diff --git a/.docker/keycloak/config/realm-export.localhost.json b/.docker/keycloak/config/realm-export.localhost.json
new file mode 100644
index 000000000..0cb23baa3
--- /dev/null
+++ b/.docker/keycloak/config/realm-export.localhost.json
@@ -0,0 +1,2610 @@
+{
+ "id": "elefan",
+ "realm": "elefan",
+ "displayName": "Keycloak",
+ "displayNameHtml": "Keycloak
",
+ "notBefore": 0,
+ "defaultSignatureAlgorithm": "RS256",
+ "revokeRefreshToken": false,
+ "refreshTokenMaxReuse": 0,
+ "accessTokenLifespan": 60,
+ "accessTokenLifespanForImplicitFlow": 900,
+ "ssoSessionIdleTimeout": 1800,
+ "ssoSessionMaxLifespan": 36000,
+ "ssoSessionIdleTimeoutRememberMe": 0,
+ "ssoSessionMaxLifespanRememberMe": 0,
+ "offlineSessionIdleTimeout": 2592000,
+ "offlineSessionMaxLifespanEnabled": false,
+ "offlineSessionMaxLifespan": 5184000,
+ "clientSessionIdleTimeout": 0,
+ "clientSessionMaxLifespan": 0,
+ "clientOfflineSessionIdleTimeout": 0,
+ "clientOfflineSessionMaxLifespan": 0,
+ "accessCodeLifespan": 60,
+ "accessCodeLifespanUserAction": 300,
+ "accessCodeLifespanLogin": 1800,
+ "actionTokenGeneratedByAdminLifespan": 43200,
+ "actionTokenGeneratedByUserLifespan": 300,
+ "oauth2DeviceCodeLifespan": 600,
+ "oauth2DevicePollingInterval": 600,
+ "enabled": true,
+ "sslRequired": "external",
+ "registrationAllowed": false,
+ "registrationEmailAsUsername": false,
+ "rememberMe": false,
+ "verifyEmail": false,
+ "loginWithEmailAllowed": true,
+ "duplicateEmailsAllowed": false,
+ "resetPasswordAllowed": false,
+ "editUsernameAllowed": false,
+ "bruteForceProtected": false,
+ "permanentLockout": false,
+ "maxFailureWaitSeconds": 900,
+ "minimumQuickLoginWaitSeconds": 60,
+ "waitIncrementSeconds": 60,
+ "quickLoginCheckMilliSeconds": 1000,
+ "maxDeltaTimeSeconds": 43200,
+ "failureFactor": 30,
+ "roles": {
+ "realm": [
+ {
+ "id": "7941610d-25c2-49fb-8e20-486785db4b93",
+ "name": "uma_authorization",
+ "description": "${role_uma_authorization}",
+ "composite": false,
+ "clientRole": false,
+ "containerId": "master",
+ "attributes": {}
+ },
+ {
+ "id": "87098cab-8164-44e6-8094-6fb37f827929",
+ "name": "default-roles-master",
+ "description": "${role_default-roles}",
+ "composite": true,
+ "composites": {
+ "realm": [
+ "offline_access",
+ "uma_authorization"
+ ],
+ "client": {
+ "account": [
+ "manage-account",
+ "view-profile"
+ ]
+ }
+ },
+ "clientRole": false,
+ "containerId": "master",
+ "attributes": {}
+ },
+ {
+ "id": "77c165b0-0343-4b67-ad26-c874381973cf",
+ "name": "admin",
+ "description": "${role_admin}",
+ "composite": true,
+ "composites": {
+ "realm": [
+ "create-realm"
+ ],
+ "client": {
+ "master-realm": [
+ "view-realm",
+ "query-users",
+ "manage-events",
+ "create-client",
+ "manage-authorization",
+ "view-authorization",
+ "view-identity-providers",
+ "view-clients",
+ "manage-realm",
+ "query-clients",
+ "view-events",
+ "query-groups",
+ "query-realms",
+ "manage-clients",
+ "view-users",
+ "manage-identity-providers",
+ "impersonation",
+ "manage-users"
+ ]
+ }
+ },
+ "clientRole": false,
+ "containerId": "master",
+ "attributes": {}
+ },
+ {
+ "id": "eb44483b-0a72-473d-9bd1-267a50f41867",
+ "name": "create-realm",
+ "description": "${role_create-realm}",
+ "composite": false,
+ "clientRole": false,
+ "containerId": "master",
+ "attributes": {}
+ },
+ {
+ "id": "6814f985-45b1-46e8-8bfb-89ac33c804af",
+ "name": "offline_access",
+ "description": "${role_offline-access}",
+ "composite": false,
+ "clientRole": false,
+ "containerId": "master",
+ "attributes": {}
+ }
+ ],
+ "client": {
+ "security-admin-console": [],
+ "admin-cli": [],
+ "account-console": [],
+ "broker": [
+ {
+ "id": "5acb761f-b76f-4612-8bd4-f557d2859805",
+ "name": "read-token",
+ "description": "${role_read-token}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "5f0f1b3e-fd08-4508-8e72-7e6f0e1016e5",
+ "attributes": {}
+ }
+ ],
+ "master-realm": [
+ {
+ "id": "0fd2c359-8ffe-4e3e-a952-a58df7d75f39",
+ "name": "view-realm",
+ "description": "${role_view-realm}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "09d3e063-0393-4adf-bea8-b1491d457c11",
+ "name": "query-users",
+ "description": "${role_query-users}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "fe78105a-2c1b-4597-b45e-1d05032a78c6",
+ "name": "manage-events",
+ "description": "${role_manage-events}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "1a8f121a-52b4-4a13-95f6-b17b3725d148",
+ "name": "create-client",
+ "description": "${role_create-client}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "55b29443-d838-4371-8186-958a7915feea",
+ "name": "manage-authorization",
+ "description": "${role_manage-authorization}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "84c5bb90-5a1b-42b1-be76-baf1a1b897d9",
+ "name": "view-authorization",
+ "description": "${role_view-authorization}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "4895a90a-1732-4eb0-a7d1-c9df062d88a7",
+ "name": "view-clients",
+ "description": "${role_view-clients}",
+ "composite": true,
+ "composites": {
+ "client": {
+ "master-realm": [
+ "query-clients"
+ ]
+ }
+ },
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "31aa071e-8048-4160-b24a-a2555f5f0316",
+ "name": "view-identity-providers",
+ "description": "${role_view-identity-providers}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "4c38f8e3-1945-4578-8979-ba034018682d",
+ "name": "manage-realm",
+ "description": "${role_manage-realm}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "ac26d491-af04-484a-a9b8-7a2633d9f55f",
+ "name": "query-clients",
+ "description": "${role_query-clients}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "95db5be0-e8e7-46d8-9764-eac24ccab670",
+ "name": "query-groups",
+ "description": "${role_query-groups}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "50fbc31a-5854-46e6-a562-70deb80b836f",
+ "name": "view-events",
+ "description": "${role_view-events}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "2c3409f0-99a0-47ff-aec1-51959ba259d6",
+ "name": "query-realms",
+ "description": "${role_query-realms}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "6a7a60a5-a5f7-437b-991d-283c1e63317b",
+ "name": "manage-clients",
+ "description": "${role_manage-clients}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "9a6276bc-9291-4b55-a1ad-3c2dd8436428",
+ "name": "view-users",
+ "description": "${role_view-users}",
+ "composite": true,
+ "composites": {
+ "client": {
+ "master-realm": [
+ "query-groups",
+ "query-users"
+ ]
+ }
+ },
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "4ad38cc2-847f-457f-8940-782e9545d3fa",
+ "name": "manage-identity-providers",
+ "description": "${role_manage-identity-providers}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "01bdc0c6-c4d7-48a7-b076-2ba7815ba3a8",
+ "name": "impersonation",
+ "description": "${role_impersonation}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ },
+ {
+ "id": "4d34c1f6-732d-416b-bdf0-b9d20d4b46ac",
+ "name": "manage-users",
+ "description": "${role_manage-users}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "attributes": {}
+ }
+ ],
+ "account": [
+ {
+ "id": "87d670ff-4058-496c-afae-7bf3e98f121a",
+ "name": "manage-consent",
+ "description": "${role_manage-consent}",
+ "composite": true,
+ "composites": {
+ "client": {
+ "account": [
+ "view-consent"
+ ]
+ }
+ },
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ },
+ {
+ "id": "1a76fcf3-f713-43f5-95bb-8899e2b3a727",
+ "name": "view-consent",
+ "description": "${role_view-consent}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ },
+ {
+ "id": "3e2f441a-d466-4348-83ef-8acb8d6f116d",
+ "name": "delete-account",
+ "description": "${role_delete-account}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ },
+ {
+ "id": "402bb844-10be-458a-9e58-0b5a41295e7e",
+ "name": "manage-account-links",
+ "description": "${role_manage-account-links}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ },
+ {
+ "id": "3ade3216-f686-4f72-b6d7-96d4eb59117b",
+ "name": "view-applications",
