECT_ID=${CY_PROJECT_ID} + - RUN_ENV=${CY_EXECUTION_ENV} + - COMMIT_INFO_BRANCH=${CY_COMMIT_BRANCH} + - COMMIT_INFO_SHA=${CY_COMMIT_SHA} + - COMMIT_INFO_AUTHOR=${CY_COMMIT_AUTHOR} + - COMMIT_INFO_MESSAGE=${CY_COMMIT_MESSAGE} + - COMMIT_INFO_REMOTE=${CY_REPO_URL} + - COMMIT_INFO_EMAIL=${CY_COMMIT_AUTHOR_EMAIL} + depends_on: + - feeder-seeding + build: + context: ./e2e + dockerfile: Dockerfile + volumes: + - ./e2e/coverage:/e2e/coverage + - ./e2e/results:/e2e/results + networks: + - aps-net + profiles: + - testsuite networks: aps-net: {} diff --git a/e2e/Dockerfile b/e2e/Dockerfile index ec4ec7539..1f8e8ed02 100644 --- a/e2e/Dockerfile +++ b/e2e/Dockerfile @@ -3,16 +3,20 @@ FROM cypress/included:12.17.4 WORKDIR /e2e RUN apt-get -y update; apt-get -y install curl -COPY cypress.config.ts /e2e -COPY tsconfig.json /e2e COPY package.json /e2e COPY package-lock.json /e2e +RUN npm install + +COPY cypress.config.ts /e2e +COPY tsconfig.json /e2e COPY *.yml /e2e COPY entrypoint.sh /tmp -# COPY gwa /usr/local/bin ADD cypress /e2e/cypress -RUN npm install +RUN curl -v -L -O https://github.com/bcgov/gwa-cli/releases/download/v2.0.15/gwa_Linux_x86_64.tgz \ + && tar -xzf gwa_Linux_x86_64.tgz \ + && mv gwa /usr/local/bin/. + ENTRYPOINT ["npm", "run", "cy:run:html"] \ No newline at end of file diff --git a/e2e/cypress.config.ts b/e2e/cypress.config.ts index 526b4dd58..9aaa4fe9d 100644 --- a/e2e/cypress.config.ts +++ b/e2e/cypress.config.ts @@ -49,15 +49,15 @@ export default defineConfig({ env: { CLIENT_ID: 'aps-portal', CLIENT_SECRET: '8e1a17ed-cb93-4806-ac32-e303d1c86018', - OIDC_ISSUER: 'http://keycloak.localtest.me:9080', + OIDC_ISSUER: 'http://keycloak.localtest.me:9081', TOKEN_URL: - 'http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/token', + 'http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/token', GWA_API_URL: 'http://gwa-api.localtest.me:2000/v2', KONG_URL: 'http://kong.localtest.me:8000', JWKS_URL: 'http://cypress-jwks-url.localtest.me:3500', KONG_CONFIG_URL: 'http://kong.localtest.me:8001', BASE_URL: 'http://oauth2proxy.localtest.me:4180', - KEYCLOAK_URL: 'http://keycloak.localtest.me:9080', + KEYCLOAK_URL: 'http://keycloak.localtest.me:9081', WEBAPP_URL: 'http://html-sample-app.localtest.me:4242' }, retries: { diff --git a/e2e/cypress/fixtures/api.json b/e2e/cypress/fixtures/api.json index 41435f225..91dbdac97 100644 --- a/e2e/cypress/fixtures/api.json +++ b/e2e/cypress/fixtures/api.json @@ -197,7 +197,7 @@ "environmentDetails": [ { "environment": "dev", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" @@ -214,7 +214,7 @@ "environmentDetails": [ { "environment": "test", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "gwa-api", "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742" @@ -231,7 +231,7 @@ "environmentDetails": [ { "environment": "test", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "gwa-api", "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742" @@ -251,7 +251,7 @@ "clientRegistration": "managed", "clientSecret": "****", "environment": "test", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "exists": true } ], @@ -271,7 +271,7 @@ "environmentDetails": [ { "environment": "test", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "gwa-api", "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742" @@ -305,7 +305,7 @@ { "exists": true, "environment": "test", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "shared-idp", "clientId": "ap-my-auth-client-secret-1-test" } diff --git a/e2e/cypress/fixtures/apiowner.json b/e2e/cypress/fixtures/apiowner.json index fdd261d0e..f69467d0a 100644 --- a/e2e/cypress/fixtures/apiowner.json +++ b/e2e/cypress/fixtures/apiowner.json @@ -86,7 +86,7 @@ "environmentConfig": { "environment": "Development", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" } @@ -112,7 +112,7 @@ "environmentConfig": { "environment": "Sandbox", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" } @@ -151,7 +151,7 @@ "environmentConfig": { "environment": "Other", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "invalid-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-1234" } @@ -182,7 +182,7 @@ "environmentConfig": { "environment": "Test", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" } @@ -261,7 +261,7 @@ "environmentConfig": { "environment": "Test", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" } diff --git a/e2e/cypress/fixtures/credential-issuer.json b/e2e/cypress/fixtures/credential-issuer.json index 3d6a9ea9a..bc080e93b 100644 --- a/e2e/cypress/fixtures/credential-issuer.json +++ b/e2e/cypress/fixtures/credential-issuer.json @@ -18,7 +18,7 @@ "environmentConfig": { "environment": "Development", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "cc-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" } @@ -55,7 +55,7 @@ "environmentConfig": { "environment": "Test", "clientRegistration": "Managed", - "idpIssuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "idpIssuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" } diff --git a/e2e/cypress/fixtures/state/regen.json b/e2e/cypress/fixtures/state/regen.json index 6636d92c9..9dc57724e 100644 --- a/e2e/cypress/fixtures/state/regen.json +++ b/e2e/cypress/fixtures/state/regen.json @@ -1,6 +1,6 @@ { "apikey": "qiHHqk9lIzTgP1j94nHp5C1bNVJBOWnG", "consumernumber": "B15172D9-F103D11A9A1", - "clientidsecret": "{\"clientId\": \"A7D72430-52CD37B2420\", \"clientSecret\": \"282718d8-d0c2-45a0-8885-3539f0ca5fea\", \"tokenEndpoint\": \"http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/token\"}", + "clientidsecret": "{\"clientId\": \"A7D72430-52CD37B2420\", \"clientSecret\": \"282718d8-d0c2-45a0-8885-3539f0ca5fea\", \"tokenEndpoint\": \"http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/token\"}", "credentials": "{\"clientId\": \"sa-ccplatform-e0000000-d339cbfcda5e\", \"clientSecret\": \"f5127730-df13-453d-ace0-a30a1255e30d\"}" } \ No newline at end of file diff --git a/e2e/cypress/fixtures/test_data/authorizationProfile.json b/e2e/cypress/fixtures/test_data/authorizationProfile.json index dd3f12bd2..8b56924b0 100644 --- a/e2e/cypress/fixtures/test_data/authorizationProfile.json +++ b/e2e/cypress/fixtures/test_data/authorizationProfile.json @@ -4,7 +4,7 @@ "environmentDetails": [ { "environment": "dev", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" @@ -34,7 +34,7 @@ "environmentDetails": [ { "environment": "dev", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" @@ -53,7 +53,7 @@ "environmentDetails": [ { "environment": "dev", - "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master", + "issuerUrl": "http://keycloak.localtest.me:9081/auth/realms/master", "clientRegistration": "managed", "clientId": "cypress-auth-profile", "clientSecret": "43badfc1-c06f-4bec-bab6-ccdc764071ac" diff --git a/e2e/cypress/fixtures/test_data/gwa-issuer.yaml b/e2e/cypress/fixtures/test_data/gwa-issuer.yaml index fb1c7a992..534684eea 100644 --- a/e2e/cypress/fixtures/test_data/gwa-issuer.yaml +++ b/e2e/cypress/fixtures/test_data/gwa-issuer.yaml @@ -5,7 +5,7 @@ clientAuthenticator: client-secret mode: auto environmentDetails: - environment: test - issuerUrl: http://keycloak.localtest.me:9080/auth/realms/master + issuerUrl: http://keycloak.localtest.me:9081/auth/realms/master clientRegistration: managed clientId: gwa-api clientSecret: 18900468-3db1-43f7-a8af-e75f079eb742 diff --git a/e2e/entrypoint.sh b/e2e/entrypoint.sh index 1968c00d3..fec3725b3 100755 --- a/e2e/entrypoint.sh +++ b/e2e/entrypoint.sh @@ -3,7 +3,7 @@ cd /tmp while true; do - keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9080/auth/realms/master) + keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master) echo "$keycloakstatus" if [[ "$keycloakstatus" == "200" ]]; then echo "Keycloak is up" @@ -18,7 +18,7 @@ while true; do break else echo "Waiting for Keycloak....." - sleep 2m + sleep 10s fi done diff --git a/e2e/package.json b/e2e/package.json index f1dfe23c7..15c2af007 100644 --- a/e2e/package.json +++ b/e2e/package.json @@ -31,7 +31,7 @@ "@types/request": "^2.48.7", "@typescript-eslint/eslint-plugin": "^4.28.1", "@typescript-eslint/parser": "^4.28.1", - "cypress": "^13.6.3", + "cypress": "^13.6.4", "cypress-iframe": "^1.0.1", "cypress-mochawesome-reporter": "^3.2.3", "cypress-slow-down": "^1.2.1", diff --git a/local/feeder-init/init.sh b/local/feeder-init/init.sh index 45c62582b..31de8f274 100755 --- a/local/feeder-init/init.sh +++ b/local/feeder-init/init.sh @@ -3,7 +3,7 @@ apk add --no-cache curl cd /tmp while true; do - keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9080/auth/realms/master) + keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master) echo "$keycloakstatus" if [[ "$keycloakstatus" == "200" ]]; then echo "Keycloak is up" @@ -12,8 +12,8 @@ while true; do curl http://feeder.localtest.me:6000/push -F yaml=@developer-user.yaml curl http://feeder.localtest.me:6000/push -F yaml=@mark-user.yaml curl http://feeder.localtest.me:6000/push -F yaml=@platform-authz-profile.yaml - curl http://feeder.localtest.me:6000/push -F yaml=@shared-idp.yaml curl http://feeder.localtest.me:6000/push -F yaml=@platform-gwa-api.yaml + curl http://feeder.localtest.me:6000/push -F yaml=@shared-idp.yaml curl http://feeder.localtest.me:6000/push -F yaml=@organization-unit.yaml # curl http://feeder.localtest.me:6000/push -F yaml=@dataset-gwa.yaml curl http://feeder.localtest.me:6000/push -F yaml=@org-dataset.yaml diff --git a/local/feeder-init/platform-authz-profile.yaml b/local/feeder-init/platform-authz-profile.yaml index 2d48ceda7..613f9475b 100644 --- a/local/feeder-init/platform-authz-profile.yaml +++ b/local/feeder-init/platform-authz-profile.yaml @@ -1,7 +1,7 @@ entity: CredentialIssuer record: id: 'Gateway Services Resource Server' - namespace: newplatform + namespace: platform description: 'Authorization Profile for protecting the Gateway Services API' flow: client-credentials mode: auto @@ -21,7 +21,7 @@ record: owner: janis@testmail.com environmentDetails: - environment: prod - issuerUrl: http://keycloak.localtest.me:9080/auth/realms/master + issuerUrl: http://keycloak.localtest.me:9081/auth/realms/master clientId: gwa-api clientRegistration: managed clientSecret: '18900468-3db1-43f7-a8af-e75f079eb742' diff --git a/local/feeder-init/platform-gwa-api.yaml b/local/feeder-init/platform-gwa-api.yaml index 499979bef..94da52ba7 100644 --- a/local/feeder-init/platform-gwa-api.yaml +++ b/local/feeder-init/platform-gwa-api.yaml @@ -2,7 +2,7 @@ entity: Product record: appId: 748D98F1F56C name: Gateway Services API - namespace: newplatform + namespace: platform environments: - appId: E0000000 name: prod diff --git a/local/feeder-init/shared-idp-copy.yaml b/local/feeder-init/shared-idp-copy.yaml index a2a43881e..73238b64c 100644 --- a/local/feeder-init/shared-idp-copy.yaml +++ b/local/feeder-init/shared-idp-copy.yaml @@ -9,12 +9,12 @@ record: authPlugin: jwt-keycloak clientRoles: [] availableScopes: [] - clientMappers: [{"name": "audience","defaultValue": "test2"}] + clientMappers: [{ 'name': 'audience', 'defaultValue': 'test2' }] owner: janis@testmail.com isShared: true environmentDetails: - environment: test - issuerUrl: http://keycloak.localtest.me:9080/auth/realms/master + issuerUrl: http://keycloak.localtest.me:9081/auth/realms/master clientId: gwa-api clientRegistration: managed clientSecret: '18900468-3db1-43f7-a8af-e75f079eb742' diff --git a/local/feeder-init/shared-idp.yaml b/local/feeder-init/shared-idp.yaml index db4b928cf..10e77d92d 100644 --- a/local/feeder-init/shared-idp.yaml +++ b/local/feeder-init/shared-idp.yaml @@ -1,7 +1,7 @@ entity: CredentialIssuer record: id: 'Sample Shared IdP' - namespace: newplatform + namespace: platform description: 'A Shared IdP for Teams to use' flow: client-credentials mode: auto @@ -13,7 +13,7 @@ record: isShared: true environmentDetails: - environment: test - issuerUrl: http://keycloak.localtest.me:9080/auth/realms/master + issuerUrl: http://keycloak.localtest.me:9081/auth/realms/master clientId: gwa-api clientRegistration: managed clientSecret: '18900468-3db1-43f7-a8af-e75f079eb742' diff --git a/local/gwa-api/.env.local b/local/gwa-api/.env.local index 5f135b12b..7cf8877d2 100644 --- a/local/gwa-api/.env.local +++ b/local/gwa-api/.env.local @@ -1,12 +1,12 @@ PORT=2000 LOG_LEVEL=DEBUG -OIDC_BASE_URL=http://keycloak.localtest.me:9080/auth/realms/master +OIDC_BASE_URL=http://keycloak.localtest.me:9081/auth/realms/master TOKEN_MATCH_AUD=gwa WORKING_FOLDER=/tmp CONFIG_PATH=/tmp/production.json ENVIRONMENT=production KONG_ADMIN_URL=http://kong.localtest.me:8001 -KC_SERVER_URL=http://keycloak.localtest.me:9080/auth/ +KC_SERVER_URL=http://keycloak.localtest.me:9081/auth/ KC_REALM=master KC_USERNAME=local KC_PASSWORD=local diff --git a/local/gwa-api/entrypoint.sh b/local/gwa-api/entrypoint.sh index 50675fdb0..30aa32045 100755 --- a/local/gwa-api/entrypoint.sh +++ b/local/gwa-api/entrypoint.sh @@ -55,7 +55,7 @@ kong-addr: $KONG_ADMIN_URL EOF while true; do - keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9080/auth/realms/master) + keycloakstatus=$(curl -o /dev/null -Isw '%{http_code}\n' http://keycloak.localtest.me:9081/auth/realms/master) echo "$keycloakstatus" if [[ "$keycloakstatus" == "200" ]]; then echo "Keycloak is up" diff --git a/local/gwa-cli/gw-config.yml b/local/gwa-cli/gw-config.yml new file mode 100644 index 000000000..c878bd092 --- /dev/null +++ b/local/gwa-cli/gw-config.yml @@ -0,0 +1,99 @@ +kind: Namespace +name: gw-12345 +displayName: gw-12345 Display Name +--- +kind: GatewayService +name: my-service-dev +tags: [ns.gw-12345] +host: httpbin.org +port: 443 +protocol: https +retries: 0 +routes: + - name: my-service-dev + tags: [ns.gw-12345] + hosts: + - my-service.dev.api.gov.bc.ca + methods: + - GET + strip_path: false + https_redirect_status_code: 426 + path_handling: v0 + request_buffering: true + response_buffering: true +plugins: + - name: jwt-keycloak + tags: [ns.gw-12345] + enabled: true + config: + allowed_iss: + - http://keycloak.localtest.me:9081/auth/realms/master + allowed_aud: ap-gw-12345-default-test + run_on_preflight: true + iss_key_grace_period: 10 + maximum_expiration: 0 + algorithm: RS256 + claims_to_verify: + - exp + uri_param_names: + - jwt + cookie_names: [] + scope: null + roles: null + realm_roles: null + client_roles: null + anonymous: null + consumer_match: true + consumer_match_claim: azp + consumer_match_claim_custom_id: true + consumer_match_ignore_not_found: false + - name: request-transformer + tags: [ns.gw-12345] + enabled: true + config: + http_method: null +--- +kind: CredentialIssuer +name: gw-12345 default +description: Default Authorization Profile for gw-12345 Gateway +flow: client-credentials +mode: auto +authPlugin: jwt-keycloak +clientAuthenticator: client-secret +clientRoles: [] +inheritFrom: Sample Shared IdP +--- +kind: DraftDataset +name: my-service-dataset +title: my-service +organization: ministry-of-health +organizationUnit: planning-and-innovation-division +notes: Some information about the my-service service +tags: [my-service, openapi] +license_title: Access Only +view_audience: Government +security_class: LOW-PUBLIC +record_publish_date: '2021-05-27' +--- +kind: Product +appId: '242925AE01CF' +name: my-service API +dataset: my-service-dataset +environments: + - name: test + appId: 'AF13BB19' + active: false + approval: false + flow: client-credentials + credentialIssuer: gw-12345 default + services: [my-service-dev] +# --- +# kind: ProductEnvironment +# name: dev +# product: my-service API +# appId: 'A308A21A' +# active: false +# approval: true +# flow: client-credentials +# credentialIssuer: gw-12345 default +# services: [my-service-dev] diff --git a/local/keycloak/master-realm.json b/local/keycloak/master-realm.json index bc8b64447..7c9787de8 100644 --- a/local/keycloak/master-realm.json +++ b/local/keycloak/master-realm.json @@ -1,3138 +1,3944 @@ { - "id" : "master", - "realm" : "master", - "displayName" : "BCGov API Management Portal (DEV)", - "displayNameHtml" : "
Local Keycloak
", - "notBefore" : 0, - "revokeRefreshToken" : false, - "refreshTokenMaxReuse" : 0, - "accessTokenLifespan" : 300, - "accessTokenLifespanForImplicitFlow" : 900, - "ssoSessionIdleTimeout" : 1800, - "ssoSessionMaxLifespan" : 36000, - "ssoSessionIdleTimeoutRememberMe" : 0, - "ssoSessionMaxLifespanRememberMe" : 0, - "offlineSessionIdleTimeout" : 2592000, - "offlineSessionMaxLifespanEnabled" : false, - "offlineSessionMaxLifespan" : 5184000, - "clientSessionIdleTimeout" : 0, - "clientSessionMaxLifespan" : 0, - "clientOfflineSessionIdleTimeout" : 0, - "clientOfflineSessionMaxLifespan" : 0, - "accessCodeLifespan" : 60, - "accessCodeLifespanUserAction" : 43200, - "accessCodeLifespanLogin" : 864000000, - "actionTokenGeneratedByAdminLifespan" : 43200, - "actionTokenGeneratedByUserLifespan" : 43200, - "enabled" : true, - "sslRequired" : "external", - "registrationAllowed" : false, - "registrationEmailAsUsername" : false, - "rememberMe" : false, - "verifyEmail" : false, - "loginWithEmailAllowed" : false, - "duplicateEmailsAllowed" : true, - "resetPasswordAllowed" : false, - "editUsernameAllowed" : false, - "bruteForceProtected" : false, - "permanentLockout" : false, - "maxFailureWaitSeconds" : 900, - "minimumQuickLoginWaitSeconds" : 60, - "waitIncrementSeconds" : 60, - "quickLoginCheckMilliSeconds" : 1000, - "maxDeltaTimeSeconds" : 43200, - "failureFactor" : 30, - "roles" : { - "realm" : [ { - "id" : "2905dd1c-feb7-4b4c-a51a-924697adf78a", - "name" : "create-realm", - "description" : "${role_create-realm}", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "006ba659-502a-4f51-aff5-3aa1cbb13d02", - "name" : "uma_authorization", - "description" : "${role_uma_authorization}", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "ba7796d3-c1ba-4fb3-8c33-27226c979eba", - "name" : "aps-admin", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "005aef84-ea6d-4edf-90b6-fc7bd64945ad", - "name" : "credential-admin", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "65344728-04bb-4cb8-afe5-3d41cb4457ec", - "name" : "offline_access", - "description" : "${role_offline-access}", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "75fad79d-71f1-46c2-b79b-001d25eae49f", - "name" : "api-manager", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "0d22b102-52e1-4152-b119-2f6846e21b84", - "name" : "api-owner", - "composite" : false, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - }, { - "id" : "064ef17c-0617-4cbc-b632-77a2fa0919b7", - "name" : "admin", - "description" : "${role_admin}", - "composite" : true, - "composites" : { - "realm" : [ "create-realm" ], - "client" : { - "aps-v2-realm" : [ "query-realms", "create-client", "manage-realm", "manage-authorization", "manage-events", "impersonation", "view-authorization", "manage-identity-providers", "query-users", "manage-clients", "view-identity-providers", "query-groups", "view-events", "view-users", "manage-users", "view-clients", "query-clients", "view-realm" ], - "master-realm" : [ "query-realms", "manage-identity-providers", "manage-authorization", "manage-clients", "impersonation", "query-users", "manage-events", "manage-users", "view-identity-providers", "view-events", "view-users", "create-client", "query-clients", "query-groups", "view-realm", "view-clients", "manage-realm", "view-authorization" ] - } + "id": "master", + "realm": "master", + "displayName": "BCGov API Management Portal (DEV)", + "displayNameHtml": "
Local Keycloak
", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 43200, + "accessCodeLifespanLogin": 864000000, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 43200, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": false, + "duplicateEmailsAllowed": true, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "2905dd1c-feb7-4b4c-a51a-924697adf78a", + "name": "create-realm", + "description": "${role_create-realm}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "006ba659-502a-4f51-aff5-3aa1cbb13d02", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "ba7796d3-c1ba-4fb3-8c33-27226c979eba", + "name": "aps-admin", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "005aef84-ea6d-4edf-90b6-fc7bd64945ad", + "name": "credential-admin", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "65344728-04bb-4cb8-afe5-3d41cb4457ec", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "75fad79d-71f1-46c2-b79b-001d25eae49f", + "name": "api-manager", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} }, - "clientRole" : false, - "containerId" : "master", - "attributes" : { } - } ], - "client" : { - "aps-portal" : [ { - "id" : "b393d043-9ade-4c64-a6e1-5f70c9a416e3", - "name" : "api-owner", - "composite" : false, - "clientRole" : true, - "containerId" : "f333c5e5-fba2-48e8-aab7-7b6862881202", - "attributes" : { } - }, { - "id" : "e0c6f7a0-3a8b-4572-9dac-82dd4b676b30", - "name" : "credential-admin", - "composite" : false, - "clientRole" : true, - "containerId" : "f333c5e5-fba2-48e8-aab7-7b6862881202", - "attributes" : { } - }, { - "id" : "3c0fcf9e-e622-497d-8146-eddd0304f9c8", - "name" : "aps-admin", - "composite" : false, - "clientRole" : true, - "containerId" : "f333c5e5-fba2-48e8-aab7-7b6862881202", - "attributes" : { } - }, { - "id" : "9a357bd3-2c73-40ea-ac09-399a9f7cc9f8", - "name" : "api-manager", - "composite" : false, - "clientRole" : true, - "containerId" : "f333c5e5-fba2-48e8-aab7-7b6862881202", - "attributes" : { } - }, { - "id" : "2c0e0832-4a1e-411b-a8f9-8f86096c3968", - "name" : "developer", - "composite" : false, - "clientRole" : true, - "containerId" : "f333c5e5-fba2-48e8-aab7-7b6862881202", - "attributes" : { } - } ], - "gwa-api" : [ { - "id" : "a50b2fc6-ea49-46d8-9716-683f3a764f5d", - "name" : "developer", - "composite" : false, - "clientRole" : true, - "containerId" : "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", - "attributes" : { } - }, { - "id" : "0c1c2230-24d4-4199-af35-bed6a1044c70", - "name" : "api-admin", - "composite" : false, - "clientRole" : true, - "containerId" : "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", - "attributes" : { } - }, { - "id" : "409fcd4e-54ab-4e19-bdc5-ef8059721e22", - "name" : "uma_protection", - "composite" : false, - "clientRole" : true, - "containerId" : "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", - "attributes" : { } - }, { - "id" : "8d387de9-3d53-4a69-9cb4-d5d285926029", - "name" : "api-owner", - "composite" : false, - "clientRole" : true, - "containerId" : "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", - "attributes" : { } - } ], - "aps-v2-realm" : [ { - "id" : "a7ff1dc9-1214-4757-861b-453b204e460f", - "name" : "manage-events", - "description" : "${role_manage-events}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "faf54935-32bc-4e01-b0e6-8b9bb1cae6e8", - "name" : "query-realms", - "description" : "${role_query-realms}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "2272fc44-5c1d-465d-9608-6b4612e26755", - "name" : "impersonation", - "description" : "${role_impersonation}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "fecb856f-8db8-4432-9f11-6b3426372a9c", - "name" : "create-client", - "description" : "${role_create-client}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "dd8c065c-fcd9-4f58-8dad-ec6100cbcbdf", - "name" : "view-authorization", - "description" : "${role_view-authorization}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "ec6f0230-82ae-4713-8d21-fc97214042d9", - "name" : "manage-identity-providers", - "description" : "${role_manage-identity-providers}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "f33e3aa2-0b3e-4397-9968-82be07d68f40", - "name" : "manage-realm", - "description" : "${role_manage-realm}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "d08507c5-eb84-4d60-93f6-7c72f01536e7", - "name" : "query-users", - "description" : "${role_query-users}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "46d331cb-9fac-45af-b5ba-25bf003b9281", - "name" : "manage-clients", - "description" : "${role_manage-clients}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "77c0c84d-427b-4d73-a185-6bf3108ff9a2", - "name" : "view-identity-providers", - "description" : "${role_view-identity-providers}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "3a3f1c10-0d53-4a25-8bb8-46121f304af4", - "name" : "query-groups", - "description" : "${role_query-groups}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "12b4667f-1cb1-408d-bb8f-9905edea4fee", - "name" : "view-events", - "description" : "${role_view-events}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "99fcf818-a472-4ed1-8b23-d86a54156cf3", - "name" : "view-users", - "description" : "${role_view-users}", - "composite" : true, - "composites" : { - "client" : { - "aps-v2-realm" : [ "query-groups", "query-users" ] + { + "id": "0d22b102-52e1-4152-b119-2f6846e21b84", + "name": "api-owner", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "064ef17c-0617-4cbc-b632-77a2fa0919b7", + "name": "admin", + "description": "${role_admin}", + "composite": true, + "composites": { + "realm": ["create-realm"], + "client": { + "aps-v2-realm": [ + "query-realms", + "create-client", + "manage-realm", + "manage-authorization", + "manage-events", + "impersonation", + "view-authorization", + "manage-identity-providers", + "query-users", + "manage-clients", + "view-identity-providers", + "query-groups", + "view-events", + "view-users", + "manage-users", + "view-clients", + "query-clients", + "view-realm" + ], + "master-realm": [ + "query-realms", + "manage-identity-providers", + "manage-authorization", + "manage-clients", + "impersonation", + "query-users", + "manage-events", + "manage-users", + "view-identity-providers", + "view-events", + "view-users", + "create-client", + "query-clients", + "query-groups", + "view-realm", + "view-clients", + "manage-realm", + "view-authorization" + ] } }, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "e2bdd89b-1b4c-448e-b4a5-cc1196918e85", - "name" : "manage-users", - "description" : "${role_manage-users}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "8eecebf6-489f-4924-8afc-d40de58260a5", - "name" : "view-clients", - "description" : "${role_view-clients}", - "composite" : true, - "composites" : { - "client" : { - "aps-v2-realm" : [ "query-clients" ] - } + "clientRole": false, + "containerId": "master", + "attributes": {} + } + ], + "client": { + "aps-portal": [ + { + "id": "b393d043-9ade-4c64-a6e1-5f70c9a416e3", + "name": "api-owner", + "composite": false, + "clientRole": true, + "containerId": "f333c5e5-fba2-48e8-aab7-7b6862881202", + "attributes": {} }, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "a93e05d2-ca5c-46e7-bd66-f98f915fdc30", - "name" : "query-clients", - "description" : "${role_query-clients}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "8016bdc5-4da8-4416-b6ef-fee7796cc8c2", - "name" : "manage-authorization", - "description" : "${role_manage-authorization}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - }, { - "id" : "4c0f70bf-59c5-4878-a14a-eb658ea9ad4b", - "name" : "view-realm", - "description" : "${role_view-realm}", - "composite" : false, - "clientRole" : true, - "containerId" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "attributes" : { } - } ], - "sa-platform-e0000000-fa46551361b4" : [ ], - "security-admin-console" : [ ], - "sa-platform1-e0000000-5be82156d61f" : [ ], - "admin-cli" : [ ], - "account-console" : [ ], - "broker" : [ { - "id" : "8a00a2b3-fc3b-4b7d-aee1-1b3e46507b20", - "name" : "read-token", - "description" : "${role_read-token}", - "composite" : false, - "clientRole" : true, - "containerId" : "db7f58dc-c007-4e4c-ad7b-14f57a0521cd", - "attributes" : { } - } ], - "master-realm" : [ { - "id" : "a04656f4-d096-4cff-91f4-9b9f286c768d", - "name" : "query-realms", - "description" : "${role_query-realms}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "cccc1d8a-1a88-4a60-aff7-f7e5ec751f3f", - "name" : "view-identity-providers", - "description" : "${role_view-identity-providers}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "be5bcb8d-7466-402f-b289-6be26f961b0b", - "name" : "manage-identity-providers", - "description" : "${role_manage-identity-providers}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "e62d2ea1-fb57-41ae-ad8d-17ee8fb7356b", - "name" : "manage-authorization", - "description" : "${role_manage-authorization}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "f7247d9b-c35d-43dc-a10e-f1ce0cbc80fb", - "name" : "view-events", - "description" : "${role_view-events}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "be5fe2ea-0119-4eb4-a2c8-dae5eb3fd308", - "name" : "manage-clients", - "description" : "${role_manage-clients}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "3b1d6088-a992-4f81-b43b-5f71854ef3a4", - "name" : "view-users", - "description" : "${role_view-users}", - "composite" : true, - "composites" : { - "client" : { - "master-realm" : [ "query-users", "query-groups" ] - } + { + "id": "e0c6f7a0-3a8b-4572-9dac-82dd4b676b30", + "name": "credential-admin", + "composite": false, + "clientRole": true, + "containerId": "f333c5e5-fba2-48e8-aab7-7b6862881202", + "attributes": {} }, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "d7cd3f01-b2e9-42b0-be8c-ef438932096c", - "name" : "impersonation", - "description" : "${role_impersonation}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "42fe78c7-3bb9-430d-a78d-013b95b31d0c", - "name" : "create-client", - "description" : "${role_create-client}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "c4c4b2b9-41a6-46c0-852e-5fb8ed755348", - "name" : "query-users", - "description" : "${role_query-users}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "c257a266-eba8-4469-8d9a-f171f489354c", - "name" : "query-clients", - "description" : "${role_query-clients}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "7e584743-ffe9-45e8-8f5b-722e07034141", - "name" : "query-groups", - "description" : "${role_query-groups}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "70aad632-dd34-46e8-813a-398914dd31c9", - "name" : "view-realm", - "description" : "${role_view-realm}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "6855b67a-f23d-40c9-a597-c98261e27ce4", - "name" : "view-clients", - "description" : "${role_view-clients}", - "composite" : true, - "composites" : { - "client" : { - "master-realm" : [ "query-clients" ] - } + { + "id": "3c0fcf9e-e622-497d-8146-eddd0304f9c8", + "name": "aps-admin", + "composite": false, + "clientRole": true, + "containerId": "f333c5e5-fba2-48e8-aab7-7b6862881202", + "attributes": {} }, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "0725918a-6335-4556-aafa-ff6c3fb87989", - "name" : "manage-realm", - "description" : "${role_manage-realm}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "0d2640b7-461c-4c21-8270-064f5423ae74", - "name" : "manage-events", - "description" : "${role_manage-events}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "ba7e040b-9462-489a-9467-965f69ae1025", - "name" : "manage-users", - "description" : "${role_manage-users}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - }, { - "id" : "b473aa2e-d49d-4ba5-b502-8d38db9dc81e", - "name" : "view-authorization", - "description" : "${role_view-authorization}", - "composite" : false, - "clientRole" : true, - "containerId" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "attributes" : { } - } ], - "account" : [ { - "id" : "dba0e0ba-f826-49df-a378-031e5fbcfd13", - "name" : "view-applications", - "description" : "${role_view-applications}", - "composite" : false, - "clientRole" : true, - "containerId" : "bc61d6b7-6876-4193-9881-1b994596a207", - "attributes" : { } - }, { - "id" : "5d9f0b2a-55bb-4cda-ab2d-67b77cf925f0", - "name" : "view-consent", - "description" : "${role_view-consent}", - "composite" : false, - "clientRole" : true, - "containerId" : "bc61d6b7-6876-4193-9881-1b994596a207", - "attributes" : { } - }, { - "id" : "f58a3fc3-9fbd-4308-8528-cee3d267fc74", - "name" : "manage-account", - "description" : "${role_manage-account}", - "composite" : true, - "composites" : { - "client" : { - "account" : [ "manage-account-links" ] - } + { + "id": "9a357bd3-2c73-40ea-ac09-399a9f7cc9f8", + "name": "api-manager", + "composite": false, + "clientRole": true, + "containerId": "f333c5e5-fba2-48e8-aab7-7b6862881202", + "attributes": {} }, - "clientRole" : true, - "containerId" : "bc61d6b7-6876-4193-9881-1b994596a207", - "attributes" : { } - }, { - "id" : "b84c29be-1b56-4b8e-be2c-1b5153d8b1aa", - "name" : "view-profile", - "description" : "${role_view-profile}", - "composite" : false, - "clientRole" : true, - "containerId" : "bc61d6b7-6876-4193-9881-1b994596a207", - "attributes" : { } - }, { - "id" : "baccbb7e-8777-4ff5-9d1a-491b61f6d87f", - "name" : "manage-consent", - "description" : "${role_manage-consent}", - "composite" : true, - "composites" : { - "client" : { - "account" : [ "view-consent" ] - } + { + "id": "2c0e0832-4a1e-411b-a8f9-8f86096c3968", + "name": "developer", + "composite": false, + "clientRole": true, + "containerId": "f333c5e5-fba2-48e8-aab7-7b6862881202", + "attributes": {} + } + ], + "gwa-api": [ + { + "id": "a50b2fc6-ea49-46d8-9716-683f3a764f5d", + "name": "developer", + "composite": false, + "clientRole": true, + "containerId": "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", + "attributes": {} + }, + { + "id": "0c1c2230-24d4-4199-af35-bed6a1044c70", + "name": "api-admin", + "composite": false, + "clientRole": true, + "containerId": "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", + "attributes": {} + }, + { + "id": "409fcd4e-54ab-4e19-bdc5-ef8059721e22", + "name": "uma_protection", + "composite": false, + "clientRole": true, + "containerId": "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", + "attributes": {} + }, + { + "id": "8d387de9-3d53-4a69-9cb4-d5d285926029", + "name": "api-owner", + "composite": false, + "clientRole": true, + "containerId": "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", + "attributes": {} + } + ], + "aps-v2-realm": [ + { + "id": "a7ff1dc9-1214-4757-861b-453b204e460f", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "faf54935-32bc-4e01-b0e6-8b9bb1cae6e8", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "2272fc44-5c1d-465d-9608-6b4612e26755", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "fecb856f-8db8-4432-9f11-6b3426372a9c", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "dd8c065c-fcd9-4f58-8dad-ec6100cbcbdf", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "ec6f0230-82ae-4713-8d21-fc97214042d9", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "f33e3aa2-0b3e-4397-9968-82be07d68f40", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "d08507c5-eb84-4d60-93f6-7c72f01536e7", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "46d331cb-9fac-45af-b5ba-25bf003b9281", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "77c0c84d-427b-4d73-a185-6bf3108ff9a2", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "3a3f1c10-0d53-4a25-8bb8-46121f304af4", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "12b4667f-1cb1-408d-bb8f-9905edea4fee", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "99fcf818-a472-4ed1-8b23-d86a54156cf3", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "aps-v2-realm": ["query-groups", "query-users"] + } + }, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "e2bdd89b-1b4c-448e-b4a5-cc1196918e85", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "8eecebf6-489f-4924-8afc-d40de58260a5", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "aps-v2-realm": ["query-clients"] + } + }, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "a93e05d2-ca5c-46e7-bd66-f98f915fdc30", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "8016bdc5-4da8-4416-b6ef-fee7796cc8c2", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + }, + { + "id": "4c0f70bf-59c5-4878-a14a-eb658ea9ad4b", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "attributes": {} + } + ], + "sa-platform-e0000000-fa46551361b4": [], + "security-admin-console": [], + "sa-platform1-e0000000-5be82156d61f": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8a00a2b3-fc3b-4b7d-aee1-1b3e46507b20", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "db7f58dc-c007-4e4c-ad7b-14f57a0521cd", + "attributes": {} + } + ], + "master-realm": [ + { + "id": "a04656f4-d096-4cff-91f4-9b9f286c768d", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "cccc1d8a-1a88-4a60-aff7-f7e5ec751f3f", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "be5bcb8d-7466-402f-b289-6be26f961b0b", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "e62d2ea1-fb57-41ae-ad8d-17ee8fb7356b", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "f7247d9b-c35d-43dc-a10e-f1ce0cbc80fb", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "be5fe2ea-0119-4eb4-a2c8-dae5eb3fd308", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "3b1d6088-a992-4f81-b43b-5f71854ef3a4", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "master-realm": ["query-users", "query-groups"] + } + }, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "d7cd3f01-b2e9-42b0-be8c-ef438932096c", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "42fe78c7-3bb9-430d-a78d-013b95b31d0c", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "c4c4b2b9-41a6-46c0-852e-5fb8ed755348", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} }, - "clientRole" : true, - "containerId" : "bc61d6b7-6876-4193-9881-1b994596a207", - "attributes" : { } - }, { - "id" : "a1e4af9d-431f-4e0f-87c1-d6c24f0a61e0", - "name" : "manage-account-links", - "description" : "${role_manage-account-links}", - "composite" : false, - "clientRole" : true, - "containerId" : "bc61d6b7-6876-4193-9881-1b994596a207", - "attributes" : { } - } ], - "cypress-auth-profile" : [ { - "id" : "7e5fbfc1-4818-4736-9a47-21d35b3304c2", - "name" : "uma_protection", - "composite" : false, - "clientRole" : true, - "containerId" : "50c78923-95d9-4083-87ff-5233f2d6326e", - "attributes" : { } - } ] + { + "id": "c257a266-eba8-4469-8d9a-f171f489354c", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "7e584743-ffe9-45e8-8f5b-722e07034141", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "70aad632-dd34-46e8-813a-398914dd31c9", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "6855b67a-f23d-40c9-a597-c98261e27ce4", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "master-realm": ["query-clients"] + } + }, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "0725918a-6335-4556-aafa-ff6c3fb87989", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "0d2640b7-461c-4c21-8270-064f5423ae74", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "ba7e040b-9462-489a-9467-965f69ae1025", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + }, + { + "id": "b473aa2e-d49d-4ba5-b502-8d38db9dc81e", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "attributes": {} + } + ], + "account": [ + { + "id": "dba0e0ba-f826-49df-a378-031e5fbcfd13", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "bc61d6b7-6876-4193-9881-1b994596a207", + "attributes": {} + }, + { + "id": "5d9f0b2a-55bb-4cda-ab2d-67b77cf925f0", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "bc61d6b7-6876-4193-9881-1b994596a207", + "attributes": {} + }, + { + "id": "f58a3fc3-9fbd-4308-8528-cee3d267fc74", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": ["manage-account-links"] + } + }, + "clientRole": true, + "containerId": "bc61d6b7-6876-4193-9881-1b994596a207", + "attributes": {} + }, + { + "id": "b84c29be-1b56-4b8e-be2c-1b5153d8b1aa", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "bc61d6b7-6876-4193-9881-1b994596a207", + "attributes": {} + }, + { + "id": "baccbb7e-8777-4ff5-9d1a-491b61f6d87f", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": ["view-consent"] + } + }, + "clientRole": true, + "containerId": "bc61d6b7-6876-4193-9881-1b994596a207", + "attributes": {} + }, + { + "id": "a1e4af9d-431f-4e0f-87c1-d6c24f0a61e0", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "bc61d6b7-6876-4193-9881-1b994596a207", + "attributes": {} + } + ], + "cypress-auth-profile": [ + { + "id": "7e5fbfc1-4818-4736-9a47-21d35b3304c2", + "name": "uma_protection", + "composite": false, + "clientRole": true, + "containerId": "50c78923-95d9-4083-87ff-5233f2d6326e", + "attributes": {} + } + ] } }, - "groups" : [ { - "id" : "b0944059-43fc-4dbc-9037-d25e01ae6c45", - "name" : "ns", - "path" : "/ns", - "attributes" : { }, - "realmRoles" : [ ], - "clientRoles" : { }, - "subGroups" : [ { - "id" : "5c875007-2e0e-4c01-8418-143e2a420722", - "name" : "platform", - "path" : "/ns/platform", - "attributes" : { - "org-unit" : [ "planning-and-innovation-division" ], - "org" : [ "ministry-of-health" ] + "groups": [ + { + "id": "b0944059-43fc-4dbc-9037-d25e01ae6c45", + "name": "ns", + "path": "/ns", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [ + { + "id": "5c875007-2e0e-4c01-8418-143e2a420722", + "name": "platform", + "path": "/ns/platform", + "attributes": { + "org-unit": ["planning-and-innovation-division"], + "org": ["ministry-of-health"], + "perm-protected-ns": ["allow"] + }, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [] + }, + { + "id": "1c875007-2e0e-4c01-8418-143e2a420722", + "name": "platform1", + "path": "/ns/platform1", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [] + }, + { + "id": "2c875007-2e0e-4c01-8418-143e2a420722", + "name": "platform2", + "path": "/ns/platform2", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [] + } + ] + }, + { + "id": "6a0b857d-3951-444d-823e-193bf9f12f67", + "name": "organization-admin", + "path": "/organization-admin", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [ + { + "id": "17434902-eda6-4d6a-a366-2dbfdbf3866c", + "name": "ca.bc.gov", + "path": "/organization-admin/ca.bc.gov", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [ + { + "id": "711b0078-fb8c-4ce9-aa50-06a690360508", + "name": "ministry-of-health", + "path": "/organization-admin/ca.bc.gov/ministry-of-health", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [ + { + "id": "614278c5-b60c-4101-9986-3d031720dec0", + "name": "planning-and-innovation-division", + "path": "/organization-admin/ca.bc.gov/ministry-of-health/planning-and-innovation-division", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [] + } + ] + } + ] + } + ] + } + ], + "defaultRoles": ["uma_authorization", "offline_access"], + "requiredCredentials": ["password"], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": ["FreeOTP", "Google Authenticator"], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": ["ES256"], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": ["ES256"], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "id": "bf498a7b-b6e0-49bb-9ea8-0241d7792c01", + "createdTimestamp": 1642463435902, + "username": "220469e037c84a7abdfab15204a60701@olduser", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "oldF", + "lastName": "userL", + "email": "olduser@testmail.com", + "attributes": { + "provider_user_guid": ["220469E037C84A7ABDFAB15204A60701"], + "identity_provider": ["idir"], + "display_name": ["oldF userL"], + "provider_username": ["olduser"] + }, + "credentials": [ + { + "id": "6aa0a7ca-c2ad-43f5-9bdb-3f58693b2c01", + "type": "password", + "createdDate": 1642466403247, + "secretData": "{\"value\":\"ltS/DMUYOCSmZZRbf7rYFTpLa9cqQDewFO1jwRPczU99leiyGtOCsbdAPRmSvLVhOLnzqvcaua3B17ej2d6/7w==\",\"salt\":\"ZrR/QMSRwruFRU5FsPUgHQ==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "uma_authorization", + "aps-admin", + "offline_access", + "api-owner" + ], + "clientRoles": { + "account": ["manage-account", "view-profile"] }, - "realmRoles" : [ ], - "clientRoles" : { }, - "subGroups" : [ ] - } ] - }, { - "id" : "6a0b857d-3951-444d-823e-193bf9f12f67", - "name" : "organization-admin", - "path" : "/organization-admin", - "attributes" : { }, - "realmRoles" : [ ], - "clientRoles" : { }, - "subGroups" : [ { - "id" : "17434902-eda6-4d6a-a366-2dbfdbf3866c", - "name" : "ca.bc.gov", - "path" : "/organization-admin/ca.bc.gov", - "attributes" : { }, - "realmRoles" : [ ], - "clientRoles" : { }, - "subGroups" : [ { - "id" : "711b0078-fb8c-4ce9-aa50-06a690360508", - "name" : "ministry-of-health", - "path" : "/organization-admin/ca.bc.gov/ministry-of-health", - "attributes" : { }, - "realmRoles" : [ ], - "clientRoles" : { }, - "subGroups" : [ { - "id" : "614278c5-b60c-4101-9986-3d031720dec0", - "name" : "planning-and-innovation-division", - "path" : "/organization-admin/ca.bc.gov/ministry-of-health/planning-and-innovation-division", - "attributes" : { }, - "realmRoles" : [ ], - "clientRoles" : { }, - "subGroups" : [ ] - } ] - } ] - } ] - } ], - "defaultRoles" : [ "uma_authorization", "offline_access" ], - "requiredCredentials" : [ "password" ], - "otpPolicyType" : "totp", - "otpPolicyAlgorithm" : "HmacSHA1", - "otpPolicyInitialCounter" : 0, - "otpPolicyDigits" : 6, - "otpPolicyLookAheadWindow" : 1, - "otpPolicyPeriod" : 30, - "otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ], - "webAuthnPolicyRpEntityName" : "keycloak", - "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], - "webAuthnPolicyRpId" : "", - "webAuthnPolicyAttestationConveyancePreference" : "not specified", - "webAuthnPolicyAuthenticatorAttachment" : "not specified", - "webAuthnPolicyRequireResidentKey" : "not specified", - "webAuthnPolicyUserVerificationRequirement" : "not specified", - "webAuthnPolicyCreateTimeout" : 0, - "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, - "webAuthnPolicyAcceptableAaguids" : [ ], - "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", - "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], - "webAuthnPolicyPasswordlessRpId" : "", - "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", - "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", - "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", - "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", - "webAuthnPolicyPasswordlessCreateTimeout" : 0, - "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, - "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], - "users" : [ { - "id" : "bf498a7b-b6e0-49bb-9ea8-0241d7792c01", - "createdTimestamp" : 1642463435902, - "username" : "220469e037c84a7abdfab15204a60701@olduser", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "oldF", - "lastName" : "userL", - "email" : "olduser@testmail.com", - "attributes" : { - "provider_user_guid" : [ "220469E037C84A7ABDFAB15204A60701" ], - "identity_provider" : [ "idir" ], - "display_name" : [ "oldF userL" ], - "provider_username" : [ "olduser" ] + "notBefore": 0, + "groups": [] }, - "credentials" : [ { - "id" : "6aa0a7ca-c2ad-43f5-9bdb-3f58693b2c01", - "type" : "password", - "createdDate" : 1642466403247, - "secretData" : "{\"value\":\"ltS/DMUYOCSmZZRbf7rYFTpLa9cqQDewFO1jwRPczU99leiyGtOCsbdAPRmSvLVhOLnzqvcaua3B17ej2d6/7w==\",\"salt\":\"ZrR/QMSRwruFRU5FsPUgHQ==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "aps-admin", "offline_access", "api-owner" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "03ff1b38-197b-465f-854a-b64f56b13356", + "createdTimestamp": 1625085370528, + "username": "awsummer@idir", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Awesome", + "lastName": "Summers", + "email": "awsummers@gmail.com", + "attributes": { + "provider_user_guid": ["110469E037C84A7XXXXAB15204XX0701"], + "identity_provider": ["idir"], + "display_name": ["awesome summers"], + "provider_username": ["awsummers"] + }, + "credentials": [ + { + "id": "fa2ee157-09ea-466e-b9f6-378fd6f4dcdc", + "type": "password", + "createdDate": 1625085504863, + "secretData": "{\"value\":\"Fg8F1kRC03xAi3dyLPoH7K0TDGGfN9FKkcG6gGobAkyZtqtfShgjhGB1DSBZdXXirK27lHHYv+ZTqpAf87uhuA==\",\"salt\":\"TD5LnQBeAReu7LfJ2bnWMQ==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access", "api-owner"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "03ff1b38-197b-465f-854a-b64f56b13356", - "createdTimestamp" : 1625085370528, - "username" : "awsummer@idir", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Awesome", - "lastName" : "Summers", - "email" : "awsummers@gmail.com", - "credentials" : [ { - "id" : "fa2ee157-09ea-466e-b9f6-378fd6f4dcdc", - "type" : "password", - "createdDate" : 1625085504863, - "secretData" : "{\"value\":\"Fg8F1kRC03xAi3dyLPoH7K0TDGGfN9FKkcG6gGobAkyZtqtfShgjhGB1DSBZdXXirK27lHHYv+ZTqpAf87uhuA==\",\"salt\":\"TD5LnQBeAReu7LfJ2bnWMQ==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access", "api-owner" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "d46a85d7-0f70-4e37-be54-780c0fb4ac0a", + "createdTimestamp": 1671484159521, + "username": "benny@idir", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Benny", + "lastName": "Andersson", + "email": "benny@test.com", + "attributes": { + "provider_user_guid": ["220469E037C84A7ABDFAB15204A607C5"], + "identity_provider": ["idir"], + "display_name": ["benny@idir"], + "provider_username": ["benny"] + }, + "credentials": [ + { + "id": "00f5d5cd-61d2-4d6c-9d0f-8ba4ad49affe", + "type": "password", + "createdDate": 1671484173178, + "secretData": "{\"value\":\"jnbRhIykJhlF3MGTmQQAcCffzXiiUGY+4/CroCAJeGG07NzWw1VxQbCYjaGu+AaqZ9PFrNlxBoMqhMIrvDXSrA==\",\"salt\":\"2roPSuib0r/NQyLW3JIl0g==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": ["/organization-admin/ca.bc.gov"] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "d46a85d7-0f70-4e37-be54-780c0fb4ac0a", - "createdTimestamp" : 1671484159521, - "username" : "benny@idir", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Benny", - "lastName" : "Andersson", - "email" : "benny@test.com", - "attributes" : { - "provider_user_guid" : [ "220469E037C84A7ABDFAB15204A607C5" ], - "identity_provider" : [ "idir" ], - "display_name" : [ "benny@idir" ], - "provider_username" : [ "benny" ] + { + "id": "f6296cb0-a7c4-45fc-88ff-c1da793ff981", + "createdTimestamp": 1642463544967, + "username": "harley", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Harley", + "lastName": "Jones", + "email": "harley@test.com", + "credentials": [ + { + "id": "0cc94c77-49c1-4e9c-b224-66dc661c06b5", + "type": "password", + "createdDate": 1642466431391, + "secretData": "{\"value\":\"AxeI0+khXUu1TqFB+I89x9KSQCBo2KZLGPyYXvLSkQlu/lMSfw7QEp0S3+i364FuzHYRCwAC2GVCjrAiOiyHVg==\",\"salt\":\"GJZIGYazPq+sEMRAO2AtRA==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "credentials" : [ { - "id" : "00f5d5cd-61d2-4d6c-9d0f-8ba4ad49affe", - "type" : "password", - "createdDate" : 1671484173178, - "secretData" : "{\"value\":\"jnbRhIykJhlF3MGTmQQAcCffzXiiUGY+4/CroCAJeGG07NzWw1VxQbCYjaGu+AaqZ9PFrNlxBoMqhMIrvDXSrA==\",\"salt\":\"2roPSuib0r/NQyLW3JIl0g==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "bf498a7b-b6e0-49bb-9ea8-0241d7792fe2", + "createdTimestamp": 1642463435902, + "username": "janis@idir", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Janis", + "lastName": "Smith", + "email": "janis@testmail.com", + "attributes": { + "provider_user_guid": ["220469E037C84A7ABDFAB15204A607C5"], + "identity_provider": ["idir"], + "display_name": ["Janis@idir"], + "provider_username": ["janis"] + }, + "credentials": [ + { + "id": "6aa0a7ca-c2ad-43f5-9bdb-3f58693b28bc", + "type": "password", + "createdDate": 1642466403247, + "secretData": "{\"value\":\"ltS/DMUYOCSmZZRbf7rYFTpLa9cqQDewFO1jwRPczU99leiyGtOCsbdAPRmSvLVhOLnzqvcaua3B17ej2d6/7w==\",\"salt\":\"ZrR/QMSRwruFRU5FsPUgHQ==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "uma_authorization", + "aps-admin", + "offline_access", + "api-owner" + ], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ "/organization-admin/ca.bc.gov" ] - }, { - "id" : "f6296cb0-a7c4-45fc-88ff-c1da793ff981", - "createdTimestamp" : 1642463544967, - "username" : "harley", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Harley", - "lastName" : "Jones", - "email" : "harley@test.com", - "credentials" : [ { - "id" : "0cc94c77-49c1-4e9c-b224-66dc661c06b5", - "type" : "password", - "createdDate" : 1642466431391, - "secretData" : "{\"value\":\"AxeI0+khXUu1TqFB+I89x9KSQCBo2KZLGPyYXvLSkQlu/lMSfw7QEp0S3+i364FuzHYRCwAC2GVCjrAiOiyHVg==\",\"salt\":\"GJZIGYazPq+sEMRAO2AtRA==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "7f9dcdfc-6100-4ec8-ba3f-8bd26d184585", + "createdTimestamp": 1623537499547, + "username": "local", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "local F", + "lastName": "local L", + "email": "local@development.me", + "credentials": [ + { + "id": "4ea10252-fd5d-476c-9e75-896230209ba5", + "type": "password", + "createdDate": 1623537499592, + "secretData": "{\"value\":\"BuAJdiavdBRkL23vKkpx9Ua1jKeLagEd/AkExhMM5Npt5l9Q3HO3Z/Ksxen+TBGh0JZDMxpfHArCp7xaAaUThw==\",\"salt\":\"ASKUBGyIEAcGPJaCnkpk+A==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "uma_authorization", + "offline_access", + "api-owner", + "admin" + ], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "bf498a7b-b6e0-49bb-9ea8-0241d7792fe2", - "createdTimestamp" : 1642463435902, - "username" : "janis@idir", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Janis", - "lastName" : "Smith", - "email" : "janis@testmail.com", - "attributes" : { - "provider_user_guid" : [ "220469E037C84A7ABDFAB15204A607C5" ], - "identity_provider" : [ "idir" ], - "display_name" : [ "Janis@idir" ], - "provider_username" : [ "janis" ] + { + "id": "0cb6367d-605d-44ef-a15a-a180e5773bc2", + "createdTimestamp": 1638573942042, + "username": "mark@idir", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Mark F", + "lastName": "Mark L", + "email": "mark@gmail.com", + "attributes": { + "provider_user_guid": ["220469E037C84A7ABDFAB15204A607C5"], + "identity_provider": ["idir"], + "display_name": ["mark@idir"], + "provider_username": ["mark"] + }, + "credentials": [ + { + "id": "51f9551c-700c-48a4-a8c9-741089fc8123", + "type": "password", + "createdDate": 1638573942161, + "secretData": "{\"value\":\"I1XjV+HZkoHcNhSOHbICpyAlzyGyeqp/kPuIMvjcRP8oCD5x1FimGeZ8PISATtgcAq+QaSz3jx/ntodr3LbxOw==\",\"salt\":\"1Exw3iFjhc8E6DprXFm26w==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "uma_authorization", + "offline_access", + "api-manager", + "admin" + ], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "credentials" : [ { - "id" : "6aa0a7ca-c2ad-43f5-9bdb-3f58693b28bc", - "type" : "password", - "createdDate" : 1642466403247, - "secretData" : "{\"value\":\"ltS/DMUYOCSmZZRbf7rYFTpLa9cqQDewFO1jwRPczU99leiyGtOCsbdAPRmSvLVhOLnzqvcaua3B17ej2d6/7w==\",\"salt\":\"ZrR/QMSRwruFRU5FsPUgHQ==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "aps-admin", "offline_access", "api-owner" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "bf498a7b-b6e0-49bb-9ea8-0241d7792f01", + "createdTimestamp": 1642463435902, + "username": "olduser@idir", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "oldF", + "lastName": "userL", + "email": "olduser@testmail.com", + "attributes": { + "provider_user_guid": ["220469E037C84A7ABDFAB15204A60701"], + "identity_provider": ["idir"], + "display_name": ["oldF userL"], + "provider_username": ["olduser@idir"] + }, + "credentials": [ + { + "id": "6aa0a7ca-c2ad-43f5-9bdb-3f58693b2801", + "type": "password", + "createdDate": 1642466403247, + "secretData": "{\"value\":\"ltS/DMUYOCSmZZRbf7rYFTpLa9cqQDewFO1jwRPczU99leiyGtOCsbdAPRmSvLVhOLnzqvcaua3B17ej2d6/7w==\",\"salt\":\"ZrR/QMSRwruFRU5FsPUgHQ==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "uma_authorization", + "aps-admin", + "offline_access", + "api-owner" + ], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "7f9dcdfc-6100-4ec8-ba3f-8bd26d184585", - "createdTimestamp" : 1623537499547, - "username" : "local", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "local F", - "lastName" : "local L", - "email" : "local@development.me", - "credentials" : [ { - "id" : "4ea10252-fd5d-476c-9e75-896230209ba5", - "type" : "password", - "createdDate" : 1623537499592, - "secretData" : "{\"value\":\"BuAJdiavdBRkL23vKkpx9Ua1jKeLagEd/AkExhMM5Npt5l9Q3HO3Z/Ksxen+TBGh0JZDMxpfHArCp7xaAaUThw==\",\"salt\":\"ASKUBGyIEAcGPJaCnkpk+A==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access", "api-owner", "admin" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "dcd4bf36-c332-4888-a768-ae67d1207ccb", + "createdTimestamp": 1623445150804, + "username": "service-account-aps-portal", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "aps-portal", + "credentials": [], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "0cb6367d-605d-44ef-a15a-a180e5773bc2", - "createdTimestamp" : 1638573942042, - "username" : "mark@idir", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Mark F", - "lastName" : "Mark L", - "email" : "mark@gmail.com", - "attributes" : { - "provider_user_guid" : [ "220469E037C84A7ABDFAB15204A607C5" ], - "identity_provider" : [ "idir" ], - "display_name" : [ "mark@idir" ], - "provider_username" : [ "mark" ] + { + "id": "0b87eb7b-28cd-43ec-b1fc-9c6b7ba12c9c", + "createdTimestamp": 1640110055487, + "username": "service-account-cypress-auth-profile", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "cypress-auth-profile", + "credentials": [], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "master-realm": [ + "manage-clients", + "view-users", + "create-client", + "manage-users" + ], + "account": ["manage-account", "view-profile"], + "cypress-auth-profile": ["uma_protection"] + }, + "notBefore": 0, + "groups": [] }, - "credentials" : [ { - "id" : "51f9551c-700c-48a4-a8c9-741089fc8123", - "type" : "password", - "createdDate" : 1638573942161, - "secretData" : "{\"value\":\"I1XjV+HZkoHcNhSOHbICpyAlzyGyeqp/kPuIMvjcRP8oCD5x1FimGeZ8PISATtgcAq+QaSz3jx/ntodr3LbxOw==\",\"salt\":\"1Exw3iFjhc8E6DprXFm26w==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access", "api-manager", "admin" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "08e76239-85ee-4d2b-ac51-1fe737496fe8", + "createdTimestamp": 1625089066378, + "username": "service-account-gwa-api", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "gwa-api", + "credentials": [], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "gwa-api": ["uma_protection"], + "master-realm": [ + "manage-clients", + "view-users", + "create-client", + "manage-users", + "manage-authorization" + ], + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "bf498a7b-b6e0-49bb-9ea8-0241d7792f01", - "createdTimestamp" : 1642463435902, - "username" : "olduser@idir", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "oldF", - "lastName" : "userL", - "email" : "olduser@testmail.com", - "attributes" : { - "provider_user_guid" : [ "220469E037C84A7ABDFAB15204A60701" ], - "identity_provider" : [ "idir" ], - "display_name" : [ "oldF userL" ], - "provider_username" : [ "olduser@idir" ] + { + "id": "c795236e-fb09-4b4e-93e0-8bffb7dda7b3", + "createdTimestamp": 1650644631111, + "username": "service-account-sa-platform1-e0000000-5be82156d61f", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-platform1-e0000000-5be82156d61f", + "credentials": [], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "credentials" : [ { - "id" : "6aa0a7ca-c2ad-43f5-9bdb-3f58693b2801", - "type" : "password", - "createdDate" : 1642466403247, - "secretData" : "{\"value\":\"ltS/DMUYOCSmZZRbf7rYFTpLa9cqQDewFO1jwRPczU99leiyGtOCsbdAPRmSvLVhOLnzqvcaua3B17ej2d6/7w==\",\"salt\":\"ZrR/QMSRwruFRU5FsPUgHQ==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "aps-admin", "offline_access", "api-owner" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "54adc719-3687-4886-9a7c-18c719a31014", + "createdTimestamp": 1651510581479, + "username": "service-account-sa-platform-e0000000-fa46551361b4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-platform-e0000000-fa46551361b4", + "credentials": [], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "offline_access"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "dcd4bf36-c332-4888-a768-ae67d1207ccb", - "createdTimestamp" : 1623445150804, - "username" : "service-account-aps-portal", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "serviceAccountClientId" : "aps-portal", - "credentials" : [ ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "106ae49e-2334-4147-9f59-cd1ef50dab3b", + "createdTimestamp": 1645047852963, + "username": "wendy@idir", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Wendy F", + "lastName": "Wendy L", + "email": "wendy@test.com", + "attributes": { + "provider_user_guid": ["220469E037C84A7ABDFAB15204A607C5"], + "identity_provider": ["idir"], + "display_name": ["wendy@idir"], + "provider_username": ["wendy"] + }, + "credentials": [ + { + "id": "879b81f9-8dc9-40b2-afb5-805afc4e7e4d", + "type": "password", + "createdDate": 1645047984782, + "secretData": "{\"value\":\"itMDSu6kUt6bNPEHYdg9zH7jc2avU6W3JYTa/gNen7kGXGkanthdm60CWJ3E3lVnkBqniON8ntmnrNqSnOJv2g==\",\"salt\":\"kB81qbXXeMnX7k3DSvBmvQ==\"}", + "credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" + } + ], + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["uma_authorization", "credential-admin", "offline_access"], + "clientRoles": { + "account": ["manage-account", "view-profile"] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": ["offline_access"] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": ["manage-account"] + } + ] + }, + "clients": [ + { + "id": "bc61d6b7-6876-4193-9881-1b994596a207", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "defaultRoles": ["manage-account", "view-profile"], + "redirectUris": ["/realms/master/account/*"], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "0b87eb7b-28cd-43ec-b1fc-9c6b7ba12c9c", - "createdTimestamp" : 1640110055487, - "username" : "service-account-cypress-auth-profile", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "serviceAccountClientId" : "cypress-auth-profile", - "credentials" : [ ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "master-realm" : [ "manage-clients", "view-users", "create-client", "manage-users" ], - "account" : [ "manage-account", "view-profile" ], - "cypress-auth-profile" : [ "uma_protection" ] + { + "id": "0f7cdb03-8ae1-46a1-b97d-c7e8f8094517", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": ["/realms/master/account/*"], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "7d9f3625-b978-4996-a063-12552470c586", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "08e76239-85ee-4d2b-ac51-1fe737496fe8", - "createdTimestamp" : 1625089066378, - "username" : "service-account-gwa-api", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "serviceAccountClientId" : "gwa-api", - "credentials" : [ ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "gwa-api" : [ "uma_protection" ], - "master-realm" : [ "manage-clients", "view-users", "create-client", "manage-users", "manage-authorization" ], - "account" : [ "manage-account", "view-profile" ] + { + "id": "4221af6b-3bc7-4685-8c69-e1ba30303101", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "c795236e-fb09-4b4e-93e0-8bffb7dda7b3", - "createdTimestamp" : 1650644631111, - "username" : "service-account-sa-platform1-e0000000-5be82156d61f", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "serviceAccountClientId" : "sa-platform1-e0000000-5be82156d61f", - "credentials" : [ ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "f333c5e5-fba2-48e8-aab7-7b6862881202", + "clientId": "aps-portal", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "8e1a17ed-cb93-4806-ac32-e303d1c86018", + "redirectUris": ["http://*", "https://*"], + "webOrigins": ["*"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "390fa558-2b62-4399-adfb-e2ec96784813", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "8df082aa-710d-4be7-b396-22223a710e84", + "name": "display_name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "display_name", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "display_name", + "userinfo.token.claim": "true" + } + }, + { + "id": "8df082aa-710d-4be7-b396-00023a710e84", + "name": "provider_user_guid", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "provider_user_guid", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "provider_user_guid", + "userinfo.token.claim": "true" + } + }, + { + "id": "8df082aa-710d-4be7-b396-11123a710e84", + "name": "provider_username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "provider_username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "provider_username", + "userinfo.token.claim": "true" + } + }, + { + "id": "8df082aa-710d-4be7-b396-87323a710e84", + "name": "identity_provider", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "identity_provider", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "identity_provider", + "userinfo.token.claim": "true" + } + }, + { + "id": "d9196236-636f-4459-ac3b-2b0f9b87681d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f088eda3-2a14-45a4-8e91-1f669152a6e3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "Namespace.Create", + "role_list", + "roles", + "Namespace.Admin", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "54adc719-3687-4886-9a7c-18c719a31014", - "createdTimestamp" : 1651510581479, - "username" : "service-account-sa-platform-e0000000-fa46551361b4", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "serviceAccountClientId" : "sa-platform-e0000000-fa46551361b4", - "credentials" : [ ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "62f2227e-e1ac-4c74-b278-1eab7f7664ae", + "clientId": "aps-v2-realm", + "name": "aps-v2 Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] }, - "notBefore" : 0, - "groups" : [ ] - }, { - "id" : "106ae49e-2334-4147-9f59-cd1ef50dab3b", - "createdTimestamp" : 1645047852963, - "username" : "wendy@idir", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Wendy F", - "lastName" : "Wendy L", - "email" : "wendy@test.com", - "attributes" : { - "provider_user_guid" : [ "220469E037C84A7ABDFAB15204A607C5" ], - "identity_provider" : [ "idir" ], - "display_name" : [ "wendy@idir" ], - "provider_username" : [ "wendy" ] + { + "id": "db7f58dc-c007-4e4c-ad7b-14f57a0521cd", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] }, - "credentials" : [ { - "id" : "879b81f9-8dc9-40b2-afb5-805afc4e7e4d", - "type" : "password", - "createdDate" : 1645047984782, - "secretData" : "{\"value\":\"itMDSu6kUt6bNPEHYdg9zH7jc2avU6W3JYTa/gNen7kGXGkanthdm60CWJ3E3lVnkBqniON8ntmnrNqSnOJv2g==\",\"salt\":\"kB81qbXXeMnX7k3DSvBmvQ==\"}", - "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" - } ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "credential-admin", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] + { + "id": "50c78923-95d9-4083-87ff-5233f2d6326e", + "clientId": "cypress-auth-profile", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "43badfc1-c06f-4bec-bab6-ccdc764071ac", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "authorizationServicesEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e5b7aae4-4667-40a4-bef5-34abb759e338", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "6d728625-6d5e-4363-90cc-e3b68baa756a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "bbf72323-f9f4-44c1-8088-df564fe7b494", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "role_list", + "Namespace.Create", + "Namespace.Admin", + "roles", + "profile", + "System.Write", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ], + "authorizationSettings": { + "allowRemoteResourceManagement": true, + "policyEnforcementMode": "ENFORCING", + "resources": [ + { + "name": "Default Resource", + "type": "urn:cypress-auth-profile:resources:default", + "ownerManagedAccess": false, + "attributes": {}, + "_id": "8543a438-ee7e-44b7-aa28-aef951b65f2f", + "uris": ["/*"] + } + ], + "policies": [ + { + "id": "34e0a630-d6fa-499c-b7b7-bca8b6ef70f6", + "name": "Default Policy", + "description": "A policy that grants access only for users within this realm", + "type": "js", + "logic": "POSITIVE", + "decisionStrategy": "AFFIRMATIVE", + "config": { + "code": "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + } + }, + { + "id": "a1bbc96c-4248-4f32-8bec-59569165bcb8", + "name": "Default Permission", + "description": "A permission that applies to the default resource type", + "type": "resource", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "defaultResourceType": "urn:cypress-auth-profile:resources:default", + "applyPolicies": "[\"Default Policy\"]" + } + } + ], + "scopes": [], + "decisionStrategy": "UNANIMOUS" + } }, - "notBefore" : 0, - "groups" : [ ] - } ], - "scopeMappings" : [ { - "clientScope" : "offline_access", - "roles" : [ "offline_access" ] - } ], - "clientScopeMappings" : { - "account" : [ { - "client" : "account-console", - "roles" : [ "manage-account" ] - } ] - }, - "clients" : [ { - "id" : "bc61d6b7-6876-4193-9881-1b994596a207", - "clientId" : "account", - "name" : "${client_account}", - "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/master/account/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "defaultRoles" : [ "manage-account", "view-profile" ], - "redirectUris" : [ "/realms/master/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "0f7cdb03-8ae1-46a1-b97d-c7e8f8094517", - "clientId" : "account-console", - "name" : "${client_account-console}", - "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/master/account/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "redirectUris" : [ "/realms/master/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "pkce.code.challenge.method" : "S256" + { + "id": "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", + "clientId": "gwa-api", + "rootUrl": "https://gwa-api-gov-bc-ca.dev.api.gov.bc.ca", + "adminUrl": "https://gwa-api-gov-bc-ca.dev.api.gov.bc.ca", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "18900468-3db1-43f7-a8af-e75f079eb742", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "authorizationServicesEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "4f2fdd5d-7cd7-427b-bce3-60ac808570da", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "3ef8dcec-57b5-4217-9991-c3144ffafc19", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9e857953-1628-4deb-a568-9a59af3c985f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "Namespace.Create", + "role_list", + "roles", + "Namespace.Admin", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ], + "authorizationSettings": { + "allowRemoteResourceManagement": true, + "policyEnforcementMode": "ENFORCING", + "resources": [ + { + "name": "Default Resource", + "type": "urn:gwa-api:resources:default", + "ownerManagedAccess": false, + "attributes": {}, + "_id": "054b9d22-ce05-4b1c-86bf-424eb7f3ca13", + "uris": ["/*"] + }, + { + "name": "platform1", + "type": "namespace", + "ownerManagedAccess": true, + "attributes": {}, + "_id": "fa9f93b8-b1c1-45ab-ad65-672befbdaedc", + "uris": [], + "scopes": [ + { + "name": "GatewayConfig.Publish" + }, + { + "name": "Namespace.Manage" + }, + { + "name": "Access.Manage" + }, + { + "name": "Content.Publish" + }, + { + "name": "Namespace.View" + }, + { + "name": "CredentialIssuer.Admin" + } + ] + }, + { + "name": "platform2", + "type": "namespace", + "ownerManagedAccess": true, + "attributes": {}, + "_id": "c6ad734c-6d8f-4b90-bcf9-cb9c19eadc22", + "uris": [], + "scopes": [ + { + "name": "GatewayConfig.Publish" + }, + { + "name": "Namespace.Manage" + }, + { + "name": "Access.Manage" + }, + { + "name": "Content.Publish" + }, + { + "name": "Namespace.View" + }, + { + "name": "CredentialIssuer.Admin" + } + ] + }, + { + "name": "platform", + "type": "namespace", + "ownerManagedAccess": true, + "attributes": {}, + "_id": "501a70b7-546a-43f3-8992-a4c170f0bab7", + "uris": [], + "scopes": [ + { + "name": "GatewayConfig.Publish" + }, + { + "name": "Namespace.Manage" + }, + { + "name": "Access.Manage" + }, + { + "name": "Content.Publish" + }, + { + "name": "Namespace.View" + }, + { + "name": "CredentialIssuer.Admin" + } + ] + }, + { + "name": "org/ca.bc.gov", + "type": "organization", + "ownerManagedAccess": true, + "displayName": "org/ca.bc.gov", + "attributes": {}, + "_id": "228c26be-3ef4-43d6-92ec-8441ebf5887c", + "uris": [], + "scopes": [ + { + "name": "GroupAccess.Manage" + } + ] + }, + { + "name": "org/ministry-of-health", + "type": "organization", + "ownerManagedAccess": true, + "attributes": {}, + "_id": "2367ab08-6c6e-42e4-b1db-3a86de3a028d", + "uris": [], + "scopes": [ + { + "name": "GroupAccess.Manage" + }, + { + "name": "Dataset.Manage" + }, + { + "name": "Namespace.Assign" + } + ] + }, + { + "name": "org/planning-and-innovation-division", + "type": "organization", + "ownerManagedAccess": true, + "attributes": {}, + "_id": "032644b7-a3a0-489e-bda3-193bd14d861a", + "uris": [], + "scopes": [ + { + "name": "GroupAccess.Manage" + }, + { + "name": "Dataset.Manage" + }, + { + "name": "Namespace.Assign" + } + ] + } + ], + "policies": [ + { + "id": "35dcd837-d215-4036-84fe-452605b0a065", + "name": "Default Policy", + "description": "A policy that grants access only for users within this realm", + "type": "js", + "logic": "POSITIVE", + "decisionStrategy": "AFFIRMATIVE", + "config": { + "code": "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + } + }, + { + "id": "ca06ef6c-d7f8-42c9-b0d6-0c9be85c1cc1", + "name": "janis", + "type": "user", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "users": "[\"janis@idir\"]" + } + }, + { + "id": "c3848ff4-76b0-4f2d-afe9-7dfd77467fcb", + "name": "group-organization-admin-ca.bc.gov-policy", + "description": "Group '/organization-admin' / 'ca.bc.gov' Policy", + "type": "group", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "groups": "[{\"path\":\"/organization-admin/ca.bc.gov\",\"extendChildren\":false},{\"path\":\"/organization-admin\",\"extendChildren\":false}]" + } + }, + { + "id": "6f49c571-fbbb-4f86-a72a-c1591a446bb3", + "name": "group-organization-admin-ca.bc.gov-ministry-of-health-policy", + "description": "Group '/organization-admin/ca.bc.gov' / 'ministry-of-health' Policy", + "type": "group", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "groups": "[{\"path\":\"/organization-admin/ca.bc.gov/ministry-of-health\",\"extendChildren\":false},{\"path\":\"/organization-admin/ca.bc.gov\",\"extendChildren\":false},{\"path\":\"/organization-admin\",\"extendChildren\":false}]" + } + }, + { + "id": "99fdf1a9-d5ec-48c7-a2cd-1ddeb130b058", + "name": "group-organization-admin-ca.bc.gov-ministry-of-health-planning-and-innovation-division-policy", + "description": "Group '/organization-admin/ca.bc.gov/ministry-of-health' / 'planning-and-innovation-division' Policy", + "type": "group", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "groups": "[{\"path\":\"/organization-admin/ca.bc.gov/ministry-of-health/planning-and-innovation-division\",\"extendChildren\":false},{\"path\":\"/organization-admin\",\"extendChildren\":false},{\"path\":\"/organization-admin/ca.bc.gov\",\"extendChildren\":false},{\"path\":\"/organization-admin/ca.bc.gov/ministry-of-health\",\"extendChildren\":false}]" + } + }, + { + "id": "31be7436-e9d8-42a3-b42e-69a1869a7eea", + "name": "Default Permission", + "description": "A permission that applies to the default resource type", + "type": "resource", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "defaultResourceType": "urn:gwa-api:resources:default", + "applyPolicies": "[\"Default Policy\"]" + } + }, + { + "id": "65f0c0a4-e2ac-4364-800d-ebd4e11ce393", + "name": "janis full access", + "type": "scope", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "scopes": "[\"GroupAccess.Manage\",\"Namespace.Assign\"]", + "applyPolicies": "[\"janis\"]" + } + }, + { + "id": "854f0dfe-952d-48f8-9d53-d49b0b4ed122", + "name": "Access to 'org/ca.bc.gov' services for role organization-admin", + "type": "scope", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "resources": "[\"org/ca.bc.gov\"]", + "scopes": "[\"GroupAccess.Manage\"]", + "applyPolicies": "[\"group-organization-admin-ca.bc.gov-policy\"]" + } + }, + { + "id": "3f934d3f-d231-48fc-9f5a-924da7808989", + "name": "Access to 'org/ministry-of-health' services for role organization-admin", + "type": "scope", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "resources": "[\"org/ministry-of-health\"]", + "scopes": "[\"Dataset.Manage\",\"GroupAccess.Manage\",\"Namespace.Assign\"]", + "applyPolicies": "[\"group-organization-admin-ca.bc.gov-ministry-of-health-policy\"]" + } + }, + { + "id": "56a4857d-a0be-472c-85d0-2dca93a1fdac", + "name": "Access to 'org/planning-and-innovation-division' services for role organization-admin", + "type": "scope", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "resources": "[\"org/planning-and-innovation-division\"]", + "scopes": "[\"Dataset.Manage\",\"GroupAccess.Manage\",\"Namespace.Assign\"]", + "applyPolicies": "[\"group-organization-admin-ca.bc.gov-ministry-of-health-planning-and-innovation-division-policy\"]" + } + }, + { + "id": "f2e764aa-c355-4e81-a5e6-e76ffb86041f", + "name": "Access to 'platform' services for role organization-admin", + "type": "scope", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "resources": "[\"platform\"]", + "scopes": "[\"Namespace.View\"]", + "applyPolicies": "[\"group-organization-admin-ca.bc.gov-ministry-of-health-planning-and-innovation-division-policy\"]" + } + } + ], + "scopes": [ + { + "id": "6871ce8b-5d5f-455b-86ff-7cf5940930eb", + "name": "Namespace.Manage" + }, + { + "id": "0006d34f-1416-4ffb-ad1f-39ebf63f9556", + "name": "Namespace.View" + }, + { + "id": "a4d424c9-7331-4715-96a9-ecfd1dd0cf2c", + "name": "GatewayConfig.Publish" + }, + { + "id": "fd403d7f-1dfb-4673-8ab3-5e1ff7797b35", + "name": "Access.Manage" + }, + { + "id": "0f98e35d-c2c3-4781-bf85-478bf06cfa24", + "name": "Content.Publish" + }, + { + "id": "dfc132ca-aa87-40b5-bc33-3e972a88f638", + "name": "CredentialIssuer.Admin" + }, + { + "id": "95893c25-6b83-4e59-9518-a25568d95542", + "name": "GroupAccess.Manage", + "iconUri": "", + "displayName": "GroupAccess.Manage" + }, + { + "id": "b0b007b1-1ecb-4b3f-9f0c-41b3fa34754c", + "name": "Dataset.Manage" + }, + { + "id": "f3bf8d43-54a4-4594-aeea-f61b99411f92", + "name": "Namespace.Assign" + } + ], + "decisionStrategy": "AFFIRMATIVE" + } }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "7d9f3625-b978-4996-a063-12552470c586", - "name" : "audience resolve", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-audience-resolve-mapper", - "consentRequired" : false, - "config" : { } - } ], - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "4221af6b-3bc7-4685-8c69-e1ba30303101", - "clientId" : "admin-cli", - "name" : "${client_admin-cli}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "f333c5e5-fba2-48e8-aab7-7b6862881202", - "clientId" : "aps-portal", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "8e1a17ed-cb93-4806-ac32-e303d1c86018", - "redirectUris" : [ "http://*", "https://*" ], - "webOrigins" : [ "*" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.force.post.binding" : "false", - "saml.multivalued.roles" : "false", - "saml.encrypt" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false", - "exclude.session.state.from.auth.response" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "tls.client.certificate.bound.access.tokens" : "false", - "saml.authnstatement" : "false", - "display.on.consent.screen" : "false", - "saml.onetimeuse.condition" : "false" + { + "id": "f009e508-9d81-4893-a786-d6227e6fab2c", + "clientId": "gwa-cli", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": ["http://*", "https://*"], + "webOrigins": ["*"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "true", + "saml.server.signature": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false", + "oauth2.device.polling.interval": "5" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a9360947-ab7a-42be-b541-0880bc4cc4e4", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "bfe325cb-7c78-44e6-92c5-b7cd3d04fee6", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "99fd4f31-3fc0-4f1c-84b0-90d5039fb9c6", + "name": "display_name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "display_name", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "display_name", + "userinfo.token.claim": "true" + } + }, + { + "id": "e65a486d-dd60-487c-8a17-c474027697a8", + "name": "provider_user_guid", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "provider_user_guid", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "provider_user_guid", + "userinfo.token.claim": "true" + } + }, + { + "id": "d6f6e39e-af05-4010-bd73-13015244b864", + "name": "provider_username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "provider_username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "provider_username", + "userinfo.token.claim": "true" + } + }, + { + "id": "f147f8bf-aee1-45d0-a504-53d232f41c3a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "36487098-a6a1-4dfb-b91b-c2bedce268eb", + "name": "identity_provider", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "identity_provider", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "identity_provider", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [], + "optionalClientScopes": [] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "390fa558-2b62-4399-adfb-e2ec96784813", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientHost", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" - } - }, { - "id" : "8df082aa-710d-4be7-b396-22223a710e84", - "name" : "display_name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "display_name", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "display_name", - "userinfo.token.claim" : "true" - } - }, { - "id" : "8df082aa-710d-4be7-b396-00023a710e84", - "name" : "provider_user_guid", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "provider_user_guid", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "provider_user_guid", - "userinfo.token.claim" : "true" - } - }, { - "id" : "8df082aa-710d-4be7-b396-11123a710e84", - "name" : "provider_username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "provider_username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "provider_username", - "userinfo.token.claim" : "true" - } - }, { - "id" : "8df082aa-710d-4be7-b396-87323a710e84", - "name" : "identity_provider", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "identity_provider", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "identity_provider", - "userinfo.token.claim" : "true" - } - }, { - "id" : "d9196236-636f-4459-ac3b-2b0f9b87681d", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientId", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientId", - "jsonType.label" : "String" - } - }, { - "id" : "f088eda3-2a14-45a4-8e91-1f669152a6e3", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientAddress", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" + { + "id": "4e6525e9-647c-4c80-85d6-9c13890b0ab2", + "clientId": "master-realm", + "name": "master Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4bbc355d-7a87-4476-9593-7f9359dc8859", + "clientId": "sa-platform1-e0000000-5be82156d61f", + "name": "", + "description": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "c01a7839-2679-4cdd-96c4-173223b49ee6", + "redirectUris": ["https://*"], + "webOrigins": ["*"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d5b56ac0-01af-4241-991e-1cd25edeb739", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "8c119e4b-b308-41aa-be7b-91e1d299e499", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "3ba852b4-71b8-4942-950b-80968346b0e2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "25ee1923-6323-4c4c-ae70-178615ace3b2", + "clientId": "sa-platform-e0000000-fa46551361b4", + "name": "", + "description": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "dc96e3d3-23cc-4345-aa5e-6f89b5d20c91", + "redirectUris": ["https://*"], + "webOrigins": ["*"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "exclude.session.state.from.auth.response": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "270af568-11bf-4208-bccd-58583e44f09c", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "9dda9072-1e47-43fd-a482-6830b252ca5b", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "a35858ac-39ad-46bc-9227-e40698049c62", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "5c797848-2f03-4085-a03a-e4f7c22d0050", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/master/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": ["/admin/master/console/*"], + "webOrigins": ["+"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "c5b453d6-73e5-40f2-bc65-375b571f7d6c", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "role_list", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "f5d4d8e2-6e57-477a-83b0-88047af5285d", + "name": "Content.Publish", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" } - } ], - "defaultClientScopes" : [ "web-origins", "Namespace.Create", "role_list", "roles", "Namespace.Admin", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "62f2227e-e1ac-4c74-b278-1eab7f7664ae", - "clientId" : "aps-v2-realm", - "name" : "aps-v2 Realm", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "db7f58dc-c007-4e4c-ad7b-14f57a0521cd", - "clientId" : "broker", - "name" : "${client_broker}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "50c78923-95d9-4083-87ff-5233f2d6326e", - "clientId" : "cypress-auth-profile", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "43badfc1-c06f-4bec-bab6-ccdc764071ac", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : true, - "authorizationServicesEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.force.post.binding" : "false", - "saml.multivalued.roles" : "false", - "saml.encrypt" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false", - "exclude.session.state.from.auth.response" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "tls.client.certificate.bound.access.tokens" : "false", - "saml.authnstatement" : "false", - "display.on.consent.screen" : "false", - "saml.onetimeuse.condition" : "false" }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "e5b7aae4-4667-40a4-bef5-34abb759e338", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientHost", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" + { + "id": "4f7a31ce-a48b-4816-baff-4dbc378d4a10", + "name": "Namespace.Admin", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" } - }, { - "id" : "6d728625-6d5e-4363-90cc-e3b68baa756a", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientId", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientId", - "jsonType.label" : "String" + }, + { + "id": "5c280525-34b7-4436-a567-ad5a75f0b093", + "name": "Namespace.Create", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" } - }, { - "id" : "bbf72323-f9f4-44c1-8088-df564fe7b494", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientAddress", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" + }, + { + "id": "e78e5fd1-5ee2-4215-a5c3-a8581a19c716", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "b2a36609-2408-44fd-88ac-ef41fa62f5f4", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "89e870cc-7056-4bc0-8cf2-9c961ff4a62d", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7fb89890-a73f-4162-9ca3-e1539905ccb6", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "9ec60f35-65c9-4ea2-ab0e-2fc2c462d892", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "920764e0-6019-462b-bc25-f17a54562752", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "cd9090fd-faf4-450a-9144-3a9e04260095", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "9ca3b431-06e3-43f0-9277-a6dec6ec1172", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "bb473906-0c39-4af1-aad9-d8788dc7559f", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" } - } ], - "defaultClientScopes" : [ "web-origins", "role_list", "Namespace.Create", "Namespace.Admin", "roles", "profile", "System.Write", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ], - "authorizationSettings" : { - "allowRemoteResourceManagement" : true, - "policyEnforcementMode" : "ENFORCING", - "resources" : [ { - "name" : "Default Resource", - "type" : "urn:cypress-auth-profile:resources:default", - "ownerManagedAccess" : false, - "attributes" : { }, - "_id" : "8543a438-ee7e-44b7-aa28-aef951b65f2f", - "uris" : [ "/*" ] - } ], - "policies" : [ { - "id" : "34e0a630-d6fa-499c-b7b7-bca8b6ef70f6", - "name" : "Default Policy", - "description" : "A policy that grants access only for users within this realm", - "type" : "js", - "logic" : "POSITIVE", - "decisionStrategy" : "AFFIRMATIVE", - "config" : { - "code" : "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + }, + { + "id": "e5e16f12-1b4c-47e7-9599-99ff395f359c", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "8d83aa08-43a9-49f5-b1dd-caa144e2cad5", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "3886e58f-d64f-4851-80f3-ae7cc5c6ab13", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } } - }, { - "id" : "a1bbc96c-4248-4f32-8bec-59569165bcb8", - "name" : "Default Permission", - "description" : "A permission that applies to the default resource type", - "type" : "resource", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "defaultResourceType" : "urn:cypress-auth-profile:resources:default", - "applyPolicies" : "[\"Default Policy\"]" + ] + }, + { + "id": "f33d0489-2a52-4066-9c38-e130c02665ee", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "1826e2b1-380a-4c65-a73e-3bb79f519550", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "6ea0a08a-ab42-4b45-acfc-a05f5b452cb0", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "78d97855-5557-4f10-9d20-74d8ea6bdfef", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "22e60a23-914f-40bf-960d-e7a96655581d", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "e595c828-c815-4dff-bd8f-39b1eee5a3b3", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "cd91c70b-0856-4f5d-aeb6-9b5c3b48a966", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "4ce90553-d828-4146-92e0-ee1775c9ba28", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "43710808-227e-4171-a106-7576f933a32b", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "a814d5c0-bdcd-4f33-8cfd-228005f2ba94", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "df9e1465-617d-4a7b-a208-7354c6cbaada", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "fc508e60-a978-41f1-bea2-311673b4b0a8", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "8e4641a3-87d3-4958-8113-dcfa82f0ef54", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "ffc38939-9e10-4cf3-b4fc-65203e079a92", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "9364fe99-268a-4a74-88aa-a120a6897e78", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } } - } ], - "scopes" : [ ], - "decisionStrategy" : "UNANIMOUS" - } - }, { - "id" : "c002b2b1-0ca8-4fd6-896e-6d2e3395a345", - "clientId" : "gwa-api", - "rootUrl" : "https://gwa-api-gov-bc-ca.dev.api.gov.bc.ca", - "adminUrl" : "https://gwa-api-gov-bc-ca.dev.api.gov.bc.ca", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "18900468-3db1-43f7-a8af-e75f079eb742", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : true, - "authorizationServicesEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.force.post.binding" : "false", - "saml.multivalued.roles" : "false", - "saml.encrypt" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false", - "exclude.session.state.from.auth.response" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "tls.client.certificate.bound.access.tokens" : "false", - "saml.authnstatement" : "false", - "display.on.consent.screen" : "false", - "saml.onetimeuse.condition" : "false" + ] + }, + { + "id": "b5a38584-219b-4618-a3a5-70814bed867e", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "1a0a5251-1b3f-47b1-8cc1-07a285d6479f", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "4f2fdd5d-7cd7-427b-bce3-60ac808570da", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientAddress", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" + { + "id": "33bd4c0f-225f-43cb-8b6c-0bd4db702525", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "e276a79b-99cc-4f10-8d26-0e10ce245fdb", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "b64cc3a2-8ed8-4dee-a13a-fef5588a5949", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "c9828318-6d78-4aba-94ea-405f12fce589", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "0bfddcf3-017d-44b6-8447-297c565d5d2d", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "28867dcd-803d-47a5-be90-51be8a331527", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "e28fac82-4db1-4900-8096-74706a71f7f3", + "name": "System.Write", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" } - }, { - "id" : "3ef8dcec-57b5-4217-9991-c3144ffafc19", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientHost", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" + } + ], + "defaultDefaultClientScopes": [ + "web-origins", + "roles", + "Namespace.Admin", + "Namespace.Create", + "email", + "role_list", + "profile" + ], + "defaultOptionalClientScopes": [ + "microprofile-jwt", + "offline_access", + "phone", + "address" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "eventsEnabled": false, + "eventsListeners": ["jboss-logging"], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "d7699c96-1cc0-46fe-b0fe-c72c7f7d1804", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "522f0c4c-8dfe-4421-b573-0e5723319dac", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": ["true"] + } + }, + { + "id": "2502109c-1319-4bcd-bf94-a5225239c42b", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper", + "oidc-usermodel-property-mapper" + ] + } + }, + { + "id": "013bd2ad-80e7-40fe-ba41-b90642d536cd", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": ["true"], + "client-uris-must-match": ["true"] + } + }, + { + "id": "c0bcf5a2-ef5f-4f03-95c7-ea15f27c8cd7", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": ["true"] + } + }, + { + "id": "1157f7fe-a055-4ec3-8af8-3f809fd2fec0", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "650e6c8f-8a93-4096-9d37-1aecfe000e49", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": ["200"] + } + }, + { + "id": "93e21f15-c390-475a-865a-3f8125b1ccc9", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-role-list-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-audience-mapper" + ] + } } - }, { - "id" : "9e857953-1628-4deb-a568-9a59af3c985f", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientId", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientId", - "jsonType.label" : "String" + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "2b0c7bcb-c441-4694-8639-7175a1956655", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "kid": ["1b23b32b-bb69-4a9a-b20d-770d009ffb67"], + "active": ["true"], + "secretSize": ["64"], + "secret": [ + "FqB7weAN-07obv1h7cltkFANraOPiK3BN-x1fBR7BY3yF_tOVVy0faPtS24pbPB5VJMXrvZBVy4MvQbhPGOn-A" + ], + "priority": ["100"], + "enabled": ["true"], + "algorithm": ["HS256"] + } + }, + { + "id": "82953e3c-d927-4f6f-8b57-3b5c7b8903d6", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "privateKey": [ + "MIIEpAIBAAKCAQEAtE+K9HXgyAM2I3gmzReAKg3ukb0LgHI00kBz79cTLX+aXjAMl5n3cajJZuVBPj+Cyy4fm4vB7tHMTcY5StOMcQv95DZvmonQkweU87quqfETLTp6607tUfUdRib5W/euaKqVbCi09xwSftBeHHCcvotFTz/IjnZ6Ul/qZcDzXgoLEiaZrKz3iSFsnuJEWiozFP+hPZNESfRz/jqd7PcD++SO1iLtMjB5BPvlB7cFWDaWww+nUPbnsqsLZzwdAzhAjYe17x2AafffkZUUp1rf5VXEz8bzAoMpRZDswhG+v1jUPg638b3LFakV6PhRTvLnoKRpPvdzLmRguXtxufrQDwIDAQABAoIBAG0CLcrPPR8OuftFl4ekbop+M74OIVb9NKvr5WuZhnGaVHQe7m302mDvnxtC/Geqs+MsNlWub4d3dOGMNnTjYmOx0UPYGS6/pMZO7iFPumrpYSOV2FxMMjO7UYBo7ZZJLjr+7ikejxFZ+mCKjmr5NfoIbtWThSeDvz3v2OC9fyRZPE/AAqsy9Gkhukxnsi4nJOBK89nLeZS1nbGPzJxu9jiNm2snWI56N7orrVW5KBR/ynaFMN5CepYqgzK5uXv9dkzjBgiQbPlXk9c+LIWrrjXFxjftJTiop6C938B1MlfamkUsoQLwG1Uh8SQNgBExFUOeegouOJthbjhhVdPe/QkCgYEA/7Y5B2Sm0S+DXfoWyHS26ZQ2fDu9WweLbnGL9KrKd4T7u5Ubu9+qTu1aU2m7RxRya9yHzzVXSiTEKPoTPCjC9CIGA3YtQxze2zf7un+RfdN0Ty9pBZiKbAavsX5+KyIliC6FQy0O48eWR7LMsVSFJGGIeYPTjgY3U34uLsN55RUCgYEAtIOQxc1AFw/wcQIsJYEZWmwUIEd49s6x6iCBXez1sfZLJVHL5mE7NNxT0vuSKwxMK4gddSoRjBDqWGgge93HlIz+N+Ln656zCdLlOlDGe5a3jvtxIRKak/mp+nmk8G+FGGlAatPIRmZQbk0hIzh0m88k8hJ7NqRXTDeDDmzmcZMCgYEAgpvOcSpF0l7UWHHepTCIJLIhSj8xLoeh/h1dAPEjTPzNnzg/3CwXzwyIsEY2881LzC/t5jY2iZZR4yQoIvgm649dRvNblwXuBkaH+vAhngUdSTzMBaGuQhMANkaHpvxf8zjftDoVet58sc5voruq7bQrgvWEXuxp4el3KUeKwSkCgYAmOa4QlPQ7bf6mj6U1k+8AfN6OL1RoP0DhqVx7vVASDWvATV/2OyTEftupU+iSARqoJTzHsM7icDqP2gz27fHzfR/gScZ+2K5lKCmufahqR3I7bvd3326oYzgheFz7JUJz9uXTOWGxtrzVfrPDt5LJ48WZFVzOJ2LtGtw/08PAzQKBgQDy/mQxGSxIImcBcjdHDP7kb5T3M69PWN/VER1AMvkU+60uQTfZ7sXsJhWQn6XgzHF9ZhpTJeeliNn9dcTFOt9sWEoLspxZNz/RoKeW2P6p1krjrz74XDOgce63AaXufAFIGUDrJhCcIbyvalEvVQyDnnWe/dHl4us/DX+/+GWjVQ==" + ], + "keySize": ["2048"], + "certificate": [ + "MIICmzCCAYMCBgF6AmA7pTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjEwNjEyMjIzNjM5WhcNMzEwNjEyMjIzODE5WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0T4r0deDIAzYjeCbNF4AqDe6RvQuAcjTSQHPv1xMtf5peMAyXmfdxqMlm5UE+P4LLLh+bi8Hu0cxNxjlK04xxC/3kNm+aidCTB5Tzuq6p8RMtOnrrTu1R9R1GJvlb965oqpVsKLT3HBJ+0F4ccJy+i0VPP8iOdnpSX+plwPNeCgsSJpmsrPeJIWye4kRaKjMU/6E9k0RJ9HP+Op3s9wP75I7WIu0yMHkE++UHtwVYNpbDD6dQ9ueyqwtnPB0DOECNh7XvHYBp99+RlRSnWt/lVcTPxvMCgylFkOzCEb6/WNQ+DrfxvcsVqRXo+FFO8uegpGk+93MuZGC5e3G5+tAPAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD25ZjxPFys+OAoSmgRuk4KwpTG4cLm3vEwUjD60+gvYJk3bFUgxErNv+Ax69PN4OZwMh9fdnVHRx0haVno0ULUBintRP/P0ond1mw7HB1v/i9EMpRiVoMEL8y3wV363XVw6mDrYI8Pp0OihJBKo5I1EWgaLAl+lu9YS6f3VXaASgqx1AaV6qZiXM95FOeYkjpx30cbIR6uhRAfBHz10PO//RhTCnBrjasU921qFSMH3EuvRZET0jB68FLF7uRFK+goSVrw9O+TcK6Cbh4I4GZX66ZBRW6MTTIzYNsSuSMUlGFujGcVi5+1JmJgJg76coIo7NIR68KPKyh+47Mvy9bI=" + ], + "active": ["true"], + "priority": ["100"], + "enabled": ["true"], + "algorithm": ["RS256"] + } + }, + { + "id": "4ac9540a-c5b7-48b0-b3e1-1a7887ed5414", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "kid": ["8fc9ebb4-d633-4fbc-a940-43414dbb6841"], + "active": ["true"], + "secretSize": ["16"], + "secret": ["mwpmhvHuQq_qLZAKhngrjg"], + "priority": ["100"], + "enabled": ["true"] + } } - } ], - "defaultClientScopes" : [ "web-origins", "Namespace.Create", "role_list", "roles", "Namespace.Admin", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ], - "authorizationSettings" : { - "allowRemoteResourceManagement" : true, - "policyEnforcementMode" : "ENFORCING", - "resources" : [ { - "name" : "Default Resource", - "type" : "urn:gwa-api:resources:default", - "ownerManagedAccess" : false, - "attributes" : { }, - "_id" : "054b9d22-ce05-4b1c-86bf-424eb7f3ca13", - "uris" : [ "/*" ] - }, { - "name" : "platform1", - "type" : "namespace", - "ownerManagedAccess" : true, - "attributes" : { }, - "_id" : "fa9f93b8-b1c1-45ab-ad65-672befbdaedc", - "uris" : [ ], - "scopes" : [ { - "name" : "GatewayConfig.Publish" - }, { - "name" : "Namespace.Manage" - }, { - "name" : "Access.Manage" - }, { - "name" : "Content.Publish" - }, { - "name" : "Namespace.View" - }, { - "name" : "CredentialIssuer.Admin" - } ] - }, { - "name" : "platform2", - "type" : "namespace", - "ownerManagedAccess" : true, - "attributes" : { }, - "_id" : "c6ad734c-6d8f-4b90-bcf9-cb9c19eadc22", - "uris" : [ ], - "scopes" : [ { - "name" : "GatewayConfig.Publish" - }, { - "name" : "Namespace.Manage" - }, { - "name" : "Access.Manage" - }, { - "name" : "Content.Publish" - }, { - "name" : "Namespace.View" - }, { - "name" : "CredentialIssuer.Admin" - } ] - }, { - "name" : "platform", - "type" : "namespace", - "ownerManagedAccess" : true, - "attributes" : { }, - "_id" : "501a70b7-546a-43f3-8992-a4c170f0bab7", - "uris" : [ ], - "scopes" : [ { - "name" : "GatewayConfig.Publish" - }, { - "name" : "Namespace.Manage" - }, { - "name" : "Access.Manage" - }, { - "name" : "Content.Publish" - }, { - "name" : "Namespace.View" - }, { - "name" : "CredentialIssuer.Admin" - } ] - }, { - "name" : "org/ca.bc.gov", - "type" : "organization", - "ownerManagedAccess" : true, - "displayName" : "org/ca.bc.gov", - "attributes" : { }, - "_id" : "228c26be-3ef4-43d6-92ec-8441ebf5887c", - "uris" : [ ], - "scopes" : [ { - "name" : "GroupAccess.Manage" - } ] - }, { - "name" : "org/ministry-of-health", - "type" : "organization", - "ownerManagedAccess" : true, - "attributes" : { }, - "_id" : "2367ab08-6c6e-42e4-b1db-3a86de3a028d", - "uris" : [ ], - "scopes" : [ { - "name" : "GroupAccess.Manage" - }, { - "name" : "Dataset.Manage" - }, { - "name" : "Namespace.Assign" - } ] - }, { - "name" : "org/planning-and-innovation-division", - "type" : "organization", - "ownerManagedAccess" : true, - "attributes" : { }, - "_id" : "032644b7-a3a0-489e-bda3-193bd14d861a", - "uris" : [ ], - "scopes" : [ { - "name" : "GroupAccess.Manage" - }, { - "name" : "Dataset.Manage" - }, { - "name" : "Namespace.Assign" - } ] - } ], - "policies" : [ { - "id" : "35dcd837-d215-4036-84fe-452605b0a065", - "name" : "Default Policy", - "description" : "A policy that grants access only for users within this realm", - "type" : "js", - "logic" : "POSITIVE", - "decisionStrategy" : "AFFIRMATIVE", - "config" : { - "code" : "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "eaea4ea5-9672-4d18-be59-684a670dbdfd", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f3b7e531-0657-457e-bcb6-bb20db1e6a0c", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false } - }, { - "id" : "ca06ef6c-d7f8-42c9-b0d6-0c9be85c1cc1", - "name" : "janis", - "type" : "user", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "users" : "[\"janis@idir\"]" + ] + }, + { + "id": "fc933835-b5db-4779-b6ee-72fadd8cbc32", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false } - }, { - "id" : "c3848ff4-76b0-4f2d-afe9-7dfd77467fcb", - "name" : "group-organization-admin-ca.bc.gov-policy", - "description" : "Group '/organization-admin' / 'ca.bc.gov' Policy", - "type" : "group", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "groups" : "[{\"path\":\"/organization-admin/ca.bc.gov\",\"extendChildren\":false},{\"path\":\"/organization-admin\",\"extendChildren\":false}]" + ] + }, + { + "id": "c39815bc-7d19-48f6-b73b-d381979d61ea", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false } - }, { - "id" : "6f49c571-fbbb-4f86-a72a-c1591a446bb3", - "name" : "group-organization-admin-ca.bc.gov-ministry-of-health-policy", - "description" : "Group '/organization-admin/ca.bc.gov' / 'ministry-of-health' Policy", - "type" : "group", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "groups" : "[{\"path\":\"/organization-admin/ca.bc.gov/ministry-of-health\",\"extendChildren\":false},{\"path\":\"/organization-admin/ca.bc.gov\",\"extendChildren\":false},{\"path\":\"/organization-admin\",\"extendChildren\":false}]" + ] + }, + { + "id": "336eaf43-de45-482e-a794-37e8fdf77cbf", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false } - }, { - "id" : "99fdf1a9-d5ec-48c7-a2cd-1ddeb130b058", - "name" : "group-organization-admin-ca.bc.gov-ministry-of-health-planning-and-innovation-division-policy", - "description" : "Group '/organization-admin/ca.bc.gov/ministry-of-health' / 'planning-and-innovation-division' Policy", - "type" : "group", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "groups" : "[{\"path\":\"/organization-admin/ca.bc.gov/ministry-of-health/planning-and-innovation-division\",\"extendChildren\":false},{\"path\":\"/organization-admin\",\"extendChildren\":false},{\"path\":\"/organization-admin/ca.bc.gov\",\"extendChildren\":false},{\"path\":\"/organization-admin/ca.bc.gov/ministry-of-health\",\"extendChildren\":false}]" + ] + }, + { + "id": "a2197ac7-3f2b-4b86-8d43-b629569d6222", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true } - }, { - "id" : "31be7436-e9d8-42a3-b42e-69a1869a7eea", - "name" : "Default Permission", - "description" : "A permission that applies to the default resource type", - "type" : "resource", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "defaultResourceType" : "urn:gwa-api:resources:default", - "applyPolicies" : "[\"Default Policy\"]" + ] + }, + { + "id": "5cc863ed-3367-41a8-bffa-0c410e4fb00d", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false } - }, { - "id" : "65f0c0a4-e2ac-4364-800d-ebd4e11ce393", - "name" : "janis full access", - "type" : "scope", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "scopes" : "[\"GroupAccess.Manage\",\"Namespace.Assign\"]", - "applyPolicies" : "[\"janis\"]" + ] + }, + { + "id": "d89c94eb-1441-4875-9082-72d5867ba139", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true } - }, { - "id" : "854f0dfe-952d-48f8-9d53-d49b0b4ed122", - "name" : "Access to 'org/ca.bc.gov' services for role organization-admin", - "type" : "scope", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "resources" : "[\"org/ca.bc.gov\"]", - "scopes" : "[\"GroupAccess.Manage\"]", - "applyPolicies" : "[\"group-organization-admin-ca.bc.gov-policy\"]" + ] + }, + { + "id": "6eb37e8d-5b94-483b-ac62-d45c224f9c33", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true } - }, { - "id" : "3f934d3f-d231-48fc-9f5a-924da7808989", - "name" : "Access to 'org/ministry-of-health' services for role organization-admin", - "type" : "scope", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "resources" : "[\"org/ministry-of-health\"]", - "scopes" : "[\"Dataset.Manage\",\"GroupAccess.Manage\",\"Namespace.Assign\"]", - "applyPolicies" : "[\"group-organization-admin-ca.bc.gov-ministry-of-health-policy\"]" + ] + }, + { + "id": "4f39db74-1eb1-446b-aff8-247e39899452", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true } - }, { - "id" : "56a4857d-a0be-472c-85d0-2dca93a1fdac", - "name" : "Access to 'org/planning-and-innovation-division' services for role organization-admin", - "type" : "scope", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "resources" : "[\"org/planning-and-innovation-division\"]", - "scopes" : "[\"Dataset.Manage\",\"GroupAccess.Manage\",\"Namespace.Assign\"]", - "applyPolicies" : "[\"group-organization-admin-ca.bc.gov-ministry-of-health-planning-and-innovation-division-policy\"]" + ] + }, + { + "id": "1a1fa355-84a8-4b5c-ba2e-929b719f6707", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false } - }, { - "id" : "f2e764aa-c355-4e81-a5e6-e76ffb86041f", - "name" : "Access to 'platform' services for role organization-admin", - "type" : "scope", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "resources" : "[\"platform\"]", - "scopes" : "[\"Namespace.View\"]", - "applyPolicies" : "[\"group-organization-admin-ca.bc.gov-ministry-of-health-planning-and-innovation-division-policy\"]" + ] + }, + { + "id": "a40cb7dc-36d1-4c05-8c3b-3a69f971c4ed", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true } - } ], - "scopes" : [ { - "id" : "6871ce8b-5d5f-455b-86ff-7cf5940930eb", - "name" : "Namespace.Manage" - }, { - "id" : "0006d34f-1416-4ffb-ad1f-39ebf63f9556", - "name" : "Namespace.View" - }, { - "id" : "a4d424c9-7331-4715-96a9-ecfd1dd0cf2c", - "name" : "GatewayConfig.Publish" - }, { - "id" : "fd403d7f-1dfb-4673-8ab3-5e1ff7797b35", - "name" : "Access.Manage" - }, { - "id" : "0f98e35d-c2c3-4781-bf85-478bf06cfa24", - "name" : "Content.Publish" - }, { - "id" : "dfc132ca-aa87-40b5-bc33-3e972a88f638", - "name" : "CredentialIssuer.Admin" - }, { - "id" : "95893c25-6b83-4e59-9518-a25568d95542", - "name" : "GroupAccess.Manage", - "iconUri" : "", - "displayName" : "GroupAccess.Manage" - }, { - "id" : "b0b007b1-1ecb-4b3f-9f0c-41b3fa34754c", - "name" : "Dataset.Manage" - }, { - "id" : "f3bf8d43-54a4-4594-aeea-f61b99411f92", - "name" : "Namespace.Assign" - } ], - "decisionStrategy" : "AFFIRMATIVE" - } - }, { - "id" : "4e6525e9-647c-4c80-85d6-9c13890b0ab2", - "clientId" : "master-realm", - "name" : "master Realm", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "4bbc355d-7a87-4476-9593-7f9359dc8859", - "clientId" : "sa-platform1-e0000000-5be82156d61f", - "name" : "", - "description" : "", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "c01a7839-2679-4cdd-96c4-173223b49ee6", - "redirectUris" : [ "https://*" ], - "webOrigins" : [ "*" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.multivalued.roles" : "false", - "saml.force.post.binding" : "false", - "saml.encrypt" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false", - "exclude.session.state.from.auth.response" : "false", - "client_credentials.use_refresh_token" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "tls.client.certificate.bound.access.tokens" : "false", - "saml.authnstatement" : "false", - "display.on.consent.screen" : "false", - "saml.onetimeuse.condition" : "false" + ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "d5b56ac0-01af-4241-991e-1cd25edeb739", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientId", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientId", - "jsonType.label" : "String" - } - }, { - "id" : "8c119e4b-b308-41aa-be7b-91e1d299e499", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientHost", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" - } - }, { - "id" : "3ba852b4-71b8-4942-950b-80968346b0e2", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientAddress", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" - } - } ], - "defaultClientScopes" : [ ], - "optionalClientScopes" : [ ] - }, { - "id" : "25ee1923-6323-4c4c-ae70-178615ace3b2", - "clientId" : "sa-platform-e0000000-fa46551361b4", - "name" : "", - "description" : "", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "dc96e3d3-23cc-4345-aa5e-6f89b5d20c91", - "redirectUris" : [ "https://*" ], - "webOrigins" : [ "*" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.multivalued.roles" : "false", - "saml.force.post.binding" : "false", - "saml.encrypt" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false", - "exclude.session.state.from.auth.response" : "false", - "client_credentials.use_refresh_token" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "tls.client.certificate.bound.access.tokens" : "false", - "saml.authnstatement" : "false", - "display.on.consent.screen" : "false", - "saml.onetimeuse.condition" : "false" + { + "id": "d9895dae-28c7-49a4-8e5d-35189dcb388f", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "270af568-11bf-4208-bccd-58583e44f09c", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientAddress", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" - } - }, { - "id" : "9dda9072-1e47-43fd-a482-6830b252ca5b", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientHost", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" - } - }, { - "id" : "a35858ac-39ad-46bc-9227-e40698049c62", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientId", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientId", - "jsonType.label" : "String" - } - } ], - "defaultClientScopes" : [ ], - "optionalClientScopes" : [ ] - }, { - "id" : "5c797848-2f03-4085-a03a-e4f7c22d0050", - "clientId" : "security-admin-console", - "name" : "${client_security-admin-console}", - "rootUrl" : "${authAdminUrl}", - "baseUrl" : "/admin/master/console/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "**********", - "redirectUris" : [ "/admin/master/console/*" ], - "webOrigins" : [ "+" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "pkce.code.challenge.method" : "S256" + { + "id": "9e2bc038-a63a-409a-9f9e-d2ad7b5da71e", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "c5b453d6-73e5-40f2-bc65-375b571f7d6c", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" - } - } ], - "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - } ], - "clientScopes" : [ { - "id" : "f5d4d8e2-6e57-477a-83b0-88047af5285d", - "name" : "Content.Publish", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true" - } - }, { - "id" : "4f7a31ce-a48b-4816-baff-4dbc378d4a10", - "name" : "Namespace.Admin", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true" - } - }, { - "id" : "5c280525-34b7-4436-a567-ad5a75f0b093", - "name" : "Namespace.Create", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true" - } - }, { - "id" : "e78e5fd1-5ee2-4215-a5c3-a8581a19c716", - "name" : "address", - "description" : "OpenID Connect built-in scope: address", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${addressScopeConsentText}" + { + "id": "b5d3583a-e8bc-4d03-ba9f-631861b86e95", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] }, - "protocolMappers" : [ { - "id" : "b2a36609-2408-44fd-88ac-ef41fa62f5f4", - "name" : "address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-address-mapper", - "consentRequired" : false, - "config" : { - "user.attribute.formatted" : "formatted", - "user.attribute.country" : "country", - "user.attribute.postal_code" : "postal_code", - "userinfo.token.claim" : "true", - "user.attribute.street" : "street", - "id.token.claim" : "true", - "user.attribute.region" : "region", - "access.token.claim" : "true", - "user.attribute.locality" : "locality" - } - } ] - }, { - "id" : "89e870cc-7056-4bc0-8cf2-9c961ff4a62d", - "name" : "email", - "description" : "OpenID Connect built-in scope: email", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${emailScopeConsentText}" + { + "id": "e818aa51-f428-4be6-8825-d4390490c750", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] }, - "protocolMappers" : [ { - "id" : "7fb89890-a73f-4162-9ca3-e1539905ccb6", - "name" : "email verified", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "emailVerified", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email_verified", - "jsonType.label" : "boolean" - } - }, { - "id" : "9ec60f35-65c9-4ea2-ab0e-2fc2c462d892", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - } ] - }, { - "id" : "920764e0-6019-462b-bc25-f17a54562752", - "name" : "microprofile-jwt", - "description" : "Microprofile - JWT built-in scope", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "false" + { + "id": "41c90cc6-5164-45e4-a471-315cabf2a3ba", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "75cd103c-e44f-4f7a-be0a-1b0700f9b24b", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] }, - "protocolMappers" : [ { - "id" : "cd9090fd-faf4-450a-9144-3a9e04260095", - "name" : "groups", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-realm-role-mapper", - "consentRequired" : false, - "config" : { - "multivalued" : "true", - "userinfo.token.claim" : "true", - "user.attribute" : "foo", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "groups", - "jsonType.label" : "String" + { + "id": "c0408c68-5298-4a67-b19c-207dc2ffb6c8", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e9f7b9f2-95c8-425c-a29c-9c6976a684fe", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "09b0cc82-d8c2-401f-8ba1-8dac7f356908", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" } - }, { - "id" : "9ca3b431-06e3-43f0-9277-a6dec6ec1172", - "name" : "upn", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "upn", - "jsonType.label" : "String" + }, + { + "id": "5b5d858b-bbde-4545-9c59-4718a96a2333", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" } - } ] - }, { - "id" : "bb473906-0c39-4af1-aad9-d8788dc7559f", - "name" : "offline_access", - "description" : "OpenID Connect built-in scope: offline_access", - "protocol" : "openid-connect", - "attributes" : { - "consent.screen.text" : "${offlineAccessScopeConsentText}", - "display.on.consent.screen" : "true" } - }, { - "id" : "e5e16f12-1b4c-47e7-9599-99ff395f359c", - "name" : "phone", - "description" : "OpenID Connect built-in scope: phone", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${phoneScopeConsentText}" + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} }, - "protocolMappers" : [ { - "id" : "8d83aa08-43a9-49f5-b1dd-caa144e2cad5", - "name" : "phone number", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "phoneNumber", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "phone_number", - "jsonType.label" : "String" - } - }, { - "id" : "3886e58f-d64f-4851-80f3-ae7cc5c6ab13", - "name" : "phone number verified", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "phoneNumberVerified", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "phone_number_verified", - "jsonType.label" : "boolean" - } - } ] - }, { - "id" : "f33d0489-2a52-4066-9c38-e130c02665ee", - "name" : "profile", - "description" : "OpenID Connect built-in scope: profile", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${profileScopeConsentText}" + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} }, - "protocolMappers" : [ { - "id" : "1826e2b1-380a-4c65-a73e-3bb79f519550", - "name" : "website", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "website", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "website", - "jsonType.label" : "String" - } - }, { - "id" : "6ea0a08a-ab42-4b45-acfc-a05f5b452cb0", - "name" : "nickname", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "nickname", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "nickname", - "jsonType.label" : "String" - } - }, { - "id" : "78d97855-5557-4f10-9d20-74d8ea6bdfef", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : false, - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "22e60a23-914f-40bf-960d-e7a96655581d", - "name" : "picture", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "picture", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "picture", - "jsonType.label" : "String" - } - }, { - "id" : "e595c828-c815-4dff-bd8f-39b1eee5a3b3", - "name" : "birthdate", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "birthdate", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "birthdate", - "jsonType.label" : "String" - } - }, { - "id" : "cd91c70b-0856-4f5d-aeb6-9b5c3b48a966", - "name" : "zoneinfo", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "zoneinfo", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "zoneinfo", - "jsonType.label" : "String" - } - }, { - "id" : "4ce90553-d828-4146-92e0-ee1775c9ba28", - "name" : "updated at", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "updatedAt", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "updated_at", - "jsonType.label" : "String" - } - }, { - "id" : "43710808-227e-4171-a106-7576f933a32b", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "a814d5c0-bdcd-4f33-8cfd-228005f2ba94", - "name" : "gender", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "gender", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "gender", - "jsonType.label" : "String" - } - }, { - "id" : "df9e1465-617d-4a7b-a208-7354c6cbaada", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" - } - }, { - "id" : "fc508e60-a978-41f1-bea2-311673b4b0a8", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "8e4641a3-87d3-4958-8113-dcfa82f0ef54", - "name" : "middle name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "middleName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "middle_name", - "jsonType.label" : "String" - } - }, { - "id" : "ffc38939-9e10-4cf3-b4fc-65203e079a92", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "9364fe99-268a-4a74-88aa-a120a6897e78", - "name" : "profile", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "profile", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "profile", - "jsonType.label" : "String" - } - } ] - }, { - "id" : "b5a38584-219b-4618-a3a5-70814bed867e", - "name" : "role_list", - "description" : "SAML role list", - "protocol" : "saml", - "attributes" : { - "consent.screen.text" : "${samlRoleListScopeConsentText}", - "display.on.consent.screen" : "true" + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} }, - "protocolMappers" : [ { - "id" : "1a0a5251-1b3f-47b1-8cc1-07a285d6479f", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - } ] - }, { - "id" : "33bd4c0f-225f-43cb-8b6c-0bd4db702525", - "name" : "roles", - "description" : "OpenID Connect scope for add user roles to the access token", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "false", - "display.on.consent.screen" : "true", - "consent.screen.text" : "${rolesScopeConsentText}" + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} }, - "protocolMappers" : [ { - "id" : "e276a79b-99cc-4f10-8d26-0e10ce245fdb", - "name" : "client roles", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-client-role-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "foo", - "access.token.claim" : "true", - "claim.name" : "resource_access.${client_id}.roles", - "jsonType.label" : "String", - "multivalued" : "true" - } - }, { - "id" : "b64cc3a2-8ed8-4dee-a13a-fef5588a5949", - "name" : "realm roles", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-realm-role-mapper", - "consentRequired" : false, - "config" : { - "user.attribute" : "foo", - "access.token.claim" : "true", - "claim.name" : "realm_access.roles", - "jsonType.label" : "String", - "multivalued" : "true" - } - }, { - "id" : "c9828318-6d78-4aba-94ea-405f12fce589", - "name" : "audience resolve", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-audience-resolve-mapper", - "consentRequired" : false, - "config" : { } - } ] - }, { - "id" : "0bfddcf3-017d-44b6-8447-297c565d5d2d", - "name" : "web-origins", - "description" : "OpenID Connect scope for add allowed web origins to the access token", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "false", - "display.on.consent.screen" : "false", - "consent.screen.text" : "" + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} }, - "protocolMappers" : [ { - "id" : "28867dcd-803d-47a5-be90-51be8a331527", - "name" : "allowed web origins", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-allowed-origins-mapper", - "consentRequired" : false, - "config" : { } - } ] - }, { - "id" : "e28fac82-4db1-4900-8096-74706a71f7f3", - "name" : "System.Write", - "protocol" : "openid-connect", - "attributes" : { - "include.in.token.scope" : "true", - "display.on.consent.screen" : "true" + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} } - } ], - "defaultDefaultClientScopes" : [ "web-origins", "roles", "Namespace.Admin", "Namespace.Create", "email", "role_list", "profile" ], - "defaultOptionalClientScopes" : [ "microprofile-jwt", "offline_access", "phone", "address" ], - "browserSecurityHeaders" : { - "contentSecurityPolicyReportOnly" : "", - "xContentTypeOptions" : "nosniff", - "xRobotsTag" : "none", - "xFrameOptions" : "SAMEORIGIN", - "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", - "xXSSProtection" : "1; mode=block", - "strictTransportSecurity" : "max-age=31536000; includeSubDomains" - }, - "smtpServer" : { }, - "eventsEnabled" : false, - "eventsListeners" : [ "jboss-logging" ], - "enabledEventTypes" : [ ], - "adminEventsEnabled" : false, - "adminEventsDetailsEnabled" : false, - "components" : { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { - "id" : "d7699c96-1cc0-46fe-b0fe-c72c7f7d1804", - "name" : "Consent Required", - "providerId" : "consent-required", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "522f0c4c-8dfe-4421-b573-0e5723319dac", - "name" : "Allowed Client Scopes", - "providerId" : "allowed-client-templates", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allow-default-scopes" : [ "true" ] - } - }, { - "id" : "2502109c-1319-4bcd-bf94-a5225239c42b", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "oidc-address-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper" ] - } - }, { - "id" : "013bd2ad-80e7-40fe-ba41-b90642d536cd", - "name" : "Trusted Hosts", - "providerId" : "trusted-hosts", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "host-sending-registration-request-must-match" : [ "true" ], - "client-uris-must-match" : [ "true" ] - } - }, { - "id" : "c0bcf5a2-ef5f-4f03-95c7-ea15f27c8cd7", - "name" : "Allowed Client Scopes", - "providerId" : "allowed-client-templates", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allow-default-scopes" : [ "true" ] - } - }, { - "id" : "1157f7fe-a055-4ec3-8af8-3f809fd2fec0", - "name" : "Full Scope Disabled", - "providerId" : "scope", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "650e6c8f-8a93-4096-9d37-1aecfe000e49", - "name" : "Max Clients Limit", - "providerId" : "max-clients", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "max-clients" : [ "200" ] - } - }, { - "id" : "93e21f15-c390-475a-865a-3f8125b1ccc9", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-full-name-mapper", "oidc-audience-mapper" ] - } - } ], - "org.keycloak.keys.KeyProvider" : [ { - "id" : "2b0c7bcb-c441-4694-8639-7175a1956655", - "name" : "hmac-generated", - "providerId" : "hmac-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "1b23b32b-bb69-4a9a-b20d-770d009ffb67" ], - "active" : [ "true" ], - "secretSize" : [ "64" ], - "secret" : [ "FqB7weAN-07obv1h7cltkFANraOPiK3BN-x1fBR7BY3yF_tOVVy0faPtS24pbPB5VJMXrvZBVy4MvQbhPGOn-A" ], - "priority" : [ "100" ], - "enabled" : [ "true" ], - "algorithm" : [ "HS256" ] - } - }, { - "id" : "82953e3c-d927-4f6f-8b57-3b5c7b8903d6", - "name" : "rsa-generated", - "providerId" : "rsa-generated", - "subComponents" : { }, - "config" : { - "privateKey" : [ "MIIEpAIBAAKCAQEAtE+K9HXgyAM2I3gmzReAKg3ukb0LgHI00kBz79cTLX+aXjAMl5n3cajJZuVBPj+Cyy4fm4vB7tHMTcY5StOMcQv95DZvmonQkweU87quqfETLTp6607tUfUdRib5W/euaKqVbCi09xwSftBeHHCcvotFTz/IjnZ6Ul/qZcDzXgoLEiaZrKz3iSFsnuJEWiozFP+hPZNESfRz/jqd7PcD++SO1iLtMjB5BPvlB7cFWDaWww+nUPbnsqsLZzwdAzhAjYe17x2AafffkZUUp1rf5VXEz8bzAoMpRZDswhG+v1jUPg638b3LFakV6PhRTvLnoKRpPvdzLmRguXtxufrQDwIDAQABAoIBAG0CLcrPPR8OuftFl4ekbop+M74OIVb9NKvr5WuZhnGaVHQe7m302mDvnxtC/Geqs+MsNlWub4d3dOGMNnTjYmOx0UPYGS6/pMZO7iFPumrpYSOV2FxMMjO7UYBo7ZZJLjr+7ikejxFZ+mCKjmr5NfoIbtWThSeDvz3v2OC9fyRZPE/AAqsy9Gkhukxnsi4nJOBK89nLeZS1nbGPzJxu9jiNm2snWI56N7orrVW5KBR/ynaFMN5CepYqgzK5uXv9dkzjBgiQbPlXk9c+LIWrrjXFxjftJTiop6C938B1MlfamkUsoQLwG1Uh8SQNgBExFUOeegouOJthbjhhVdPe/QkCgYEA/7Y5B2Sm0S+DXfoWyHS26ZQ2fDu9WweLbnGL9KrKd4T7u5Ubu9+qTu1aU2m7RxRya9yHzzVXSiTEKPoTPCjC9CIGA3YtQxze2zf7un+RfdN0Ty9pBZiKbAavsX5+KyIliC6FQy0O48eWR7LMsVSFJGGIeYPTjgY3U34uLsN55RUCgYEAtIOQxc1AFw/wcQIsJYEZWmwUIEd49s6x6iCBXez1sfZLJVHL5mE7NNxT0vuSKwxMK4gddSoRjBDqWGgge93HlIz+N+Ln656zCdLlOlDGe5a3jvtxIRKak/mp+nmk8G+FGGlAatPIRmZQbk0hIzh0m88k8hJ7NqRXTDeDDmzmcZMCgYEAgpvOcSpF0l7UWHHepTCIJLIhSj8xLoeh/h1dAPEjTPzNnzg/3CwXzwyIsEY2881LzC/t5jY2iZZR4yQoIvgm649dRvNblwXuBkaH+vAhngUdSTzMBaGuQhMANkaHpvxf8zjftDoVet58sc5voruq7bQrgvWEXuxp4el3KUeKwSkCgYAmOa4QlPQ7bf6mj6U1k+8AfN6OL1RoP0DhqVx7vVASDWvATV/2OyTEftupU+iSARqoJTzHsM7icDqP2gz27fHzfR/gScZ+2K5lKCmufahqR3I7bvd3326oYzgheFz7JUJz9uXTOWGxtrzVfrPDt5LJ48WZFVzOJ2LtGtw/08PAzQKBgQDy/mQxGSxIImcBcjdHDP7kb5T3M69PWN/VER1AMvkU+60uQTfZ7sXsJhWQn6XgzHF9ZhpTJeeliNn9dcTFOt9sWEoLspxZNz/RoKeW2P6p1krjrz74XDOgce63AaXufAFIGUDrJhCcIbyvalEvVQyDnnWe/dHl4us/DX+/+GWjVQ==" ], - "keySize" : [ "2048" ], - "certificate" : [ "MIICmzCCAYMCBgF6AmA7pTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjEwNjEyMjIzNjM5WhcNMzEwNjEyMjIzODE5WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0T4r0deDIAzYjeCbNF4AqDe6RvQuAcjTSQHPv1xMtf5peMAyXmfdxqMlm5UE+P4LLLh+bi8Hu0cxNxjlK04xxC/3kNm+aidCTB5Tzuq6p8RMtOnrrTu1R9R1GJvlb965oqpVsKLT3HBJ+0F4ccJy+i0VPP8iOdnpSX+plwPNeCgsSJpmsrPeJIWye4kRaKjMU/6E9k0RJ9HP+Op3s9wP75I7WIu0yMHkE++UHtwVYNpbDD6dQ9ueyqwtnPB0DOECNh7XvHYBp99+RlRSnWt/lVcTPxvMCgylFkOzCEb6/WNQ+DrfxvcsVqRXo+FFO8uegpGk+93MuZGC5e3G5+tAPAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD25ZjxPFys+OAoSmgRuk4KwpTG4cLm3vEwUjD60+gvYJk3bFUgxErNv+Ax69PN4OZwMh9fdnVHRx0haVno0ULUBintRP/P0ond1mw7HB1v/i9EMpRiVoMEL8y3wV363XVw6mDrYI8Pp0OihJBKo5I1EWgaLAl+lu9YS6f3VXaASgqx1AaV6qZiXM95FOeYkjpx30cbIR6uhRAfBHz10PO//RhTCnBrjasU921qFSMH3EuvRZET0jB68FLF7uRFK+goSVrw9O+TcK6Cbh4I4GZX66ZBRW6MTTIzYNsSuSMUlGFujGcVi5+1JmJgJg76coIo7NIR68KPKyh+47Mvy9bI=" ], - "active" : [ "true" ], - "priority" : [ "100" ], - "enabled" : [ "true" ], - "algorithm" : [ "RS256" ] - } - }, { - "id" : "4ac9540a-c5b7-48b0-b3e1-1a7887ed5414", - "name" : "aes-generated", - "providerId" : "aes-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "8fc9ebb4-d633-4fbc-a940-43414dbb6841" ], - "active" : [ "true" ], - "secretSize" : [ "16" ], - "secret" : [ "mwpmhvHuQq_qLZAKhngrjg" ], - "priority" : [ "100" ], - "enabled" : [ "true" ] - } - } ] + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" }, - "internationalizationEnabled" : false, - "supportedLocales" : [ ], - "authenticationFlows" : [ { - "id" : "eaea4ea5-9672-4d18-be59-684a670dbdfd", - "alias" : "Account verification options", - "description" : "Method with which to verity the existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-email-verification", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 20, - "flowAlias" : "Verify Existing Account by Re-authentication", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "f3b7e531-0657-457e-bcb6-bb20db1e6a0c", - "alias" : "Authentication Options", - "description" : "Authentication options.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "basic-auth", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "basic-auth-otp", - "requirement" : "DISABLED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-spnego", - "requirement" : "DISABLED", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "fc933835-b5db-4779-b6ee-72fadd8cbc32", - "alias" : "Browser - Conditional OTP", - "description" : "Flow to determine if the OTP is required for the authentication", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "c39815bc-7d19-48f6-b73b-d381979d61ea", - "alias" : "Direct Grant - Conditional OTP", - "description" : "Flow to determine if the OTP is required for the authentication", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-otp", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "336eaf43-de45-482e-a794-37e8fdf77cbf", - "alias" : "First broker login - Conditional OTP", - "description" : "Flow to determine if the OTP is required for the authentication", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "a2197ac7-3f2b-4b86-8d43-b629569d6222", - "alias" : "Handle Existing Account", - "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-confirm-link", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "REQUIRED", - "priority" : 20, - "flowAlias" : "Account verification options", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "5cc863ed-3367-41a8-bffa-0c410e4fb00d", - "alias" : "Reset - Conditional OTP", - "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "conditional-user-configured", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-otp", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "d89c94eb-1441-4875-9082-72d5867ba139", - "alias" : "User creation or linking", - "description" : "Flow for the existing/non-existing user alternatives", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "create unique user config", - "authenticator" : "idp-create-user-if-unique", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 20, - "flowAlias" : "Handle Existing Account", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "6eb37e8d-5b94-483b-ac62-d45c224f9c33", - "alias" : "Verify Existing Account by Re-authentication", - "description" : "Reauthentication of existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "CONDITIONAL", - "priority" : 20, - "flowAlias" : "First broker login - Conditional OTP", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "4f39db74-1eb1-446b-aff8-247e39899452", - "alias" : "browser", - "description" : "browser based authentication", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-cookie", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-spnego", - "requirement" : "DISABLED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "identity-provider-redirector", - "requirement" : "ALTERNATIVE", - "priority" : 25, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "forms", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "1a1fa355-84a8-4b5c-ba2e-929b719f6707", - "alias" : "clients", - "description" : "Base authentication for clients", - "providerId" : "client-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "client-secret", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "client-jwt", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "client-secret-jwt", - "requirement" : "ALTERNATIVE", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "client-x509", - "requirement" : "ALTERNATIVE", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "a40cb7dc-36d1-4c05-8c3b-3a69f971c4ed", - "alias" : "direct grant", - "description" : "OpenID Connect Resource Owner Grant", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "direct-grant-validate-username", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-password", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "CONDITIONAL", - "priority" : 30, - "flowAlias" : "Direct Grant - Conditional OTP", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "d9895dae-28c7-49a4-8e5d-35189dcb388f", - "alias" : "docker auth", - "description" : "Used by Docker clients to authenticate against the IDP", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "docker-http-basic-authenticator", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "9e2bc038-a63a-409a-9f9e-d2ad7b5da71e", - "alias" : "first broker login", - "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "review profile config", - "authenticator" : "idp-review-profile", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "REQUIRED", - "priority" : 20, - "flowAlias" : "User creation or linking", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "b5d3583a-e8bc-4d03-ba9f-631861b86e95", - "alias" : "forms", - "description" : "Username, password, otp and other auth forms.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "CONDITIONAL", - "priority" : 20, - "flowAlias" : "Browser - Conditional OTP", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "e818aa51-f428-4be6-8825-d4390490c750", - "alias" : "http challenge", - "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "no-cookie-redirect", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "REQUIRED", - "priority" : 20, - "flowAlias" : "Authentication Options", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "41c90cc6-5164-45e4-a471-315cabf2a3ba", - "alias" : "registration", - "description" : "registration flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-page-form", - "requirement" : "REQUIRED", - "priority" : 10, - "flowAlias" : "registration form", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "75cd103c-e44f-4f7a-be0a-1b0700f9b24b", - "alias" : "registration form", - "description" : "registration form", - "providerId" : "form-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-user-creation", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-profile-action", - "requirement" : "REQUIRED", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-password-action", - "requirement" : "REQUIRED", - "priority" : 50, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-recaptcha-action", - "requirement" : "DISABLED", - "priority" : 60, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "c0408c68-5298-4a67-b19c-207dc2ffb6c8", - "alias" : "reset credentials", - "description" : "Reset credentials for a user if they forgot their password or something", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "reset-credentials-choose-user", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-credential-email", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-password", - "requirement" : "REQUIRED", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "CONDITIONAL", - "priority" : 40, - "flowAlias" : "Reset - Conditional OTP", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "e9f7b9f2-95c8-425c-a29c-9c6976a684fe", - "alias" : "saml ecp", - "description" : "SAML ECP Profile Authentication Flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "http-basic-authenticator", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - } ], - "authenticatorConfig" : [ { - "id" : "09b0cc82-d8c2-401f-8ba1-8dac7f356908", - "alias" : "create unique user config", - "config" : { - "require.password.update.after.registration" : "false" - } - }, { - "id" : "5b5d858b-bbde-4545-9c59-4718a96a2333", - "alias" : "review profile config", - "config" : { - "update.profile.on.first.login" : "missing" - } - } ], - "requiredActions" : [ { - "alias" : "CONFIGURE_TOTP", - "name" : "Configure OTP", - "providerId" : "CONFIGURE_TOTP", - "enabled" : true, - "defaultAction" : false, - "priority" : 10, - "config" : { } - }, { - "alias" : "terms_and_conditions", - "name" : "Terms and Conditions", - "providerId" : "terms_and_conditions", - "enabled" : false, - "defaultAction" : false, - "priority" : 20, - "config" : { } - }, { - "alias" : "UPDATE_PASSWORD", - "name" : "Update Password", - "providerId" : "UPDATE_PASSWORD", - "enabled" : true, - "defaultAction" : false, - "priority" : 30, - "config" : { } - }, { - "alias" : "UPDATE_PROFILE", - "name" : "Update Profile", - "providerId" : "UPDATE_PROFILE", - "enabled" : true, - "defaultAction" : false, - "priority" : 40, - "config" : { } - }, { - "alias" : "VERIFY_EMAIL", - "name" : "Verify Email", - "providerId" : "VERIFY_EMAIL", - "enabled" : true, - "defaultAction" : false, - "priority" : 50, - "config" : { } - }, { - "alias" : "update_user_locale", - "name" : "Update User Locale", - "providerId" : "update_user_locale", - "enabled" : true, - "defaultAction" : false, - "priority" : 1000, - "config" : { } - } ], - "browserFlow" : "browser", - "registrationFlow" : "registration", - "directGrantFlow" : "direct grant", - "resetCredentialsFlow" : "reset credentials", - "clientAuthenticationFlow" : "clients", - "dockerAuthenticationFlow" : "docker auth", - "attributes" : { - "clientOfflineSessionMaxLifespan" : "0", - "clientSessionIdleTimeout" : "0", - "clientSessionMaxLifespan" : "0", - "clientOfflineSessionIdleTimeout" : "0" + "keycloakVersion": "15.1.1", + "userManagedAccessAllowed": true, + "clientProfiles": { + "profiles": [] }, - "keycloakVersion" : "11.0.3", - "userManagedAccessAllowed" : true + "clientPolicies": { + "policies": [] + } } diff --git a/local/oauth2-proxy/oauth2-proxy-local.cfg b/local/oauth2-proxy/oauth2-proxy-local.cfg index 2c7281267..427904629 100644 --- a/local/oauth2-proxy/oauth2-proxy-local.cfg +++ b/local/oauth2-proxy/oauth2-proxy-local.cfg @@ -6,12 +6,12 @@ insecure_oidc_allow_unverified_email="true" client_id="aps-portal" client_secret="8e1a17ed-cb93-4806-ac32-e303d1c86018" scope="openid" -oidc_issuer_url="http://keycloak.localtest.me:9080/auth/realms/master" -login_url="http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/auth" -redeem_url="http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/token" -validate_url="http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/userinfo" +oidc_issuer_url="http://keycloak.localtest.me:9081/auth/realms/master" +login_url="http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/auth" +redeem_url="http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/token" +validate_url="http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/userinfo" redirect_url="http://oauth2proxy.localtest.me:4180/oauth2/callback" -profile_url="http://keycloak.localtest.me:9080/auth/realms/master/protocol/openid-connect/userinfo" +profile_url="http://keycloak.localtest.me:9081/auth/realms/master/protocol/openid-connect/userinfo" cookie_secure="false" cookie_refresh="3m" cookie_expire="24h" @@ -22,7 +22,7 @@ skip_jwt_bearer_tokens="false" set_authorization_header="false" pass_authorization_header="false" skip_auth_regex="/login|/health|/public|/docs|/redirect|/_next|/images|/devportal|/manager|/about|/maintenance|/admin/session|/ds/api|/gw/api|/feed/|/signout|^[/]$" -whitelist_domains="keycloak.localtest.me:9080" +whitelist_domains="keycloak.localtest.me:9081" upstreams=["http://apsportal.localtest.me:3000"] skip_provider_button='true' redis_connection_url="redis://redis-master:6379" diff --git a/src/batch/data-rules.js b/src/batch/data-rules.js index 241e38969..38f8bb7ef 100644 --- a/src/batch/data-rules.js +++ b/src/batch/data-rules.js @@ -429,6 +429,7 @@ const metadata = { type: 'enum', values: [ 'public', + 'protected-externally', 'authorization-code', 'client-credentials', 'kong-acl-only', diff --git a/src/controllers/v2/openapi.yaml b/src/controllers/v2/openapi.yaml index 306e8d3ac..06cbe5a6a 100644 --- a/src/controllers/v2/openapi.yaml +++ b/src/controllers/v2/openapi.yaml @@ -578,6 +578,7 @@ components: type: string enum: - public + - protected-externally - authorization-code - client-credentials - kong-acl-only diff --git a/src/controllers/v2/routes.ts b/src/controllers/v2/routes.ts index 9f05c5aee..46048762e 100644 --- a/src/controllers/v2/routes.ts +++ b/src/controllers/v2/routes.ts @@ -379,7 +379,7 @@ const models: TsoaRoute.Models = { "name": {"dataType":"union","subSchemas":[{"dataType":"enum","enums":["dev"]},{"dataType":"enum","enums":["test"]},{"dataType":"enum","enums":["prod"]},{"dataType":"enum","enums":["sandbox"]},{"dataType":"enum","enums":["other"]}]}, "active": {"dataType":"boolean"}, "approval": {"dataType":"boolean"}, - "flow": {"dataType":"union","subSchemas":[{"dataType":"enum","enums":["public"]},{"dataType":"enum","enums":["authorization-code"]},{"dataType":"enum","enums":["client-credentials"]},{"dataType":"enum","enums":["kong-acl-only"]},{"dataType":"enum","enums":["kong-api-key-only"]},{"dataType":"enum","enums":["kong-api-key-acl"]}]}, + "flow": {"dataType":"union","subSchemas":[{"dataType":"enum","enums":["public"]},{"dataType":"enum","enums":["protected-externally"]},{"dataType":"enum","enums":["authorization-code"]},{"dataType":"enum","enums":["client-credentials"]},{"dataType":"enum","enums":["kong-acl-only"]},{"dataType":"enum","enums":["kong-api-key-only"]},{"dataType":"enum","enums":["kong-api-key-acl"]}]}, "additionalDetailsToRequest": {"dataType":"string"}, "services": {"dataType":"array","array":{"dataType":"refAlias","ref":"GatewayServiceRefID"}}, "legal": {"ref":"LegalRefID"}, diff --git a/src/controllers/v2/types.ts b/src/controllers/v2/types.ts index 366bbdbfb..e8a3b9bdc 100644 --- a/src/controllers/v2/types.ts +++ b/src/controllers/v2/types.ts @@ -299,7 +299,7 @@ export interface Environment { name?: "dev" | "test" | "prod" | "sandbox" | "other"; active?: boolean; approval?: boolean; - flow?: "public" | "authorization-code" | "client-credentials" | "kong-acl-only" | "kong-api-key-only" | "kong-api-key-acl"; + flow?: "public" | "protected-externally" | "authorization-code" | "client-credentials" | "kong-acl-only" | "kong-api-key-only" | "kong-api-key-acl"; additionalDetailsToRequest?: string; services?: GatewayServiceRefID[]; legal?: LegalRefID; diff --git a/src/lists/Environment.js b/src/lists/Environment.js index 7e16dea28..7f2f4052a 100644 --- a/src/lists/Environment.js +++ b/src/lists/Environment.js @@ -51,6 +51,7 @@ module.exports = { defaultValue: 'public', options: [ { value: 'public', label: 'Public' }, + { value: 'protected-externally', label: 'Protected Externally' }, { value: 'authorization-code', label: 'Oauth2 Authorization Code Flow', diff --git a/src/mocks/index.js b/src/mocks/index.js index c96fcc1a6..72afafb9a 100644 --- a/src/mocks/index.js +++ b/src/mocks/index.js @@ -1,5 +1,8 @@ /*eslint-disable */ -if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') { +if ( + process.env.NEXT_PUBLIC_MOCKS === 'on' && + (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') +) { if (typeof window === 'undefined') { const { server } = require('./server'); server.listen(); diff --git a/src/nextapp/components/access-request-form/access-request-form.tsx b/src/nextapp/components/access-request-form/access-request-form.tsx index ff6083e46..85ab40dc4 100644 --- a/src/nextapp/components/access-request-form/access-request-form.tsx +++ b/src/nextapp/components/access-request-form/access-request-form.tsx @@ -100,7 +100,9 @@ const AccessRequestForm: React.FC = ({ {dataset?.environments .filter((e) => e.active || preview) - .filter((e) => e.flow !