Skip to content
Snippets Groups Projects
Commit 020fc831 authored by Lars Johansson's avatar Lars Johansson
Browse files

investigation

parent f3b8426e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
pom.xml
+ 21
0
View file @ 020fc831
......@@ -41,6 +41,14 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-client</artifactId>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
......@@ -91,6 +99,19 @@
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>19.0.1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
......
src/main/resources/application.properties
+ 4
0
View file @ 020fc831
......@@ -31,6 +31,7 @@ spring.jpa.hibernate.show-sql=true
# open api, swagger ui
# doc
# api
app.version=0.0.1-SNAPSHOT
openapi.externaldocs.description=ESS Naming Convention
openapi.externaldocs.url=https://chess.esss.lu.se/enovia/link/ESS-0000757/21308.51166.45568.45993/valid
......@@ -49,3 +50,6 @@ openapi.info.description=\
- Regular expressions are not supported for searches. Regex-like behavior is available with _ underscore, 0 or 1 occurrences of any character, % percent, any number of any character.
openapi.info.license.name=Copyright (C) 2022 European Spallation Source ERIC.
openapi.info.title=Naming REST API
openapi.api-docs.path=${API_PATH:/naming-api}
openapi.swagger-ui.path=${SWAGGER_PATH:/naming-api.html}
src/test/resources/keycloak/esss-CA01-CA.crt 0 → 100644
+ 23
0
View file @ 020fc831
-----BEGIN CERTIFICATE-----
MIIDxjCCAq6gAwIBAgIQMn8wO/fUbolKMLcGqW5epzANBgkqhkiG9w0BAQUFADBV
MRIwEAYKCZImiZPyLGQBGRYCc2UxEjAQBgoJkiaJk/IsZAEZFgJsdTEUMBIGCgmS
JomT8ixkARkWBGVzc3MxFTATBgNVBAMTDGVzc3MtQ0EwMS1DQTAeFw0yMTAxMjEw
OTM3MDhaFw0zNjAxMjEwOTQ3MDhaMFUxEjAQBgoJkiaJk/IsZAEZFgJzZTESMBAG
CgmSJomT8ixkARkWAmx1MRQwEgYKCZImiZPyLGQBGRYEZXNzczEVMBMGA1UEAxMM
ZXNzcy1DQTAxLUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3wC
H7H8OUXvV92Ic08cyldVNEOxrJq3XNw1GiWuLAGQENKmhKPW3+isu92vwB9zKX/T
ZQKzxNMXuLcZPpFncK7YPykUPWKZPXXgEeR/464Hhx0yAjQlYrNEwwdqjqYYWOC0
PPI+4CXoCSDt9inmCa2oxEZDXW4SQIb4BDC3aKStHUoyUI1Ir4IbYIVKT/sss7ii
IsKufP547CuYRg2hETr/KVmg0R2Up6CIfCEcxLBXluJWh+5soX5gR7KLgdcrqcIA
8aszpjf93x5U0UY6sWUYSvxLC67jVvw1+VX34kMuCw7BsXM2H49iqxR7byhvr1yp
FNkW7B6hh1mrrQsvcQIDAQABo4GRMIGOMBMGCSsGAQQBgjcUAgQGHgQAQwBBMA4G
A1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSyIJD2t8GU
h7XPun2ziss71S09nDASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQW
BBRtG8gEuVfG9vNe5NzkByBAHxy6tDANBgkqhkiG9w0BAQUFAAOCAQEAhOWNkVUQ
gWjeAbYsA1H8ZIdaQByiyfh6VFKbokyCTsk0oSOOABLUxrZ0GUpmmbI2vq5Z6Qra
FBxjontk88653+QIlp9AviyQWweTbENY9QdG4Xd74kZBJyCzmc2/jndFuJ3+rhmd
K5aGPzcFXgu7gHQjWYR53ojgodReFe0G5aA2XlRjqiT+VOf1T+X8qBqOcB+oAYYV
2/bcW4BxuWj+O5WV5jiZjlj/9ibsXHsSH+N5ZHdVIo/jH0+K0js4lvSNGyt6ZYek
iurEwCGAXquJNnEQSX6TXmYsdCik79lI5+ieVdmxk0gMyIaISj8MrQFyoUinu+sA
tgCZSY8PNuFRjA==
-----END CERTIFICATE-----
src/test/resources/keycloak/test-realm-authorization-policy.json 0 → 100644
+ 241
0
View file @ 020fc831
{
"realm": "test",
"enabled": true,
"users": [
{
"username": "johndoe",
"enabled": true,
"credentials": [
{
"type": "password",
"value": "password"
}
],
"realmRoles": [
"naming-user"
],
"clientRoles" : {
"naming": [
"naming-user"
]
}
},
{
"username": "janedoe",
"enabled": true,
"credentials": [
{
"type": "password",
"value": "password"
}
],
"clientRoles" : {
"naming": [
"naming-admin",
"naming-user"
]
}
}
],
"roles": {
"client": {
"naming": [
{
"id": "7e2b683f-2182-4747-9afa-e30de0074dfd",
"name": "naming-user",
"composite": false,
"clientRole": true,
"containerId": "43d0f242-6c3a-42c3-81b6-87a472ee9aa7",
"attributes": {}
},
{
"id": "9d6d0984-91ce-45b2-a42e-df9429e38e46",
"name": "naming-admin",
"composite": false,
"clientRole": true,