+ "description": "${role_view-applications}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ },
+ {
+ "id": "fabd291e-7074-486e-ad25-98dd8b5e3449",
+ "name": "manage-account",
+ "description": "${role_manage-account}",
+ "composite": true,
+ "composites": {
+ "client": {
+ "account": [
+ "manage-account-links"
+ ]
+ }
+ },
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ },
+ {
+ "id": "83d0b65c-66c4-4b70-aaef-4324e36a863a",
+ "name": "view-profile",
+ "description": "${role_view-profile}",
+ "composite": false,
+ "clientRole": true,
+ "containerId": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "attributes": {}
+ }
+ ],
+ "elefan": []
+ }
+ },
+ "defaultRole": {
+ "id": "87098cab-8164-44e6-8094-6fb37f827929",
+ "name": "default-roles-master",
+ "description": "${role_default-roles}",
+ "composite": true,
+ "clientRole": false,
+ "containerId": "master"
+ },
+ "requiredCredentials": [
+ "password"
+ ],
+ "otpPolicyType": "totp",
+ "otpPolicyAlgorithm": "HmacSHA1",
+ "otpPolicyInitialCounter": 0,
+ "otpPolicyDigits": 6,
+ "otpPolicyLookAheadWindow": 1,
+ "otpPolicyPeriod": 30,
+ "otpSupportedApplications": [
+ "FreeOTP",
+ "Google Authenticator"
+ ],
+ "webAuthnPolicyRpEntityName": "keycloak",
+ "webAuthnPolicySignatureAlgorithms": [
+ "ES256"
+ ],
+ "webAuthnPolicyRpId": "",
+ "webAuthnPolicyAttestationConveyancePreference": "not specified",
+ "webAuthnPolicyAuthenticatorAttachment": "not specified",
+ "webAuthnPolicyRequireResidentKey": "not specified",
+ "webAuthnPolicyUserVerificationRequirement": "not specified",
+ "webAuthnPolicyCreateTimeout": 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister": false,
+ "webAuthnPolicyAcceptableAaguids": [],
+ "webAuthnPolicyPasswordlessRpEntityName": "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms": [
+ "ES256"
+ ],
+ "webAuthnPolicyPasswordlessRpId": "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey": "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout": 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids": [],
+ "scopeMappings": [
+ {
+ "clientScope": "offline_access",
+ "roles": [
+ "offline_access"
+ ]
+ }
+ ],
+ "clientScopeMappings": {
+ "account": [
+ {
+ "client": "account-console",
+ "roles": [
+ "manage-account"
+ ]
+ }
+ ]
+ },
+ "clients": [
+ {
+ "id": "a61bd6c8-faaa-4fbd-8752-09f14115d521",
+ "clientId": "account",
+ "name": "${client_account}",
+ "rootUrl": "${authBaseUrl}",
+ "baseUrl": "/realms/master/account/",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [
+ "/realms/master/account/*"
+ ],
+ "webOrigins": [],
+ "notBefore": 0,
+ "bearerOnly": false,
+ "consentRequired": false,
+ "standardFlowEnabled": true,
+ "implicitFlowEnabled": false,
+ "directAccessGrantsEnabled": false,
+ "serviceAccountsEnabled": false,
+ "publicClient": true,
+ "frontchannelLogout": false,
+ "protocol": "openid-connect",
+ "attributes": {},
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": false,
+ "nodeReRegistrationTimeout": 0,
+ "defaultClientScopes": [
+ "web-origins",
+ "profile",
+ "roles",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ]
+ },
+ {
+ "id": "af2c05db-5d5d-4b62-8f25-d276fc718d81",
+ "clientId": "account-console",
+ "name": "${client_account-console}",
+ "rootUrl": "${authBaseUrl}",
+ "baseUrl": "/realms/master/account/",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [
+ "/realms/master/account/*"
+ ],
+ "webOrigins": [],
+ "notBefore": 0,
+ "bearerOnly": false,
+ "consentRequired": false,
+ "standardFlowEnabled": true,
+ "implicitFlowEnabled": false,
+ "directAccessGrantsEnabled": false,
+ "serviceAccountsEnabled": false,
+ "publicClient": true,
+ "frontchannelLogout": false,
+ "protocol": "openid-connect",
+ "attributes": {
+ "pkce.code.challenge.method": "S256"
+ },
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": false,
+ "nodeReRegistrationTimeout": 0,
+ "protocolMappers": [
+ {
+ "id": "ddfb2545-8d24-40b4-acf5-a2fd55a296a1",
+ "name": "audience resolve",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-audience-resolve-mapper",
+ "consentRequired": false,
+ "config": {}
+ }
+ ],
+ "defaultClientScopes": [
+ "web-origins",
+ "profile",
+ "roles",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ]
+ },
+ {
+ "id": "dcfbb83b-428a-4f78-a155-afc940754033",
+ "clientId": "admin-cli",
+ "name": "${client_admin-cli}",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [],
+ "webOrigins": [],
+ "notBefore": 0,
+ "bearerOnly": false,
+ "consentRequired": false,
+ "standardFlowEnabled": false,
+ "implicitFlowEnabled": false,
+ "directAccessGrantsEnabled": true,
+ "serviceAccountsEnabled": false,
+ "publicClient": true,
+ "frontchannelLogout": false,
+ "protocol": "openid-connect",
+ "attributes": {},
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": false,
+ "nodeReRegistrationTimeout": 0,
+ "defaultClientScopes": [
+ "web-origins",
+ "profile",
+ "roles",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ]
+ },
+ {
+ "id": "5f0f1b3e-fd08-4508-8e72-7e6f0e1016e5",
+ "clientId": "broker",
+ "name": "${client_broker}",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [],
+ "webOrigins": [],
+ "notBefore": 0,
+ "bearerOnly": true,
+ "consentRequired": false,
+ "standardFlowEnabled": true,
+ "implicitFlowEnabled": false,
+ "directAccessGrantsEnabled": false,
+ "serviceAccountsEnabled": false,
+ "publicClient": false,
+ "frontchannelLogout": false,
+ "protocol": "openid-connect",
+ "attributes": {},
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": false,
+ "nodeReRegistrationTimeout": 0,
+ "defaultClientScopes": [
+ "web-origins",
+ "profile",
+ "roles",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ]
+ },
+ {
+ "clientId": "elefan",
+ "name": "membres.yourcoop.local",
+ "secret": "secret",
+ "description": "membres.yourcoop.local",
+ "rootUrl": "",
+ "adminUrl": "http://localhost:8000/",
+ "baseUrl": "http://localhost:8000/",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [
+ "http://localhost:8000/*"
+ ],
+ "webOrigins": [
+ "http://localhost:8000/"
+ ],
+ "notBefore": 0,
+ "bearerOnly": false,
+ "consentRequired": true,
+ "standardFlowEnabled": true,
+ "implicitFlowEnabled": true,
+ "directAccessGrantsEnabled": true,
+ "serviceAccountsEnabled": false,
+ "publicClient": false,
+ "frontchannelLogout": false,
+ "protocol": "openid-connect",
+ "attributes": {
+ "access.token.lifespan": "300",
+ "saml.force.post.binding": "false",
+ "saml.multivalued.roles": "false",
+ "oauth2.device.authorization.grant.enabled": "false",
+ "backchannel.logout.revoke.offline.tokens": "true",
+ "saml.server.signature.keyinfo.ext": "false",
+ "use.refresh.tokens": "true",
+ "oidc.ciba.grant.enabled": "false",
+ "backchannel.logout.session.required": "true",
+ "backchannel.logout.url": "http://localhost:8000/logout",
+ "client_credentials.use_refresh_token": "false",
+ "require.pushed.authorization.requests": "false",
+ "saml.client.signature": "false",
+ "id.token.as.detached.signature": "false",
+ "saml.assertion.signature": "false",
+ "saml.encrypt": "false",
+ "login_theme": "keycloak",
+ "saml.server.signature": "false",
+ "exclude.session.state.from.auth.response": "false",
+ "saml.artifact.binding": "false",
+ "saml_force_name_id_format": "false",
+ "tls.client.certificate.bound.access.tokens": "false",
+ "saml.authnstatement": "false",
+ "display.on.consent.screen": "true",
+ "saml.onetimeuse.condition": "false"
+ },
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": true,
+ "nodeReRegistrationTimeout": -1,
+ "protocolMappers": [
+ {
+ "name": "address_city",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "address.city",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "address_city",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "flying",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-hardcoded-claim-mapper",
+ "consentRequired": false,
+ "config": {
+ "claim.value": "false",
+ "userinfo.token.claim": "true",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "flying",
+ "jsonType.label": "boolean",
+ "access.tokenResponse.claim": "false"
+ }
+ },
+ {
+ "name": "email",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "email",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "email",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "lastName",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "lastName",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "lastName",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "address_street1",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "address.street1",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "address_street1",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "co_member_number",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "co_member_number",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "co_member_number",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "firstName",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "firstName",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "firstName",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "address_street2",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "address.street2",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "address_street2",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "groups",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-group-membership-mapper",
+ "consentRequired": false,
+ "config": {
+ "full.path": "true",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "groups",
+ "userinfo.token.claim": "true"
+ }
+ },
+ {
+ "name": "phone",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "phone",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "phone",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "address_zipcode",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "address.zipcode",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "address_zipcode",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "name": "member_number",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "member_number",
+ "id.token.claim": "false",
+ "access.token.claim": "false",
+ "claim.name": "member_number",
+ "jsonType.label": "String"
+ }
+ }
+ ],
+ "defaultClientScopes": [
+ "profile",
+ "roles",
+ "groups",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ],
+ "access": {
+ "view": true,
+ "configure": true,
+ "manage": true
+ }
+ },
+ {
+ "id": "4730ccdf-efe7-4173-b495-ac95da51a474",
+ "clientId": "master-realm",
+ "name": "master Realm",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [],
+ "webOrigins": [],
+ "notBefore": 0,
+ "bearerOnly": true,
+ "consentRequired": false,
+ "standardFlowEnabled": true,
+ "implicitFlowEnabled": false,
+ "directAccessGrantsEnabled": false,
+ "serviceAccountsEnabled": false,
+ "publicClient": false,
+ "frontchannelLogout": false,
+ "attributes": {},
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": false,
+ "nodeReRegistrationTimeout": 0,
+ "defaultClientScopes": [
+ "web-origins",
+ "profile",
+ "roles",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ]
+ },
+ {
+ "id": "f26b120b-dcfb-4d49-ad84-c4944398ab2e",
+ "clientId": "security-admin-console",
+ "name": "${client_security-admin-console}",
+ "rootUrl": "${authAdminUrl}",
+ "baseUrl": "/admin/master/console/",
+ "surrogateAuthRequired": false,
+ "enabled": true,
+ "alwaysDisplayInConsole": false,
+ "clientAuthenticatorType": "client-secret",
+ "redirectUris": [
+ "/admin/master/console/*"
+ ],
+ "webOrigins": [
+ "+"
+ ],
+ "notBefore": 0,
+ "bearerOnly": false,
+ "consentRequired": false,
+ "standardFlowEnabled": true,
+ "implicitFlowEnabled": false,
+ "directAccessGrantsEnabled": false,
+ "serviceAccountsEnabled": false,
+ "publicClient": true,
+ "frontchannelLogout": false,
+ "protocol": "openid-connect",
+ "attributes": {
+ "pkce.code.challenge.method": "S256"
+ },
+ "authenticationFlowBindingOverrides": {},
+ "fullScopeAllowed": false,
+ "nodeReRegistrationTimeout": 0,
+ "protocolMappers": [
+ {
+ "id": "e62f462c-3199-4bb1-b1a2-7230c7341118",
+ "name": "locale",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "locale",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "locale",
+ "jsonType.label": "String"
+ }
+ }
+ ],
+ "defaultClientScopes": [
+ "web-origins",
+ "profile",
+ "roles",
+ "email"
+ ],
+ "optionalClientScopes": [
+ "address",
+ "phone",
+ "offline_access",
+ "microprofile-jwt"
+ ]
+ }
+ ],
+ "clientScopes": [
+ {
+ "id": "d1d587be-4f3c-4818-b851-8b300e7c20bc",
+ "name": "web-origins",
+ "description": "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "false",
+ "display.on.consent.screen": "false",
+ "consent.screen.text": ""
+ },
+ "protocolMappers": [
+ {
+ "id": "d52198b9-3700-48d0-b4ec-a67eb8530a51",
+ "name": "allowed web origins",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-allowed-origins-mapper",
+ "consentRequired": false,
+ "config": {}
+ }
+ ]
+ },
+ {
+ "id": "bd698edc-7366-4c39-9218-181f2a03473d",
+ "name": "email",
+ "description": "OpenID Connect built-in scope: email",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "true",
+ "display.on.consent.screen": "true",
+ "consent.screen.text": "${emailScopeConsentText}"
+ },
+ "protocolMappers": [
+ {
+ "id": "4dc063b3-b42a-4033-9911-f9aeb070d53b",
+ "name": "email verified",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "emailVerified",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "email_verified",
+ "jsonType.label": "boolean"
+ }
+ },
+ {
+ "id": "4fe784e3-5b2d-48d4-860b-2041adcc5029",
+ "name": "email",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "email",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "email",
+ "jsonType.label": "String"
+ }
+ }
+ ]
+ },
+ {
+ "id": "f34509c6-1b30-4bce-bdcc-9e51330889aa",
+ "name": "profile",
+ "description": "OpenID Connect built-in scope: profile",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "true",
+ "display.on.consent.screen": "true",
+ "consent.screen.text": "${profileScopeConsentText}"
+ },
+ "protocolMappers": [
+ {
+ "id": "f38ecc21-5776-43f4-af5d-1896425a17a8",
+ "name": "username",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "username",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "preferred_username",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "b8a7a437-15f2-44dd-a3b1-433727ff3705",
+ "name": "gender",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "gender",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "gender",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "ac1fea4e-52a1-4888-95e8-efbe59f093c1",
+ "name": "birthdate",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "birthdate",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "birthdate",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "e6258de1-bdb0-4422-9202-a571f23e409a",
+ "name": "picture",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "picture",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "picture",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "538bb3d9-9602-4d8d-b243-2f0e1f2402fc",
+ "name": "middle name",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "middleName",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "middle_name",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "2a982137-e525-46e6-abca-659186bb87fb",
+ "name": "locale",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "locale",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "locale",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "d536c945-ca64-422f-aa93-0c26f2b727d1",
+ "name": "website",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "website",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "website",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "14b1b459-1bd7-493b-a80b-e426c36a6b78",
+ "name": "updated at",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "updatedAt",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "updated_at",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "9a941be0-2a3f-4aa0-b962-6c63fc0b2ff8",
+ "name": "family name",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "lastName",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "family_name",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "edfb6c4d-722c-4c52-8d24-12a47c60e9bd",
+ "name": "given name",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "firstName",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "given_name",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "efc86270-a3ae-4a64-9425-38f7a2e43ad0",
+ "name": "nickname",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "nickname",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "nickname",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "9b7d13f9-5d2f-428d-b334-eb4e0a54b0e1",
+ "name": "profile",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "profile",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "profile",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "f6b9a7e1-cad5-4fcb-84c9-0ffb5eb5bd1b",
+ "name": "zoneinfo",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "zoneinfo",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "zoneinfo",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "d607cc9a-5029-46f5-b0e7-f58ed6126532",
+ "name": "full name",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-full-name-mapper",
+ "consentRequired": false,
+ "config": {
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "userinfo.token.claim": "true"
+ }
+ }
+ ]
+ },
+ {
+ "id": "bc1a75cc-bc76-4c5d-99d2-b231ea5d0f5f",
+ "name": "address",
+ "description": "OpenID Connect built-in scope: address",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "true",
+ "display.on.consent.screen": "true",
+ "consent.screen.text": "${addressScopeConsentText}"
+ },
+ "protocolMappers": [
+ {
+ "id": "26a2831c-d0e0-4a0f-96b2-d2d336eaaef5",
+ "name": "address",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-address-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute.formatted": "formatted",
+ "user.attribute.country": "country",
+ "user.attribute.postal_code": "postal_code",
+ "userinfo.token.claim": "true",
+ "user.attribute.street": "street",
+ "id.token.claim": "true",
+ "user.attribute.region": "region",
+ "access.token.claim": "true",
+ "user.attribute.locality": "locality"
+ }
+ }
+ ]
+ },
+ {
+ "id": "5d7d24e3-8a14-4a3a-a44e-78edb78e861f",
+ "name": "microprofile-jwt",
+ "description": "Microprofile - JWT built-in scope",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "true",
+ "display.on.consent.screen": "false"
+ },
+ "protocolMappers": [
+ {
+ "id": "f31c28ac-a88a-490d-885e-7d9c0fd7b022",
+ "name": "upn",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-property-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "username",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "upn",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "323e0230-0924-4113-89e9-3838cd74c75a",
+ "name": "groups",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-realm-role-mapper",
+ "consentRequired": false,
+ "config": {
+ "multivalued": "true",
+ "user.attribute": "foo",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "groups",
+ "jsonType.label": "String"
+ }
+ }
+ ]
+ },
+ {
+ "id": "f28b9300-e4e5-45df-ba34-e41d22133786",
+ "name": "offline_access",
+ "description": "OpenID Connect built-in scope: offline_access",
+ "protocol": "openid-connect",
+ "attributes": {
+ "consent.screen.text": "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen": "true"
+ }
+ },
+ {
+ "id": "dc682314-0ba1-40a2-8349-5fdee9356fc3",
+ "name": "phone",
+ "description": "OpenID Connect built-in scope: phone",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "true",
+ "display.on.consent.screen": "true",
+ "consent.screen.text": "${phoneScopeConsentText}"
+ },
+ "protocolMappers": [
+ {
+ "id": "db6e6be6-cb06-4f3b-89ee-d322e86885e9",
+ "name": "phone number",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "phoneNumber",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "phone_number",
+ "jsonType.label": "String"
+ }
+ },
+ {
+ "id": "d2b2879b-4db1-47d9-a5be-1ee9580e7ad5",
+ "name": "phone number verified",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-attribute-mapper",
+ "consentRequired": false,
+ "config": {
+ "userinfo.token.claim": "true",
+ "user.attribute": "phoneNumberVerified",
+ "id.token.claim": "true",
+ "access.token.claim": "true",
+ "claim.name": "phone_number_verified",
+ "jsonType.label": "boolean"
+ }
+ }
+ ]
+ },
+ {
+ "id": "85069ac7-9bd7-400c-9041-0b0ef30d33f1",
+ "name": "roles",
+ "description": "OpenID Connect scope for add user roles to the access token",
+ "protocol": "openid-connect",
+ "attributes": {
+ "include.in.token.scope": "false",
+ "display.on.consent.screen": "true",
+ "consent.screen.text": "${rolesScopeConsentText}"
+ },
+ "protocolMappers": [
+ {
+ "id": "65914269-6d64-4644-acd7-e71caab56f5d",
+ "name": "audience resolve",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-audience-resolve-mapper",
+ "consentRequired": false,
+ "config": {}
+ },
+ {
+ "id": "01dac415-fcef-4816-8af7-227dc23b36ce",
+ "name": "realm roles",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-realm-role-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute": "foo",
+ "access.token.claim": "true",
+ "claim.name": "realm_access.roles",
+ "jsonType.label": "String",
+ "multivalued": "true"
+ }
+ },
+ {
+ "id": "e37babb7-6a34-4230-ab7f-07f108bace5a",
+ "name": "client roles",
+ "protocol": "openid-connect",
+ "protocolMapper": "oidc-usermodel-client-role-mapper",
+ "consentRequired": false,
+ "config": {
+ "user.attribute": "foo",
+ "access.token.claim": "true",
+ "claim.name": "resource_access.${client_id}.roles",
+ "jsonType.label": "String",
+ "multivalued": "true"
+ }
+ }
+ ]
+ },
+ {
+ "id": "96347b38-f073-4cdc-be4a-eb90c8b03554",
+ "name": "role_list",
+ "description": "SAML role list",
+ "protocol": "saml",
+ "attributes": {
+ "consent.screen.text": "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen": "true"
+ },
+ "protocolMappers": [
+ {
+ "id": "6bca928a-4514-48e1-8a03-c69d88347fbf",
+ "name": "role list",
+ "protocol": "saml",
+ "protocolMapper": "saml-role-list-mapper",
+ "consentRequired": false,
+ "config": {
+ "single": "false",
+ "attribute.nameformat": "Basic",
+ "attribute.name": "Role"
+ }
+ }
+ ]
+ }
+ ],
+ "defaultDefaultClientScopes": [
+ "role_list",
+ "profile",
+ "email",
+ "roles",
+ "web-origins"
+ ],
+ "defaultOptionalClientScopes": [
+ "offline_access",
+ "address",
+ "phone",
+ "microprofile-jwt"
+ ],
+ "browserSecurityHeaders": {
+ "contentSecurityPolicyReportOnly": "",
+ "xContentTypeOptions": "nosniff",
+ "xRobotsTag": "none",
+ "xFrameOptions": "SAMEORIGIN",
+ "xXSSProtection": "1; mode=block",
+ "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "strictTransportSecurity": "max-age=31536000; includeSubDomains"
+ },
+ "smtpServer": {},
+ "eventsEnabled": false,
+ "eventsListeners": [
+ "jboss-logging"
+ ],
+ "enabledEventTypes": [],
+ "adminEventsEnabled": false,
+ "adminEventsDetailsEnabled": false,
+ "identityProviders": [],
+ "identityProviderMappers": [],
+ "components": {
+ "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
+ {
+ "id": "49b0604e-498a-4018-bece-101bfe682873",
+ "name": "Allowed Client Scopes",
+ "providerId": "allowed-client-templates",
+ "subType": "anonymous",
+ "subComponents": {},
+ "config": {
+ "allow-default-scopes": [
+ "true"
+ ]
+ }
+ },
+ {
+ "id": "929f2e40-6989-4e32-8a3f-689fc7af7fd6",
+ "name": "Consent Required",
+ "providerId": "consent-required",
+ "subType": "anonymous",
+ "subComponents": {},
+ "config": {}
+ },
+ {
+ "id": "b2f7f88a-cf56-4bcd-8555-3e7737faddc9",
+ "name": "Max Clients Limit",
+ "providerId": "max-clients",
+ "subType": "anonymous",
+ "subComponents": {},
+ "config": {
+ "max-clients": [
+ "200"
+ ]
+ }
+ },
+ {
+ "id": "6655930a-0cf4-4b60-bc14-40ba36d1139b",
+ "name": "Allowed Protocol Mapper Types",
+ "providerId": "allowed-protocol-mappers",
+ "subType": "anonymous",
+ "subComponents": {},
+ "config": {
+ "allowed-protocol-mapper-types": [
+ "oidc-usermodel-property-mapper",
+ "oidc-full-name-mapper",
+ "saml-user-property-mapper",
+ "oidc-usermodel-attribute-mapper",
+ "saml-user-attribute-mapper",
+ "saml-role-list-mapper",
+ "oidc-address-mapper",
+ "oidc-sha256-pairwise-sub-mapper"
+ ]
+ }
+ },
+ {
+ "id": "cbb366f3-0574-43fa-919a-1624a8e0b552",
+ "name": "Allowed Protocol Mapper Types",
+ "providerId": "allowed-protocol-mappers",
+ "subType": "authenticated",
+ "subComponents": {},
+ "config": {
+ "allowed-protocol-mapper-types": [
+ "oidc-address-mapper",
+ "oidc-sha256-pairwise-sub-mapper",
+ "saml-user-attribute-mapper",
+ "saml-user-property-mapper",
+ "oidc-usermodel-property-mapper",
+ "saml-role-list-mapper",
+ "oidc-usermodel-attribute-mapper",
+ "oidc-full-name-mapper"
+ ]
+ }
+ },
+ {
+ "id": "f03cd9e7-a460-4dad-8dc3-358ed47d79b5",
+ "name": "Trusted Hosts",
+ "providerId": "trusted-hosts",
+ "subType": "anonymous",
+ "subComponents": {},
+ "config": {
+ "host-sending-registration-request-must-match": [
+ "true"
+ ],
+ "client-uris-must-match": [
+ "true"
+ ]
+ }
+ },
+ {
+ "id": "477593a1-0dd5-44bf-b876-045c034d0703",
+ "name": "Allowed Client Scopes",
+ "providerId": "allowed-client-templates",
+ "subType": "authenticated",
+ "subComponents": {},
+ "config": {
+ "allow-default-scopes": [
+ "true"
+ ]
+ }
+ },
+ {
+ "id": "bcd8a353-a195-4e7b-ab4d-1a015bbfacc9",
+ "name": "Full Scope Disabled",
+ "providerId": "scope",
+ "subType": "anonymous",
+ "subComponents": {},
+ "config": {}
+ }
+ ],
+ "org.keycloak.keys.KeyProvider": [
+ {
+ "id": "056c01fc-8886-45e5-91e9-b338ed7c2838",
+ "name": "rsa-generated",
+ "providerId": "rsa-generated",
+ "subComponents": {},
+ "config": {
+ "priority": [
+ "100"
+ ]
+ }
+ },
+ {
+ "id": "61a7d918-1c29-42cb-9f76-9120f7c9c2cc",
+ "name": "aes-generated",
+ "providerId": "aes-generated",
+ "subComponents": {},
+ "config": {
+ "priority": [
+ "100"
+ ]
+ }
+ },
+ {
+ "id": "54a306bf-5214-44c4-96df-73e8d54dee72",
+ "name": "rsa-enc-generated",
+ "providerId": "rsa-enc-generated",
+ "subComponents": {},
+ "config": {
+ "priority": [
+ "100"
+ ],
+ "algorithm": [
+ "RSA-OAEP"
+ ]
+ }
+ },
+ {
+ "id": "4c76c80b-7fb2-4379-bbe6-2d6758d0d6cc",
+ "name": "hmac-generated",
+ "providerId": "hmac-generated",
+ "subComponents": {},
+ "config": {
+ "priority": [
+ "100"
+ ],
+ "algorithm": [
+ "HS256"
+ ]
+ }
+ }
+ ]
+ },
+ "internationalizationEnabled": false,
+ "supportedLocales": [],
+ "authenticationFlows": [
+ {
+ "id": "5764d6a6-9ab9-49c0-b0d1-4a3b6bf91a79",
+ "alias": "Account verification options",
+ "description": "Method with which to verity the existing account",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "idp-email-verification",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "ALTERNATIVE",
+ "priority": 20,
+ "flowAlias": "Verify Existing Account by Re-authentication",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "d237385d-de20-4d56-9138-1081fbf6920b",
+ "alias": "Authentication Options",
+ "description": "Authentication options.",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "basic-auth",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "basic-auth-otp",
+ "authenticatorFlow": false,
+ "requirement": "DISABLED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "auth-spnego",
+ "authenticatorFlow": false,
+ "requirement": "DISABLED",
+ "priority": 30,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "1209281d-d4bf-4b96-acb6-7283c952c86d",
+ "alias": "Browser - Conditional OTP",
+ "description": "Flow to determine if the OTP is required for the authentication",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "conditional-user-configured",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "auth-otp-form",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "609780f8-c50f-4a96-9827-ef5704aa0f81",
+ "alias": "Direct Grant - Conditional OTP",
+ "description": "Flow to determine if the OTP is required for the authentication",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "conditional-user-configured",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "direct-grant-validate-otp",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "c570b8b9-e693-432c-96c9-34203e00e601",
+ "alias": "First broker login - Conditional OTP",
+ "description": "Flow to determine if the OTP is required for the authentication",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "conditional-user-configured",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "auth-otp-form",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "ea66ade5-1db4-43db-a88a-7533a4da29ce",
+ "alias": "Handle Existing Account",
+ "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "idp-confirm-link",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "flowAlias": "Account verification options",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "8b88580a-a02e-4367-9a60-0bbf705c9619",
+ "alias": "Reset - Conditional OTP",
+ "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "conditional-user-configured",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "reset-otp",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "54d7249d-c82b-4c2e-9908-f6abd3601237",
+ "alias": "User creation or linking",
+ "description": "Flow for the existing/non-existing user alternatives",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticatorConfig": "create unique user config",
+ "authenticator": "idp-create-user-if-unique",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "ALTERNATIVE",
+ "priority": 20,
+ "flowAlias": "Handle Existing Account",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "9ae359e9-8575-4ff9-b8db-84f085cea1b3",
+ "alias": "Verify Existing Account by Re-authentication",
+ "description": "Reauthentication of existing account",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "idp-username-password-form",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "CONDITIONAL",
+ "priority": 20,
+ "flowAlias": "First broker login - Conditional OTP",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "9e8f6123-18af-435f-93be-a137e2bf9774",
+ "alias": "browser",
+ "description": "browser based authentication",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "auth-cookie",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "auth-spnego",
+ "authenticatorFlow": false,
+ "requirement": "DISABLED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "identity-provider-redirector",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 25,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "ALTERNATIVE",
+ "priority": 30,
+ "flowAlias": "forms",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "806d760e-dd1d-478d-bbc3-f2d9d84801d0",
+ "alias": "clients",
+ "description": "Base authentication for clients",
+ "providerId": "client-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "client-secret",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "client-jwt",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "client-secret-jwt",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 30,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "client-x509",
+ "authenticatorFlow": false,
+ "requirement": "ALTERNATIVE",
+ "priority": 40,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "cdc6d76f-632b-49e8-898d-16856d50a848",
+ "alias": "direct grant",
+ "description": "OpenID Connect Resource Owner Grant",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "direct-grant-validate-username",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "direct-grant-validate-password",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "CONDITIONAL",
+ "priority": 30,
+ "flowAlias": "Direct Grant - Conditional OTP",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "738ede8d-0a07-433c-958d-a102c42e7363",
+ "alias": "docker auth",
+ "description": "Used by Docker clients to authenticate against the IDP",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "docker-http-basic-authenticator",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "2ac00703-fade-42bd-9e83-fea39906f062",