== 'public') + .filter( + (e) => e.flow !== 'public' && e.flow !== 'protected-externally' + ) .map((e) => ( = ({ id, preview, }) => { - const isProtected = data.environments.some((e) => e.flow !== 'public'); + const isPublic = data.environments.some((e) => e.flow === 'public'); + const isGatewayProtected = data.environments.some( + (e) => e.flow !== 'public' && e.flow !== 'protected-externally' + ); const isTiered = data.environments.some((e) => e.anonymous); return ( @@ -49,7 +52,7 @@ const ApiProductItem: React.FC = ({ @@ -63,7 +66,7 @@ const ApiProductItem: React.FC = ({ )} - {!isTiered && isProtected && ( + {!isTiered && isGatewayProtected && ( = ({ if (flow === 'client-credentials' || flow === 'authorization-code') { return !credentialIssuer; } - return flow === 'public'; + return flow === 'public' || flow === 'protected-externally'; }, [flow, credentialIssuer]); const { data, isSuccess } = useCurrentNamespace(); @@ -182,4 +182,5 @@ const flowTypes: { value: string; label: string }[] = [ { value: 'kong-acl-only', label: 'Kong ACL Only' }, { value: 'kong-api-key-only', label: 'Kong API Key Only' }, { value: 'kong-api-key-acl', label: 'Kong API Key with ACL Flow' }, + { value: 'protected-externally', label: 'Protected Externally' }, ]; diff --git a/src/nextapp/components/environments-list/edit-environment.tsx b/src/nextapp/components/environments-list/edit-environment.tsx index 5f57ea927..485272580 100644 --- a/src/nextapp/components/environments-list/edit-environment.tsx +++ b/src/nextapp/components/environments-list/edit-environment.tsx @@ -36,6 +36,7 @@ const EditEnvironment: React.FC = ({ data }) => { { value: 'kong-acl-only', label: 'Kong ACL Only' }, { value: 'kong-api-key-only', label: 'Kong API Key Only' }, { value: 'kong-api-key-acl', label: 'Kong API Key with ACL Flow' }, + { value: 'protected-externally', label: 'Protected Externally' }, ]; return ( diff --git a/src/nextapp/shared/services/utils.ts b/src/nextapp/shared/services/utils.ts index 3af440537..98dd2741f 100644 --- a/src/nextapp/shared/services/utils.ts +++ b/src/nextapp/shared/services/utils.ts @@ -28,6 +28,8 @@ export const getAuthToken = (method: string): IconType => { return FaLock; case 'client-credentials': return FaLock; + case 'protected-externally': + return FaLock; // case 'private': // return FaUserSecret; case 'public': @@ -39,6 +41,7 @@ export const getAuthToken = (method: string): IconType => { export const getFlowText = (key: string): string => { const dict = { public: 'Public', + 'protected-externally': 'Protected Externally', 'authorization-code': 'OAuth2 Authorization Code Flow', 'client-credentials': 'OAuth2 Client Credentials Flow', 'kong-acl-only': 'Kong ACL Only', diff --git a/src/package.json b/src/package.json index d8f6d2ba5..b2d695cde 100644 --- a/src/package.json +++ b/src/package.json @@ -34,7 +34,7 @@ "x-prestart": "npm run build", "x-dev": "nodemon", "batch": "cross-env NODE_ENV=development node dist/server-batch.js", - "dev": "cross-env NODE_ENV=development NODE_OPTIONS='--openssl-legacy-provider --no-experimental-fetch' npm-run-all delete-assets copy-assets tsoa-gen-types tsoa-build-v1 tsoa-build-v2 ts-build ks-dev", + "dev": "cross-env NODE_ENV=development NODE_OPTIONS='--openssl-legacy-provider --no-experimental-fetch --dns-result-order=ipv4first' npm-run-all delete-assets copy-assets tsoa-gen-types tsoa-build-v1 tsoa-build-v2 ts-build ks-dev", "ks-dev": "cross-env NODE_ENV=development DISABLE_LOGGING=true keystone dev --entry=dist/server.js", "dev2": "cross-env NODE_ENV=development DISABLE_LOGGING=true keystone --entry=dist/index.js", "mock-server": "nodemon ./test/mock-server/server.js", diff --git a/src/server.ts b/src/server.ts index 749847e3e..e2b5222ac 100644 --- a/src/server.ts +++ b/src/server.ts @@ -91,14 +91,15 @@ const state = { connected: false }; const keystone = new Keystone({ onConnect(keystone: any) { - if (process.env.NODE_ENV === 'development') { - generateTypes(); - } if (process.env.CREATE_TABLES !== 'true') { initialiseData(keystone); } console.log('CONNECTED!'); state.connected = true; + + if (process.env.NODE_ENV === 'development') { + setTimeout(() => generateTypes, 2000); + } }, adapter: adapter == 'knex' diff --git a/src/services/workflow/validate-active-environment.ts b/src/services/workflow/validate-active-environment.ts index 77c28f30a..1476feeee 100644 --- a/src/services/workflow/validate-active-environment.ts +++ b/src/services/workflow/validate-active-environment.ts @@ -218,7 +218,7 @@ export const ValidateActiveEnvironment = async ( '] missing or incomplete oidc plugin.' ); } - } else if (flow == 'public') { + } else if (flow == 'public' || flow == 'protected-externally') { } else { addValidationError( 'Unexpected error when trying to validate the environment.' From 687c156ece370c15ab8e58cdceeae8c857c2cb94 Mon Sep 17 00:00:00 2001 From: Russell Vinegar <38586679+rustyjux@users.noreply.github.com> Date: Thu, 15 Feb 2024 09:30:41 -0800 Subject: [PATCH 05/13] Cypress/protected externally (#989) Co-authored-by: ikethecoder Co-authored-by: Niraj Patel --- e2e/cypress/fixtures/apiowner.json | 32 +++++++ e2e/cypress/pageObjects/apiDirectory.ts | 6 ++ .../07-kong-public-auth.ts | 2 +- .../08-protected-externally.ts | 95 +++++++++++++++++++ .../api-product-item/api-product-item.tsx | 2 + 5 files changed, 136 insertions(+), 1 deletion(-) create mode 100644 e2e/cypress/tests/09-update-product-env/08-protected-externally.ts diff --git a/e2e/cypress/fixtures/apiowner.json b/e2e/cypress/fixtures/apiowner.json index f69467d0a..f78c2ef56 100644 --- a/e2e/cypress/fixtures/apiowner.json +++ b/e2e/cypress/fixtures/apiowner.json @@ -279,6 +279,38 @@ } } }, + "protectedExternally": { + "protectedExternally_initial": { + "product": { + "name": "New-Auto Test Product", + "orgName": "Ministry of Health", + "orgUnitName": "Planning and Innovation Division", + "environment": { + "name": "test", + "config": { + "terms": "Terms of Use for API Gateway", + "authorization": "Public", + "optionalInstructions": "This is a automation test" + } + } + } + }, + "protectedExternally_external": { + "product": { + "name": "New-Auto Test Product", + "orgName": "Ministry of Health", + "orgUnitName": "Planning and Innovation Division", + "environment": { + "name": "test", + "config": { + "terms": "Terms of Use for API Gateway", + "authorization": "Protected Externally", + "optionalInstructions": "This is a automation test" + } + } + } + } + }, "namespacePreview": { "namespace": "gw-07034", "serviceAccount": { diff --git a/e2e/cypress/pageObjects/apiDirectory.ts b/e2e/cypress/pageObjects/apiDirectory.ts index b7825311b..0aba56503 100644 --- a/e2e/cypress/pageObjects/apiDirectory.ts +++ b/e2e/cypress/pageObjects/apiDirectory.ts @@ -106,6 +106,12 @@ class ApiDirectoryPage { }) } + checkProductIcon(productName: string, expectedIcon: string) { + const pname: string = productName.toLowerCase().replaceAll(' ', '-') + var ele: string = `[data-testid=product-icon-${pname}-${expectedIcon}]` + cy.get(ele).should('exist') + } + addOrganizationAndOrgUnit(product: any) { cy.contains('button', 'Add Organization').click({ force: true }) cy.get(this.orgDropDown).select(product.orgName) diff --git a/e2e/cypress/tests/09-update-product-env/07-kong-public-auth.ts b/e2e/cypress/tests/09-update-product-env/07-kong-public-auth.ts index 1f448d46d..4db1d8d33 100644 --- a/e2e/cypress/tests/09-update-product-env/07-kong-public-auth.ts +++ b/e2e/cypress/tests/09-update-product-env/07-kong-public-auth.ts @@ -60,7 +60,7 @@ describe('Verify for Kong Public Auth', () => { }) }) - it('Update the authorization scope from Kong ACL-API to Client Credential', () => { + it('Update the authorization scope from Kong ACL-API to Public', () => { cy.visit(pd.path) cy.get('@apiowner').then(({ clientCredentials }: any) => { let product = clientCredentials.clientIdSecret_publicProfile.product diff --git a/e2e/cypress/tests/09-update-product-env/08-protected-externally.ts b/e2e/cypress/tests/09-update-product-env/08-protected-externally.ts new file mode 100644 index 000000000..ff84052df --- /dev/null +++ b/e2e/cypress/tests/09-update-product-env/08-protected-externally.ts @@ -0,0 +1,95 @@ +import ApiDirectoryPage from '../../pageObjects/apiDirectory' +import HomePage from '../../pageObjects/home' +import LoginPage from '../../pageObjects/login' +import Products from '../../pageObjects/products' + +describe('Verify Protected Externally Auth', () => { + const login = new LoginPage() + const apiDir = new ApiDirectoryPage() + var nameSpace: string + let userSession: string + const home = new HomePage() + const pd = new Products() + + before(() => { + cy.visit('/') + cy.deleteAllCookies() + cy.reload() + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('apiowner').as('apiowner') + cy.fixture('state/regen').as('regen') + cy.fixture('common-testdata').as('common-testdata') + cy.visit(login.path) + }) + + it('Authenticates api owner', () => { + cy.get('@apiowner').then(({ user }: any) => { + cy.login(user.credentials.username, user.credentials.password) + }) + }) + it('Activates the namespace', () => { + cy.getUserSession().then(() => { + cy.get('@common-testdata').then(({ clientCredentials }: any) => { + nameSpace = clientCredentials.namespace + home.useNamespace(clientCredentials.namespace) + cy.get('@login').then(function (xhr: any) { + userSession = xhr.response.headers['x-auth-request-access-token'] + }) + }) + }) + }) + + it('Creates a new product in the directory', () => { + cy.visit(pd.path) + cy.get('@apiowner').then(({ protectedExternally }: any) => { + pd.createNewProduct( + protectedExternally.protectedExternally_initial.product.name, + protectedExternally.protectedExternally_initial.product.environment.name + ) + }) + }) + + it('Assign a dataset to the product', () => { + cy.visit(pd.path) + cy.get('@apiowner').then(({ protectedExternally }: any) => { + let product = protectedExternally.protectedExternally_initial.product + pd.updateDatasetNameToCatelogue(product.name, product.environment.name) + }) + }) + + it('Update the authorization scope from Public to Protected Externally', () => { + cy.visit(pd.path) + cy.get('@apiowner').then(({ protectedExternally }: any) => { + let product = protectedExternally.protectedExternally_external.product + pd.editProductEnvironment(product.name, product.environment.name) + pd.editProductEnvironmentConfig(product.environment.config) + }) + }) + + it('Verify that product is w/o a request button in API Directory', () => { + cy.visit(apiDir.path) + cy.get('@apiowner').then(({ protectedExternally }: any) => { + let product = protectedExternally.protectedExternally_external.product + apiDir.selectProduct(product.name) + cy.get(apiDir.rqstAccessBtn).should('not.exist') + apiDir.checkProductIcon(product.name, 'FaLock') + }) + }) + + it('Delete the Product', () => { + cy.visit(pd.path) + cy.get('@apiowner').then(({ protectedExternally }: any) => { + pd.deleteProduct(protectedExternally.protectedExternally_external.product.name) + }) + }) + + after(() => { + cy.logout() + cy.clearLocalStorage({ log: true }) + cy.deleteAllCookies() + }) + +}) diff --git a/src/nextapp/components/api-product-item/api-product-item.tsx b/src/nextapp/components/api-product-item/api-product-item.tsx index ccc35037f..e2c16f919 100644 --- a/src/nextapp/components/api-product-item/api-product-item.tsx +++ b/src/nextapp/components/api-product-item/api-product-item.tsx @@ -10,6 +10,7 @@ import { Icon, Text, } from '@chakra-ui/react'; +import kebabCase from 'lodash/kebabCase'; import { FaLock } from 'react-icons/fa'; import { HiChartBar } from 'react-icons/hi'; import { RiEarthFill } from 'react-icons/ri'; @@ -55,6 +56,7 @@ const ApiProductItem: React.FC = ({ as={isPublic || isTiered ? RiEarthFill : FaLock} color="bc-blue" boxSize="5" + data-testid={`product-icon-${kebabCase(data.name)}-${isPublic || isTiered ? 'RiEarthFill' : 'FaLock'}`} /> {data.name} From 15734de2f70b313c330470f039ba10e1f7c2e1e4 Mon Sep 17 00:00:00 2001 From: ikethecoder Date: Thu, 15 Feb 2024 09:33:37 -0800 Subject: [PATCH 06/13] add manual ghaction start for cypress --- .github/workflows/aps-cypress-e2e.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/aps-cypress-e2e.yaml b/.github/workflows/aps-cypress-e2e.yaml index e1ea49e21..38de9e387 100644 --- a/.github/workflows/aps-cypress-e2e.yaml +++ b/.github/workflows/aps-cypress-e2e.yaml @@ -1,8 +1,9 @@ -name: Build and Deploy Cypress and Execute Tests +name: Cypress and Execute Tests on: + workflow_dispatch: {} push: - branches: ['test', 'cypress*', 'local-dev'] + branches: ['test', 'cypress*'] env: DASHBOARD_PROJECT_ID: ${{ secrets.CY_DASHBOARD_PRJ_ID }} From ec7514c095720a3541e115456aeea248f57d5746 Mon Sep 17 00:00:00 2001 From: Russell Vinegar <38586679+rustyjux@users.noreply.github.com> Date: Wed, 21 Feb 2024 14:27:17 -0800 Subject: [PATCH 07/13] update local dev readme --- README.md | 124 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 72 insertions(+), 52 deletions(-) diff --git a/README.md b/README.md index c6253189d..c22dbccc3 100644 --- a/README.md +++ b/README.md @@ -6,76 +6,94 @@ ![GitHub](https://img.shields.io/github/license/bcgov/aps-portal?style=for-the-badge) ![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/bcgov/aps-portal?label=release&style=for-the-badge) + ## Introduction + The `API Services Portal` is a frontend for API Providers to manage the lifecycle of their APIs and for Developers to discover and access these APIs. It works in combination with the Kong Community Edition Gateway and Keycloak IAM solution. -## Running the Project -### Installation +## Local Deployment + + +The repo is setup to create a local deployment of the Portal along with required support services (Postgres, Keycloak, OAuth2-proxy, Feeder and Kong Gateway) using `docker compose`. + +1. Clone and build the [Gateway Admin API](https://github.com/bcgov/gwa-api) (gwa-api) -#### 1. Docker + ``` + git clone https://github.com/bcgov/gwa-api + cd ./microservices/gatewayApi + docker build -t gwa-api:e2e . + ``` -##### Steps +1. Build: Back in `api-services-portal`, run `docker compose --profile testsuite build`. +1. Run: `docker compose up`. Wait for startup to complete - look for `Swagger UI registered`. +1. The Portal is now live at http://oauth2proxy.localtest.me:4180 + 1. To login, use username `local` and password `local`, or username `janis@idir` and password `awsummer`. +1. If you have made any changes to the app code, update images by running `docker compose build` then `docker compose up`. +1. Clean up: `docker compose down` removes all the hosted services -1. Run build steps [here](https://github.com/bcgov/api-services-portal/tree/dev/e2e#build-gateway-api-image) -2. Run `docker compose --profile testsuite build` -3. Run `docker compose up` to spin up a local development environment with services (Postgres, Keycloak, OAuth2-proxy, APS-Portal, Feeder and Kong Gateway) -4. Go to: http://oauth2proxy.localtest.me:4180 -5. To login, use username `local` and password `local`, or username `janis@idir` and password `awsummer` -6. `docker compose down` : Removes all the hosted services +### Cypress testing -> To run the Cypress test automation suite, run `docker compose --profile testsuite up` -> -> To use the `gwa` command line, configure it with: -> -> `gwa config set host oauth2proxy.localtest.me:4180` -> -> `gwa config set scheme http` -> -> `gwa login` -> -> `gwa namespace create --name gw-12345` -> -> `gwa apply -i local/gwa-cli/gw-config.yml` -> -> `curl http://oauthproxy.localtest.me:8000/headers -H "Host: my-service.dev.api.gov.bc.ca"` +To run the Cypress test automation suite, run `docker compose --profile testsuite up`. -**Note:** +### gwa CLI configuration -- Please wait until keycloak service starts and is initialized with `master` realm. The realm configuration is saved in `./keycloak/master-realm.json`. It also creates a realm user `local` with admin privileges. -- You may want to run `docker compose build` if there are new changes that are not reflected in the last time you built the container images +To use the `gwa` command line interace, configure it with: -#### 2. Development using Docker backend +``` +gwa config set host oauth2proxy.localtest.me:4180 +gwa config set scheme http +``` -Use the following configuration to run the Portal locally against the components deployed with docker-compose. +Run this command to test logging in and creating a namespace: -To run this project first run `npm install`. Note: You may need to add `--legacy-peer-deps` to `npm install` if using Node version greater than `17`. +``` +gwa login +gwa namespace create --name gw-12345 +``` -To run the portal locally and leverage the `oauth2-proxy` that is running in docker: +### Keycloak configuration -- turn off the docker compose Portal: `docker stop apsportal` -- update the `oauth2-proxy/oauth2-proxy-local.cfg` `upstreams` to be `hostip=$(ifconfig en0 | awk '$1 == "inet" {print $2}')` -- restart the oauth2-proxy `docker compose restart oauth2-proxy` +Keycloak is initialized with `master` realm. The realm configuration is saved in `local/keycloak/master-realm.json`. It also creates a realm user `local` with admin privileges. -Then run the following to start the Portal locally: +### Development -```sh -cd src -set -o allexport -source ../.env.local -LOG_LEVEL=debug -KNEX_HOST=kong-db.localtest.me -NEXT_PUBLIC_MOCKS=off -set +o allexport +Use the following configuration to run the Portal locally (outside of Docker) against the support components deployed with `docker compose`. Changes to the Portal code will live update instead of requiring `docker build`. -npm run dev -``` +1. Follow [local deployment instructions](#local-deployment) and run `docker compose up`. +1. In `/src` run `npm install`. + + > [!NOTE] + > You will need to run `npm install --legacy-peer-deps` if using Node version greater than `17`. + +1. Turn off the docker compose Portal: `docker stop apsportal` +1. Configure the `oauth2-proxy` that is running in Docker: + 1. Update `upstreams` in `oauth2-proxy/oauth2-proxy-local.cfg` to include the IP address of your local machine, e.g. `upstreams=["http://172.100.100.01:3000"]` +
You can obtain the IP address using `hostname -I`. + + 1. Restart the oauth2-proxy: `docker compose restart oauth2-proxy` + +1. Start the Portal locally: + + ```sh + cd src + set -o allexport + source ../.env.local + LOG_LEVEL=debug + KNEX_HOST=kong-db.localtest.me + NEXT_PUBLIC_MOCKS=off + set +o allexport + + npm run dev + ``` + +1. The Portal is now live at http://oauth2proxy.localtest.me:4180 and should auto-update on code changes. -Go to: http://oauth2proxy.localtest.me:4180 ## Design + The `API Services Portal` is a React application using the Chakra UI component library, and using two frameworks: KeystoneJS V5, and NextJS. The application is divided up into the following six components: @@ -150,9 +168,11 @@ Currently support feeders: Source: `feeds` + ## Development -#### TypeScript + +### TypeScript The client-side Next.js application uses TypeScript, and because it plays nicely with GraphQL types, uses a codegen to generate the API types. In `development` mode once the API server has started the types are automatically generated, but will need to be regenerated if you make changes to the @@ -179,7 +199,7 @@ const Component = () => { All Typescript paths alias `src/nextapp` to `@/`. -#### Storybook +### Storybook [Chakra UI](https://chakra-ui.com) was chosen for the UI framework due to its utility and flexibility. A theme has been created which follows the [BC Government Web Design System](https://developer.gov.bc.ca/Design-System) alongside custom components written for the portal. @@ -199,7 +219,7 @@ import { Button } from 'chakra-ui/react'; All the core components stories are located in `src/stories`. For custom components add the story in the component folder, ie `src/nextapp/components/card/card.stories.tsx`. -#### Mock Server +### Mock Server For convenience a mock server is available to fake data via the GraphQL api. Run by opening a new shell window after running `$ npm run dev` and run the following: @@ -217,7 +237,7 @@ GWA_API_URL=http://localhost:4000 It should be noted that a 1-to-1 replication of the production API is not the goal of the mock server. It's simply to replicate requests and confirm the content returned will behave in an expected way. -###### Updating mock server schemas +#### Updating mock server schemas When Keystone-level types are updated, there is a manual step required for the mock server in order to keep the mock data structure in sync with the production server. It is definitely manual at the moment, but fairly easy and quick to do. @@ -225,7 +245,7 @@ When Keystone-level types are updated, there is a manual step required for the m 2. The far right of the graphiql interface are 2 tabs, `DOCS` and `SCHEMAS`. You can either download and copy or copy the contents of the `SCHEMAS` tab and paste it in `src/test/mock-server/schemas.js` inside the string literal. 3. Delete any instances of a `@deprecated(reason: "Use `path` instead")` string. These messages break the graphql-tools -#### Coding Style +### Coding Style There isn't a strict, repo-wide coding style per se, but we use Prettier and ESLint to maintain a consistent code style. Both libraries are included locally as part of the node_modules, so it is recommended to configure your editor to run off local versions instead of global so any API changes between versions don't collide. From daa42ebb42b82c0dd3a31e1fa14d06d091c09f32 Mon Sep 17 00:00:00 2001 From: Russell Vinegar <38586679+rustyjux@users.noreply.github.com> Date: Wed, 21 Feb 2024 15:47:57 -0800 Subject: [PATCH 08/13] update readme --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index c22dbccc3..2640d003e 100644 --- a/README.md +++ b/README.md @@ -63,9 +63,7 @@ Use the following configuration to run the Portal locally (outside of Docker) ag 1. Follow [local deployment instructions](#local-deployment) and run `docker compose up`. 1. In `/src` run `npm install`. - - > [!NOTE] - > You will need to run `npm install --legacy-peer-deps` if using Node version greater than `17`. + 1. If using Node version > 17, run `npm install --legacy-peer-deps` 1. Turn off the docker compose Portal: `docker stop apsportal` 1. Configure the `oauth2-proxy` that is running in Docker: From 74a4dbe5bbbcdfe36eff819fbb7892d5152aa234 Mon Sep 17 00:00:00 2001 From: nirajCITZ <94716060+nirajCITZ@users.noreply.github.com> Date: Fri, 23 Feb 2024 11:47:30 -0800 Subject: [PATCH 09/13] Cypress check stalls execution (#993) * Change Cypress reload function to check the stall execution issue on CI-CD * Updated Kong file for latest kong-plugin-jwt-keycloak plugins * Update response message for invalid credential after updating new keycloak * Split Test Plan into separate spec files * Split cids access approve request scenarios into separate spec file * Update gwa response message --- .../tests/01-api-key/01-create-api.cy.ts | 4 +- .../03-request-access-inactive-env.cy.ts | 4 +- ...cess-with-out-collecting-credentials.cy.ts | 2 +- .../01-api-key/07-approve-pending-rqst.cy.ts | 2 +- .../tests/01-api-key/08-grant-access.cy.ts | 2 +- .../01-client-cred-team-access.cy.ts | 2 +- .../02-create_authorizarion_profile.cy.ts | 2 +- .../05-cids-access-approve-api-rqst.cy.ts | 215 +----------------- .../06-client-scope-in-keycloak.ts | 59 +++++ .../07-deselect-scope.ts | 56 +++++ .../08-verify-client-scope-in-default-list.ts | 117 ++++++++++ ...t.cy.ts => 09-jwt-genkp-access-rqst.cy.ts} | 2 +- ...0-jwt-genkp-access-approve-api-rqst.cy.ts} | 2 +- ...=> 11-jwks-url-gen-keys-access-rqst.cy.ts} | 2 +- ...2-jwks-url-access-approval-api-rqst.cy.ts} | 2 +- ...ts => 13-jwks-publicKey-access-rqst.cy.ts} | 2 +- ...-publlicKey-access-approve-api-rqst.cy.ts} | 2 +- ...approve-pending-rqst-for-labels.spec.cy.ts | 2 +- .../02-client-credentials.cy.ts | 4 +- .../07-manage-control/02-rate-limiting.cy.ts | 2 +- ...03-kong-api-only-apply-rate-limiting.cy.ts | 2 +- .../08-client-role/03-read-client-role.ts | 2 +- .../08-client-role/04-write-client-role.ts | 2 +- .../08-client-role/05-check-without-role.ts | 2 +- ...01-client-credential-to-kong-acl-api.cy.ts | 2 +- ...02-kong-acl-api-to-client-credential.cy.ts | 2 +- .../03-apply-multiple-services.cy.ts | 2 +- .../09-update-product-env/06-shared-idp.cy.ts | 2 +- .../10-clear-resources/01-create-api.cy.ts | 2 +- .../06-delete-service-acc.ts | 2 +- .../11-activity-feed/01-activity-feed.cy.ts | 2 +- .../12-access-permission/01-create-api.cy.ts | 2 +- .../04-access-manager.cy.ts | 4 +- .../05-namespace-manage.cy.ts | 4 +- .../06-credential-issuer.cy.ts | 4 +- .../07-namespace-view.cy.ts | 4 +- .../08-gateway-config.cy.ts | 4 +- .../01-create-api.cy.ts | 2 +- .../01-client-cred-team-access.ts | 2 +- .../02-multiple-org-admin.ts | 102 +-------- .../03-verify-org-admin-member-org.ts | 95 ++++++++ .../04-multiple-org-admin-org-unit.ts | 68 ++++++ ...=> 05-verify-org-admin-member-org-unit.ts} | 69 ------ .../tests/15-aps-api/01-create-api.cy.ts | 2 +- .../tests/15-aps-api/02-organization.cy.ts | 2 +- .../tests/15-aps-api/06-products.cy.ts | 4 +- .../tests/16-gwa-cli/01-cli-commands.ts | 6 +- .../16-gwa-cli/02-cli-generate-config.ts | 2 +- ...01-delete-application-without-access.cy.ts | 2 +- ...te-application-with-approved-request.cy.ts | 2 +- .../04-delete-namespace-gwa.ts | 2 +- local/kong/Dockerfile | 2 +- 52 files changed, 454 insertions(+), 437 deletions(-) create mode 100644 e2e/cypress/tests/02-client-credential-flow/06-client-scope-in-keycloak.ts create mode 100644 e2e/cypress/tests/02-client-credential-flow/07-deselect-scope.ts create mode 100644 e2e/cypress/tests/02-client-credential-flow/08-verify-client-scope-in-default-list.ts rename e2e/cypress/tests/02-client-credential-flow/{06-jwt-genkp-access-rqst.cy.ts => 09-jwt-genkp-access-rqst.cy.ts} (98%) rename e2e/cypress/tests/02-client-credential-flow/{07-jwt-genkp-access-approve-api-rqst.cy.ts => 10-jwt-genkp-access-approve-api-rqst.cy.ts} (99%) rename e2e/cypress/tests/02-client-credential-flow/{08-jwks-url-gen-keys-access-rqst.cy.ts => 11-jwks-url-gen-keys-access-rqst.cy.ts} (99%) rename e2e/cypress/tests/02-client-credential-flow/{09-jwks-url-access-approval-api-rqst.cy.ts => 12-jwks-url-access-approval-api-rqst.cy.ts} (99%) rename e2e/cypress/tests/02-client-credential-flow/{10-jwks-publicKey-access-rqst.cy.ts => 13-jwks-publicKey-access-rqst.cy.ts} (99%) rename e2e/cypress/tests/02-client-credential-flow/{11-jwt-publlicKey-access-approve-api-rqst.cy.ts => 14-jwt-publlicKey-access-approve-api-rqst.cy.ts} (99%) create mode 100644 e2e/cypress/tests/14-org-assignment/03-verify-org-admin-member-org.ts create mode 100644 e2e/cypress/tests/14-org-assignment/04-multiple-org-admin-org-unit.ts rename e2e/cypress/tests/14-org-assignment/{03-multiple-org-admin-org-unit.ts => 05-verify-org-admin-member-org-unit.ts} (63%) diff --git a/e2e/cypress/tests/01-api-key/01-create-api.cy.ts b/e2e/cypress/tests/01-api-key/01-create-api.cy.ts index 68a1d7da4..63d3d589e 100644 --- a/e2e/cypress/tests/01-api-key/01-create-api.cy.ts +++ b/e2e/cypress/tests/01-api-key/01-create-api.cy.ts @@ -4,7 +4,7 @@ import Products from '../../pageObjects/products' import ServiceAccountsPage from '../../pageObjects/serviceAccounts' -describe('Create API Spec', () => { +describe('Create API Spec', () => { const login = new LoginPage() const home = new HomePage() const sa = new ServiceAccountsPage() @@ -14,7 +14,7 @@ describe('Create API Spec', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) cy.resetState() cy.deleteAllCookies() }) diff --git a/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts b/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts index bfe769346..5b9ca7ba5 100644 --- a/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts +++ b/e2e/cypress/tests/01-api-key/03-request-access-inactive-env.cy.ts @@ -15,7 +15,7 @@ describe('Change an Active environment to Inactive', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -114,7 +114,7 @@ describe('Change an the environment back to active', () => { cy.visit('/') // cy.deleteAllCookies() // cy.clearCookies() - // cy.reload() + // cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts b/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts index 85d5de5dd..20ec0de6f 100644 --- a/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts +++ b/e2e/cypress/tests/01-api-key/04-request-access-with-out-collecting-credentials.cy.ts @@ -11,7 +11,7 @@ describe('Request Access without colleting credential Spec', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts b/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts index 110bdbba4..d20c171f1 100644 --- a/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts +++ b/e2e/cypress/tests/01-api-key/07-approve-pending-rqst.cy.ts @@ -11,7 +11,7 @@ describe('Approve Pending Request Spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/01-api-key/08-grant-access.cy.ts b/e2e/cypress/tests/01-api-key/08-grant-access.cy.ts index 238af646d..b405ae971 100644 --- a/e2e/cypress/tests/01-api-key/08-grant-access.cy.ts +++ b/e2e/cypress/tests/01-api-key/08-grant-access.cy.ts @@ -11,7 +11,7 @@ describe('Grant Access Spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts b/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts index 6af9f276b..29b770c58 100644 --- a/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/01-client-cred-team-access.cy.ts @@ -13,7 +13,7 @@ describe('Grant appropriate permissions to team members for client credential fl before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts b/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts index 8a89f006d..117465051 100644 --- a/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/02-create_authorizarion_profile.cy.ts @@ -12,7 +12,7 @@ describe('Generate Authorization Profiles', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts index ec83f1f72..7c2b38156 100644 --- a/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/05-cids-access-approve-api-rqst.cy.ts @@ -13,7 +13,7 @@ describe('Access manager approves developer access request for Client ID/Secret before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -77,215 +77,4 @@ describe('Make an API request using Client ID, Secret, and Access Token', () => }) }) }) -}) - -describe('Verify the selected client scoped is displayed in assigned default list', () => { - const clientScopes = new keycloakClientScopesPage() - const groups = new keycloakGroupPage() - var nameSpace: string - const home = new HomePage() - const authProfile = new AuthorizationProfile() - - before(() => { - cy.visit(Cypress.env('KEYCLOAK_URL')) - cy.reload() - }) - - beforeEach(() => { - cy.preserveCookies() - cy.fixture('developer').as('developer') - cy.fixture('apiowner').as('apiowner') - cy.fixture('state/regen').as('regen') - cy.fixture('admin').as('admin') - }) - - it('Authenticates Admin owner', () => { - cy.get('@admin').then(({ user }: any) => { - cy.contains('Administration Console').click({ force: true }) - cy.keycloakLogin(user.credentials.username, user.credentials.password) - }) - }) - - it('Navigate to Clients page', () => { - cy.contains('Clients').click() - }) - - it('Select the consumer ID', () => { - cy.readFile('cypress/fixtures/state/store.json').then((store_res) => { - let cc = JSON.parse(store_res.clientidsecret) - cy.contains(cc.clientId).click() - }) - }) - - it('Navigate to client scope tab', () => { - clientScopes.selectTab('Client Scopes') - }) - - it('Verify that "System.Write" scope is in assigned default scope', () => { - clientScopes.verifyAssignedScope('System.Write', true) - }) - - after(() => { - cy.keycloakLogout() - }) - -}) - -describe('Deselect the scope from authorization tab', () => { - const login = new LoginPage() - const home = new HomePage() - const consumers = new ConsumersPage() - - before(() => { - cy.visit('/') - cy.reload() - }) - - beforeEach(() => { - cy.preserveCookies() - cy.fixture('access-manager').as('access-manager') - cy.fixture('apiowner').as('apiowner') - cy.fixture('manage-control-config-setting').as('manage-control-config-setting') - cy.fixture('common-testdata').as('common-testdata') - // cy.visit(login.path) - }) - - it('authenticates Mark (Access Manager)', () => { - cy.get('@access-manager').then(({ user }: any) => { - cy.get('@common-testdata').then(({ clientCredentials }: any) => { - cy.login(user.credentials.username, user.credentials.password).then(() => { - home.useNamespace(clientCredentials.namespace); - }) - }) - }) - }) - - it('Navigate to Consumer page ', () => { - cy.visit(consumers.path); - }) - - it('Select the consumer from the list ', () => { - consumers.clickOnTheFirstConsumerID() - }) - - it('Deselect scopes in Authorization Tab', () => { - cy.get('@apiowner').then(({ clientCredentials }: any) => { - consumers.editConsumerDialog() - consumers.selectAuthorizationScope(clientCredentials.clientIdSecret.authProfile.scopes, false) - consumers.saveAppliedConfig() - }) - }) - after(() => { - cy.logout() - }) -}) - -describe('Verify the selected client scoped is not displayed in assigned default list', () => { - const clientScopes = new keycloakClientScopesPage() - const groups = new keycloakGroupPage() - var nameSpace: string - const home = new HomePage() - const authProfile = new AuthorizationProfile() - - before(() => { - cy.visit(Cypress.env('KEYCLOAK_URL')) - cy.reload() - }) - - beforeEach(() => { - cy.preserveCookies() - cy.fixture('developer').as('developer') - cy.fixture('apiowner').as('apiowner') - cy.fixture('state/regen').as('regen') - cy.fixture('admin').as('admin') - }) - - it('Authenticates Admin owner', () => { - cy.get('@admin').then(({ user }: any) => { - cy.contains('Administration Console').click({ force: true }) - cy.keycloakLogin(user.credentials.username, user.credentials.password) - }) - }) - - it('Navigate to Clients page', () => { - cy.contains('Clients').click() - }) - - it('Select the consumer ID', () => { - cy.readFile('cypress/fixtures/state/store.json').then((store_res) => { - let cc = JSON.parse(store_res.clientidsecret) - cy.contains(cc.clientId).click() - }) - }) - - it('Navigate to client scope tab', () => { - clientScopes.selectTab('Client Scopes') - }) - - it('Verify that "System.Write" scope is not in assigned default scope', () => { - clientScopes.verifyAssignedScope('System.Write', false) - }) - - after(() => { - cy.keycloakLogout() - }) - -}) - -// describe('Revoke product environment access for Client Credential authorization spec', () => { -// const login = new LoginPage() -// const consumers = new ConsumersPage() -// const home = new HomePage() - -// before(() => { -// cy.visit('/') -// cy.deleteAllCookies() -// cy.reload() -// }) - -// beforeEach(() => { -// cy.preserveCookies() -// cy.fixture('access-manager').as('access-manager') -// cy.fixture('apiowner').as('apiowner') -// cy.fixture('developer').as('developer') -// cy.fixture('state/store').as('store') -// }) - -// it('authenticates Mark (Access-Manager)', () => { -// cy.get('@apiowner').then(({ clientCredentials }: any) => { -// cy.get('@access-manager').then(({ user }: any) => { -// cy.login(user.credentials.username, user.credentials.password) -// home.useNamespace(clientCredentials.namespace); -// }) -// }) -// }) - -// it('Navigate to Consumer page and filter the product', () => { -// cy.get('@apiowner').then(({ clientCredentials }: any) => { -// cy.visit(consumers.path); -// let product = clientCredentials.clientIdSecret.product -// consumers.filterConsumerByTypeAndValue('Products', product.name) -// }) -// }) - -// it('Click on the first consumer', () => { -// consumers.clickOnTheFirstConsumerID() -// }) - -// it('Revoke access for Test environment', () => { -// cy.wait(1000) -// consumers.revokeProductEnvAccess('Test') -// }) - -// it('Verify the confirmation message once the access is revoked', () => { -// cy.verifyToastMessage("Product Revoked") -// }) - - -// after(() => { -// cy.logout() -// cy.clearLocalStorage({ log: true }) -// cy.deleteAllCookies() -// }) - -// }) \ No newline at end of file +}) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/06-client-scope-in-keycloak.ts b/e2e/cypress/tests/02-client-credential-flow/06-client-scope-in-keycloak.ts new file mode 100644 index 000000000..4dd9351cc --- /dev/null +++ b/e2e/cypress/tests/02-client-credential-flow/06-client-scope-in-keycloak.ts @@ -0,0 +1,59 @@ +import HomePage from '../../pageObjects/home' +import LoginPage from '../../pageObjects/login' +import ConsumersPage from '../../pageObjects/consumers' +import KeycloakUserGroupPage from '../../pageObjects/keycloakUserGroup' +import keycloakGroupPage from '../../pageObjects/keycloakGroup' +import AuthorizationProfile from '../../pageObjects/authProfile' +import keycloakClientScopesPage from '../../pageObjects/keycloakClientScopes' + +describe('Verify the selected client scoped is displayed in assigned default list', () => { + const clientScopes = new keycloakClientScopesPage() + const groups = new keycloakGroupPage() + var nameSpace: string + const home = new HomePage() + const authProfile = new AuthorizationProfile() + + before(() => { + cy.visit(Cypress.env('KEYCLOAK_URL')) + cy.reload(true) + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('developer').as('developer') + cy.fixture('apiowner').as('apiowner') + cy.fixture('state/regen').as('regen') + cy.fixture('admin').as('admin') + }) + + it('Authenticates Admin owner', () => { + cy.get('@admin').then(({ user }: any) => { + cy.contains('Administration Console').click({ force: true }) + cy.keycloakLogin(user.credentials.username, user.credentials.password) + }) + }) + + it('Navigate to Clients page', () => { + cy.contains('Clients').click() + }) + + it('Select the consumer ID', () => { + cy.readFile('cypress/fixtures/state/store.json').then((store_res) => { + let cc = JSON.parse(store_res.clientidsecret) + cy.contains(cc.clientId).click() + }) + }) + + it('Navigate to client scope tab', () => { + clientScopes.selectTab('Client Scopes') + }) + + it('Verify that "System.Write" scope is in assigned default scope', () => { + clientScopes.verifyAssignedScope('System.Write', true) + }) + + after(() => { + cy.keycloakLogout() + }) + +}) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/07-deselect-scope.ts b/e2e/cypress/tests/02-client-credential-flow/07-deselect-scope.ts new file mode 100644 index 000000000..42f58f8b6 --- /dev/null +++ b/e2e/cypress/tests/02-client-credential-flow/07-deselect-scope.ts @@ -0,0 +1,56 @@ +import HomePage from '../../pageObjects/home' +import LoginPage from '../../pageObjects/login' +import ConsumersPage from '../../pageObjects/consumers' +import KeycloakUserGroupPage from '../../pageObjects/keycloakUserGroup' +import keycloakGroupPage from '../../pageObjects/keycloakGroup' +import AuthorizationProfile from '../../pageObjects/authProfile' +import keycloakClientScopesPage from '../../pageObjects/keycloakClientScopes' + +describe('Deselect the scope from authorization tab', () => { + const login = new LoginPage() + const home = new HomePage() + const consumers = new ConsumersPage() + + before(() => { + cy.visit('/') + cy.reload(true) + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('access-manager').as('access-manager') + cy.fixture('apiowner').as('apiowner') + cy.fixture('manage-control-config-setting').as('manage-control-config-setting') + cy.fixture('common-testdata').as('common-testdata') + // cy.visit(login.path) + }) + + it('authenticates Mark (Access Manager)', () => { + cy.get('@access-manager').then(({ user }: any) => { + cy.get('@common-testdata').then(({ clientCredentials }: any) => { + cy.login(user.credentials.username, user.credentials.password).then(() => { + home.useNamespace(clientCredentials.namespace); + }) + }) + }) + }) + + it('Navigate to Consumer page ', () => { + cy.visit(consumers.path); + }) + + it('Select the consumer from the list ', () => { + consumers.clickOnTheFirstConsumerID() + }) + + it('Deselect scopes in Authorization Tab', () => { + cy.get('@apiowner').then(({ clientCredentials }: any) => { + consumers.editConsumerDialog() + consumers.selectAuthorizationScope(clientCredentials.clientIdSecret.authProfile.scopes, false) + consumers.saveAppliedConfig() + }) + }) + after(() => { + cy.logout() + }) +}) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/08-verify-client-scope-in-default-list.ts b/e2e/cypress/tests/02-client-credential-flow/08-verify-client-scope-in-default-list.ts new file mode 100644 index 000000000..221c38808 --- /dev/null +++ b/e2e/cypress/tests/02-client-credential-flow/08-verify-client-scope-in-default-list.ts @@ -0,0 +1,117 @@ +import HomePage from '../../pageObjects/home' +import LoginPage from '../../pageObjects/login' +import ConsumersPage from '../../pageObjects/consumers' +import KeycloakUserGroupPage from '../../pageObjects/keycloakUserGroup' +import keycloakGroupPage from '../../pageObjects/keycloakGroup' +import AuthorizationProfile from '../../pageObjects/authProfile' +import keycloakClientScopesPage from '../../pageObjects/keycloakClientScopes' + +describe('Verify the selected client scoped is not displayed in assigned default list', () => { + const clientScopes = new keycloakClientScopesPage() + const groups = new keycloakGroupPage() + var nameSpace: string + const home = new HomePage() + const authProfile = new AuthorizationProfile() + + before(() => { + cy.visit(Cypress.env('KEYCLOAK_URL')) + cy.reload(true) + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('developer').as('developer') + cy.fixture('apiowner').as('apiowner') + cy.fixture('state/regen').as('regen') + cy.fixture('admin').as('admin') + }) + + it('Authenticates Admin owner', () => { + cy.get('@admin').then(({ user }: any) => { + cy.contains('Administration Console').click({ force: true }) + cy.keycloakLogin(user.credentials.username, user.credentials.password) + }) + }) + + it('Navigate to Clients page', () => { + cy.contains('Clients').click() + }) + + it('Select the consumer ID', () => { + cy.readFile('cypress/fixtures/state/store.json').then((store_res) => { + let cc = JSON.parse(store_res.clientidsecret) + cy.contains(cc.clientId).click() + }) + }) + + it('Navigate to client scope tab', () => { + clientScopes.selectTab('Client Scopes') + }) + + it('Verify that "System.Write" scope is not in assigned default scope', () => { + clientScopes.verifyAssignedScope('System.Write', false) + }) + + after(() => { + cy.keycloakLogout() + }) + +}) + +// describe('Revoke product environment access for Client Credential authorization spec', () => { +// const login = new LoginPage() +// const consumers = new ConsumersPage() +// const home = new HomePage() + +// before(() => { +// cy.visit('/') +// cy.deleteAllCookies() +// cy.reload(true) +// }) + +// beforeEach(() => { +// cy.preserveCookies() +// cy.fixture('access-manager').as('access-manager') +// cy.fixture('apiowner').as('apiowner') +// cy.fixture('developer').as('developer') +// cy.fixture('state/store').as('store') +// }) + +// it('authenticates Mark (Access-Manager)', () => { +// cy.get('@apiowner').then(({ clientCredentials }: any) => { +// cy.get('@access-manager').then(({ user }: any) => { +// cy.login(user.credentials.username, user.credentials.password) +// home.useNamespace(clientCredentials.namespace); +// }) +// }) +// }) + +// it('Navigate to Consumer page and filter the product', () => { +// cy.get('@apiowner').then(({ clientCredentials }: any) => { +// cy.visit(consumers.path); +// let product = clientCredentials.clientIdSecret.product +// consumers.filterConsumerByTypeAndValue('Products', product.name) +// }) +// }) + +// it('Click on the first consumer', () => { +// consumers.clickOnTheFirstConsumerID() +// }) + +// it('Revoke access for Test environment', () => { +// cy.wait(1000) +// consumers.revokeProductEnvAccess('Test') +// }) + +// it('Verify the confirmation message once the access is revoked', () => { +// cy.verifyToastMessage("Product Revoked") +// }) + + +// after(() => { +// cy.logout() +// cy.clearLocalStorage({ log: true }) +// cy.deleteAllCookies() +// }) + +// }) \ No newline at end of file diff --git a/e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/09-jwt-genkp-access-rqst.cy.ts similarity index 98% rename from e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts rename to e2e/cypress/tests/02-client-credential-flow/09-jwt-genkp-access-rqst.cy.ts index b51544eaa..9fc3f23f0 100644 --- a/e2e/cypress/tests/02-client-credential-flow/06-jwt-genkp-access-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/09-jwt-genkp-access-rqst.cy.ts @@ -11,7 +11,7 @@ describe('Developer creates an access request for JWT Generated Key Pair authent before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/10-jwt-genkp-access-approve-api-rqst.cy.ts similarity index 99% rename from e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts rename to e2e/cypress/tests/02-client-credential-flow/10-jwt-genkp-access-approve-api-rqst.cy.ts index be7cd48bb..6bc97f8ee 100644 --- a/e2e/cypress/tests/02-client-credential-flow/07-jwt-genkp-access-approve-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/10-jwt-genkp-access-approve-api-rqst.cy.ts @@ -11,7 +11,7 @@ describe('Access manager approves developer access request for JWT - Generated K before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/11-jwks-url-gen-keys-access-rqst.cy.ts similarity index 99% rename from e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts rename to e2e/cypress/tests/02-client-credential-flow/11-jwks-url-gen-keys-access-rqst.cy.ts index 01da22880..1748f02ea 100644 --- a/e2e/cypress/tests/02-client-credential-flow/08-jwks-url-gen-keys-access-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/11-jwks-url-gen-keys-access-rqst.cy.ts @@ -39,7 +39,7 @@ describe('Developer creates an access request for JWKS URL', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/12-jwks-url-access-approval-api-rqst.cy.ts similarity index 99% rename from e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts rename to e2e/cypress/tests/02-client-credential-flow/12-jwks-url-access-approval-api-rqst.cy.ts index 07aaef97d..6350d1f99 100644 --- a/e2e/cypress/tests/02-client-credential-flow/09-jwks-url-access-approval-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/12-jwks-url-access-approval-api-rqst.cy.ts @@ -12,7 +12,7 @@ describe('Access manager approves developer access request for JWKS URL flow', ( before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/13-jwks-publicKey-access-rqst.cy.ts similarity index 99% rename from e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts rename to e2e/cypress/tests/02-client-credential-flow/13-jwks-publicKey-access-rqst.cy.ts index 7d13d3986..6895839cc 100644 --- a/e2e/cypress/tests/02-client-credential-flow/10-jwks-publicKey-access-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/13-jwks-publicKey-access-rqst.cy.ts @@ -13,7 +13,7 @@ describe('Generates public/private key and set public key to access request', () before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts b/e2e/cypress/tests/02-client-credential-flow/14-jwt-publlicKey-access-approve-api-rqst.cy.ts similarity index 99% rename from e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts rename to e2e/cypress/tests/02-client-credential-flow/14-jwt-publlicKey-access-approve-api-rqst.cy.ts index 8542216b3..f9ee17ad9 100644 --- a/e2e/cypress/tests/02-client-credential-flow/11-jwt-publlicKey-access-approve-api-rqst.cy.ts +++ b/e2e/cypress/tests/02-client-credential-flow/14-jwt-publlicKey-access-approve-api-rqst.cy.ts @@ -11,7 +11,7 @@ describe('Access manager approves developer access request for JWT - Generated K before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts b/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts index 5662562ee..7ff4da239 100644 --- a/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts +++ b/e2e/cypress/tests/03-manage-labels/02-approve-pending-rqst-for-labels.spec.cy.ts @@ -11,7 +11,7 @@ describe('Approve Pending Request Spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/06-refresh-credential/02-client-credentials.cy.ts b/e2e/cypress/tests/06-refresh-credential/02-client-credentials.cy.ts index 327508156..e7a10e6e4 100644 --- a/e2e/cypress/tests/06-refresh-credential/02-client-credentials.cy.ts +++ b/e2e/cypress/tests/06-refresh-credential/02-client-credentials.cy.ts @@ -13,7 +13,7 @@ import MyAccessPage from '../../pageObjects/myAccess' // before(() => { // cy.visit('/') // cy.deleteAllCookies() -// cy.reload() +// cy.reload(true) // }) // beforeEach(() => { @@ -69,7 +69,7 @@ describe('Regenerate Credential for Client Credentials- Client ID/Secret', () => before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts b/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts index fa4805a7a..e7296070e 100644 --- a/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts +++ b/e2e/cypress/tests/07-manage-control/02-rate-limiting.cy.ts @@ -12,7 +12,7 @@ describe('Manage Control-Rate Limiting Spec for Service as Scope and Local Polic before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts b/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts index 72602f996..08767f570 100644 --- a/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts +++ b/e2e/cypress/tests/07-manage-control/03-kong-api-only-apply-rate-limiting.cy.ts @@ -20,7 +20,7 @@ describe('Apply Kong API key only plugin', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/08-client-role/03-read-client-role.ts b/e2e/cypress/tests/08-client-role/03-read-client-role.ts index 5f81dc6d0..cad5ca94d 100644 --- a/e2e/cypress/tests/08-client-role/03-read-client-role.ts +++ b/e2e/cypress/tests/08-client-role/03-read-client-role.ts @@ -14,7 +14,7 @@ describe('Developer creates an access request for Client ID/Secret authenticator before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/08-client-role/04-write-client-role.ts b/e2e/cypress/tests/08-client-role/04-write-client-role.ts index f6eb74aef..411fa8404 100644 --- a/e2e/cypress/tests/08-client-role/04-write-client-role.ts +++ b/e2e/cypress/tests/08-client-role/04-write-client-role.ts @@ -14,7 +14,7 @@ describe('Developer creates an access request for Client ID/Secret authenticator before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/08-client-role/05-check-without-role.ts b/e2e/cypress/tests/08-client-role/05-check-without-role.ts index fed1ead1f..a96f1d6a0 100644 --- a/e2e/cypress/tests/08-client-role/05-check-without-role.ts +++ b/e2e/cypress/tests/08-client-role/05-check-without-role.ts @@ -22,7 +22,7 @@ describe('Reset Authorization profile to default (without any role)', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts b/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts index 609f76633..e9b7d910b 100644 --- a/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/01-client-credential-to-kong-acl-api.cy.ts @@ -22,7 +22,7 @@ describe('Change Authorization profile', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts b/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts index d1d94a6d0..14f622a41 100644 --- a/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/02-kong-acl-api-to-client-credential.cy.ts @@ -25,7 +25,7 @@ describe('Change Authorization profile from Kong ACL-API to Client Credential', before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts b/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts index c0ddc9299..50de65e81 100644 --- a/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/03-apply-multiple-services.cy.ts @@ -27,7 +27,7 @@ describe('Apply multiple services to the product environment', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts b/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts index e59ae51d6..6603ceab1 100644 --- a/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts +++ b/e2e/cypress/tests/09-update-product-env/06-shared-idp.cy.ts @@ -19,7 +19,7 @@ describe('Apply Shared IDP while creating Authorization Profile', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts b/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts index 817781a88..592ec430b 100644 --- a/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts +++ b/e2e/cypress/tests/10-clear-resources/01-create-api.cy.ts @@ -14,7 +14,7 @@ describe('Create API Spec for Delete Resources', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) // cy.resetState() }) diff --git a/e2e/cypress/tests/10-clear-resources/06-delete-service-acc.ts b/e2e/cypress/tests/10-clear-resources/06-delete-service-acc.ts index 2a353f424..2a82d2e05 100644 --- a/e2e/cypress/tests/10-clear-resources/06-delete-service-acc.ts +++ b/e2e/cypress/tests/10-clear-resources/06-delete-service-acc.ts @@ -52,7 +52,7 @@ describe('Create API Spec', () => { cy.getAccessToken(cc.clientId, cc.clientSecret).then(() => { cy.get('@accessTokenResponse').then((token_res: any) => { expect(token_res.status).to.be.equal(400) - expect(token_res.body.error).to.contains("unauthorized_client") + expect(token_res.body.error).to.contains("invalid_client") }) }) }) diff --git a/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts b/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts index ccb75a9a5..238fdb6b7 100644 --- a/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts +++ b/e2e/cypress/tests/11-activity-feed/01-activity-feed.cy.ts @@ -14,7 +14,7 @@ describe('Get the user session token to pass it as authorization token to make t before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts b/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts index fd9186e62..5011d6b0b 100644 --- a/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts +++ b/e2e/cypress/tests/12-access-permission/01-create-api.cy.ts @@ -14,7 +14,7 @@ describe('Create API Spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) cy.resetState() }) diff --git a/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts b/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts index 0e71be9d6..2ba9413d2 100644 --- a/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts +++ b/e2e/cypress/tests/12-access-permission/04-access-manager.cy.ts @@ -12,7 +12,7 @@ describe('Grant Access Manager Role', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -56,7 +56,7 @@ describe('Verify that Mark is able to view the pending request', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts b/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts index 93f743788..3075dfe44 100644 --- a/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts +++ b/e2e/cypress/tests/12-access-permission/05-namespace-manage.cy.ts @@ -14,7 +14,7 @@ describe('Grant Namespace Manage Role', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -61,7 +61,7 @@ describe('Verify that Wendy is able to see all the options for the Namespace', ( before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts b/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts index 1998de81a..e50d355f4 100644 --- a/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts +++ b/e2e/cypress/tests/12-access-permission/06-credential-issuer.cy.ts @@ -13,7 +13,7 @@ describe('Grant Credential Issuer Role', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -59,7 +59,7 @@ describe('Verify that Wendy is able to generate authorization profile', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts b/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts index dafef02e6..0acd828a1 100644 --- a/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts +++ b/e2e/cypress/tests/12-access-permission/07-namespace-view.cy.ts @@ -14,7 +14,7 @@ describe('Grant Namespace View Role to Mark', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -58,7 +58,7 @@ describe('Verify that Mark is unable to create service account', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts b/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts index 3021c5e61..0f5b16d00 100644 --- a/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts +++ b/e2e/cypress/tests/12-access-permission/08-gateway-config.cy.ts @@ -17,7 +17,7 @@ describe('Grant Gateway Config Role to Wendy', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -62,7 +62,7 @@ describe('Verify that Wendy is able to generate authorization profile', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts b/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts index 3e2fd2a42..02fea2554 100644 --- a/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts +++ b/e2e/cypress/tests/13-namespace-preview-mode/01-create-api.cy.ts @@ -14,7 +14,7 @@ describe('Create API Spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) cy.resetState() }) diff --git a/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts b/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts index 5f6d92d93..4e8ed934d 100644 --- a/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts +++ b/e2e/cypress/tests/14-org-assignment/01-client-cred-team-access.ts @@ -23,7 +23,7 @@ describe('Add Organization to publish API', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) cy.resetState() }) diff --git a/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts b/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts index 059a70431..bfbc604a4 100644 --- a/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts +++ b/e2e/cypress/tests/14-org-assignment/02-multiple-org-admin.ts @@ -1,11 +1,3 @@ -import ApiDirectoryPage from '../../pageObjects/apiDirectory' -import HomePage from '../../pageObjects/home' -import LoginPage from '../../pageObjects/login' -import NamespaceAccessPage from '../../pageObjects/namespaceAccess' -import Products from '../../pageObjects/products' -import ServiceAccountsPage from '../../pageObjects/serviceAccounts' -import keycloakGroupPage from '../../pageObjects/keycloakGroup' -import AuthorizationProfile from '../../pageObjects/authProfile' import keycloakUsersPage from '../../pageObjects/keycloakUsers' describe('Give a user org admin access at organization level', () => { @@ -14,7 +6,7 @@ describe('Give a user org admin access at organization level', () => { before(() => { cy.visit(Cypress.env('KEYCLOAK_URL')) cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -54,94 +46,4 @@ describe('Give a user org admin access at organization level', () => { after(() => { cy.keycloakLogout() }) - -}) - -describe('Multiple Org Adming for the organization', () => { - const home = new HomePage() - const na = new NamespaceAccessPage() - const pd = new Products() - const sa = new ServiceAccountsPage() - const apiDir = new ApiDirectoryPage() - const login = new LoginPage() - let userSession: any - let namespace: any - - before(() => { - cy.visit('/') - cy.resetState() - }) - - beforeEach(() => { - cy.preserveCookies() - cy.fixture('apiowner').as('apiowner') - cy.fixture('common-testdata').as('common-testdata') - cy.visit(login.path) - }) - - - it('authenticates Janis (api owner) to get the user session token', () => { - cy.get('@common-testdata').then(({ apiTest }: any) => { - cy.getUserSessionTokenValue(apiTest.namespace, false).then((value) => { - userSession = value - }) - }) - }) - - it('Set token with gwa config command', () => { - cy.exec('gwa config set --token ' + userSession, { timeout: 3000, failOnNonZeroExit: false }).then((response) => { - expect(response.stdout).to.contain("Config settings saved") - }); - }) - - it('create namespace using gwa cli command', () => { - var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); - cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { - assert.isNotNaN(response.stdout) - namespace = response.stdout - cy.updateJsonValue('common-testdata.json', 'orgAssignment.namespace', namespace) - // cy.updateJsonValue('apiowner.json', 'clientCredentials.clientIdSecret.product.environment.name.config.serviceName', 'cc-service-for-' + namespace) - cy.executeCliCommand("gwa config set --namespace " + namespace) - }); - }) - - it('activates new namespace', () => { - home.useNamespace(namespace) - }) - - - it('creates a new service account', () => { - cy.visit(sa.path) - cy.get('@apiowner').then(({ serviceAccount }: any) => { - sa.createServiceAccount(serviceAccount.scopes) - }) - sa.saveServiceAcctCreds() - }) - - it('creates as new product in the directory', () => { - cy.visit(pd.path) - cy.get('@apiowner').then(({ orgAssignmentMultipleAdmin }: any) => { - pd.createNewProduct(orgAssignmentMultipleAdmin.product.name, orgAssignmentMultipleAdmin.product.environment.name) - }) - }) - - it('Assign organization to the created namespace', () => { - cy.visit(apiDir.path) - cy.get('@apiowner').then(({ product }: any) => { - apiDir.addOrganizationAndOrgUnit(product) - }) - }) - - it('Verify Ord Admins Members details in Organization group access ', () => { - cy.visit(na.path) - cy.wait(2000) - na.clickOnOrganizationGroupAccess() - cy.get('@apiowner').then(({ orgAssignmentMultipleAdmin }: any) => { - na.checkMembersForGroupAccess(orgAssignmentMultipleAdmin.GroupAccess.members) - }) - }) - - after(() => { - cy.logout() - }) -}) +}) \ No newline at end of file diff --git a/e2e/cypress/tests/14-org-assignment/03-verify-org-admin-member-org.ts b/e2e/cypress/tests/14-org-assignment/03-verify-org-admin-member-org.ts new file mode 100644 index 000000000..86fa3c287 --- /dev/null +++ b/e2e/cypress/tests/14-org-assignment/03-verify-org-admin-member-org.ts @@ -0,0 +1,95 @@ +import ApiDirectoryPage from '../../pageObjects/apiDirectory' +import HomePage from '../../pageObjects/home' +import LoginPage from '../../pageObjects/login' +import NamespaceAccessPage from '../../pageObjects/namespaceAccess' +import Products from '../../pageObjects/products' +import ServiceAccountsPage from '../../pageObjects/serviceAccounts' + +describe('Multiple Org Adming for the organization', () => { + const home = new HomePage() + const na = new NamespaceAccessPage() + const pd = new Products() + const sa = new ServiceAccountsPage() + const apiDir = new ApiDirectoryPage() + const login = new LoginPage() + let userSession: any + let namespace: any + + before(() => { + cy.visit('/') + cy.resetState() + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('apiowner').as('apiowner') + cy.fixture('common-testdata').as('common-testdata') + cy.visit(login.path) + }) + + + it('authenticates Janis (api owner) to get the user session token', () => { + cy.get('@common-testdata').then(({ apiTest }: any) => { + cy.getUserSessionTokenValue(apiTest.namespace, false).then((value) => { + userSession = value + }) + }) + }) + + it('Set token with gwa config command', () => { + cy.exec('gwa config set --token ' + userSession, { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + expect(response.stdout).to.contain("Config settings saved") + }); + }) + + it('create namespace using gwa cli command', () => { + var cleanedUrl = Cypress.env('BASE_URL').replace(/^http?:\/\//i, ""); + cy.exec('gwa namespace create --generate --host ' + cleanedUrl + ' --scheme http', { timeout: 3000, failOnNonZeroExit: false }).then((response) => { + assert.isNotNaN(response.stdout) + namespace = response.stdout + cy.updateJsonValue('common-testdata.json', 'orgAssignment.namespace', namespace) + // cy.updateJsonValue('apiowner.json', 'clientCredentials.clientIdSecret.product.environment.name.config.serviceName', 'cc-service-for-' + namespace) + cy.executeCliCommand("gwa config set --namespace " + namespace) + }); + }) + + it('activates new namespace', () => { + home.useNamespace(namespace) + }) + + + it('creates a new service account', () => { + cy.visit(sa.path) + cy.get('@apiowner').then(({ serviceAccount }: any) => { + sa.createServiceAccount(serviceAccount.scopes) + }) + sa.saveServiceAcctCreds() + }) + + it('creates as new product in the directory', () => { + cy.visit(pd.path) + cy.get('@apiowner').then(({ orgAssignmentMultipleAdmin }: any) => { + pd.createNewProduct(orgAssignmentMultipleAdmin.product.name, orgAssignmentMultipleAdmin.product.environment.name) + }) + }) + + it('Assign organization to the created namespace', () => { + cy.visit(apiDir.path) + cy.get('@apiowner').then(({ product }: any) => { + apiDir.addOrganizationAndOrgUnit(product) + }) + }) + + it('Verify Ord Admins Members details in Organization group access ', () => { + cy.visit(na.path) + cy.wait(2000) + na.clickOnOrganizationGroupAccess() + cy.get('@apiowner').then(({ orgAssignmentMultipleAdmin }: any) => { + na.checkMembersForGroupAccess(orgAssignmentMultipleAdmin.GroupAccess.members) + }) + }) + + after(() => { + cy.logout() + }) +}) diff --git a/e2e/cypress/tests/14-org-assignment/04-multiple-org-admin-org-unit.ts b/e2e/cypress/tests/14-org-assignment/04-multiple-org-admin-org-unit.ts new file mode 100644 index 000000000..b82d6e288 --- /dev/null +++ b/e2e/cypress/tests/14-org-assignment/04-multiple-org-admin-org-unit.ts @@ -0,0 +1,68 @@ +import keycloakGroupPage from '../../pageObjects/keycloakGroup' +import keycloakUsersPage from '../../pageObjects/keycloakUsers' + + +describe('Give a user org admin access at organization unit level', () => { + const user = new keycloakUsersPage() + const groups = new keycloakGroupPage() + + before(() => { + cy.visit(Cypress.env('KEYCLOAK_URL')) + cy.deleteAllCookies() + cy.reload(true) + }) + + beforeEach(() => { + cy.preserveCookies() + cy.fixture('developer').as('developer') + cy.fixture('apiowner').as('apiowner') + cy.fixture('state/regen').as('regen') + cy.fixture('admin').as('admin') + cy.fixture('common-testdata').as('common-testdata') + }) + + it('Authenticates Admin owner', () => { + cy.get('@admin').then(({ user }: any) => { + cy.contains('Administration Console').click({force:true}) + cy.keycloakLogin(user.credentials.username, user.credentials.password) + }) + }) + + it('Navigate to User Groups', () => { + groups.navigateToUserGroups() + }) + + it('Add another org unit', () => { + cy.contains('ministry-of-health').click() + cy.get('[id="createGroup"]').click() + cy.get('[id="name"]').type('health-protection') + cy.contains('Save').click() + }) + + it('Navigate to Users Page', () => { + cy.contains('Users').click() + }) + + it('Search Wendy (Credential Issuer) from the user list', () => { + cy.get('@apiowner').then(({ clientCredentials }: any) => { + user.editUser(clientCredentials.Wendy.email) + }) + }) + + it('Navigate to Groups tab', () => { + user.selectTab('Groups') + }) + + it('Reset any existing assoction', () => { + user.resetAssociation() + }) + + it('Set the user(Wendy) to the Organization Unit', () => { + user.setUserToOrganization('health-protection') + }) + + after(() => { + cy.keycloakLogout() + }) + +}) \ No newline at end of file diff --git a/e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts b/e2e/cypress/tests/14-org-assignment/05-verify-org-admin-member-org-unit.ts similarity index 63% rename from e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts rename to e2e/cypress/tests/14-org-assignment/05-verify-org-admin-member-org-unit.ts index 193ea09b6..0fe81f42a 100644 --- a/e2e/cypress/tests/14-org-assignment/03-multiple-org-admin-org-unit.ts +++ b/e2e/cypress/tests/14-org-assignment/05-verify-org-admin-member-org-unit.ts @@ -4,75 +4,6 @@ import LoginPage from '../../pageObjects/login' import NamespaceAccessPage from '../../pageObjects/namespaceAccess' import Products from '../../pageObjects/products' import ServiceAccountsPage from '../../pageObjects/serviceAccounts' -import keycloakGroupPage from '../../pageObjects/keycloakGroup' -import AuthorizationProfile from '../../pageObjects/authProfile' -import keycloakUsersPage from '../../pageObjects/keycloakUsers' - - -describe('Give a user org admin access at organization unit level', () => { - const user = new keycloakUsersPage() - const groups = new keycloakGroupPage() - - before(() => { - cy.visit(Cypress.env('KEYCLOAK_URL')) - cy.deleteAllCookies() - cy.reload() - }) - - beforeEach(() => { - cy.preserveCookies() - cy.fixture('developer').as('developer') - cy.fixture('apiowner').as('apiowner') - cy.fixture('state/regen').as('regen') - cy.fixture('admin').as('admin') - cy.fixture('common-testdata').as('common-testdata') - }) - - it('Authenticates Admin owner', () => { - cy.get('@admin').then(({ user }: any) => { - cy.contains('Administration Console').click({force:true}) - cy.keycloakLogin(user.credentials.username, user.credentials.password) - }) - }) - - it('Navigate to User Groups', () => { - groups.navigateToUserGroups() - }) - - it('Add another org unit', () => { - cy.contains('ministry-of-health').click() - cy.get('[id="createGroup"]').click() - cy.get('[id="name"]').type('health-protection') - cy.contains('Save').click() - }) - - it('Navigate to Users Page', () => { - cy.contains('Users').click() - }) - - it('Search Wendy (Credential Issuer) from the user list', () => { - cy.get('@apiowner').then(({ clientCredentials }: any) => { - user.editUser(clientCredentials.Wendy.email) - }) - }) - - it('Navigate to Groups tab', () => { - user.selectTab('Groups') - }) - - it('Reset any existing assoction', () => { - user.resetAssociation() - }) - - it('Set the user(Wendy) to the Organization Unit', () => { - user.setUserToOrganization('health-protection') - }) - - after(() => { - cy.keycloakLogout() - }) - -}) describe('Multiple Org Admin for the organization', () => { const home = new HomePage() diff --git a/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts b/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts index 0f39c82ec..1d9b664e4 100644 --- a/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts +++ b/e2e/cypress/tests/15-aps-api/01-create-api.cy.ts @@ -14,7 +14,7 @@ describe('Create API Spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) cy.resetState() }) diff --git a/e2e/cypress/tests/15-aps-api/02-organization.cy.ts b/e2e/cypress/tests/15-aps-api/02-organization.cy.ts index 29bc1df5c..12ab1caf6 100644 --- a/e2e/cypress/tests/15-aps-api/02-organization.cy.ts +++ b/e2e/cypress/tests/15-aps-api/02-organization.cy.ts @@ -11,7 +11,7 @@ describe('Get the user session token', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) // cy.getUserSessionTokenValue() }) diff --git a/e2e/cypress/tests/15-aps-api/06-products.cy.ts b/e2e/cypress/tests/15-aps-api/06-products.cy.ts index 52c955747..453063c2f 100644 --- a/e2e/cypress/tests/15-aps-api/06-products.cy.ts +++ b/e2e/cypress/tests/15-aps-api/06-products.cy.ts @@ -15,7 +15,7 @@ describe('Get the user session token to check ', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -97,7 +97,7 @@ describe('Verify that created Product is displayed in UI', () => { before(() => { cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts b/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts index 0031c0e07..83a2c4cc3 100644 --- a/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts +++ b/e2e/cypress/tests/16-gwa-cli/01-cli-commands.ts @@ -18,7 +18,7 @@ describe('Verify CLI commands', () => { before(() => { // cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { @@ -50,7 +50,7 @@ describe('Verify CLI commands', () => { let clientID = "dummy-client" let clientSecret = cli.credentials.clientSecret cy.executeCliCommand('gwa login --client-id ' + clientID + ' --client-secret ' + clientSecret + ' --host ' + cleanedUrl + ' --scheme http').then((response) => { - assert.equal(response.stderr, "Error: unauthorized_client\nINVALID_CREDENTIALS: Invalid client credentials") + expect(response.stderr).to.contain("Error: invalid_client") }); }) @@ -58,7 +58,7 @@ describe('Verify CLI commands', () => { let clientID = cli.credentials.clientID let clientSecret = "dummy-client-secret" cy.executeCliCommand('gwa login --client-id ' + clientID + ' --client-secret ' + clientSecret + ' --host ' + cleanedUrl + ' --scheme http').then((response) => { - assert.equal(response.stderr, "Error: unauthorized_client\nINVALID_CREDENTIALS: Invalid client credentials") + expect(response.stderr).to.contain("unauthorized_client") }); }) diff --git a/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts b/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts index 12a5d5d18..e4214a9ef 100644 --- a/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts +++ b/e2e/cypress/tests/16-gwa-cli/02-cli-generate-config.ts @@ -21,7 +21,7 @@ describe('Verify CLI commands for generate/apply config', () => { before(() => { // cy.visit('/') - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/17-delete-application/01-delete-application-without-access.cy.ts b/e2e/cypress/tests/17-delete-application/01-delete-application-without-access.cy.ts index b38cd330c..4075417f2 100644 --- a/e2e/cypress/tests/17-delete-application/01-delete-application-without-access.cy.ts +++ b/e2e/cypress/tests/17-delete-application/01-delete-application-without-access.cy.ts @@ -12,7 +12,7 @@ describe('Delete application which has no access request spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts b/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts index c6f6da735..008364333 100644 --- a/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts +++ b/e2e/cypress/tests/17-delete-application/03-delete-application-with-approved-request.cy.ts @@ -15,7 +15,7 @@ describe('Delete application which has approved request spec', () => { before(() => { cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts b/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts index e452d6282..87768c2f6 100644 --- a/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts +++ b/e2e/cypress/tests/17-delete-application/04-delete-namespace-gwa.ts @@ -8,7 +8,7 @@ describe('Verify namespace delete using gwa command', () => { before(() => { // cy.visit('/') cy.deleteAllCookies() - cy.reload() + cy.reload(true) }) beforeEach(() => { diff --git a/local/kong/Dockerfile b/local/kong/Dockerfile index be4d70913..397e07dff 100644 --- a/local/kong/Dockerfile +++ b/local/kong/Dockerfile @@ -20,7 +20,7 @@ RUN (cd kong-oidc && luarocks make && luarocks pack kong-oidc ${PLUGIN_OIDC_VERS RUN git clone https://github.com/ikethecoder/kong-oidc-consumer.git RUN (cd kong-oidc-consumer && luarocks make && luarocks pack kong-oidc-consumer ${PLUGIN_OIDC_CONSUMER_VERSION}) -RUN git clone https://github.com/ikethecoder/kong-plugin-jwt-keycloak.git +RUN git clone -b kong28 https://github.com/ikethecoder/kong-plugin-jwt-keycloak.git RUN (cd kong-plugin-jwt-keycloak && luarocks make && luarocks pack kong-plugin-jwt-keycloak ${PLUGIN_VERSION}) RUN git clone -b feature/kong-2.0-upgrade https://github.com/bcgov/gwa-kong-endpoint.git From 0939cb12cbeda7e92166e5c5a4ec33e8fa8101af Mon Sep 17 00:00:00 2001 From: Russell Vinegar Date: Mon, 26 Feb 2024 10:43:26 -0800 Subject: [PATCH 10/13] update help links to DevHub --- .github/workflows/ci-build-deploy.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-build-deploy.yaml b/.github/workflows/ci-build-deploy.yaml index af04a4d83..281fb82bd 100644 --- a/.github/workflows/ci-build-deploy.yaml +++ b/.github/workflows/ci-build-deploy.yaml @@ -264,9 +264,9 @@ jobs: NEXT_PUBLIC_HELP_API_DOCS_URL: value: '/ds/api/v2/console/' NEXT_PUBLIC_HELP_SUPPORT_URL: - value: 'https://bcgov.github.io/aps-infra-platform/' + value: 'https://mvp.developer.gov.bc.ca/docs/default/component/aps-infra-platform-docs/' NEXT_PUBLIC_HELP_RELEASE_URL: - value: 'https://bcgov.github.io/aps-infra-platform/releases/' + value: 'https://mvp.developer.gov.bc.ca/docs/default/component/aps-infra-platform-docs/reference/releases/' NEXT_PUBLIC_HELP_STATUS_URL: value: 'https://uptime.com/s/bcgov-dss' NEXT_PUBLIC_DEVELOPER_IDS: From 54c769671b8cb9657b2348d34b3c73d6138f29eb Mon Sep 17 00:00:00 2001 From: Russell Vinegar Date: Mon, 26 Feb 2024 10:48:45 -0800 Subject: [PATCH 11/13] update help menu --- .../components/auth-action/help-menu.tsx | 20 +++++++++---------- .../support-links/support-links.tsx | 15 ++------------ 2 files changed, 12 insertions(+), 23 deletions(-) diff --git a/src/nextapp/components/auth-action/help-menu.tsx b/src/nextapp/components/auth-action/help-menu.tsx index a8ef17936..72434d4f5 100644 --- a/src/nextapp/components/auth-action/help-menu.tsx +++ b/src/nextapp/components/auth-action/help-menu.tsx @@ -56,27 +56,27 @@ const HelpMenu: React.FC = () => { }, }} > - + - API Docs + Support Docs - APS Support + API Console { - + - Support Links + Contact Us - + = ({ isOpen, onClose }) => { - Support Links + Contact Us = ({ isOpen, onClose }) => { target="_blank" rel="noopener noreferrer" > - Submit product and service requests using the Data Systems and - Services request system + Submit a support ticket @@ -64,16 +63,6 @@ const SupportLinks: React.FC = ({ isOpen, onClose }) => { - - - Create an issue in GitHub - - - From fdfabfad5656e70cc11793b0dca570f28d0863be Mon Sep 17 00:00:00 2001 From: Russell Vinegar Date: Mon, 26 Feb 2024 10:49:01 -0800 Subject: [PATCH 12/13] update links for local builds --- src/nextapp/.env.local | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/nextapp/.env.local b/src/nextapp/.env.local index 382b135d9..6b0c3e9e9 100644 --- a/src/nextapp/.env.local +++ b/src/nextapp/.env.local @@ -5,7 +5,7 @@ NEXT_PUBLIC_HELP_DESK_URL=https://dpdd.atlassian.net/servicedesk/customer/portal NEXT_PUBLIC_HELP_CHAT_URL=https://chat.developer.gov.bc.ca/channel/aps-ops NEXT_PUBLIC_HELP_ISSUE_URL=https://github.com/bcgov/api-services-portal/issues NEXT_PUBLIC_HELP_API_DOCS_URL=/ds/api/v2/console/ -NEXT_PUBLIC_HELP_SUPPORT_URL=https://bcgov.github.io/aps-infra-platform/ -NEXT_PUBLIC_HELP_RELEASE_URL=https://bcgov.github.io/aps-infra-platform/releases/ +NEXT_PUBLIC_HELP_SUPPORT_URL=https://mvp.developer.gov.bc.ca/docs/default/component/aps-infra-platform-docs/ +NEXT_PUBLIC_HELP_RELEASE_URL=https://mvp.developer.gov.bc.ca/docs/default/component/aps-infra-platform-docs/reference/releases/ NEXT_PUBLIC_HELP_STATUS_URL=https://uptime.com/s/bcgov-dss From a51afa6bad579cddff423dd4e257e045a1e422e2 Mon Sep 17 00:00:00 2001 From: Russell Vinegar <38586679+rustyjux@users.noreply.github.com> Date: Fri, 1 Mar 2024 08:24:08 -0800 Subject: [PATCH 13/13] match style of main index page (#996) --- .github/workflows/ci-feat-url.yml | 28 +++++++++++++++++++++++++++ src/nextapp/pages/devportal/index.tsx | 24 ++++++++++++----------- src/nextapp/pages/manager/index.tsx | 24 ++++++++++++----------- 3 files changed, 54 insertions(+), 22 deletions(-) create mode 100644 .github/workflows/ci-feat-url.yml diff --git a/.github/workflows/ci-feat-url.yml b/.github/workflows/ci-feat-url.yml new file mode 100644 index 000000000..56365b511 --- /dev/null +++ b/.github/workflows/ci-feat-url.yml @@ -0,0 +1,28 @@ +name: Add URL to Feature PRs + +on: + pull_request: + branches: + - dev + +jobs: + comment: + runs-on: ubuntu-latest + steps: + - name: Set KEBAB_CASE_BRANCH + run: | + # Convert github.head_ref to kebab case + kebab_case=$(echo "${{ github.head_ref }}" | sed 's/_/-/g; s/\//-/g') + echo "::set-output name=KEBAB_CASE_BRANCH::${kebab_case}" + id: set-branch-id + + - name: Check the KEBAB_CASE_BRANCH output + run: echo "The KEBAB_CASE_BRANCH is ${{ steps.set-branch-id.outputs.KEBAB_CASE_BRANCH }}" + + - name: PR Description + if: startsWith(github.head_ref, 'feature/') == true + uses: bcgov-nr/action-pr-description-add@v1.1.1 + with: + add_markdown: | + --- + 🚀 Feature branch deployment: https://api-services-portal-${{ steps.set-branch-id.outputs.KEBAB_CASE_BRANCH }}.apps.silver.devops.gov.bc.ca diff --git a/src/nextapp/pages/devportal/index.tsx b/src/nextapp/pages/devportal/index.tsx index a3705b763..0e2635553 100644 --- a/src/nextapp/pages/devportal/index.tsx +++ b/src/nextapp/pages/devportal/index.tsx @@ -68,17 +68,19 @@ const HomePage: React.FC = () => { ) .map((action) => ( - - - - - {action.title} - - - -

- {action.description} -

+ + + + + + {action.title} + + + +

+ {action.description} +

+
))} diff --git a/src/nextapp/pages/manager/index.tsx b/src/nextapp/pages/manager/index.tsx index 6fcea7753..8b7a95517 100644 --- a/src/nextapp/pages/manager/index.tsx +++ b/src/nextapp/pages/manager/index.tsx @@ -67,17 +67,19 @@ const HomePage: React.FC = () => { ) .map((action) => ( - - - - - {action.title} - - - -

- {action.description} -

+ + + + + + {action.title} + + + +

+ {action.description} +

+
))}