diff --git a/.gitignore b/.gitignore index 68bc17f..06884cf 100644 --- a/.gitignore +++ b/.gitignore @@ -158,3 +158,4 @@ cython_debug/ # and can be added to the global gitignore or merged into this file. For a more nuclear # option (not recommended) you can uncomment the following to ignore the entire idea folder. #.idea/ +.vscode/ \ No newline at end of file diff --git a/Pipfile b/Pipfile new file mode 100644 index 0000000..2fb8872 --- /dev/null +++ b/Pipfile @@ -0,0 +1,14 @@ +[[source]] +url = "https://pypi.org/simple" +verify_ssl = true +name = "pypi" + +[packages] +uvicorn ="*" +fastapi ="*" +python-keycloak ="*" +pydantic ="*" +[dev-packages] + +[requires] +python_version = "3.9" diff --git a/Pipfile.lock b/Pipfile.lock new file mode 100644 index 0000000..34553d2 --- /dev/null +++ b/Pipfile.lock @@ -0,0 +1,396 @@ +{ + "_meta": { + "hash": { + "sha256": "a5615b4655bf0a0ec4d02a7038b32864336998f388aa44b11e03d846d00a6f20" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.9" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "annotated-types": { + "hashes": [ + "sha256:47cdc3490d9ac1506ce92c7aaa76c579dc3509ff11e098fc867e5130ab7be802", + "sha256:58da39888f92c276ad970249761ebea80ba544b77acddaa1a4d6cf78287d45fd" + ], + "markers": "python_version >= '3.7'", + "version": "==0.5.0" + }, + "anyio": { + "hashes": [ + "sha256:44a3c9aba0f5defa43261a8b3efb97891f2bd7d804e0e1f56419befa1adfc780", + "sha256:91dee416e570e92c64041bd18b900d1d6fa78dff7048769ce5ac5ddad004fbb5" + ], + "markers": "python_version >= '3.7'", + "version": "==3.7.1" + }, + "certifi": { + "hashes": [ + "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", + "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" + ], + "markers": "python_version >= '3.6'", + "version": "==2023.7.22" + }, + "charset-normalizer": { + "hashes": [ + "sha256:04e57ab9fbf9607b77f7d057974694b4f6b142da9ed4a199859d9d4d5c63fe96", + "sha256:09393e1b2a9461950b1c9a45d5fd251dc7c6f228acab64da1c9c0165d9c7765c", + "sha256:0b87549028f680ca955556e3bd57013ab47474c3124dc069faa0b6545b6c9710", + "sha256:1000fba1057b92a65daec275aec30586c3de2401ccdcd41f8a5c1e2c87078706", + "sha256:1249cbbf3d3b04902ff081ffbb33ce3377fa6e4c7356f759f3cd076cc138d020", + "sha256:1920d4ff15ce893210c1f0c0e9d19bfbecb7983c76b33f046c13a8ffbd570252", + "sha256:193cbc708ea3aca45e7221ae58f0fd63f933753a9bfb498a3b474878f12caaad", + "sha256:1a100c6d595a7f316f1b6f01d20815d916e75ff98c27a01ae817439ea7726329", + "sha256:1f30b48dd7fa1474554b0b0f3fdfdd4c13b5c737a3c6284d3cdc424ec0ffff3a", + "sha256:203f0c8871d5a7987be20c72442488a0b8cfd0f43b7973771640fc593f56321f", + "sha256:246de67b99b6851627d945db38147d1b209a899311b1305dd84916f2b88526c6", + "sha256:2dee8e57f052ef5353cf608e0b4c871aee320dd1b87d351c28764fc0ca55f9f4", + "sha256:2efb1bd13885392adfda4614c33d3b68dee4921fd0ac1d3988f8cbb7d589e72a", + "sha256:2f4ac36d8e2b4cc1aa71df3dd84ff8efbe3bfb97ac41242fbcfc053c67434f46", + "sha256:3170c9399da12c9dc66366e9d14da8bf7147e1e9d9ea566067bbce7bb74bd9c2", + "sha256:3b1613dd5aee995ec6d4c69f00378bbd07614702a315a2cf6c1d21461fe17c23", + "sha256:3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace", + "sha256:3bb7fda7260735efe66d5107fb7e6af6a7c04c7fce9b2514e04b7a74b06bf5dd", + "sha256:41b25eaa7d15909cf3ac4c96088c1f266a9a93ec44f87f1d13d4a0e86c81b982", + "sha256:45de3f87179c1823e6d9e32156fb14c1927fcc9aba21433f088fdfb555b77c10", + "sha256:46fb8c61d794b78ec7134a715a3e564aafc8f6b5e338417cb19fe9f57a5a9bf2", + "sha256:48021783bdf96e3d6de03a6e39a1171ed5bd7e8bb93fc84cc649d11490f87cea", + "sha256:4957669ef390f0e6719db3613ab3a7631e68424604a7b448f079bee145da6e09", + "sha256:5e86d77b090dbddbe78867a0275cb4df08ea195e660f1f7f13435a4649e954e5", + "sha256:6339d047dab2780cc6220f46306628e04d9750f02f983ddb37439ca47ced7149", + "sha256:681eb3d7e02e3c3655d1b16059fbfb605ac464c834a0c629048a30fad2b27489", + "sha256:6c409c0deba34f147f77efaa67b8e4bb83d2f11c8806405f76397ae5b8c0d1c9", + "sha256:7095f6fbfaa55defb6b733cfeb14efaae7a29f0b59d8cf213be4e7ca0b857b80", + "sha256:70c610f6cbe4b9fce272c407dd9d07e33e6bf7b4aa1b7ffb6f6ded8e634e3592", + "sha256:72814c01533f51d68702802d74f77ea026b5ec52793c791e2da806a3844a46c3", + "sha256:7a4826ad2bd6b07ca615c74ab91f32f6c96d08f6fcc3902ceeedaec8cdc3bcd6", + "sha256:7c70087bfee18a42b4040bb9ec1ca15a08242cf5867c58726530bdf3945672ed", + "sha256:855eafa5d5a2034b4621c74925d89c5efef61418570e5ef9b37717d9c796419c", + "sha256:8700f06d0ce6f128de3ccdbc1acaea1ee264d2caa9ca05daaf492fde7c2a7200", + "sha256:89f1b185a01fe560bc8ae5f619e924407efca2191b56ce749ec84982fc59a32a", + "sha256:8b2c760cfc7042b27ebdb4a43a4453bd829a5742503599144d54a032c5dc7e9e", + "sha256:8c2f5e83493748286002f9369f3e6607c565a6a90425a3a1fef5ae32a36d749d", + "sha256:8e098148dd37b4ce3baca71fb394c81dc5d9c7728c95df695d2dca218edf40e6", + "sha256:94aea8eff76ee6d1cdacb07dd2123a68283cb5569e0250feab1240058f53b623", + "sha256:95eb302ff792e12aba9a8b8f8474ab229a83c103d74a750ec0bd1c1eea32e669", + "sha256:9bd9b3b31adcb054116447ea22caa61a285d92e94d710aa5ec97992ff5eb7cf3", + "sha256:9e608aafdb55eb9f255034709e20d5a83b6d60c054df0802fa9c9883d0a937aa", + "sha256:a103b3a7069b62f5d4890ae1b8f0597618f628b286b03d4bc9195230b154bfa9", + "sha256:a386ebe437176aab38c041de1260cd3ea459c6ce5263594399880bbc398225b2", + "sha256:a38856a971c602f98472050165cea2cdc97709240373041b69030be15047691f", + "sha256:a401b4598e5d3f4a9a811f3daf42ee2291790c7f9d74b18d75d6e21dda98a1a1", + "sha256:a7647ebdfb9682b7bb97e2a5e7cb6ae735b1c25008a70b906aecca294ee96cf4", + "sha256:aaf63899c94de41fe3cf934601b0f7ccb6b428c6e4eeb80da72c58eab077b19a", + "sha256:b0dac0ff919ba34d4df1b6131f59ce95b08b9065233446be7e459f95554c0dc8", + "sha256:baacc6aee0b2ef6f3d308e197b5d7a81c0e70b06beae1f1fcacffdbd124fe0e3", + "sha256:bf420121d4c8dce6b889f0e8e4ec0ca34b7f40186203f06a946fa0276ba54029", + "sha256:c04a46716adde8d927adb9457bbe39cf473e1e2c2f5d0a16ceb837e5d841ad4f", + "sha256:c0b21078a4b56965e2b12f247467b234734491897e99c1d51cee628da9786959", + "sha256:c1c76a1743432b4b60ab3358c937a3fe1341c828ae6194108a94c69028247f22", + "sha256:c4983bf937209c57240cff65906b18bb35e64ae872da6a0db937d7b4af845dd7", + "sha256:c4fb39a81950ec280984b3a44f5bd12819953dc5fa3a7e6fa7a80db5ee853952", + "sha256:c57921cda3a80d0f2b8aec7e25c8aa14479ea92b5b51b6876d975d925a2ea346", + "sha256:c8063cf17b19661471ecbdb3df1c84f24ad2e389e326ccaf89e3fb2484d8dd7e", + "sha256:ccd16eb18a849fd8dcb23e23380e2f0a354e8daa0c984b8a732d9cfaba3a776d", + "sha256:cd6dbe0238f7743d0efe563ab46294f54f9bc8f4b9bcf57c3c666cc5bc9d1299", + "sha256:d62e51710986674142526ab9f78663ca2b0726066ae26b78b22e0f5e571238dd", + "sha256:db901e2ac34c931d73054d9797383d0f8009991e723dab15109740a63e7f902a", + "sha256:e03b8895a6990c9ab2cdcd0f2fe44088ca1c65ae592b8f795c3294af00a461c3", + "sha256:e1c8a2f4c69e08e89632defbfabec2feb8a8d99edc9f89ce33c4b9e36ab63037", + "sha256:e4b749b9cc6ee664a3300bb3a273c1ca8068c46be705b6c31cf5d276f8628a94", + "sha256:e6a5bf2cba5ae1bb80b154ed68a3cfa2fa00fde979a7f50d6598d3e17d9ac20c", + "sha256:e857a2232ba53ae940d3456f7533ce6ca98b81917d47adc3c7fd55dad8fab858", + "sha256:ee4006268ed33370957f55bf2e6f4d263eaf4dc3cfc473d1d90baff6ed36ce4a", + "sha256:eef9df1eefada2c09a5e7a40991b9fc6ac6ef20b1372abd48d2794a316dc0449", + "sha256:f058f6963fd82eb143c692cecdc89e075fa0828db2e5b291070485390b2f1c9c", + "sha256:f25c229a6ba38a35ae6e25ca1264621cc25d4d38dca2942a7fce0b67a4efe918", + "sha256:f2a1d0fd4242bd8643ce6f98927cf9c04540af6efa92323e9d3124f57727bfc1", + "sha256:f7560358a6811e52e9c4d142d497f1a6e10103d3a6881f18d04dbce3729c0e2c", + "sha256:f779d3ad205f108d14e99bb3859aa7dd8e9c68874617c72354d7ecaec2a054ac", + "sha256:f87f746ee241d30d6ed93969de31e5ffd09a2961a051e60ae6bddde9ec3583aa" + ], + "markers": "python_full_version >= '3.7.0'", + "version": "==3.2.0" + }, + "click": { + "hashes": [ + "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", + "sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de" + ], + "markers": "python_version >= '3.7'", + "version": "==8.1.7" + }, + "deprecation": { + "hashes": [ + "sha256:72b3bde64e5d778694b0cf68178aed03d15e15477116add3fb773e581f9518ff", + "sha256:a10811591210e1fb0e768a8c25517cabeabcba6f0bf96564f8ff45189f90b14a" + ], + "version": "==2.1.0" + }, + "ecdsa": { + "hashes": [ + "sha256:190348041559e21b22a1d65cee485282ca11a6f81d503fddb84d5017e9ed1e49", + "sha256:80600258e7ed2f16b9aa1d7c295bd70194109ad5a30fdee0eaeefef1d4c559dd" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.18.0" + }, + "fastapi": { + "hashes": [ + "sha256:345844e6a82062f06a096684196aaf96c1198b25c06b72c1311b882aa2d8a35d", + "sha256:5e5f17e826dbd9e9b5a5145976c5cd90bcaa61f2bf9a69aca423f2bcebe44d83" + ], + "index": "pypi", + "version": "==0.103.1" + }, + "h11": { + "hashes": [ + "sha256:8f19fbbe99e72420ff35c00b27a34cb9937e902a8b810e2c88300c6f0a3b699d", + "sha256:e3fe4ac4b851c468cc8363d500db52c2ead036020723024a109d37346efaa761" + ], + "markers": "python_version >= '3.7'", + "version": "==0.14.0" + }, + "idna": { + "hashes": [ + "sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4", + "sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2" + ], + "markers": "python_version >= '3.5'", + "version": "==3.4" + }, + "packaging": { + "hashes": [ + "sha256:994793af429502c4ea2ebf6bf664629d07c1a9fe974af92966e4b8d2df7edc61", + "sha256:a392980d2b6cffa644431898be54b0045151319d1e7ec34f0cfed48767dd334f" + ], + "markers": "python_version >= '3.7'", + "version": "==23.1" + }, + "pyasn1": { + "hashes": [ + "sha256:87a2121042a1ac9358cabcaf1d07680ff97ee6404333bacca15f76aa8ad01a57", + "sha256:97b7290ca68e62a832558ec3976f15cbf911bf5d7c7039d8b861c2a0ece69fde" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==0.5.0" + }, + "pydantic": { + "hashes": [ + "sha256:54216ccb537a606579f53d7f6ed912e98fffce35aff93b25cd80b1c2ca806fc3", + "sha256:909b2b7d7be775a890631218e8c4b6b5418c9b6c57074ae153e5c09b73bf06a3" + ], + "index": "pypi", + "version": "==2.4.0" + }, + "pydantic-core": { + "hashes": [ + "sha256:02b3d546342e7f583bf58f4a4618c7e97f44426db2358789393537dd4e9a921d", + "sha256:030ba2f59e78c8732445d8c9f093579674f2b5b93b3960945face14ec2e82682", + "sha256:09ac18617199704327d99c85893d697b8442c18b8c2db1ea636ba83313223541", + "sha256:0aa8bdc2d78afadd191148726f094be81d5e4b76011f8fa9300f317e06a1b732", + "sha256:0b50848d1a614093c05c97d0fdf841ef547d8c087fbd06f6eafe8ef1d836d6c1", + "sha256:0e210107faf47d5965fcebc294c41891573adab36e5cf70731c57d0068fc7c5c", + "sha256:100bbd622433d9d7ca8ee4fa63dfae90f9f38358558955173aed6ed56c573db8", + "sha256:12470a4de172aaa1bbadb45744de4a9b0298fa8f974eb508314c3b5da0cb4aed", + "sha256:17460ffd8f8e49ca52711b4926fefe2b336d01b63dc27aee432a576c2147c8ce", + "sha256:19c7aa3c0ff08ddc91597d8af08f8c4de59b27fe752b3bd1db9a67f6f08c4020", + "sha256:1c1bfa2ca352bf43d34b7099f8ed675deb88113bd36c76880f4ca18fc0d3af50", + "sha256:1ecd28fb4c98c97836046d092029017bcc35e060ea547484aa1234b8a592de17", + "sha256:22b126893f53c789ad2253c9288a59362171a5bafbb865190c43d430dc805edb", + "sha256:2352f7cb8ef0cd21fbc582abe2a14105d7e8400f97a551ca2e3b05dee77525d2", + "sha256:25cacd12689b1a357ae6212c7f5980ebf487720db5bbf1bb5d91085226b6a962", + "sha256:2a6f28e2b2a5cef3b52b5ac6c6d64fe810ca51ec57081554f447c818778eea09", + "sha256:30c5df611afc5a9f2ad48babe2192f9cf0d12ed6c0dd5eb57b3538491c113737", + "sha256:312831c5bf50d9d432c11baf9bbd8d8961740608ccbc66fb1290d532aff21b18", + "sha256:34a45943bb14275e9681fd4abafbe3acae1e7dac7248bebf38ac5bde492e00f7", + "sha256:391805e8a4ad731e729a22d8e14bad2d724915d28618be6c66dc7ccb421a13a0", + "sha256:394a8ce4a7495af8dbf33038daf57a6170be15f8d1d92a7b63c6f2211527d950", + "sha256:3f230d70be54447e12fcd0f1c2319dac74341244fafd2350d5675aa194f6c3f4", + "sha256:3ffb2a3462bb7905c4d849b95f536ac1f3948e92f5e0fc7e65bd3f3b0d132cf4", + "sha256:4a622a8abf656cc51960766fa4d194504e8a9f85ae48032f87fb42c79462c7b8", + "sha256:52eb5c61de017bfee422f6aa9a3e76de5aa5a9189ba808bba63b9de67e55c4ca", + "sha256:573e89b3da5908f564ae54b6284e20b490158681e91e1776a59dfda17ec0a6a8", + "sha256:5958b1af7acd7b4a629e9758ce54a31c1910695e85e0ef847ba3daa4f25a0a08", + "sha256:5cbfe4cd608cf6d032374961e4e07d0506acfaec7b1a69beade1d5f98dce00fd", + "sha256:5e816d042f80dd630aaedbc75c21084da9e1d7ea5918619b8089c7edaedd57e8", + "sha256:5f00e83aa9aebbfd4382695a5ed94e6282ac01455fbb1a37d99d2effa29df30f", + "sha256:5f76cb8d68d87fd05e56aba392c841d98eeb3ad378bcf5331b42bac7afee0d66", + "sha256:66c0169457733a4dfe72be51dd359414eddd0738b15dda07827f18a10e9f6ab7", + "sha256:68992f78507e95ed63ca87b8b177785d9806cde34ca3a9f98382188dd11d8720", + "sha256:6930eaf3aa2ba660ed3f64206902a534f454f9954e5de06354e20d890bebbd8a", + "sha256:69772dcdcf90b677d0d2ecedafe4c6a610572f1fad15912cde28a6f8eb5654fd", + "sha256:705fad71297dfedc5c9e3c935702864aa0cc7812be11ac544f152677ba6ea430", + "sha256:7192492b09c1e4ad103e5cb98eb397f9b61a9037fce03e94cafe3238404dbe0f", + "sha256:725f0276402773a6b61b6f67bf9562f37ba08a8bfebdfb9990eea786ed5711b2", + "sha256:729a2fc4bc1564d164258eaf138ab4c03baa2080a5e3f91a9b3cb2d758248b8f", + "sha256:7440933341f655a64456065211cf7657c3cf3524d5b0b02f5d9b63ef5a7e0d49", + "sha256:776eee60ca8ca3de83add0fb95a0034ac965a12590bb22ec09b05c87870ba401", + "sha256:7820faf076216654ae54ad8a8443a296faaac9057a49ff404ce92ab85c9518a3", + "sha256:792af9e4f78d6f1d0aabfb95162c5ed56b5369b25350eaa68b1495e8f675d4d9", + "sha256:7c6915a9b3dd16e016dba7e76070e667eca50530f957daa5b78c73abbf281b25", + "sha256:7cbf77664099345a25932ebe25d7bf9a330fc29acd9a909e8751ac0c42097fb3", + "sha256:7cecd7669b1ebee8ae90f5aa7d459770b6e79db7b95983aacc5b7392a050b9ab", + "sha256:7e2360b86b21e2aab8d4f1ce2551e2b731bc30610b7cc9324ea7517af4375b08", + "sha256:82c3f0752547f928e4fcfb00151d6deb9124be7d35e012c567429fe93ec71b71", + "sha256:85d8225cd08aacb8a2843cf0a0a72f1c403c6ac6f18d4cfeecabe050f80c9ea3", + "sha256:873db84afcbcf3f1ed0040ed9c5534bc1af5d647d13c04be12f3568421f5dd3e", + "sha256:8a5323d6778931ab1b3b22bac05fb7c961786d3b04a6c84f7c0ffcc331b4b998", + "sha256:8f919d17581fdf6e71ff3d3fe4b02ed32aaa0429e0b4346798de7a1361e098ef", + "sha256:8fe66506700efdfc699c613ccc4974ac7d8fceed8c74983e55ec380504db2e05", + "sha256:923000ea46def1bdded511b5792ec19866909797a05dc8f75342c6a9cacb2d66", + "sha256:9527cf9c25fd655617620c8d6cb43216c0ce5779871ab7f83175421267b85199", + "sha256:96b3007451863b46e8138f8096ef31aea6f7721a9910843b0554ce4ae17024a2", + "sha256:98474284adb71c8738e5efb71ccb1382d8d66f042ad0875018c78bcb38ac0f47", + "sha256:9e21ab9c49cc58282c228ff89fb4a5e4b447233ccd53acb7f333d1cde58df37b", + "sha256:9e72c1e06a20c10b9c5f7a3fe09ec46e0e208c65a69d2efb92a3e1b64443e6c3", + "sha256:9f3b25201efe20d182f3bd6fe8d99685f4ed01cac67b79c017c9cf688b747263", + "sha256:9f6f70680c15876c583a24bd476e49004327e87392be0282aedbc65773519ea8", + "sha256:a04054b91afc41282a0a7426147654849136b37a41da86412d4ff5ba51b9cd2f", + "sha256:a537e87ca600e59e532fbc770a60f9f3a5ebcff9bae8c60aceeec5beb326e1b8", + "sha256:aa45f0846773cb142252ccef66b096d917bb76c6ef9da1aa747e6b44aa318192", + "sha256:ab1fa046ef9058ceef941b576c5e7711bab3d99be00a304fb4726cf4b94e05ff", + "sha256:ab2d56dfa13244164f0ba8125d8315c799fa0150459b88fc42ed5c1e3c04d47a", + "sha256:ab4d279c480e83c516e4e0b7b1f882f168f614d9c62e18ab779edef0cd13aaa9", + "sha256:ad7b5f4352f3dfcc481b008bce3b3931a485a93112deaa0a25bee2817d3f7b98", + "sha256:b0061965942489e6da23f0399b1136fd10eff0a4f0cefae13369eba1776e22a6", + "sha256:b1496f38e49c7960461002768c5f4c9ba9720fe259cd5c8b229cd0b3b0861844", + "sha256:b196c4ace34be6c2953c6ec3906d1af88c418b93325d612d7f900ed30bf1e0ac", + "sha256:b1fefe63baa04f1d9dd5b4564b1e73d133e1c745589933d7ef9718235915cc81", + "sha256:b40221d1490f2c6e488d2576773a574d42436b5aba1faed91f59a9feb82c384b", + "sha256:b4df023610af081d6da85328411fed7aacf19e939fe955bb31f29212f8dcf306", + "sha256:b5d4eec8aba25b163a4d9dcc6be8354bc8f939040bc15a6400cbd62ba0511a5f", + "sha256:ba288fa675b2951e7898ebfdd8defa0e958e514d4d1cc7a5f6a8d627378c0c47", + "sha256:bc0a33779fded534ff0b5d8ef766a1c94d3e740877ea8adab65cbf1878ba03b4", + "sha256:bc5be7a29a6b25a186941e9e2b5f9281c05723628e1fdb244f429f4c1682ff49", + "sha256:c1041d8fcd313c68b77dec6a16bf1d690008270b50eec11e96d89e1b4ba756b1", + "sha256:c1ab3701d660bd136a22e1ca95292bfed50245eb869adaee2e08f29d4dd5e360", + "sha256:c1bcb1b9b33573eeef218ffb3a2910c57fedc8831caf3c942e68a2222481d2cc", + "sha256:c2a126c7271a9421005a0f57cf71294ad49c375e4d0a9198b93665796f49e7f7", + "sha256:c394e9ed6f9e6f4af3618c34bc15f2af4237f7d1989b7f45588f8e855bc10e08", + "sha256:c61755149ba534123ae08e6aa814aa34f47c6ba45a622ea98ddd7860b5312767", + "sha256:c871820c60fc863c7b3f660612af6ce5bb8f5f69d6364f208e29d2ca7992d154", + "sha256:cd175beab2ac845a90d31bb4ea8e6c1e8be12efaf14b9918d0ab4828dd3c916b", + "sha256:d0b17e8d08a1c94efb91d8d389ec76a32fc3f85ba06626b5ef0c2d6bffcbe066", + "sha256:d122a46c360c8069f7ac39c6f2c29cf99436baa48ba1e28ea5443336e9bbb838", + "sha256:d1e79893a20207ff671f13f5562c1f0aaece030e6e30252683f536286ba89864", + "sha256:d72a561d7c0738ae5d05a709c739b2953d05e18151539750ca9622f3438de041", + "sha256:daea90360d99ad06a3f686b3e628222ac3aa953b1982f13be5b69b2648c5e6bb", + "sha256:e079540fd4c45c23de4465cafb20cddcd8befe3b5f46505a2eb28e49b9d13ee2", + "sha256:e24d92d3a60d6eb19a1bd0f1f259369f478e0f34412a33e794da6cdaa36218be", + "sha256:e3f69d48191103587950981cf47c936064c808b6c18f57e745ed130a305c73a6", + "sha256:e70c6c882ab101a72010c8f91e87db211fa2aaf6aa51acc7160fe5649630ed75", + "sha256:ed5f8d6cb834c80fb813d233f9bfb60d3453b7450c80c0814b8e78c23d1ea8bf", + "sha256:f114130c44ae52b3bd2450dac8e1d3e1e92a92baecb24dbcdb6de2d2fc15bdb5", + "sha256:f1a70f99d1a7270d4f321a8824e87d5b88acd64c2af6049915b7fd8215437e04", + "sha256:f32df1d8d383e1b729674ad1053d8f43f7ed79848496d3cb6ca81a906318317b", + "sha256:f622778eb180cf7eba25e65d2fe37a57a0eadd8403df4c44606b56d204f686de", + "sha256:f94539aa4265ab5528d8c3dc4505a19369083c29d0713b8ed536f93b9bc1e94f", + "sha256:f9f2c70257f03db712658d4138e2b892bdd7c71472783eaebc2813a47fd29ef3", + "sha256:fa4bd88165d860111e860e8b43efd97afd137a9165cf24eb3cfb2371f57452bf", + "sha256:fb204346d3eda4e0c63cbeeec6398a52682ac51f9cf7379a13505863e47d3186", + "sha256:fb513fc74bdf5f649e6e855fc87ed9b81ee8b0be96717190f9e00683244f0616", + "sha256:fbba90179672707ab69ad19ef7d3c3f0a8e2f0a0579f0eb79649ffcdacf476d0" + ], + "markers": "python_version >= '3.7'", + "version": "==2.10.0" + }, + "python-jose": { + "hashes": [ + "sha256:55779b5e6ad599c6336191246e95eb2293a9ddebd555f796a65f838f07e5d78a", + "sha256:9b1376b023f8b298536eedd47ae1089bcdb848f1535ab30555cd92002d78923a" + ], + "version": "==3.3.0" + }, + "python-keycloak": { + "hashes": [ + "sha256:57cd0bd0610e07ad11888197d3f753a00611cb9975742e70444b93a566889a51", + "sha256:cc868126f535aa4f320dc9eab24e46af381c13bcc88d9b0701b04293ea75cd24" + ], + "index": "pypi", + "version": "==3.3.0" + }, + "requests": { + "hashes": [ + "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f", + "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" + ], + "markers": "python_version >= '3.7'", + "version": "==2.31.0" + }, + "requests-toolbelt": { + "hashes": [ + "sha256:7681a0a3d047012b5bdc0ee37d7f8f07ebe76ab08caeccfc3921ce23c88d5bc6", + "sha256:cccfdd665f0a24fcf4726e690f65639d272bb0637b9b92dfd91a5568ccf6bd06" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.0.0" + }, + "rsa": { + "hashes": [ + "sha256:90260d9058e514786967344d0ef75fa8727eed8a7d2e43ce9f4bcf1b536174f7", + "sha256:e38464a49c6c85d7f1351b0126661487a7e0a14a50f1675ec50eb34d4f20ef21" + ], + "markers": "python_version >= '3.6' and python_version < '4'", + "version": "==4.9" + }, + "six": { + "hashes": [ + "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", + "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.16.0" + }, + "sniffio": { + "hashes": [ + "sha256:e60305c5e5d314f5389259b7f22aaa33d8f7dee49763119234af3755c55b9101", + "sha256:eecefdce1e5bbfb7ad2eeaabf7c1eeb404d7757c379bd1f7e5cce9d8bf425384" + ], + "markers": "python_version >= '3.7'", + "version": "==1.3.0" + }, + "starlette": { + "hashes": [ + "sha256:6a6b0d042acb8d469a01eba54e9cda6cbd24ac602c4cd016723117d6a7e73b75", + "sha256:918416370e846586541235ccd38a474c08b80443ed31c578a418e2209b3eef91" + ], + "markers": "python_version >= '3.7'", + "version": "==0.27.0" + }, + "typing-extensions": { + "hashes": [ + "sha256:8f92fc8806f9a6b641eaa5318da32b44d401efaac0f6678c9bc448ba3605faa0", + "sha256:df8e4339e9cb77357558cbdbceca33c303714cf861d1eef15e1070055ae8b7ef" + ], + "markers": "python_version >= '3.8'", + "version": "==4.8.0" + }, + "urllib3": { + "hashes": [ + "sha256:13abf37382ea2ce6fb744d4dad67838eec857c9f4f57009891805e0b5e123594", + "sha256:ef16afa8ba34a1f989db38e1dbbe0c302e4289a47856990d0682e374563ce35e" + ], + "markers": "python_version >= '3.7'", + "version": "==2.0.5" + }, + "uvicorn": { + "hashes": [ + "sha256:1f9be6558f01239d4fdf22ef8126c39cb1ad0addf76c40e760549d2c2f43ab53", + "sha256:4d3cc12d7727ba72b64d12d3cc7743124074c0a69f7b201512fc50c3e3f1569a" + ], + "index": "pypi", + "version": "==0.23.2" + } + }, + "develop": {} +} diff --git a/README.md b/README.md index 8ef0219..8080709 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,26 @@ # keycloak-fastAPI-integration -This repository illustrates how we can integrate keycloak with fastAPI for authetification + +This repository illustrates how we can integrate keycloak with fastAPI for authetification. +This repo can be used as a template/code base for your app . + + +## setup env + +I used `pipenv` for my env setup. + +1. install `pipenv` +2. install dependencies using `pipenv install` +3. run keycloak instance using: + +```bash +docker run -p 8080:8080 -v ./keycloak/keycloak_data:/opt/keycloak/data/h2 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:22.0.3 start-dev +``` + +4. now you can run your fastAPI app using `pipenv run python main.py` + +## Demo + +1. access to fastAPI swagger using http://127.0.0.1:8081/docs +2. get token using authorize +3. make your query for `/secure` +4. diff --git a/auth.py b/auth.py new file mode 100644 index 0000000..5d3a32c --- /dev/null +++ b/auth.py @@ -0,0 +1,68 @@ +#/auth.py +from fastapi.security import OAuth2AuthorizationCodeBearer +from keycloak import KeycloakOpenID # pip require python-keycloak +from config import settings +from fastapi import Security, HTTPException, status,Depends +from pydantic import Json +from models import User + +# This is used for fastapi docs authentification +oauth2_scheme = OAuth2AuthorizationCodeBearer( + authorizationUrl=settings.authorization_url, # https://sso.example.com/auth/ + tokenUrl=settings.token_url, # https://sso.example.com/auth/realms/example-realm/protocol/openid-connect/token +) + +# This actually does the auth checks +# client_secret_key is not mandatory if the client is public on keycloak +keycloak_openid = KeycloakOpenID( + server_url=settings.server_url, # https://sso.example.com/auth/ + client_id=settings.client_id, # backend-client-id + realm_name=settings.realm, # example-realm + client_secret_key=settings.client_secret, # your backend client secret + verify=True +) + +async def get_idp_public_key(): + return ( + "-----BEGIN PUBLIC KEY-----\n" + f"{keycloak_openid.public_key()}" + "\n-----END PUBLIC KEY-----" + ) + +# Get the payload/token from keycloak +async def get_payload(token: str = Security(oauth2_scheme)) -> dict: + try: + return keycloak_openid.decode_token( + token, + key= await get_idp_public_key(), + options={ + "verify_signature": True, + "verify_aud": False, + "exp": True + } + ) + except Exception as e: + raise HTTPException( + status_code=status.HTTP_401_UNAUTHORIZED, + detail=str(e), # "Invalid authentication credentials", + headers={"WWW-Authenticate": "Bearer"}, + ) + +# Get user infos from the payload +async def get_user_info(payload: dict = Depends(get_payload)) -> User: + try: + return User( + id=payload.get("sub"), + username=payload.get("preferred_username"), + email=payload.get("email"), + first_name=payload.get("given_name"), + last_name=payload.get("family_name"), + realm_roles=payload.get("realm_access", {}).get("roles", []), + client_roles=payload.get("realm_access", {}).get("roles", []) + ) + except Exception as e: + raise HTTPException( + status_code=status.HTTP_400_BAD_REQUEST, + detail=str(e), # "Invalid authentication credentials", + headers={"WWW-Authenticate": "Bearer"}, + ) diff --git a/config.py b/config.py new file mode 100644 index 0000000..6d2536d --- /dev/null +++ b/config.py @@ -0,0 +1,12 @@ +#/config.py +from models import authConfiguration + + +settings = authConfiguration( + server_url="http://localhost:8080/", + realm="roc", + client_id="rns:roc:portal", + client_secret="", + authorization_url="http://localhost:8080/realms/roc/protocol/openid-connect/auth", + token_url="http://localhost:8080/realms/roc/protocol/openid-connect/token", +) diff --git a/images/fastapi.gif b/images/fastapi.gif new file mode 100644 index 0000000..4a63d8a Binary files /dev/null and b/images/fastapi.gif differ diff --git a/keycloak/README.md b/keycloak/README.md new file mode 100644 index 0000000..4f4fbbe --- /dev/null +++ b/keycloak/README.md @@ -0,0 +1,9 @@ +# keycloak setup + +Run keycloak using either docker-compose or docker: + +```bash +docker run -p 8080:8080 -v ./keycloak_data:/opt/keycloak/data/h2 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:22.0.3 start-dev +``` + +You can also use your own instance of keycloak and just import the test realm using `roc.json` \ No newline at end of file diff --git a/keycloak/docker-compose-keycloak.yaml b/keycloak/docker-compose-keycloak.yaml new file mode 100644 index 0000000..02213bb --- /dev/null +++ b/keycloak/docker-compose-keycloak.yaml @@ -0,0 +1,16 @@ +version: "3.7" + +volumes: + keycloak: + +services: + + keycloak: + image: quay.io/keycloak/keycloak:22.0.3 + ports: + - 8080:8080 + environment: + - KEYCLOAK_ADMIN=admin + - KEYCLOAK_ADMIN_PASSWORD=admin + volumes: + - ./keycloak_data:/opt/keycloak/data/ \ No newline at end of file diff --git a/keycloak/keycloak_data/keycloakdb.lock.db b/keycloak/keycloak_data/keycloakdb.lock.db new file mode 100644 index 0000000..059ef73 --- /dev/null +++ b/keycloak/keycloak_data/keycloakdb.lock.db @@ -0,0 +1,6 @@ +#FileLock +#Wed Sep 27 11:50:36 GMT 2023 +server=172.17.0.2\:39219 +hostName=7cdda6a8b4fd +method=file +id=18ad67a07d7593dd7b27224d024b24bc4f456b7b17a diff --git a/keycloak/keycloak_data/keycloakdb.mv.db b/keycloak/keycloak_data/keycloakdb.mv.db new file mode 100644 index 0000000..4e25463 Binary files /dev/null and b/keycloak/keycloak_data/keycloakdb.mv.db differ diff --git a/keycloak/keycloak_data/keycloakdb.trace.db b/keycloak/keycloak_data/keycloakdb.trace.db new file mode 100644 index 0000000..2bd93b6 --- /dev/null +++ b/keycloak/keycloak_data/keycloakdb.trace.db @@ -0,0 +1,114 @@ +2023-09-21 14:23:20 jdbc[3]: exception +org.h2.jdbc.JdbcSQLSyntaxErrorException: Table "MIGRATION_MODEL" not found (this database is empty); SQL statement: +SELECT ID, VERSION FROM MIGRATION_MODEL ORDER BY UPDATE_TIME DESC [42104-220] +2023-09-21 14:23:21 jdbc[3]: exception +org.h2.jdbc.JdbcSQLSyntaxErrorException: Table "DATABASECHANGELOG" not found (this database is empty); SQL statement: +SELECT COUNT(*) FROM PUBLIC.DATABASECHANGELOG [42104-220] +2023-09-21 14:23:21 jdbc[4]: exception +org.h2.jdbc.JdbcSQLSyntaxErrorException: Table "DATABASECHANGELOGLOCK" not found (this database is empty); SQL statement: +SELECT COUNT(*) FROM PUBLIC.DATABASECHANGELOGLOCK [42104-220] +2023-09-21 14:23:21 jdbc[3]: exception +org.h2.jdbc.JdbcSQLSyntaxErrorException: Table "DATABASECHANGELOG" not found; SQL statement: +SELECT COUNT(*) FROM PUBLIC.DATABASECHANGELOG [42102-220] +2023-09-21 14:29:40 jdbc[3]: exception +org.h2.jdbc.JdbcSQLNonTransientConnectionException: Database is already closed (to disable automatic closing at VM shutdown, add ";DB_CLOSE_ON_EXIT=FALSE" to the db URL) [90121-220] + at org.h2.message.DbException.getJdbcSQLException(DbException.java:690) + at org.h2.message.DbException.getJdbcSQLException(DbException.java:489) + at org.h2.message.DbException.get(DbException.java:223) + at org.h2.message.DbException.get(DbException.java:199) + at org.h2.message.DbException.get(DbException.java:188) + at org.h2.jdbc.JdbcConnection.checkClosed(JdbcConnection.java:1375) + at org.h2.jdbcx.JdbcXAConnection$PooledJdbcConnection.checkClosed(JdbcXAConnection.java:473) + at org.h2.jdbc.JdbcConnection.rollback(JdbcConnection.java:463) + at org.h2.jdbcx.JdbcXAConnection$PooledJdbcConnection.close(JdbcXAConnection.java:453) + at org.h2.jdbcx.JdbcXAConnection.close(JdbcXAConnection.java:76) + at io.agroal.pool.ConnectionHandler.closeConnection(ConnectionHandler.java:185) + at io.agroal.pool.ConnectionPool$DestroyConnectionTask.run(ConnectionPool.java:787) + at io.agroal.pool.ConnectionPool.close(ConnectionPool.java:196) + at io.agroal.pool.DataSource.close(DataSource.java:79) + at io.quarkus.agroal.runtime.DataSources.stop(DataSources.java:454) + at io.quarkus.agroal.runtime.DataSources_Bean.doDestroy(Unknown Source) + at io.quarkus.agroal.runtime.DataSources_Bean.destroy(Unknown Source) + at io.quarkus.agroal.runtime.DataSources_Bean.destroy(Unknown Source) + at io.quarkus.arc.impl.AbstractInstanceHandle.destroyInternal(AbstractInstanceHandle.java:82) + at io.quarkus.arc.impl.ContextInstanceHandleImpl.destroy(ContextInstanceHandleImpl.java:21) + at io.quarkus.arc.impl.AbstractSharedContext.destroy(AbstractSharedContext.java:96) + at io.quarkus.arc.impl.ArcContainerImpl.shutdown(ArcContainerImpl.java:468) + at io.quarkus.arc.Arc.shutdown(Arc.java:66) + at io.quarkus.arc.runtime.ArcRecorder$1.run(ArcRecorder.java:53) + at io.quarkus.runtime.StartupContext.runAllInReverseOrder(StartupContext.java:84) + at io.quarkus.runtime.StartupContext.close(StartupContext.java:73) + at io.quarkus.runner.ApplicationImpl.doStop(Unknown Source) + at io.quarkus.runtime.Application.stop(Application.java:208) + at io.quarkus.runtime.Application.stop(Application.java:155) + at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:227) + at io.quarkus.runtime.Quarkus.run(Quarkus.java:71) + at org.keycloak.quarkus.runtime.KeycloakMain.start(KeycloakMain.java:98) + at org.keycloak.quarkus.runtime.cli.command.AbstractStartCommand.run(AbstractStartCommand.java:37) + at picocli.CommandLine.executeUserObject(CommandLine.java:2026) + at picocli.CommandLine.access$1500(CommandLine.java:148) + at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2461) + at picocli.CommandLine$RunLast.handle(CommandLine.java:2453) + at picocli.CommandLine$RunLast.handle(CommandLine.java:2415) + at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2273) + at picocli.CommandLine$RunLast.execute(CommandLine.java:2417) + at picocli.CommandLine.execute(CommandLine.java:2170) + at org.keycloak.quarkus.runtime.cli.Picocli.parseAndRun(Picocli.java:100) + at org.keycloak.quarkus.runtime.KeycloakMain.main(KeycloakMain.java:88) + at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) + at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) + at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) + at java.base/java.lang.reflect.Method.invoke(Method.java:568) + at io.quarkus.bootstrap.runner.QuarkusEntryPoint.doRun(QuarkusEntryPoint.java:61) + at io.quarkus.bootstrap.runner.QuarkusEntryPoint.main(QuarkusEntryPoint.java:32) +2023-09-21 14:29:40 jdbc[4]: exception +org.h2.jdbc.JdbcSQLNonTransientConnectionException: Database is already closed (to disable automatic closing at VM shutdown, add ";DB_CLOSE_ON_EXIT=FALSE" to the db URL) [90121-220] + at org.h2.message.DbException.getJdbcSQLException(DbException.java:690) + at org.h2.message.DbException.getJdbcSQLException(DbException.java:489) + at org.h2.message.DbException.get(DbException.java:223) + at org.h2.message.DbException.get(DbException.java:199) + at org.h2.message.DbException.get(DbException.java:188) + at org.h2.jdbc.JdbcConnection.checkClosed(JdbcConnection.java:1375) + at org.h2.jdbcx.JdbcXAConnection$PooledJdbcConnection.checkClosed(JdbcXAConnection.java:473) + at org.h2.jdbc.JdbcConnection.rollback(JdbcConnection.java:463) + at org.h2.jdbcx.JdbcXAConnection$PooledJdbcConnection.close(JdbcXAConnection.java:453) + at org.h2.jdbcx.JdbcXAConnection.close(JdbcXAConnection.java:76) + at io.agroal.pool.ConnectionHandler.closeConnection(ConnectionHandler.java:185) + at io.agroal.pool.ConnectionPool$DestroyConnectionTask.run(ConnectionPool.java:787) + at io.agroal.pool.ConnectionPool.close(ConnectionPool.java:196) + at io.agroal.pool.DataSource.close(DataSource.java:79) + at io.quarkus.agroal.runtime.DataSources.stop(DataSources.java:454) + at io.quarkus.agroal.runtime.DataSources_Bean.doDestroy(Unknown Source) + at io.quarkus.agroal.runtime.DataSources_Bean.destroy(Unknown Source) + at io.quarkus.agroal.runtime.DataSources_Bean.destroy(Unknown Source) + at io.quarkus.arc.impl.AbstractInstanceHandle.destroyInternal(AbstractInstanceHandle.java:82) + at io.quarkus.arc.impl.ContextInstanceHandleImpl.destroy(ContextInstanceHandleImpl.java:21) + at io.quarkus.arc.impl.AbstractSharedContext.destroy(AbstractSharedContext.java:96) + at io.quarkus.arc.impl.ArcContainerImpl.shutdown(ArcContainerImpl.java:468) + at io.quarkus.arc.Arc.shutdown(Arc.java:66) + at io.quarkus.arc.runtime.ArcRecorder$1.run(ArcRecorder.java:53) + at io.quarkus.runtime.StartupContext.runAllInReverseOrder(StartupContext.java:84) + at io.quarkus.runtime.StartupContext.close(StartupContext.java:73) + at io.quarkus.runner.ApplicationImpl.doStop(Unknown Source) + at io.quarkus.runtime.Application.stop(Application.java:208) + at io.quarkus.runtime.Application.stop(Application.java:155) + at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:227) + at io.quarkus.runtime.Quarkus.run(Quarkus.java:71) + at org.keycloak.quarkus.runtime.KeycloakMain.start(KeycloakMain.java:98) + at org.keycloak.quarkus.runtime.cli.command.AbstractStartCommand.run(AbstractStartCommand.java:37) + at picocli.CommandLine.executeUserObject(CommandLine.java:2026) + at picocli.CommandLine.access$1500(CommandLine.java:148) + at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2461) + at picocli.CommandLine$RunLast.handle(CommandLine.java:2453) + at picocli.CommandLine$RunLast.handle(CommandLine.java:2415) + at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2273) + at picocli.CommandLine$RunLast.execute(CommandLine.java:2417) + at picocli.CommandLine.execute(CommandLine.java:2170) + at org.keycloak.quarkus.runtime.cli.Picocli.parseAndRun(Picocli.java:100) + at org.keycloak.quarkus.runtime.KeycloakMain.main(KeycloakMain.java:88) + at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) + at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) + at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) + at java.base/java.lang.reflect.Method.invoke(Method.java:568) + at io.quarkus.bootstrap.runner.QuarkusEntryPoint.doRun(QuarkusEntryPoint.java:61) + at io.quarkus.bootstrap.runner.QuarkusEntryPoint.main(QuarkusEntryPoint.java:32) diff --git a/keycloak/roc.json b/keycloak/roc.json new file mode 100644 index 0000000..fbf3622 --- /dev/null +++ b/keycloak/roc.json @@ -0,0 +1,1860 @@ +{ + "id" : "cd2fbbd0-ab1a-4fab-9f3b-0dc7746b6ecb", + "realm" : "roc", + "notBefore" : 0, + "defaultSignatureAlgorithm" : "RS256", + "revokeRefreshToken" : false, + "refreshTokenMaxReuse" : 0, + "accessTokenLifespan" : 300, + "accessTokenLifespanForImplicitFlow" : 900, + "ssoSessionIdleTimeout" : 1800, + "ssoSessionMaxLifespan" : 36000, + "ssoSessionIdleTimeoutRememberMe" : 0, + "ssoSessionMaxLifespanRememberMe" : 0, + "offlineSessionIdleTimeout" : 2592000, + "offlineSessionMaxLifespanEnabled" : false, + "offlineSessionMaxLifespan" : 5184000, + "clientSessionIdleTimeout" : 0, + "clientSessionMaxLifespan" : 0, + "clientOfflineSessionIdleTimeout" : 0, + "clientOfflineSessionMaxLifespan" : 0, + "accessCodeLifespan" : 60, + "accessCodeLifespanUserAction" : 300, + "accessCodeLifespanLogin" : 1800, + "actionTokenGeneratedByAdminLifespan" : 43200, + "actionTokenGeneratedByUserLifespan" : 300, + "oauth2DeviceCodeLifespan" : 600, + "oauth2DevicePollingInterval" : 5, + "enabled" : true, + "sslRequired" : "external", + "registrationAllowed" : false, + "registrationEmailAsUsername" : false, + "rememberMe" : false, + "verifyEmail" : false, + "loginWithEmailAllowed" : true, + "duplicateEmailsAllowed" : false, + "resetPasswordAllowed" : false, + "editUsernameAllowed" : false, + "bruteForceProtected" : false, + "permanentLockout" : false, + "maxFailureWaitSeconds" : 900, + "minimumQuickLoginWaitSeconds" : 60, + "waitIncrementSeconds" : 60, + "quickLoginCheckMilliSeconds" : 1000, + "maxDeltaTimeSeconds" : 43200, + "failureFactor" : 30, + "roles" : { + "realm" : [ { + "id" : "5d327973-5579-4e43-8d5a-500cb88eea3f", + "name" : "default-roles-roc", + "description" : "${role_default-roles}", + "composite" : true, + "composites" : { + "realm" : [ "offline_access", "uma_authorization" ], + "client" : { + "account" : [ "manage-account", "view-profile" ] + } + }, + "clientRole" : false, + "containerId" : "cd2fbbd0-ab1a-4fab-9f3b-0dc7746b6ecb", + "attributes" : { } + }, { + "id" : "5219e2d6-d9b5-4d09-be69-cd3414f8e26c", + "name" : "offline_access", + "description" : "${role_offline-access}", + "composite" : false, + "clientRole" : false, + "containerId" : "cd2fbbd0-ab1a-4fab-9f3b-0dc7746b6ecb", + "attributes" : { } + }, { + "id" : "1862b902-b8c2-4969-876d-f39fc906cece", + "name" : "uma_authorization", + "description" : "${role_uma_authorization}", + "composite" : false, + "clientRole" : false, + "containerId" : "cd2fbbd0-ab1a-4fab-9f3b-0dc7746b6ecb", + "attributes" : { } + } ], + "client" : { + "realm-management" : [ { + "id" : "1469ac24-356a-4d34-9bd9-435a60fd9df6", + "name" : "manage-authorization", + "description" : "${role_manage-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "61ba8845-2f33-45ac-b0bc-f19aaa7521b5", + "name" : "view-users", + "description" : "${role_view-users}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "query-users", "query-groups" ] + } + }, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "3cc137a8-31df-42e8-be02-ab07f39c2bdb", + "name" : "view-identity-providers", + "description" : "${role_view-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "2a8ea8e3-b55c-492c-91ca-9e394cb30f08", + "name" : "manage-events", + "description" : "${role_manage-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "5da8a455-1f7a-4d9b-86f2-aa8db74229c5", + "name" : "realm-admin", + "description" : "${role_realm-admin}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "manage-authorization", "view-users", "view-identity-providers", "manage-events", "manage-clients", "view-clients", "manage-identity-providers", "query-realms", "impersonation", "create-client", "view-events", "manage-realm", "query-users", "query-clients", "view-realm", "manage-users", "view-authorization", "query-groups" ] + } + }, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "a1a8ef9d-53f2-4764-b4b7-ef49fc38c599", + "name" : "manage-clients", + "description" : "${role_manage-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "b2a9a64d-3a21-4178-902b-1b2082b8afba", + "name" : "view-clients", + "description" : "${role_view-clients}", + "composite" : true, + "composites" : { + "client" : { + "realm-management" : [ "query-clients" ] + } + }, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "4e072236-5fea-44e5-ae90-c8330ae16f28", + "name" : "manage-identity-providers", + "description" : "${role_manage-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "88a5c3b7-a0f9-457a-93bb-2da8a74cdaed", + "name" : "query-realms", + "description" : "${role_query-realms}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "5d65fe98-062d-4771-bcff-1bc3a93bc957", + "name" : "impersonation", + "description" : "${role_impersonation}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "87aa495c-6ce4-4b7b-823e-764865bf8688", + "name" : "create-client", + "description" : "${role_create-client}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "2618e686-bc3d-4cc1-b0fa-f489a3bf6b91", + "name" : "view-events", + "description" : "${role_view-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "d0c337c7-54ff-48a8-9b2a-8aa6f36d166a", + "name" : "manage-realm", + "description" : "${role_manage-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "401113fa-9a40-4d33-8044-840c9417cbed", + "name" : "query-users", + "description" : "${role_query-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "cb08ad04-1a60-4055-b27f-ac1bca78cc60", + "name" : "query-clients", + "description" : "${role_query-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "7e65d502-da7d-4d7f-be3a-9edd39d302eb", + "name" : "view-realm", + "description" : "${role_view-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "47b4f727-84f7-4d7d-b895-81bc0a3f49ca", + "name" : "manage-users", + "description" : "${role_manage-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "d410685a-e349-4539-800d-fdc30c4d3ccb", + "name" : "query-groups", + "description" : "${role_query-groups}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + }, { + "id" : "21ebbc46-05c2-4497-a56f-112828d51773", + "name" : "view-authorization", + "description" : "${role_view-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "attributes" : { } + } ], + "security-admin-console" : [ ], + "admin-cli" : [ ], + "account-console" : [ ], + "broker" : [ { + "id" : "9c603dfd-c30a-48ae-bd7a-383d86b0241c", + "name" : "read-token", + "description" : "${role_read-token}", + "composite" : false, + "clientRole" : true, + "containerId" : "d8e253b7-8a0b-4fe4-90aa-1c0db22f2196", + "attributes" : { } + } ], + "account" : [ { + "id" : "20f21ad6-8873-4ee3-8bda-adf08dd3e971", + "name" : "view-consent", + "description" : "${role_view-consent}", + "composite" : false, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "5eab3123-a934-4cd3-a911-40506e504d82", + "name" : "manage-consent", + "description" : "${role_manage-consent}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "view-consent" ] + } + }, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "66f21bd4-c7c9-4344-a2b5-025fd2958b79", + "name" : "manage-account", + "description" : "${role_manage-account}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "manage-account-links" ] + } + }, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "696be82f-eae0-4b6b-961a-290e2c6ee445", + "name" : "delete-account", + "description" : "${role_delete-account}", + "composite" : false, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "f0d66705-4c3c-46c0-9321-6d2b927f5841", + "name" : "manage-account-links", + "description" : "${role_manage-account-links}", + "composite" : false, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "807d76c3-5ebb-4462-b2d6-3081c9bb171b", + "name" : "view-applications", + "description" : "${role_view-applications}", + "composite" : false, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "a76caf46-ef60-4a4c-998d-17b0f40cad32", + "name" : "view-profile", + "description" : "${role_view-profile}", + "composite" : false, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + }, { + "id" : "01eddbdb-8d6f-43ff-bfbb-1590959c74d1", + "name" : "view-groups", + "description" : "${role_view-groups}", + "composite" : false, + "clientRole" : true, + "containerId" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "attributes" : { } + } ], + "rns:roc:portal" : [ ] + } + }, + "groups" : [ ], + "defaultRole" : { + "id" : "5d327973-5579-4e43-8d5a-500cb88eea3f", + "name" : "default-roles-roc", + "description" : "${role_default-roles}", + "composite" : true, + "clientRole" : false, + "containerId" : "cd2fbbd0-ab1a-4fab-9f3b-0dc7746b6ecb" + }, + "requiredCredentials" : [ "password" ], + "otpPolicyType" : "totp", + "otpPolicyAlgorithm" : "HmacSHA1", + "otpPolicyInitialCounter" : 0, + "otpPolicyDigits" : 6, + "otpPolicyLookAheadWindow" : 1, + "otpPolicyPeriod" : 30, + "otpPolicyCodeReusable" : false, + "otpSupportedApplications" : [ "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName" ], + "webAuthnPolicyRpEntityName" : "keycloak", + "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], + "webAuthnPolicyRpId" : "", + "webAuthnPolicyAttestationConveyancePreference" : "not specified", + "webAuthnPolicyAuthenticatorAttachment" : "not specified", + "webAuthnPolicyRequireResidentKey" : "not specified", + "webAuthnPolicyUserVerificationRequirement" : "not specified", + "webAuthnPolicyCreateTimeout" : 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, + "webAuthnPolicyAcceptableAaguids" : [ ], + "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], + "webAuthnPolicyPasswordlessRpId" : "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", + "webAuthnPolicyPasswordlessCreateTimeout" : 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, + "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], + "users" : [ { + "id" : "6606a2ba-8b68-465e-b126-3dc4cdfc7007", + "createdTimestamp" : 1695307473359, + "username" : "admin", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "", + "lastName" : "", + "credentials" : [ { + "id" : "cf7eb38e-ba8f-4a5a-b812-28a5e267bf02", + "type" : "password", + "userLabel" : "My password", + "createdDate" : 1695307484916, + "secretData" : "{\"value\":\"if7k+TUzUebLAH6g3IC6zn0Y2Va4fHwR6hGVMXYRG9g=\",\"salt\":\"tjMo0tzO85ka8cthC+ThSQ==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-roc" ], + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "a0f4c38f-c4a3-4761-877d-6dcdfeeb15ff", + "createdTimestamp" : 1695307004156, + "username" : "testuser", + "enabled" : true, + "totp" : false, + "emailVerified" : true, + "firstName" : "", + "lastName" : "", + "email" : "coco@chanel.com", + "credentials" : [ { + "id" : "5c1fde4d-fe43-4df1-8838-4e8fa0243c17", + "type" : "password", + "userLabel" : "My password", + "createdDate" : 1695762643163, + "secretData" : "{\"value\":\"0SLcECIJ1rIcECTFNF8BjqBjnTf4FlG09MBqIyVLTzs=\",\"salt\":\"uGOpt8NjnGupZla1+/QoEw==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-roc" ], + "notBefore" : 0, + "groups" : [ ] + } ], + "scopeMappings" : [ { + "clientScope" : "offline_access", + "roles" : [ "offline_access" ] + } ], + "clientScopeMappings" : { + "account" : [ { + "client" : "account-console", + "roles" : [ "manage-account", "view-groups" ] + } ] + }, + "clients" : [ { + "id" : "40a4ba03-7e75-4d1d-a0f4-4780dfa3fdef", + "clientId" : "account", + "name" : "${client_account}", + "rootUrl" : "${authBaseUrl}", + "baseUrl" : "/realms/roc/account/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "/realms/roc/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "post.logout.redirect.uris" : "+" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "95aedd67-7cf2-493f-b03e-7b3dce01b4da", + "clientId" : "account-console", + "name" : "${client_account-console}", + "rootUrl" : "${authBaseUrl}", + "baseUrl" : "/realms/roc/account/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "/realms/roc/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "post.logout.redirect.uris" : "+", + "pkce.code.challenge.method" : "S256" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "21a83db9-fc9c-4a44-82ef-6f094bda50db", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { } + } ], + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "52e13b8c-09ea-47b3-820f-095c99a522d1", + "clientId" : "admin-cli", + "name" : "${client_admin-cli}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : false, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "d8e253b7-8a0b-4fe4-90aa-1c0db22f2196", + "clientId" : "broker", + "name" : "${client_broker}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : true, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "e498cfe8-157f-472b-a1eb-8e9fc3f416eb", + "clientId" : "realm-management", + "name" : "${client_realm-management}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : true, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "46a8584e-d7ab-40cd-a7aa-32da48f32d6c", + "clientId" : "rns:roc:portal", + "name" : "rns:roc:portal", + "description" : "", + "rootUrl" : "", + "adminUrl" : "", + "baseUrl" : "", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : true, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "*" ], + "webOrigins" : [ "*" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : true, + "protocol" : "openid-connect", + "attributes" : { + "client.secret.creation.time" : "1695390088", + "oauth2.device.authorization.grant.enabled" : "false", + "backchannel.logout.revoke.offline.tokens" : "false", + "use.refresh.tokens" : "true", + "oidc.ciba.grant.enabled" : "false", + "backchannel.logout.session.required" : "true", + "client_credentials.use_refresh_token" : "false", + "tls.client.certificate.bound.access.tokens" : "false", + "require.pushed.authorization.requests" : "false", + "acr.loa.map" : "{}", + "display.on.consent.screen" : "false", + "token.response.type.bearer.lower-case" : "false" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : true, + "nodeReRegistrationTimeout" : -1, + "protocolMappers" : [ { + "id" : "d16fc45a-fd58-421b-a987-0168260ac0ab", + "name" : "Client ID", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usersessionmodel-note-mapper", + "consentRequired" : false, + "config" : { + "user.session.note" : "client_id", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "client_id", + "jsonType.label" : "String" + } + }, { + "id" : "b35abcfe-8285-4094-a81e-bc754146888e", + "name" : "Client IP Address", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usersessionmodel-note-mapper", + "consentRequired" : false, + "config" : { + "user.session.note" : "clientAddress", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "clientAddress", + "jsonType.label" : "String" + } + }, { + "id" : "322fab21-a2b8-4d5a-9ace-88d6e3e3b328", + "name" : "Client Host", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usersessionmodel-note-mapper", + "consentRequired" : false, + "config" : { + "user.session.note" : "clientHost", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "clientHost", + "jsonType.label" : "String" + } + } ], + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "b5603d0c-02f0-4cef-ac01-d5c26ba061d3", + "clientId" : "security-admin-console", + "name" : "${client_security-admin-console}", + "rootUrl" : "${authAdminUrl}", + "baseUrl" : "/admin/roc/console/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "/admin/roc/console/*" ], + "webOrigins" : [ "+" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "post.logout.redirect.uris" : "+", + "pkce.code.challenge.method" : "S256" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "bfaf391e-6132-4a4f-99d1-844bb9ca7bcb", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + } ], + "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + } ], + "clientScopes" : [ { + "id" : "2bdf59b2-54ea-4917-9368-09b5d8b28cc4", + "name" : "email", + "description" : "OpenID Connect built-in scope: email", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${emailScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "74e8fa88-5dc0-4e94-a026-e5e58932c732", + "name" : "email verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "emailVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email_verified", + "jsonType.label" : "boolean" + } + }, { + "id" : "20470969-fec0-4a38-a678-56b288714cdb", + "name" : "email", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "email", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "e1fe46bc-5b2f-4743-9248-a5659b751cce", + "name" : "address", + "description" : "OpenID Connect built-in scope: address", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${addressScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "9c388dfe-5c72-4f1d-80fe-42400a214163", + "name" : "address", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-address-mapper", + "consentRequired" : false, + "config" : { + "user.attribute.formatted" : "formatted", + "user.attribute.country" : "country", + "user.attribute.postal_code" : "postal_code", + "userinfo.token.claim" : "true", + "user.attribute.street" : "street", + "id.token.claim" : "true", + "user.attribute.region" : "region", + "access.token.claim" : "true", + "user.attribute.locality" : "locality" + } + } ] + }, { + "id" : "a8213484-f5b4-4ad1-9b40-eb16da1ebadb", + "name" : "microprofile-jwt", + "description" : "Microprofile - JWT built-in scope", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "false" + }, + "protocolMappers" : [ { + "id" : "30272fee-e26b-486f-8c90-2486bdb6fd45", + "name" : "groups", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "multivalued" : "true", + "user.attribute" : "foo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "groups", + "jsonType.label" : "String" + } + }, { + "id" : "361cf736-8200-49d9-a5aa-4d049df05f03", + "name" : "upn", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "upn", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "13949ccf-020e-456d-a515-e58f88ac49be", + "name" : "roles", + "description" : "OpenID Connect scope for add user roles to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${rolesScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "f8dd6e28-98fa-4e9a-8a39-8d4edfdf4b57", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { } + }, { + "id" : "ed5676c5-1dcf-4195-957d-5f29bc0073a9", + "name" : "realm roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "realm_access.roles", + "jsonType.label" : "String", + "multivalued" : "true" + } + }, { + "id" : "eb94450b-f133-467d-ba20-7034d3b06c75", + "name" : "client roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-client-role-mapper", + "consentRequired" : false, + "config" : { + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "resource_access.${client_id}.roles", + "jsonType.label" : "String", + "multivalued" : "true" + } + } ] + }, { + "id" : "bdb739ff-c5cb-4daf-b596-ae8a403d6bb8", + "name" : "role_list", + "description" : "SAML role list", + "protocol" : "saml", + "attributes" : { + "consent.screen.text" : "${samlRoleListScopeConsentText}", + "display.on.consent.screen" : "true" + }, + "protocolMappers" : [ { + "id" : "06186f36-07ab-4aa8-ac94-f3929ed17a0c", + "name" : "role list", + "protocol" : "saml", + "protocolMapper" : "saml-role-list-mapper", + "consentRequired" : false, + "config" : { + "single" : "false", + "attribute.nameformat" : "Basic", + "attribute.name" : "Role" + } + } ] + }, { + "id" : "0db67106-76a0-44ea-b31f-a9702330bc98", + "name" : "phone", + "description" : "OpenID Connect built-in scope: phone", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${phoneScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "c285a193-cd49-4508-9443-44c760e49978", + "name" : "phone number", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumber", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number", + "jsonType.label" : "String" + } + }, { + "id" : "f8da4268-cdc9-4fda-bed3-e7c5b3a1f4b8", + "name" : "phone number verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumberVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number_verified", + "jsonType.label" : "boolean" + } + } ] + }, { + "id" : "5e832274-2ff8-4e2b-8851-a6e485eb3164", + "name" : "offline_access", + "description" : "OpenID Connect built-in scope: offline_access", + "protocol" : "openid-connect", + "attributes" : { + "consent.screen.text" : "${offlineAccessScopeConsentText}", + "display.on.consent.screen" : "true" + } + }, { + "id" : "d1c99b7d-c7f5-43bc-9edb-c1b94777c009", + "name" : "profile", + "description" : "OpenID Connect built-in scope: profile", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${profileScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "fe4e5a1d-2d77-48c4-80cb-99ef21521b26", + "name" : "picture", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "picture", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "picture", + "jsonType.label" : "String" + } + }, { + "id" : "15fcc1f8-c641-4944-b3e3-fc81d317a60e", + "name" : "family name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "lastName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "family_name", + "jsonType.label" : "String" + } + }, { + "id" : "a9bb0f04-9ceb-44f6-a325-921a6cc221e0", + "name" : "updated at", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "updatedAt", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "updated_at", + "jsonType.label" : "long" + } + }, { + "id" : "88117f44-fadf-4776-9674-7a44f25612da", + "name" : "birthdate", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "birthdate", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "birthdate", + "jsonType.label" : "String" + } + }, { + "id" : "c1681ff8-7689-4816-ae2f-16f20e867179", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + }, { + "id" : "7ca06d62-b336-41aa-b33c-a65827e9260f", + "name" : "given name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "firstName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "given_name", + "jsonType.label" : "String" + } + }, { + "id" : "09ba147a-c407-46e1-9e11-f42c75a35b4d", + "name" : "nickname", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "nickname", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "nickname", + "jsonType.label" : "String" + } + }, { + "id" : "c4f3721c-ed3d-41cc-b290-e967f949dcb6", + "name" : "website", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "website", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "website", + "jsonType.label" : "String" + } + }, { + "id" : "1d40d4b5-81bb-4184-a93b-0634fd9dfd7f", + "name" : "middle name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "middleName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "middle_name", + "jsonType.label" : "String" + } + }, { + "id" : "a5399906-c984-4799-91c2-c9e4d1dbaaea", + "name" : "gender", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "gender", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "gender", + "jsonType.label" : "String" + } + }, { + "id" : "f3721fb4-2016-4fee-a5ed-36adb25ae0a4", + "name" : "username", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "preferred_username", + "jsonType.label" : "String" + } + }, { + "id" : "368fffad-c695-4d7d-af54-3d65b645665a", + "name" : "full name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-full-name-mapper", + "consentRequired" : false, + "config" : { + "id.token.claim" : "true", + "access.token.claim" : "true", + "userinfo.token.claim" : "true" + } + }, { + "id" : "74065ec3-9470-4cd1-906b-641b180cb94f", + "name" : "profile", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "profile", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "profile", + "jsonType.label" : "String" + } + }, { + "id" : "80c5b3ce-1f3a-4258-a43b-93b2052e8205", + "name" : "zoneinfo", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "userinfo.token.claim" : "true", + "user.attribute" : "zoneinfo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "zoneinfo", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "1aa28c35-ace8-4075-922e-f45433c880f1", + "name" : "web-origins", + "description" : "OpenID Connect scope for add allowed web origins to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "false", + "consent.screen.text" : "" + }, + "protocolMappers" : [ { + "id" : "4abffa97-a186-4dd5-b29d-95d2ce7f277c", + "name" : "allowed web origins", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-allowed-origins-mapper", + "consentRequired" : false, + "config" : { } + } ] + }, { + "id" : "a2a1e58f-baa9-4dfe-be6c-81825107304e", + "name" : "acr", + "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "false" + }, + "protocolMappers" : [ { + "id" : "246511ec-3c71-4a2e-ad9f-69cbaf9cbdd3", + "name" : "acr loa level", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-acr-mapper", + "consentRequired" : false, + "config" : { + "id.token.claim" : "true", + "access.token.claim" : "true" + } + } ] + } ], + "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ], + "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], + "browserSecurityHeaders" : { + "contentSecurityPolicyReportOnly" : "", + "xContentTypeOptions" : "nosniff", + "referrerPolicy" : "no-referrer", + "xRobotsTag" : "none", + "xFrameOptions" : "SAMEORIGIN", + "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection" : "1; mode=block", + "strictTransportSecurity" : "max-age=31536000; includeSubDomains" + }, + "smtpServer" : { }, + "eventsEnabled" : false, + "eventsListeners" : [ "jboss-logging" ], + "enabledEventTypes" : [ ], + "adminEventsEnabled" : false, + "adminEventsDetailsEnabled" : false, + "identityProviders" : [ ], + "identityProviderMappers" : [ ], + "components" : { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { + "id" : "116781c2-a68f-4ff4-8c88-a2e96a97870b", + "name" : "Max Clients Limit", + "providerId" : "max-clients", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "max-clients" : [ "200" ] + } + }, { + "id" : "3d2280a2-766b-4f7a-9ae8-d703de4c9edf", + "name" : "Full Scope Disabled", + "providerId" : "scope", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "6773b5a3-8c95-4776-948e-7fdec59520bb", + "name" : "Trusted Hosts", + "providerId" : "trusted-hosts", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "host-sending-registration-request-must-match" : [ "true" ], + "client-uris-must-match" : [ "true" ] + } + }, { + "id" : "af3d7ef1-12d6-423c-bfbc-0d540867ad5d", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper" ] + } + }, { + "id" : "2b705563-dae4-4cb5-8c85-30fa539eecd2", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper" ] + } + }, { + "id" : "ce3b316e-1e02-4426-bfb6-b6c6adb63fbe", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + }, { + "id" : "98ac09a7-3405-44e9-bd9c-83dfc8349353", + "name" : "Consent Required", + "providerId" : "consent-required", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "963f0181-ce72-4301-8d57-9a1d40b56f19", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + } ], + "org.keycloak.keys.KeyProvider" : [ { + "id" : "61064b3e-9527-409c-868f-060329e114cb", + "name" : "rsa-enc-generated", + "providerId" : "rsa-enc-generated", + "subComponents" : { }, + "config" : { + "privateKey" : [ "MIIEogIBAAKCAQEAjKnOiQpGzD98K2bLzKkWoy+REogrN7i32FATArqLnH/aO4mDjDP4F1p2WrsZqtN3DK2C9C6/BO5nq6cryseL9Ow5M6rsFVLfHNq3OmVCXohv1hI0cQaP+33LD0OHDL1fUcntRvdITUr6E2xQR+ytcE6k6w2FZg5vljIRJyV4p2c3y5/6c0N8jWYEjN71qQAuF8ZJGaCQSnHbsFkK0mDN5lClJmvJMqQ1/n2ky5NJEFasuN1tBZTbcy7f3lQBW3Ggucy7dpWfxVxRMZ/vsxuedqxEAUScGEJ3DSq4czdcMcpJJkiLvgJ/JXP5KpwTjzbqceSn+iU8FPfEpgon3nQ7XQIDAQABAoIBABY1ybLBuKQPch+4P321RSnHHPT8IzbNJ9oz6oyHv/uaBG9aKzc8DXRCiGWTHV5nvWh3DTJZHzg8HIpx/uwpzeOCWRXbayOCzk/UCRJjYrNif6Yhgb5G9v0Sw7lJRE2yqRZU9+44pWXu7MWcWKDCsjAFeuzSWbnflab1iNfRhteHrMs26FLQ0ieS/1dhdBsJt5p00Mb1w6LK6u1pcgKcUpUdld6lUAE9RMywO0R9jJlA3QhqMuFCyLNXC9MDS+VcsHboA5eXTPh10W68J9kFFUO4fCXPwK+gCGWpK6zyQDrFEV2vhLGVpRb/i2HQ7TVgcs4I3hRqCpwcVs/N3R2HaFECgYEAwcWc9OIZ2wInPkHzj5/ugJOpAm5lAE0L7HQJhpA9QYYaGxaarA7t4D7GinIFlh4T0smzZXFUhaxW77egiKuGBea1/OiOvMhWneiXGD3FysuZwUD5szCnpASKDjrGgvr8ieUk2A6BNHMll+sMAmtQfWPSOnCU8gGK0OqZNP3F6o8CgYEAudYGfyRISJKKG29qLKDsAlE9jgWdqbRnearV6eKWmuMHdhEfnpw1pCw+rJbi35ryC+AkTr34PxAtKQAH6H3VfgnMwx3We68THI+makfK1eyjFtT6GYH1d8ELG95xHcP7digU5gbssTMIW975SBpb+0rwL6hvXG2zI4ZI8piHYVMCgYBc1vmkus/4hseWpLK1lcMIB7dqWso5orCb0dzehC1VP5Myd1oUJfMDBhDKNGdIzZBh5hH2AJ6mjTP6FtjrooLMQQXg7uu0t6gIcHA0RSSHTZWVajQ5Do7DnwkmWDLUfryQtSE6A3kUUDcq2osefZxK95C6P0adzO9duYk+QniZMQKBgGqNjjIOUqfR5gAvFNi7+Dan8DxjefAZMY9wZbDyK9ppPBj1XoTqGlOkztbUuQbu58PpY8gGYrV+B/bPPrmOlP/sjIx/qkBGtRWWRBwCSAn64dQwj6paeq2McVssYv1nJuKrvrfZ1pMPqMZMhfBStNTUNf2NfTSo7aL71w3KaS1jAoGAcKbAE3hc+V3nREwK6Xhh4JPxlKCfwldQrLQMHLvqEC1msbsjaet+gtWQZNqIAe7nE7xsv6MG7SAx9ydLqEfJA/q7ku7y4vRhotX5dJi+agr9pXLb3KOFVm+n/f6wDMiZktqUBdjcyqnZPm4zji2Wid3/spZ0PGqr0zkDG09NUws=" ], + "keyUse" : [ "ENC" ], + "certificate" : [ "MIIClTCCAX0CBgGKuCVzSzANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDDANyb2MwHhcNMjMwOTIxMTQyNzU2WhcNMzMwOTIxMTQyOTM2WjAOMQwwCgYDVQQDDANyb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMqc6JCkbMP3wrZsvMqRajL5ESiCs3uLfYUBMCuoucf9o7iYOMM/gXWnZauxmq03cMrYL0Lr8E7merpyvKx4v07DkzquwVUt8c2rc6ZUJeiG/WEjRxBo/7fcsPQ4cMvV9Rye1G90hNSvoTbFBH7K1wTqTrDYVmDm+WMhEnJXinZzfLn/pzQ3yNZgSM3vWpAC4XxkkZoJBKcduwWQrSYM3mUKUma8kypDX+faTLk0kQVqy43W0FlNtzLt/eVAFbcaC5zLt2lZ/FXFExn++zG552rEQBRJwYQncNKrhzN1wxykkmSIu+An8lc/kqnBOPNupx5Kf6JTwU98SmCifedDtdAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABUbDs3OokBwZEuo/OWIQawgu0MC/r/edLxB3Cvi3n6Pu3zBAu+ur1IfbQBvfHNDich65ZFM8t+6fog+Kkesssnsj5YqMJnia/TMCqSW4xsrGVBHPVz2InwMKHcxxh0y6ZMvab/Nd4pjORXcE9lcJaVzDEW44mmD5rmsbKAHS2m+UIUJv2N4vmEw/w82BR13lH5d47EKVS61eYivlM1bfSWgtsZIQLfaOnHYBSmYgXCRZrhZRouNljnqGBxM9PPIP6DdOflalJSu5lUajRlztiWU/3jMiqja1QQuIEKaidSaKGFgKNJjnVaxZ5eA6ioUHJtkugY/qGF+Ft4lvbhAH/c=" ], + "priority" : [ "100" ], + "algorithm" : [ "RSA-OAEP" ] + } + }, { + "id" : "4584326f-e9ee-4193-9248-92145cb5a255", + "name" : "aes-generated", + "providerId" : "aes-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "1b5551d9-f10c-45b2-92e7-5011ddef9b8c" ], + "secret" : [ "R_ZOm3ylwTCJ_nPcmILc7Q" ], + "priority" : [ "100" ] + } + }, { + "id" : "e1f3ab80-da12-4b57-8900-402ce094a03e", + "name" : "hmac-generated", + "providerId" : "hmac-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "797054d5-447a-49f6-a156-05b85a313fb8" ], + "secret" : [ "6DiqArxYfrJcBB6F7FWBF3lgN6GLXiulDA5ENOxM_RYxlrn-YQcjIvyHp0X6AVexHdQX1Up0WzzVFNmyftyUEw" ], + "priority" : [ "100" ], + "algorithm" : [ "HS256" ] + } + }, { + "id" : "8b89ea71-1e00-44cf-8b2f-8c206b69ca4b", + "name" : "rsa-generated", + "providerId" : "rsa-generated", + "subComponents" : { }, + "config" : { + "privateKey" : [ "MIIEowIBAAKCAQEAtZ3xs0aC0hnkw623m4VtAFMYOCFCWSeVwdIky2OQHYmYUth1D/d0FXfEv3l2QtaWcKorTf4nUBnapjJbLE20KF1KViC9+EbiHYwAJsoVFy98bopDXnGXACN3TRGhtj606z+oDE23mTuEJ/vBef2lPnlRmdkdDayX3D/WgCPjkH+cZJPh5UXbGkEsX6giP5LFqV8FFSkRrxAbayxr9EiMo1HnGPCOoe5F7SDWJXCun4FxYGAoB2We/3dFxCTL6nZC8kf1jEdDp5QatB7JNzPwQNls0JFGIcpcqBkgHlMglhVHERhl/Zp4ZobCh7+p4Sf/XLfIsthbLjZicLTmCOi9NQIDAQABAoIBABCWppb7X8OU/eIpodWgsD4RWOr3jrnZ9cHIUfgJ1gX8pV8bykV1ErNLRzs9+uFL/F26DU6IYkrcsa3wd4dqaYQuUTXgs7lTsB+GxBTG7Ho7qh/mnRSpR2OJ2cG+VIjy3U+Hdu/4wUZLu1xzkE52LnuwVRW6UP8Ivq4tXohBvu1ZswIl1goTHer+7/ZmDOpZu/qJ2zbkh+UnuU/pm46rRsnYn7MjzZGtIKYzg+FjwvYOhrLq1jIj6G9N14jLI94CKRxbOokdx1je/u1h8sBpaGhk7hd2C3kERx3gd/WVxFa4Vu7GEz5wLAksVuXddFGB6/IpK+6VCOS1xDacxevT6wECgYEA64FG+uYrBvjZ8ya+kX/zYpRg8zolXDfCZ4nfi6Eqavlo9+ezfFmVAuLvkmf7O3Sui/5FHITCd8bt1ymuUEGY4Pi9BM58Hc/nSZbYNxLoMQCD2BpEwPhGotR4ICmFrjtvUc3mYTg4N2+6K1Fgfk4aiAWHsJskirWuN+HXgSEE8eECgYEAxWwd789p3IIE0ddnf8u9kOp9WnDhCMnb7IS238y1uBFuCwAp955dcGalgBZtpsBbdbN3oSavXB0ni+n6xjH5DCnEztsISLZNdM7j3DKomcvd5ks0s7txwh3joxCyrZuJ6wlVADdAykW64d+2PCBtoOfygaaWKCcpcRtEhicFHdUCgYEAkHM9HEvtfFtLI+9R2GEI4iBszwONQuEYpvVUXoq+P9s3XUeLOeygj6Kum7iXysIpBckyjumHdnxYCi+Qsb1qjiNDnR0h2A9bqDGT8UPxk4zjUbvbDBm9CccU33VYf6QJBb4rXtpi8O3g3Q0PCKnTcDckIVknssT5VWF7E8MzC0ECgYAJiYWQtjZo/qb49Cz90Xvg6lMP8XANmqLTND4ZZaxJrh3gzis42R+udGb+XxcA/T3t27Olx1alXoswiSciN/vOCJ6HV7F4wcXQJMaBNrlKZLzdiTiMjjuaoxMCJ6ZaGK96+UJv9jtdCi1TCBmnofFp2oqulLugSPQJkMWorW3j2QKBgEEG88fqik5U7JA+t/3BR6xHhvjFgjMajkRl32OHhDIavPXYW4MY6hQ0BSXofyWXaF4hvESK8ikMqZLe7JX/UV5kQQ1krbVb8fkCC6loyQwecabWBcBrwMx1QYUnGAvLzNivaqpo6dN5wZh/+2Jeefd6QsGESvSZKnq6Ea9luJwa" ], + "keyUse" : [ "SIG" ], + "certificate" : [ "MIIClTCCAX0CBgGKuCVx6TANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDDANyb2MwHhcNMjMwOTIxMTQyNzU2WhcNMzMwOTIxMTQyOTM2WjAOMQwwCgYDVQQDDANyb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1nfGzRoLSGeTDrbebhW0AUxg4IUJZJ5XB0iTLY5AdiZhS2HUP93QVd8S/eXZC1pZwqitN/idQGdqmMlssTbQoXUpWIL34RuIdjAAmyhUXL3xuikNecZcAI3dNEaG2PrTrP6gMTbeZO4Qn+8F5/aU+eVGZ2R0NrJfcP9aAI+OQf5xkk+HlRdsaQSxfqCI/ksWpXwUVKRGvEBtrLGv0SIyjUecY8I6h7kXtINYlcK6fgXFgYCgHZZ7/d0XEJMvqdkLyR/WMR0OnlBq0Hsk3M/BA2WzQkUYhylyoGSAeUyCWFUcRGGX9mnhmhsKHv6nhJ/9ct8iy2FsuNmJwtOYI6L01AgMBAAEwDQYJKoZIhvcNAQELBQADggEBACfXZp+fZTqyt4EOGjJI5fUyagesQBTAxice9IJX1KAIvRzci94s7T1Pj+U0Rw+I1c3fEVB5PluKb+/jW4Ee1NUszgIPBGI6Ly01HEaFXChIjim0JcH0knueC/FrwRx6lLOf2Y1vXf+l5rI/s4hEY16tKCw+SVCvmkJ+J9+IKMEgcmoRWIWpa3BvJahn9j8iYBAGqTieDWSyo9hfqdBvuRxBLS3LZCVVgeneAdi37o9A6c8c/Kbv2liCPJ0WjiHyMYwfeK4mKSCRqJV2cP+vbjtg9qwIEBsi0FkTWp9925yc5b2XBjThuMZq52IulluEcFpLs/u9Qu/0jhj91+Ph3B4=" ], + "priority" : [ "100" ] + } + } ] + }, + "internationalizationEnabled" : false, + "supportedLocales" : [ ], + "authenticationFlows" : [ { + "id" : "0cfa1417-c752-4f42-a563-fba7634db61a", + "alias" : "Account verification options", + "description" : "Method with which to verity the existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-email-verification", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "ALTERNATIVE", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Verify Existing Account by Re-authentication", + "userSetupAllowed" : false + } ] + }, { + "id" : "6b7a77c5-8d3c-4cf8-9cb9-3e8f2086c1cf", + "alias" : "Browser - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "auth-otp-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "26b06de3-2aac-443c-a4ec-569a9ad607cb", + "alias" : "Direct Grant - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "direct-grant-validate-otp", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "ade8376b-d4aa-4ee4-a5a7-4cd38d8a7271", + "alias" : "First broker login - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "auth-otp-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "7df83b20-ccb1-479d-9397-6433b74c3201", + "alias" : "Handle Existing Account", + "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-confirm-link", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Account verification options", + "userSetupAllowed" : false + } ] + }, { + "id" : "9bf00642-cede-4925-8761-d3e3a29c88dc", + "alias" : "Reset - Conditional OTP", + "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "reset-otp", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "d2f8f078-3885-4ba2-9137-a5c946859b42", + "alias" : "User creation or linking", + "description" : "Flow for the existing/non-existing user alternatives", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "create unique user config", + "authenticator" : "idp-create-user-if-unique", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "ALTERNATIVE", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Handle Existing Account", + "userSetupAllowed" : false + } ] + }, { + "id" : "a15f1d6a-1b73-4143-8284-da95f84b0de2", + "alias" : "Verify Existing Account by Re-authentication", + "description" : "Reauthentication of existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-username-password-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "First broker login - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "4c5fd8d4-1e67-40b7-9ca6-b057d647642c", + "alias" : "browser", + "description" : "browser based authentication", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-cookie", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "auth-spnego", + "authenticatorFlow" : false, + "requirement" : "DISABLED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "identity-provider-redirector", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 25, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "ALTERNATIVE", + "priority" : 30, + "autheticatorFlow" : true, + "flowAlias" : "forms", + "userSetupAllowed" : false + } ] + }, { + "id" : "01e8ee92-4d58-410f-9ad8-dd7b88ea1885", + "alias" : "clients", + "description" : "Base authentication for clients", + "providerId" : "client-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "client-secret", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "client-jwt", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "client-secret-jwt", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 30, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "client-x509", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 40, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "31ba154b-a5a1-41f4-96f5-9499aba9a212", + "alias" : "direct grant", + "description" : "OpenID Connect Resource Owner Grant", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "direct-grant-validate-username", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "direct-grant-validate-password", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 30, + "autheticatorFlow" : true, + "flowAlias" : "Direct Grant - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "8376cd1e-80dc-4de3-850e-f074fa93a3a1", + "alias" : "docker auth", + "description" : "Used by Docker clients to authenticate against the IDP", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "docker-http-basic-authenticator", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "7069fdd9-93c4-40a7-8230-61edbdb98222", + "alias" : "first broker login", + "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "review profile config", + "authenticator" : "idp-review-profile", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "User creation or linking", + "userSetupAllowed" : false + } ] + }, { + "id" : "9f34820e-4ac3-41cb-9271-7d1463b4507f", + "alias" : "forms", + "description" : "Username, password, otp and other auth forms.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-username-password-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Browser - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "4a9803fa-81c2-448d-a238-ff115f7b7687", + "alias" : "registration", + "description" : "registration flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-page-form", + "authenticatorFlow" : true, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : true, + "flowAlias" : "registration form", + "userSetupAllowed" : false + } ] + }, { + "id" : "0db89727-9e83-4207-b0d2-1b6699aba86b", + "alias" : "registration form", + "description" : "registration form", + "providerId" : "form-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-user-creation", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "registration-profile-action", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 40, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "registration-password-action", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 50, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "registration-recaptcha-action", + "authenticatorFlow" : false, + "requirement" : "DISABLED", + "priority" : 60, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "c95999c7-e174-4293-8cd6-a72e5dfd4a9a", + "alias" : "reset credentials", + "description" : "Reset credentials for a user if they forgot their password or something", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "reset-credentials-choose-user", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "reset-credential-email", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "reset-password", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 30, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 40, + "autheticatorFlow" : true, + "flowAlias" : "Reset - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "3d0a6a0b-cd43-4401-ae31-6b1688c0cd05", + "alias" : "saml ecp", + "description" : "SAML ECP Profile Authentication Flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "http-basic-authenticator", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + } ], + "authenticatorConfig" : [ { + "id" : "6869bb13-df0b-4280-bf99-d3a1fd74dffd", + "alias" : "create unique user config", + "config" : { + "require.password.update.after.registration" : "false" + } + }, { + "id" : "e80fabb9-b0a2-4bb3-a7ba-71a5b9535d76", + "alias" : "review profile config", + "config" : { + "update.profile.on.first.login" : "missing" + } + } ], + "requiredActions" : [ { + "alias" : "CONFIGURE_TOTP", + "name" : "Configure OTP", + "providerId" : "CONFIGURE_TOTP", + "enabled" : true, + "defaultAction" : false, + "priority" : 10, + "config" : { } + }, { + "alias" : "TERMS_AND_CONDITIONS", + "name" : "Terms and Conditions", + "providerId" : "TERMS_AND_CONDITIONS", + "enabled" : false, + "defaultAction" : false, + "priority" : 20, + "config" : { } + }, { + "alias" : "UPDATE_PASSWORD", + "name" : "Update Password", + "providerId" : "UPDATE_PASSWORD", + "enabled" : true, + "defaultAction" : false, + "priority" : 30, + "config" : { } + }, { + "alias" : "UPDATE_PROFILE", + "name" : "Update Profile", + "providerId" : "UPDATE_PROFILE", + "enabled" : true, + "defaultAction" : false, + "priority" : 40, + "config" : { } + }, { + "alias" : "VERIFY_EMAIL", + "name" : "Verify Email", + "providerId" : "VERIFY_EMAIL", + "enabled" : true, + "defaultAction" : false, + "priority" : 50, + "config" : { } + }, { + "alias" : "delete_account", + "name" : "Delete Account", + "providerId" : "delete_account", + "enabled" : false, + "defaultAction" : false, + "priority" : 60, + "config" : { } + }, { + "alias" : "webauthn-register", + "name" : "Webauthn Register", + "providerId" : "webauthn-register", + "enabled" : true, + "defaultAction" : false, + "priority" : 70, + "config" : { } + }, { + "alias" : "webauthn-register-passwordless", + "name" : "Webauthn Register Passwordless", + "providerId" : "webauthn-register-passwordless", + "enabled" : true, + "defaultAction" : false, + "priority" : 80, + "config" : { } + }, { + "alias" : "update_user_locale", + "name" : "Update User Locale", + "providerId" : "update_user_locale", + "enabled" : true, + "defaultAction" : false, + "priority" : 1000, + "config" : { } + } ], + "browserFlow" : "browser", + "registrationFlow" : "registration", + "directGrantFlow" : "direct grant", + "resetCredentialsFlow" : "reset credentials", + "clientAuthenticationFlow" : "clients", + "dockerAuthenticationFlow" : "docker auth", + "attributes" : { + "cibaBackchannelTokenDeliveryMode" : "poll", + "cibaExpiresIn" : "120", + "cibaAuthRequestedUserHint" : "login_hint", + "oauth2DeviceCodeLifespan" : "600", + "oauth2DevicePollingInterval" : "5", + "parRequestUriLifespan" : "60", + "cibaInterval" : "5", + "realmReusableOtpCode" : "false" + }, + "keycloakVersion" : "22.0.3", + "userManagedAccessAllowed" : false, + "clientProfiles" : { + "profiles" : [ ] + }, + "clientPolicies" : { + "policies" : [ ] + } +} \ No newline at end of file diff --git a/main.py b/main.py new file mode 100644 index 0000000..17528b1 --- /dev/null +++ b/main.py @@ -0,0 +1,19 @@ +#/main.py +import uvicorn +from fastapi import FastAPI,Depends +from models import User +from auth import get_user_info + +app = FastAPI() + +@app.get("/") +async def root(): + return {"message": "Hello World"} + +@app.get("/secure") +async def root(user: User = Depends(get_user_info)): + return {"message": f"Hello {user.username} you have the following service: {user.realm_roles}"} + + +if __name__ == '__main__': + uvicorn.run('main:app', host="127.0.0.1", port=8081) \ No newline at end of file diff --git a/models.py b/models.py new file mode 100644 index 0000000..a3a163f --- /dev/null +++ b/models.py @@ -0,0 +1,19 @@ +#/models.py +from pydantic import BaseModel, EmailStr + +class User(BaseModel): + id: str + username: str + email: str + first_name: str + last_name: str + realm_roles: list + client_roles: list + +class authConfiguration(BaseModel): + server_url: str + realm: str + client_id: str + client_secret: str + authorization_url: str + token_url: str \ No newline at end of file