+ "alias": "first broker login",
+ "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticatorConfig": "review profile config",
+ "authenticator": "idp-review-profile",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "flowAlias": "User creation or linking",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "36e2bca3-cbd1-4b56-a51b-69887538ee0a",
+ "alias": "forms",
+ "description": "Username, password, otp and other auth forms.",
+ "providerId": "basic-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "auth-username-password-form",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "CONDITIONAL",
+ "priority": 20,
+ "flowAlias": "Browser - Conditional OTP",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "ba2ac86e-154d-4742-b9d8-2fbe5ab2bc16",
+ "alias": "http challenge",
+ "description": "An authentication flow based on challenge-response HTTP Authentication Schemes",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "no-cookie-redirect",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "flowAlias": "Authentication Options",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "e25de487-442b-4c96-a9a8-cd5a6a44d1fc",
+ "alias": "registration",
+ "description": "registration flow",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "registration-page-form",
+ "authenticatorFlow": true,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "flowAlias": "registration form",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "f4334b65-3337-48bd-bbf4-ae56f84314e8",
+ "alias": "registration form",
+ "description": "registration form",
+ "providerId": "form-flow",
+ "topLevel": false,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "registration-user-creation",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "registration-profile-action",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 40,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "registration-password-action",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 50,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "registration-recaptcha-action",
+ "authenticatorFlow": false,
+ "requirement": "DISABLED",
+ "priority": 60,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ },
+ {
+ "id": "366052fb-7e33-48a1-a721-46567df5f11e",
+ "alias": "reset credentials",
+ "description": "Reset credentials for a user if they forgot their password or something",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "reset-credentials-choose-user",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "reset-credential-email",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 20,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticator": "reset-password",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 30,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ },
+ {
+ "authenticatorFlow": true,
+ "requirement": "CONDITIONAL",
+ "priority": 40,
+ "flowAlias": "Reset - Conditional OTP",
+ "userSetupAllowed": false,
+ "autheticatorFlow": true
+ }
+ ]
+ },
+ {
+ "id": "3955dfa6-2e46-4fbc-96b7-88999e82a9c1",
+ "alias": "saml ecp",
+ "description": "SAML ECP Profile Authentication Flow",
+ "providerId": "basic-flow",
+ "topLevel": true,
+ "builtIn": true,
+ "authenticationExecutions": [
+ {
+ "authenticator": "http-basic-authenticator",
+ "authenticatorFlow": false,
+ "requirement": "REQUIRED",
+ "priority": 10,
+ "userSetupAllowed": false,
+ "autheticatorFlow": false
+ }
+ ]
+ }
+ ],
+ "authenticatorConfig": [
+ {
+ "id": "9cd88a5a-351f-431e-a550-5c9846e0addd",
+ "alias": "create unique user config",
+ "config": {
+ "require.password.update.after.registration": "false"
+ }
+ },
+ {
+ "id": "4e54c84b-2ff7-481d-b5f5-76aab72140c8",
+ "alias": "review profile config",
+ "config": {
+ "update.profile.on.first.login": "missing"
+ }
+ }
+ ],
+ "requiredActions": [
+ {
+ "alias": "CONFIGURE_TOTP",
+ "name": "Configure OTP",
+ "providerId": "CONFIGURE_TOTP",
+ "enabled": true,
+ "defaultAction": false,
+ "priority": 10,
+ "config": {}
+ },
+ {
+ "alias": "terms_and_conditions",
+ "name": "Terms and Conditions",
+ "providerId": "terms_and_conditions",
+ "enabled": false,
+ "defaultAction": false,
+ "priority": 20,
+ "config": {}
+ },
+ {
+ "alias": "UPDATE_PASSWORD",
+ "name": "Update Password",
+ "providerId": "UPDATE_PASSWORD",
+ "enabled": true,
+ "defaultAction": false,
+ "priority": 30,
+ "config": {}
+ },
+ {
+ "alias": "UPDATE_PROFILE",
+ "name": "Update Profile",
+ "providerId": "UPDATE_PROFILE",
+ "enabled": true,
+ "defaultAction": false,
+ "priority": 40,
+ "config": {}
+ },
+ {
+ "alias": "VERIFY_EMAIL",
+ "name": "Verify Email",
+ "providerId": "VERIFY_EMAIL",
+ "enabled": true,
+ "defaultAction": false,
+ "priority": 50,
+ "config": {}
+ },
+ {
+ "alias": "delete_account",
+ "name": "Delete Account",
+ "providerId": "delete_account",
+ "enabled": false,
+ "defaultAction": false,
+ "priority": 60,
+ "config": {}
+ },
+ {
+ "alias": "update_user_locale",
+ "name": "Update User Locale",
+ "providerId": "update_user_locale",
+ "enabled": true,
+ "defaultAction": false,
+ "priority": 1000,
+ "config": {}
+ }
+ ],
+ "browserFlow": "browser",
+ "registrationFlow": "registration",
+ "directGrantFlow": "direct grant",
+ "resetCredentialsFlow": "reset credentials",
+ "clientAuthenticationFlow": "clients",
+ "dockerAuthenticationFlow": "docker auth",
+ "attributes": {
+ "cibaBackchannelTokenDeliveryMode": "poll",
+ "cibaExpiresIn": "120",
+ "cibaAuthRequestedUserHint": "login_hint",
+ "parRequestUriLifespan": "60",
+ "cibaInterval": "5"
+ },
+ "keycloakVersion": "16.1.1",
+ "userManagedAccessAllowed": false,
+ "clientProfiles": {
+ "profiles": []
+ },
+ "clientPolicies": {
+ "policies": []
+ },
+ "users": [
+ {
+ "username": "newfromkeycloak",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "Jimmy (new keycloak)",
+ "lastName": "flake",
+ "email": "newfromkeycloak@mail.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["11111"],
+ "phone": ["0612345651"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["12345"],
+ "address.city": ["Anytown"],
+ "co_member_number": ["11111"]
+ },
+ "groups": [
+ "/coopérateur"
+ ]
+ },
+ {
+ "username": "admin1",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "Samuel (admin)",
+ "lastName": "Smith",
+ "email": "admin1@email.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["11111"],
+ "phone": ["0612345651"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["12345"],
+ "address.city": ["Anytown"]
+ },
+ "groups": [
+ "/coopérateur",
+ "/infrastructure/informatique/elefan/admin"
+ ]
+ },
+ {
+ "username": "admin2",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "Sebastian (admin)",
+ "lastName": "Johnson",
+ "email": "admin2@email.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["11112"],
+ "phone": ["0612345652"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["12345"],
+ "address.city": ["Anytown"]
+ },
+ "groups": [
+ "/coopérateur",
+ "/infrastructure/informatique/elefan/admin"
+ ]
+ },
+ {
+ "username": "admin3",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "David (admin)",
+ "lastName": "Williams",
+ "email": "admin3@email.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["12345"],
+ "phone": ["0612345653"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["11113"],
+ "address.city": ["Anytown"]
+ },
+ "groups": [
+ "/coopérateur",
+ "/infrastructure/informatique/elefan/admin"
+ ]
+ },
+ {
+ "username": "admin4",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "Carter (admin)",
+ "lastName": "Brown",
+ "email": "admin4@email.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["12345"],
+ "phone": ["0612345654"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["11114"],
+ "address.city": ["Anytown"]
+ },
+ "groups": [
+ "/coopérateur",
+ "/infrastructure/informatique/elefan/admin"
+ ]
+ },
+ {
+ "username": "admin5",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "Wyatt (admin)",
+ "lastName": "Jones",
+ "email": "admin5@email.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["11115"],
+ "phone": ["0612345655"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["12345"],
+ "address.city": ["Anytown"]
+ },
+ "groups": [
+ "/coopérateur",
+ "/infrastructure/informatique/elefan/admin"
+ ]
+ },
+ {
+ "username": "admin",
+ "enabled": true,
+ "emailVerified": true,
+ "firstName": "Jayden (super admin)",
+ "lastName": "Garcia",
+ "email": "superadmin@email.com",
+ "credentials": [
+ {
+ "type": "password",
+ "hashedSaltedValue": "xjNR06W/ur5nBS8KFTrDgE81vLjb/t4A5LG2ubs/rII=",
+ "salt": "dyyLTNS/D+Ukspy5xgIa4w==",
+ "hashIterations": 27500,
+ "algorithm": "pbkdf2-sha256"
+ }
+ ],
+ "attributes": {
+ "member_number": ["12345"],
+ "phone": ["0685428468"],
+ "flying": [true],
+ "address.street1": ["123 Main St"],
+ "address.street2": ["Apt 4"],
+ "address.zipcode": ["12345"],
+ "address.city": ["Anytown"],
+ "co_member_number": ["67890"]
+ },
+ "groups": [
+ "/coopérateur",
+ "/infrastructure/informatique/elefan/super_admin"
+ ]
+ }
+
+ ],
+ "groups": [
+ {
+ "name": "coopérateur",
+ "path": "/coopérateur"
+ },
+ {
+ "name": "infrastructure",
+ "path": "/infrastructure",
+ "subGroups": [
+ {
+ "name": "informatique",
+ "path": "/infrastructure/informatique",
+ "subGroups": [
+ {
+ "name": "elefan",
+ "subGroups": [
+ {
+ "name": "admin",
+ "path": "/infrastructure/informatique/elefan/admin"
+ },
+ {
+ "name": "super_admin",
+ "path": "/infrastructure/informatique/elefan/super_admin"
+ },
+ {
+ "name": "formations",
+ "path": "/infrastructure/informatique/elefan/formations",
+ "subGroups": [
+ {
+ "name": "Accueil magasin",
+ "path": "/infrastructure/informatique/elefan/formations/accueil_magasin"
+ },
+ {
+ "name": "Caisse",
+ "path": "/infrastructure/informatique/elefan/formations/caisse"
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
\ No newline at end of file
diff --git a/.env.oidc b/.env.oidc
deleted file mode 100644
index 1c9a94cc6..000000000
--- a/.env.oidc
+++ /dev/null
@@ -1,227 +0,0 @@
-SYMFONY_ENV='dev'
-APP_SECRET='$ecretf0rt3st'
-PHP_USER='www-data'
-PHP_IDE_CONFIG='serverName=membres.yourcoop.local'
-PHP_MEMORY_LIMIT=512M
-PHP_SERVICE_NAME='php7.4-fpm'
-###> symfony/framework-bundle ###
-SYMFONY_DEPRECATIONS_HELPER=999999
-APP_ENV=dev
-APP_SECRET=ThisTokenIsNotSoSecretChangeIt
-#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
-#TRUSTED_HOSTS='^(localhost|example\.com)$'
-###< symfony/framework-bundle ###
-
-###> doctrine/doctrine-bundle ###
-DATABASE_URL="mysql://root:secret@database:3306/symfony?serverVersion=5.7&charset=utf8"
-DATABASE_TEST_HOST=127.0.0.1
-###< doctrine/doctrine-bundle ###
-
-###> symfony/swiftmailer-bundle ###
-# For Gmail as a transport, use: "gmail://username:password@localhost"
-# For a generic SMTP server, use: "smtp://localhost:25?encryption=&auth_mode="
-# Delivery is disabled by default via "null://localhost"
-MAILER_URL=null://localhost
-###< symfony/swiftmailer-bundle ###
-
-# SUPER_ADMIN User
-SUPER_ADMIN_USERNAME=admin
-SUPER_ADMIN_INITIAL_PASSWORD=password
-
-# Mailer Configuration
-MAILER_TRANSPORT=smtp
-MAILER_HOST=mailcatcher
-MAILER_PORT=1025
-MAILER_USER=null
-MAILER_PASSWORD=null
-MAILER_ENCRYPTION=null
-
-# Transactional Mailer User
-TRANSACTIONAL_MAILER_USER=contact@yourcoop.local
-TRANSACTIONAL_MAILER_USER_NAME='espace membre'
-
-# Base Domain for Emails
-EMAILS_BASE_DOMAIN=yourcoop.local
-
-# Email Addresses
-EMAILS_CONTACT_NAME='Contact Localcoop'
-EMAILS_CONTACT_ADDRESS=contact@yourcoop.local
-EMAILS_MEMBER_NAME='Membres Localcoop'
-EMAILS_MEMBER_ADDRESS=membres@yourcoop.local
-EMAILS_SHIFT_NAME='Créneaux Localcoop'
-EMAILS_SHIFT_ADDRESS=creneaux@yourcoop.local
-EMAILS_FORMATION_NAME='Formation Localcoop'
-EMAILS_FORMATION_ADDRESS=formations@yourcoop.local
-EMAILS_ADMIN_NAME='Admin Localcoop'
-EMAILS_ADMIN_ADDRESS=admin@yourcoop.local
-EMAILS_NOREPLY_NAME='Ne pas répondre'
-EMAILS_NOREPLY_ADDRESS=noreply@yourcoop.local
-
-# Router Configuration
-ROUTER_REQUEST_CONTEXT_HOST=membres.yourcoop.local
-ROUTER_REQUEST_CONTEXT_SCHEME=https
-ROUTER_REQUEST_CONTEXT_BASE_URL=
-
-# Security: IP check
-ENABLE_PLACE_LOCAL_IP_ADDRESS_CHECK=true
-PLACE_LOCAL_IP_ADDRESS='127.0.0.1,192.168.0.x'
-
-# Branding
-SITE_NAME="Espace membre @ MyLocalCoop"
-PROJECT_NAME="My Local Coop"
-PROJECT_URL=https://yourcoop.local/
-PROJECT_URL_DISPLAY=yourcoop.local
-MAIN_COLOR=#51CAE9
-LOCAL_CURRENCY_NAME="monnaie locale"
-
-# Registration
-REGISTRATION_DURATION='1 year'
-REGISTRATION_EVERY_CIVIL_YEAR=false
-REGISTRATION_MANUAL_ENABLED=true
-HELLOASSO_REGISTRATION_CAMPAIGN_URL=https://www.helloasso.com/associations/my-local-coop/adhesions/re-adhesion
-HELLOASSO_API_KEY=
-HELLOASSO_API_PASSWORD=
-HELLOASSO_API_BASE_URL=https://api.helloasso.com/v3/
-
-# Shifting Configuration
-DUE_DURATION_BY_CYCLE=180
-MIN_SHIFT_DURATION=90
-CYCLE_DURATION='28 days'
-CYCLE_TYPE=abcd
-NEW_USERS_START_AS_BEGINNER=true
-ALLOW_EXTRA_SHIFTS=true
-MAX_TIME_IN_ADVANCE_TO_BOOK_EXTRA_SHIFTS='3 days'
-TIME_AFTER_WHICH_MEMBERS_ARE_LATE_WITH_SHIFTS=-9
-RESERVE_NEW_SHIFT_TO_PRIOR_SHIFTER=true
-RESERVE_NEW_SHIFT_TO_PRIOR_SHIFTER_DELAY=7
-FORBID_SHIFT_OVERLAP_TIME=30
-MAX_TIME_AT_END_OF_SHIFT=0
-DISPLAY_NAME_SHIFTERS=false
-
-# shift fly and fixed
-USE_FLY_AND_FIXED=false
-FLY_AND_FIXED_ENTITY_FLYING=Beneficiary
-FLY_AND_FIXED_ALLOW_FIXED_SHIFT_FREE=false
-
-# Swipe card
-USE_CARD_READER_TO_VALIDATE_SHIFTS=false
-SWIPE_CARD_LOGGING=true
-SWIPE_CARD_LOGGING_ANONYMOUS=true
-DISPLAY_SWIPE_CARDS_SETTINGS=true
-
-# Shifting: time log saving
-USE_TIME_LOG_SAVING=false
-TIME_LOG_SAVING_SHIFT_FREE_MIN_TIME_IN_ADVANCE_DAYS=null
-TIME_LOG_SAVING_SHIFT_FREE_ALLOW_ONLY_IF_ENOUGH_SAVING=false
-
-# Profile Configuration
-DISPLAY_GAUGE=true
-PROFILE_DISPLAY_TASK_LIST=true
-PROFILE_DISPLAY_TIME_LOG=true
-PROFILE_DISPLAY_SHIFT_FREE_LOG=true
-PROFILE_DISPLAY_PERIOD_POSITION_FREE_LOG=true
-DISPLAY_FREEZE_ACCOUNT=true
-DISPLAY_FREEZE_ACCOUNT_FALSE_MESSAGE="Le gel de compte n'est pas autorisé."
-MAX_NB_OF_PAST_CYCLES_TO_DISPLAY=3
-
-# User Configuration
-USER_ACCOUNT_NOT_ENABLED_MATERIAL_ICON=phonelink_off
-USER_ACCOUNT_ENABLED_ICON=☑
-USER_ACCOUNT_ENABLED_MATERIAL_ICON=devices
-
-# Member Configuration
-MAXIMUM_NB_OF_BENEFICIARIES_IN_MEMBERSHIP=2
-MEMBER_WITHDRAWN_ICON=∅
-MEMBER_WITHDRAWN_MATERIAL_ICON=block
-MEMBER_WITHDRAWN_BACKGROUND_COLOR='rgba(255, 50, 0, 0.2)'
-MEMBER_FROZEN_ICON=❄️
-MEMBER_FROZEN_MATERIAL_ICON=ac_unit
-MEMBER_FROZEN_BACKGROUND_COLOR='rgba(0, 138, 255, 0.1)'
-MEMBER_EXEMPTED_ICON=☂
-MEMBER_EXEMPTED_MATERIAL_ICON=beach_access
-MEMBER_EXEMPTED_BACKGROUND_COLOR='rgb(0, 150, 136, 0.1)'
-MEMBER_FLYING_ICON=✈
-MEMBER_FLYING_MATERIAL_ICON=flightsmode
-MEMBER_REGISTRATION_MISSING_ICON=$
-MEMBER_REGISTRATION_MISSING_MATERIAL_ICON=attach_money
-MEMBER_REGISTRATION_MISSING_BACKGROUND_COLOR='rgb(0, 150, 136, 0.1)'
-
-# Beneficiary Configuration
-BENEFICIARY_MAIN_ICON=⚐
-BENEFICIARY_NEW_ICON=★
-BENEFICIARY_FLYING_ICON=✈
-
-# Admin: Member
-ADMIN_MEMBER_DISPLAY_SHIFT_FREE_LOG=true
-ADMIN_MEMBER_DISPLAY_PERIOD_POSITION_FREE_LOG=true
-FORBID_OWN_SHIFT_BOOK_ADMIN=false
-FORBID_OWN_SHIFT_FREE_ADMIN=false
-FORBID_OWN_SHIFT_VALIDATE_ADMIN=false
-FORBID_OWN_TIMELOG_NEW_ADMIN=false
-
-# Events
-MAX_EVENT_PROXY_PER_MEMBER=1
-
-# Opening Hours
-DISPLAY_OPENING_HOUR_OPEN_CLOSED_HEADER=true
-OPENING_HOUR_OPEN_CLOSED_HEADER_OPEN_MESSAGE="Ouvert"
-OPENING_HOUR_OPEN_CLOSED_HEADER_CLOSED_MESSAGE="Fermé"
-
-# Code Generation
-CODE_GENERATION_ENABLED=true
-DISPLAY_KEYS_SHOP=true
-WIKI_KEYS_URL=
-
-# Logging
-LOGGING_MATTERMOST_ENABLED=false
-LOGGING_MATTERMOST_LEVEL=critical
-LOGGING_MATTERMOST_URL=http://mattermost.yourcoop.local
-LOGGING_SWIFTMAILER_ENABLED=false
-LOGGING_SWIFTMAILER_LEVEL=critical
-LOGGING_SWIFTMAILER_RECIPIENT=email@example.com
-LOGGING_MATTERMOST_CHANNEL=elefan
-
-# Open ID Client
-OIDC_ENABLE=true
-OIDC_PROFILE_CUSTOM_MESSAGE='vos informations personnelles sont éditables ici '
-OIDC_NO_ACCOUNT_MESSAGE="Vous n\'avez pas de compte. Veuillez contacter le support."
-OIDC_ISSUER=http://keycloak:8080/auth
-OIDC_REALM=elefan
-OIDC_CLIENT_ID=elefan
-OIDC_CLIENT_SECRET=secret
-OIDC_ROLES_CLAIM=groups
-
-# OIDC User Attributes Map
-OIDC_USER_ATTRIBUTE_FIRSTNAME=firstName
-OIDC_USER_ATTRIBUTE_LASTNAME=lastName
-OIDC_USER_ATTRIBUTE_MEMBER_NUMBER=member_number
-OIDC_USER_ATTRIBUTE_EMAIL=email
-OIDC_USER_ATTRIBUTE_PHONE=phone
-OIDC_USER_ATTRIBUTE_FLYING=flying
-OIDC_USER_ATTRIBUTE_ADDRESS_STREET1=address.street1
-OIDC_USER_ATTRIBUTE_ADDRESS_STREET2=address.street2
-OIDC_USER_ATTRIBUTE_ADDRESS_ZIPCODE=address.zipcode
-OIDC_USER_ATTRIBUTE_ADDRESS_CITY=address.city
-OIDC_USER_ATTRIBUTE_CO_MEMBER_NUMBER=co_member_number
-
-# OIDC Roles Map
-OIDC_ROLE_USER=/cooperate
-OIDC_ROLE_ADMIN_PANEL=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_USER_VIEWER=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_USER_MANAGER=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_SHIFT_MANAGER=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_FINANCE_MANAGER=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_PROCESS_MANAGER=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_ADMIN=/infrastructure/informatique/elefan/admin
-OIDC_ROLE_SUPER_ADMIN=/infrastructure/informatique/elefan/super_admin
-OIDC_ROLE_OAUTH_LOGIN=
-
-OIDC_FORMATIONS_CLAIM=groups
-
-# OIDC Formations Map in JSON
-OIDC_FORMATIONS_MAP='{"Accueil magasin": "/infrastructure/informatique/elefan/formations/accueil_magasin", "Caisse": "/infrastructure/informatique/elefan/formations/caisse"}'
-
-OIDC_COMMISSIONS_CLAIM=groups
-
-# OIDC Commissions Map in JSON
-OIDC_COMMISSIONS_MAP='{"foo": "/grouvernance/foo", "bar": "/grouvernance/bar"}'
diff --git a/.env.oidc.test b/.env.oidc.test
index f9cf7238d..eca6fa359 100644
--- a/.env.oidc.test
+++ b/.env.oidc.test
@@ -4,7 +4,7 @@
SYMFONY_ENV='test'
APP_SECRET='$ecretf0rt3st'
PHP_USER='www-data'
-PHP_IDE_CONFIG='serverName=membres.yourcoop.local'
+PHP_IDE_CONFIG='serverName=localhost'
PHP_MEMORY_LIMIT=512M
PHP_SERVICE_NAME='php7.4-fpm'
###> symfony/framework-bundle ###
@@ -59,8 +59,8 @@ EMAILS_NOREPLY_NAME='Ne pas répondre'
EMAILS_NOREPLY_ADDRESS=noreply@yourcoop.local
# Router Configuration
-ROUTER_REQUEST_CONTEXT_HOST=membres.yourcoop.local
-ROUTER_REQUEST_CONTEXT_SCHEME=https
+ROUTER_REQUEST_CONTEXT_HOST=localhost
+ROUTER_REQUEST_CONTEXT_SCHEME=http
ROUTER_REQUEST_CONTEXT_BASE_URL=
# Security: IP check
@@ -184,9 +184,9 @@ LOGGING_MATTERMOST_CHANNEL=elefan
# Open ID Client
OIDC_ENABLE=true
-OIDC_PROFILE_CUSTOM_MESSAGE='vos informations personnelles sont éditables ici '
+OIDC_PROFILE_CUSTOM_MESSAGE='vos informations personnelles sont éditables ici '
OIDC_NO_ACCOUNT_MESSAGE="Vous n\'avez pas de compte. Veuillez contacter le support."
-OIDC_ISSUER=http://keycloak:8080/auth
+OIDC_ISSUER=http://localhost:8080/auth
OIDC_REALM=elefan
OIDC_CLIENT_ID=elefan
OIDC_CLIENT_SECRET=secret
diff --git a/.env.test b/.env.test
index d70e2d911..431f1d18d 100644
--- a/.env.test
+++ b/.env.test
@@ -186,7 +186,7 @@ LOGGING_MATTERMOST_CHANNEL=elefan
OIDC_ENABLE=false
OIDC_PROFILE_CUSTOM_MESSAGE='vos informations personnelles sont éditables ici '
OIDC_NO_ACCOUNT_MESSAGE="Vous n\'avez pas de compte. Veuillez contacter le support."
-OIDC_ISSUER=http://keycloak:8080/auth
+OIDC_ISSUER=http://localhost:8080/auth
OIDC_REALM=elefan
OIDC_CLIENT_ID=elefan
OIDC_CLIENT_SECRET=secret
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 3307a81db..397a4c79b 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -246,4 +246,42 @@ jobs:
# RUN CYPRESS TESTS ----------------
- name: Run Cypress tests
- run: npm run cy:test:main
\ No newline at end of file
+ run: CYPRESS_BASE_URL=http://localhost:8000 npm run cy:test:main
+
+
+# CHANGE ENV VARIABLES ----------------
+ - name: Set up test environment variables
+ run: cp .env.oidc.test .env.test
+
+# START KEYCLOAK ----------------
+ - name: Start Keycloak
+ run: |
+ docker run -d \
+ --name keycloak \
+ -e KEYCLOAK_USER=admin \
+ -e KEYCLOAK_PASSWORD=admin \
+ -e DB_VENDOR=h2 \
+ -e KEYCLOAK_IMPORT=/config/realm-export.json \
+ -v ${{ github.workspace }}/.docker/keycloak/config/realm-export.localhost.json:/config/realm-export.json \
+ -p 8080:8080 \
+ --user root \
+ jboss/keycloak:16.1.1
+
+# Wait for Keycloak to start
+ - name: Wait for Keycloak to be ready
+ run: |
+ until $(curl --output /dev/null --silent --head --fail http://localhost:8080/auth); do
+ printf '.'
+ sleep 5
+ done
+
+# RUN CYPRESS TESTS ----------------
+ - name: Run Cypress keycloak tests
+ uses: cypress-io/github-action@v6
+ with:
+ start: npm run cy:test:oidc
+ env:
+ CYPRESS_BASE_URL: http://localhost:8000
+ CYPRESS_KEYCLOAK_URL: http://localhost:8080
+
+
diff --git a/cypress.config.js b/cypress.config.js
index 6d143e41f..45f9f0a90 100644
--- a/cypress.config.js
+++ b/cypress.config.js
@@ -6,4 +6,7 @@ module.exports = defineConfig({
viewportWidth: 1920,
viewportHeight: 1080,
},
+ env: {
+ keycloakUrl: 'http://localhost:8080',
+ },
});
diff --git a/cypress/e2e/keycloak/admin/admin1_can_login.cy.js b/cypress/e2e/keycloak/admin/admin1_can_login.cy.js
index a7a5ab867..7a1f62385 100644
--- a/cypress/e2e/keycloak/admin/admin1_can_login.cy.js
+++ b/cypress/e2e/keycloak/admin/admin1_can_login.cy.js
@@ -2,7 +2,9 @@
// temporarily disable uncaught exception handling
-import {login} from "../keycloak_reusables";
+import {login} from "../keycloak_reusables.cytools";
+
+const keycloakUrl = Cypress.env('keycloakUrl') || 'http://localhost:8080'
Cypress.on('uncaught:exception', (err, runnable) => {
return false
@@ -11,7 +13,7 @@ Cypress.on('uncaught:exception', (err, runnable) => {
describe('admin1 can login', function () {
it('admin story', function () {
- login("admin1", "password")
+ login(keycloakUrl, "admin1", "password")
cy.log('home page banner contains "admin"')
cy.get('[data-cy=home_welcome_message]').contains('admin')
diff --git a/cypress/e2e/keycloak/keycloak_reusables.cytools.js b/cypress/e2e/keycloak/keycloak_reusables.cytools.js
index 41a1702b7..210d5b7b5 100644
--- a/cypress/e2e/keycloak/keycloak_reusables.cytools.js
+++ b/cypress/e2e/keycloak/keycloak_reusables.cytools.js
@@ -1,9 +1,11 @@
-export function login(username, password) {
+
+export function login(keycloakUrl, username, password) {
cy.visit("/")
cy.get('#login').click()
-
- cy.origin('http://keycloak:8080', { args : { username, password }}, ({ username, password }) => {
+ console.log(Cypress.config());
+ console.log(Cypress.env());
+ cy.origin(keycloakUrl, { args : { username, password }}, ({ username, password }) => {
cy.log("fill in the login form")
cy.get('#username').type(username, {force: true})
cy.get('#password').type(password, {force: true})
@@ -12,7 +14,7 @@ export function login(username, password) {
cy.get('#kc-login').click()
cy.location().then((location) => {
- if (location !== null && location.origin === 'http://keycloak:8080') {
+ if (location !== null && location.origin === keycloakUrl) {
cy.get('#kc-login').click()
} else {
cy.log("not asked for access to user data")
diff --git a/package.json b/package.json
index 3e4d840c4..2323e047b 100644
--- a/package.json
+++ b/package.json
@@ -34,8 +34,8 @@
"watch": "encore dev --watch",
"build": "npx encore production --progress",
"cy:open": "cypress open",
- "cy:test:oidc": "CYPRESS_BASE_URL=http://127.0.0.1:8000 cypress run --spec 'cypress/e2e/oidc/*'",
- "cy:test:main": "CYPRESS_BASE_URL=http://localhost:8000 cypress run --spec 'cypress/e2e/login/**/*'"
+ "cy:test:oidc": "cypress run --spec 'cypress/e2e/keycloak/**/*'",
+ "cy:test:main": "cypress run --spec 'cypress/e2e/login/**/*'"
},
"repository": {
"type": "git",