"containerId": "43d0f242-6c3a-42c3-81b6-87a472ee9aa7",
"attributes": {}
}
]
}
},
"defaultRoles": [
"user"
],
"clients": [
{
"clientId": "naming",
"directAccessGrantsEnabled": true,
"enabled": true,
"publicClient": true,
"redirectUris": [
"*"
],
"webOrigins": [
"*"
],
"authorizationServicesEnabled": true,
"authorizationSettings": {
"allowRemoteResourceManagement": false,
"policyEnforcementMode": "ENFORCING",
"resources": [
{
"name": "Naming resource for admin & user",
"scopes": [
],
"uri": [
"/api/v1/names",
"/api/v1/names/upload",
"/api/v1/structures",
"/api/v1/structures/upload"
]
},
{
"name": "Naming resource for admin",
"uri": [
"/api/v1/structures/approve",
"/api/v1/structures/approve/upload",
"/api/v1/structures/cancel",
"/api/v1/structures/cancel/upload",
"/api/v1/structures/reject",
"/api/v1/structures/reject/upload"
]
}
],
"policies": [
{
"name": "Naming access policy for admin & user",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"config": {
"roles": "[{\"id\":\"7e2b683f-2182-4747-9afa-e30de0074dfd\",\"required\":true},{\"id\":\"9d6d0984-91ce-45b2-a42e-df9429e38e46\",\"required\":true}]"
}
},
{
"name": "Naming access policy for admin",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"config": {
"roles": "[{\"id\":\"9d6d0984-91ce-45b2-a42e-df9429e38e46\",\"required\":true}]"
}
}
]
}
}
],
"policy-enforcer": {
"user-managed-access" : {},
"enforcement-mode" : "ENFORCING",
"paths": [
{
"path": "/api/v1/names",
"methods" : [
{
"method": "POST"
},
{
"method": "PUT"
},
{
"method": "DELETE"
}
]
},
{
"path": "/api/v1/names/upload",
"methods" : [
{
"method": "POST"
},
{
"method": "PUT"
},
{
"method": "DELETE"
}
]
},
{
"path": "/api/v1/structures",
"methods" : [
{
"method": "POST"
},
{
"method": "PUT"
},
{
"method": "DELETE"
}
]
},
{
"path": "/api/v1/structures/upload",
"methods" : [
{
"method": "POST"
},
{
"method": "PUT"
},
{
"method": "DELETE"
}
]
},
{
"path": "/api/v1/structures/approve",
"methods" : [
{
"method": "PATCH"
}
]
},
{
"path": "/api/v1/structures/approve/upload",
"methods" : [
{
"method": "PATCH"
}
]
},
{
"path": "/api/v1/structures/cancel",
"methods" : [
{
"method": "PATCH"
}
]
},
{
"path": "/api/v1/structures/cancel/upload",
"methods" : [
{
"method": "PATCH"
}
]
},
{
"path": "/api/v1/structures/reject",
"methods" : [
{
"method": "PATCH"
}
]
},
{
"path": "/api/v1/structures/reject/upload",
"methods" : [
{
"method": "PATCH"
}
]
}
],
"http-method-as-scope" : "true"
},
"attributes": {
"frontendUrl": "http://localhost:8088"
}
}
src/test/resources/keycloak/test-realm.json 0 → 100644
+ 83
0
View file @ 020fc831
{
"realm": "test",
"enabled": true,
"users": [
{
"username": "johndoe",
"enabled": true,
"credentials": [
{
"type": "password",
"value": "password"
}
],
"realmRoles": [
"naming-user"
],
"clientRoles" : {
"naming": [
"naming-user"
]
}
},
{
"username": "janedoe",
"enabled": true,
"credentials": [
{
"type": "password",
"value": "password"
}
],
"clientRoles" : {
"naming": [
"naming-admin",
"naming-user"
]
}
}
],
"roles": {
"client": {
"naming": [
{
"id": "7e2b683f-2182-4747-9afa-e30de0074dfd",
"name": "naming-user",
"composite": false,
"clientRole": true,
"containerId": "43d0f242-6c3a-42c3-81b6-87a472ee9aa7",
"attributes": {}
},
{
"id": "9d6d0984-91ce-45b2-a42e-df9429e38e46",
"name": "naming-admin",
"composite": false,
"clientRole": true,
"containerId": "43d0f242-6c3a-42c3-81b6-87a472ee9aa7",
"attributes": {}
}
]
}
},
"defaultRoles": [
"user"
],
"clients": [
{
"clientId": "naming",
"directAccessGrantsEnabled": true,
"enabled": true,
"publicClient": true,
"redirectUris": [
"*"
],
"webOrigins": [
"*"
]
}
],
"attributes": {
"frontendUrl": "http://localhost:8088"
}
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment