first commit

This commit is contained in:
afornerot 2023-11-02 14:22:16 +01:00
commit 4d3ddbe836
285 changed files with 4394 additions and 0 deletions

28
src/envole-1.0/.gitignore vendored Normal file
View File

@ -0,0 +1,28 @@
.env.local
/env/*.local
/volume/mariadb/mysql
/volume/nextcloud/data
/volume/nextcloud/html
/volume/nextcloud/app
/volume/ninegate/data/private
/volume/ninegate/data/private
/volume/ninegate/data/public/*
!/volume/ninegate/data/public/avatar
/volume/ninegate/data/public/avatar/*
!/volume/ninegate/data/public/avatar/admin.jpg
!/volume/ninegate/data/public/avatar/noavatar.png
!/volume/ninegate/data/public/avatar/system.jpg
!/volume/ninegate/data/public/logo
/volume/ninegate/data/public/logo/*
!/volume/ninegate/data/public/logo/logo.png
!/volume/ninegate/data/public/header
/volume/ninegate/data/public/header/*
!/volume/ninegate/data/public/header/header.png
!/volume/ninegate/data/public/icon
/volume/ninegate/data/public/icon/*
!/volume/ninegate/data/public/icon/icon_*.png
/volume/openldap/data

View File

@ -0,0 +1,101 @@
version: '3'
services:
mariadb:
image: mariadb
container_name: envole-mariadb
restart: always
healthcheck:
test: /envole/check.sh
interval: 1s
timeout: 60s
env_file: ./.env.local
ports:
- "3306:3306"
volumes:
- ./volume/mariadb/mysql:/var/lib/mysql
- ./volume/mariadb/envole:/envole
openldap:
image: bitnami/openldap:2
container_name: envole-openldap
restart: always
healthcheck:
test: /envole/check.sh
interval: 1s
timeout: 60s
env_file: ./.env.local
ports:
- '1389:1389'
- '1636:1636'
#entrypoint: /envole/debug/debug.sh
#command: sleep 1d
volumes:
- './volume/openldap/data:/bitnami/openldap'
- './volume/openldap/envole:/envole'
keycloak:
image: jboss/keycloak
container_name: envole-keycloak
restart: always
healthcheck:
test: curl --fail http://127.0.0.1:9990 || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
ports:
- 8080:8080
- 8443:8443
volumes:
- './volume/keycloak/data/keycloak-protocol-cas-16.1.1.jar:/opt/jboss/keycloak/standalone/deployments/keycloak-protocol-cas-16.1.1.jar'
- './volume/keycloak/envole:/envole'
ninegate:
image: reg.cadoles.com/envole/ninegate
container_name: envole-ninegate
restart: always
healthcheck:
test: curl --fail http://localhost || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
ports:
- "8000:80"
volumes:
- ./env/.env.zapp.ninegate.local:/app/.env.local:delegated
- ./volume/ninegate/data/private:/app/uploads:delegated
- ./volume/ninegate/data/public:/app/public/uploads
nextcloud:
image: nextcloud
container_name: envole-nextcloud
restart: always
healthcheck:
test: curl --fail http://localhost || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
ports:
- 8001:80
volumes:
- ./volume/nextcloud/html:/var/www/html
- ./volume/nextcloud/app:/var/www/html/custom_apps
- ./volume/nextcloud/data:/var/www/html/data
- ./volume/nextcloud/envole:/envole
- ./volume/nextcloud/prestart:/docker-entrypoint-hooks.d/before-starting
adminer:
image: adminer
container_name: envole-adminer
restart: always
ports:
- 9000:8080
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: envole-phpldapadmin
restart: always
env_file: ./.env.local
ports:
- "9001:80"

77
src/envole-1.0/env/.env vendored Normal file
View File

@ -0,0 +1,77 @@
# == GLOBAL ===============================================================================================================================
# ADMIN USER
ADMIN_USER=admin
ADMIN_PASSWORD=changeme
# MASTERIDENTITY
MASTERIDENTITY=SQL # SQL or SSO or (to do LDAP)
# AUTHENTIFICATION
MODE_AUTH=SQL # SQL or CAS (todo LDAP or OPENID)
# MARIADB
MARIADB_SERVICE_NAME=mariadb
MARIADB_ROOT_PASSWORD=${ADMIN_PASSWORD}
MARIADB_USER=user
MARIADB_PASSWORD=changeme
# CAS
CAS_SERVICE_NAME=keycloak
CAS_ACTIVATE=1
CAS_LOCAL=1
CAS_USER=${ADMIN_USER}-keycloak
CAS_PASSWORD=${ADMIN_PASSWORD}-keycloak
CAS_HOST=keycloak # attention si localhost = ajouter keycloak dans votre propre host : le service web doit valider son ticket via le nom du service et votre navigateur doit assi le voir
CAS_PORT=8443
CAS_PATH=/auth/realms/envole/protocol/cas
CAS_URL=https://${CAS_HOST}:${CAS_PORT}
# LDAP
LDAP_SERVICE_NAME=openldap
LDAP_ACTIVATE=1
LDAP_LOCAL=1
LDAP_TYPE=LDAP # LDAP ou AD
LDAP_HOST=${LDAP_SERVICE_NAME}
LDAP_PORT=1389
LDAP_TLS=0
LDAP_BASEDN="dc=envole,dc=org"
LDAP_ADMIN_USERNAME=${ADMIN_USER}
LDAP_USER="cn=${LDAP_ADMIN_USERNAME},${LDAP_BASEDN}"
LDAP_PASSWORD=${ADMIN_PASSWORD}
LDAP_BASEUSER="ou=users,ou=ninegate,${LDAP_BASEDN}"
LDAP_BASENIVEAU01="ou=niveau01,ou=ninegate,${LDAP_BASEDN}"
LDAP_BASENIVEAU02="ou=niveau02,ou=ninegate,${LDAP_BASEDN}"
LDAP_BASEGROUP="ou=groups,ou=ninegate,${LDAP_BASEDN}"
LDAP_SYNC=1 # Si MASTERIDENTITY = SQL permet la synchronisation des utilisateurs SQL vers LDAP
# Activation des services
# _ACTIVATE = l'application est-elle active
# _LOCAL = l'application est-elle à activer localement
# _URL = url de l'application si non local indiquer l'url distante de l'application
# NINEGATE
NINEGATE_SERVICE_NAME=ninegate
NINEGATE_ACTIVATE=1
NINEGATE_LOCAL=1
NINEGATE_URL=http://localhost:8000
# NINEGATE
NEXTCLOUD_SERVICE_NAME=nextcloud
NEXTCLOUD_ACTIVATE=0
NEXTCLOUD_LOCAL=1
NEXTCLOUD_URL=http://localhost:8001
# ADMINER
ADMINER_SERVICE_NAME=adminer
ADMINER_ACTIVATE=0
ADMINER_LOCAL=1
ADMINER_URL=http://localhost:9000/?server=${MARIADB_SERVICE_NAME}&username=${MARIADB_USER}
# PHPLDAPADMIN
PHPLDAPADMIN_SERVICE_NAME=phpldapadmin
PHPLDAPADMIN_ACTIVATE=0
PHPLDAPADMIN_LOCAL=1
PHPLDAPADMIN_URL=http://localhost:9001

12
src/envole-1.0/env/.env.zapp.keycloak vendored Normal file
View File

@ -0,0 +1,12 @@
# == KEYCLOAK =============================================================================================================================
KEYCLOAK_USER=${CAS_USER}
KEYCLOAK_PASSWORD=${CAS_PASSWORD}
DB_ADDR=${MARIADB_SERVICE_NAME}
DB_DATABASE=keycloak
DB_USER=${MARIADB_USER}
DB_PASSWORD=${MARIADB_PASSWORD}
KC_HTTPS_CERTIFICATE_FILE=/envole/server.crt.pem
KC_HTTPS_CERTIFICATE_KEY_FILE=/envole/server.key.pem
KEYCLOAK_IMPORT=/envole/realm-export.json

7
src/envole-1.0/env/.env.zapp.mariadb vendored Normal file
View File

@ -0,0 +1,7 @@
# == MARIADB ==============================================================================================================================
MYSQL_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD
MYSQL_USER=$MARIADB_USER
MYSQL_PASSWORD=$MARIADB_PASSWORD

10
src/envole-1.0/env/.env.zapp.nextcloud vendored Normal file
View File

@ -0,0 +1,10 @@
# == NEXTCLOUD ============================================================================================================================
MYSQL_HOST=mariadb
MYSQL_DATABASE=nextcloud
MYSQL_USER=${MARIADB_USER}
MYSQL_PASSWORD=${MARIADB_PASSWORD}
NEXTCLOUD_ADMIN_USER=${ADMIN_USER}
NEXTCLOUD_ADMIN_PASSWORD=${ADMIN_PASSWORD}

13
src/envole-1.0/env/.env.zapp.ninegate vendored Normal file
View File

@ -0,0 +1,13 @@
# == NINEGATE =============================================================================================================================
# Activation Widget
ACTIVATE_WIDADMINER=${ADMINER_ACTIVATE}
WIDADMINER_URL=${ADMINER_URL}
ACTIVATE_WIDPHPLDAPADMIN=${PHPLDAPADMIN_ACTIVATE}
WIDPHPLDAPADMIN_URL=${PHPLDAPADMIN_URL}
ACTIVATE_WIDNEXTCLOUD=${NEXTCLOUD_ACTIVATE}
WIDNEXTCLOUD_URL=${NEXTCLOUD_URL}

9
src/envole-1.0/env/.env.zapp.openldap vendored Normal file
View File

@ -0,0 +1,9 @@
# == OPENLDAP =============================================================================================================================
LDAP_ROOT=${LDAP_BASEDN}
LDAP_ADMIN_PASSWORD=${LDAP_PASSWORD}
LDAP_ADMIN_DN=${LDAP_USER}
LDAP_USERS="dockernouser"
LDAP_PASSWORDS="dockernouser"
LDAP_CUSTOM_SCHEMA_FILE=/envole/schema/cadoles.ldif

View File

@ -0,0 +1,6 @@
# == PHPLDAPADMIN =========================================================================================================================
PHPLDAPADMIN_LDAP_HOSTS=ldap://${LDAP_SERVICE_NAME}:${LDAP_PORT}
PHPLDAPADMIN_HTTPS="false"

198
src/envole-1.0/envole.sh Executable file
View File

@ -0,0 +1,198 @@
#!/bin/bash
#1 : action = default up
#2 : service = optionnel
. ./misc/tools/e-ihm.sh
. ./env/.env
. ./env/.env.local
clear
BigTitle "ENVOLE"
#===========================================================================================================================================
#== STOP ===================================================================================================================================
#===========================================================================================================================================
#1 = service to stop if null all service
stop() {
Title "STOP"
docker-compose stop $1
}
#===========================================================================================================================================
#== UPSERVICE ==============================================================================================================================
#===========================================================================================================================================
#1 = service to up
wait_for_container() {
container_id="envole-$1"
container_name="$(docker inspect "${container_id}" --format '{{ .Name }}')"
waiting_done="false"
while [[ "${waiting_done}" != "true" ]]; do
container_state="$(docker inspect "${container_id}" --format '{{ .State.Status }}')"
if [[ "${container_state}" == "running" ]]; then
health_status="$(docker inspect "${container_id}" --format '{{ .State.Health.Status }}')"
if [[ ${health_status} == "healthy" ]]; then
waiting_done="true"
fi
else
waiting_done="true"
fi
sleep 1;
done;
}
upservice(){
docker-compose up -d $1
wait_for_container $1
}
#===========================================================================================================================================
#== UP =====================================================================================================================================
#===========================================================================================================================================
#1 = service to up if null all service
up(){
# Stop du ou des services
stop $1
# Fusionner l'ensemble des fichier .env en un seul
rm -f ./.env.local
cat ./env/.env* >> ./.env.local
# MARIADB
Title "MARIADB"
upservice $MARIADB_SERVICE_NAME
echo
# CREATE BDD
if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
EchoVert ${CAS_SERVICE_NAME^^}
docker-compose exec $MARIADB_SERVICE_NAME /envole/init.sh $CAS_SERVICE_NAME
fi
if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]]
then
EchoVert ${NINEGATE_SERVICE_NAME^^}
docker-compose exec $MARIADB_SERVICE_NAME /envole/init.sh $NINEGATE_SERVICE_NAME
fi
if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]]
then
EchoVert ${NEXTCLOUD_SERVICE_NAME^^}
docker-compose exec $MARIADB_SERVICE_NAME /envole/init.sh $NEXTCLOUD_SERVICE_NAME
fi
# OPENLDAP
if [[ $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]]
then
Title ${LDAP_SERVICE_NAME^^}
upservice $LDAP_SERVICE_NAME
docker-compose exec $LDAP_SERVICE_NAME /envole/init.sh
fi
# CAS
if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
Title ${CAS_SERVICE_NAME^^}
upservice $CAS_SERVICE_NAME
fi
# SERVICES
Title "UP"
if [[ -z "$1" ]]
then
if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]]
then
EchoVert ${NINEGATE_SERVICE_NAME^^}
upservice ${NINEGATE_SERVICE_NAME}
echo
fi
if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]]
then
ctrlUpdate ${NEXTCLOUD_SERVICE_NAME}
EchoVert ${NEXTCLOUD_SERVICE_NAME^^}
upservice ${NEXTCLOUD_SERVICE_NAME}
echo
fi
if [[ $ADMINER_ACTIVATE == 1 && $ADMINER_LOCAL == 1 ]]
then
EchoVert ${ADMINER_SERVICE_NAME^^}
docker-compose up -d ${ADMINER_SERVICE_NAME}
echo
fi
if [[ $PHPLDAPADMIN_ACTIVATE == 1 && $PHPLDAPADMIN_LOCAL == 1 ]]
then
EchoVert ${PHPLDAPADMIN_SERVICE_NAME^^}
docker-compose up -d ${PHPLDAPADMIN_SERVICE_NAME}
echo
fi
else
EchoVert ${1^^}
docker-compose up -d $1
fi
}
#===========================================================================================================================================
#== MAIN ===================================================================================================================================
#===========================================================================================================================================
if [[ $1 == "up" || $1 == "" ]]
then
up $2
elif [[ $1 == "stop" ]]
then
stop $2
elif [[ $1 == "bash" ]]
then
if [[ -z $2 ]]
then
EchoRouge "Vous devez precisez un service"
EchoRouge "envole.sh bash monservice"
else
docker-compose exec $2 "/bin/bash"
fi
elif [[ $1 == "destroy" ]]
then
if [[ -z $2 ]]
then
EchoRouge "Vous devez precisez un service"
EchoRouge "envole.sh bash monservice"
else
docker-compose stop $2
docker-compose rm $2
if [[ "$2" == "$LDAP_SERVICE_NAME" && $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]]
then
sudo rm -rf volume/openldap/data
mkdir volume/openldap/data
chmod a+w volume/openldap/data -R
chmod a+r volume/openldap/data -R
fi
if [[ "$2" == "$CAS_SERVICE_NAME" && $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
Question_ouinon "Souhaitez-vous supprimer la BDD associé à $2 ?"
if [ "$?" = 0 ]
then
docker-compose exec $MARIADB_SERVICE_NAME /envole/delete.sh $CAS_SERVICE_NAME
fi
fi
fi
elif [[ $1 == "env" ]]
then
rm -f ./.env.local
cat ./env/.env* >> ./.env.local
fi
echo
echo

View File

@ -0,0 +1,67 @@
FROM alpine:3.15
RUN apk add --no-cache \
bash \
sed \
vim \
ca-certificates \
openldap-clients \
wget \
npm \
git \
curl \
unzip \
zip \
openssl
RUN apk add --no-cache \
apache2 \
apache2-proxy \
apache2-ssl
RUN apk add --no-cache \
php7 \
php7-apache2 \
php7-gd \
php7-zip \
php7-xml \
php7-ctype \
php7-simplexml \
php7-tokenizer \
php7-sodium \
php7-dom \
php7-pdo \
php7-pdo_pgsql \
php7-pdo_mysql \
php7-curl \
php7-ldap \
php7-pecl-igbinary \
php7-session \
php7-pecl-redis \
php7-fileinfo \
php7-xmlwriter \
php7-openssl \
php7-phar \
php7-iconv \
php7-mbstring \
php7-fpm \
php7-sockets \
php7-opcache \
php7-intl \
php7-bcmath \
php7-pecl-ssh2
RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash
RUN curl -sS https://getcomposer.org/installer | php -- --1 --install-dir=/usr/local/bin --filename=composer
RUN npm install -g n
RUN npm install -g yarn
COPY apache2.sh /etc/apache2/apache2.sh
RUN chmod +x /etc/apache2/apache2.sh
COPY php.local.ini /etc/php7/conf.d/
COPY apache.conf /etc/apache2/conf.d/zapp.conf
COPY ssl.conf /etc/apache2/conf.d/ssl.conf
COPY index.php /app/public/index.php
CMD /etc/apache2/apache2.sh

View File

@ -0,0 +1,19 @@
LoadModule rewrite_module modules/mod_rewrite.so
ServerName nineapache.local
DocumentRoot "/app/public"
<Directory "/app/public">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
RewriteEngine On
RewriteCond %{REQUEST_URI}::$0 ^(/.+)/(.*)::\2$
RewriteRule .* - [E=BASE:%1]
RewriteCond %{HTTP:Authorization} .+
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0]
RewriteCond %{ENV:REDIRECT_STATUS} =""
RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ %{ENV:BASE}/index.php [L]
</Directory>

View File

@ -0,0 +1,27 @@
#!/bin/bash
envfile=/etc/apache2/conf.d/env.conf
haveenv=/etc/apache2/haveenv.txt
rm -rf $envfile
rm -rf $haveenv
echo "GENERATION DES VARIABLES D'ENVIRONNEMENT"
printf "\n# Expose environment variables to scripts.\nPassEnv" >> $envfile
compgen -e | while read name ; do
if [[ "$name" != "TERM" && "$name" != "HOME" && "$name" != "HOSTNAME" && "$name" != "PATH" && "$name" != "PWD" && "$name" != "SHLVL" ]]
then
touch $haveenv
printf " $name" >> $envfile
fi
done
printf "\n" >> $envfile
if [[ ! -f $haveenv ]]
then
rm -rf $envfile
fi
rm -rf $haveenv
echo "START HTTPD"
httpd -DFOREGROUND

View File

@ -0,0 +1,9 @@
<?php
echo "<html><head><title>Nineapache 7</title></head><body>";
echo "<h1><center>NINEAPACHE 7</center></h1>";
echo phpinfo();
echo "</body></html>";
?>

View File

@ -0,0 +1,3 @@
memory_limit = 512M
upload_max_filesize = 512M
post_max_size = 512M

View File

@ -0,0 +1,43 @@
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/var/cache/mod_ssl/scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "/app/public"
ServerName www.example.com:443
ServerAdmin you@example.com
ErrorLog logs/ssl_error.log
TransferLog logs/ssl_access.log
SSLEngine on
SSLCertificateFile /etc/ssl/apache2/server.pem
SSLCertificateKeyFile /etc/ssl/apache2/server.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/app/public/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

View File

@ -0,0 +1,11 @@
version: '3'
services:
nineapache:
build:
context: ./containers/nineapache
image: reg.cadoles.com/envole/nineapache:7.4
container_name: nineapache7
ports:
- 8080:80

View File

@ -0,0 +1,68 @@
FROM alpine:3.18
RUN apk add --no-cache \
bash \
sed \
vim \
ca-certificates \
openldap-clients \
wget \
npm \
git \
curl \
unzip \
zip \
openssl
RUN apk add --no-cache \
apache2 \
apache2-proxy \
apache2-ssl
RUN apk add --no-cache \
php81 \
php81-apache2 \
php81-gd \
php81-zip \
php81-xml \
php81-ctype \
php81-simplexml \
php81-tokenizer \
php81-sodium \
php81-dom \
php81-pdo \
php81-pdo_pgsql \
php81-pdo_mysql \
php81-curl \
php81-ldap \
php81-pecl-igbinary \
php81-session \
php81-pecl-redis \
php81-fileinfo \
php81-xmlwriter \
php81-openssl \
php81-phar \
php81-iconv \
php81-mbstring \
php81-fpm \
php81-sockets \
php81-opcache \
php81-intl \
php81-bcmath \
php81-pecl-ssh2
RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
RUN npm install -g n
RUN npm install -g yarn
COPY apache2.sh /etc/apache2/apache2.sh
RUN chmod +x /etc/apache2/apache2.sh
COPY php.local.ini /etc/php81/conf.d/
COPY apache.conf /etc/apache2/conf.d/zapp.conf
COPY ssl.conf /etc/apache2/conf.d/ssl.conf
COPY index.php /app/public/index.php
CMD /etc/apache2/apache2.sh

View File

@ -0,0 +1,20 @@
LoadModule rewrite_module modules/mod_rewrite.so
ServerName nineapache.local
DocumentRoot "/app/public"
<Directory "/app/public">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
RewriteEngine On
RewriteCond %{REQUEST_URI}::$0 ^(/.+)/(.*)::\2$
RewriteRule .* - [E=BASE:%1]
RewriteCond %{HTTP:Authorization} .+
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0]
RewriteCond %{ENV:REDIRECT_STATUS} =""
RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ %{ENV:BASE}/index.php [L]
</Directory>

View File

@ -0,0 +1,27 @@
#!/bin/bash
envfile=/etc/apache2/conf.d/env.conf
haveenv=/etc/apache2/haveenv.txt
rm -rf $envfile
rm -rf $haveenv
echo "GENERATION DES VARIABLES D'ENVIRONNEMENT"
printf "\n# Expose environment variables to scripts.\nPassEnv" >> $envfile
compgen -e | while read name ; do
if [[ "$name" != "TERM" && "$name" != "HOME" && "$name" != "HOSTNAME" && "$name" != "PATH" && "$name" != "PWD" && "$name" != "SHLVL" ]]
then
touch $haveenv
printf " $name" >> $envfile
fi
done
printf "\n" >> $envfile
if [[ ! -f $haveenv ]]
then
rm -rf $envfile
fi
rm -rf $haveenv
echo "START HTTPD"
httpd -DFOREGROUND

View File

@ -0,0 +1,9 @@
<?php
echo "<html><head><title>Nineapache 8</title></head><body>";
echo "<h1><center>NINEAPACHE 8</center></h1>";
echo phpinfo();
echo "</body></html>";
?>

View File

@ -0,0 +1,3 @@
memory_limit = 512M
upload_max_filesize = 512M
post_max_size = 512M

View File

@ -0,0 +1,43 @@
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/var/cache/mod_ssl/scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "/app/public"
ServerName www.example.com:443
ServerAdmin you@example.com
ErrorLog logs/ssl_error.log
TransferLog logs/ssl_access.log
SSLEngine on
SSLCertificateFile /etc/ssl/apache2/server.pem
SSLCertificateKeyFile /etc/ssl/apache2/server.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/app/public/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

View File

@ -0,0 +1,10 @@
version: '3'
services:
nineapache:
build:
context: ./containers/nineapache
image: reg.cadoles.com/envole/nineapache:8.1
container_name: nineapache8
ports:
- 8080:443

View File

@ -0,0 +1,111 @@
#!/usr/bin/env bash
# Source: https://github.com/Silejonu/bash_loading_animations
# shellcheck disable=SC2034 # https://github.com/koalaman/shellcheck/wiki/SC2034
### Loading animations list ###
# The first value of an array is the interval (in seconds) between each frame
## ASCII animations ##
# Will work in any terminal, including the TTY.
BLA_classic=( 0.25 '-' "\\" '|' '/' )
BLA_box=( 0.2 ┤ ┴ ├ ┬ )
BLA_bubble=( 0.6 · o O O o · )
BLA_breathe=( 0.9 '  ()  ' ' (  ) ' '(    )' ' (  ) ' )
BLA_growing_dots=( 0.5 '.  ' '.. ' '...' '.. ' '.  ' '   ' )
BLA_passing_dots=( 0.25 '.  ' '.. ' '...' ' ..' '  .' '   ' )
BLA_metro=( 0.2 '[    ]' '[=   ]' '[==  ]' '[=== ]' '[ ===]' '[  ==]' '[   =]' )
BLA_snake=( 0.4 '[=     ]' '[~<    ]' '[~~=   ]' '[~~~<  ]' '[ ~~~= ]' '[  ~~~<]' '[   ~~~]' '[    ~~]' '[     ~]' '[      ]' )
BLA_filling_bar=( 0.25 '█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████████████████▒▒▒▒▒▒▒▒▒▒▒▒' '█████████████████████▒▒▒▒▒▒▒▒▒▒▒' '██████████████████████▒▒▒▒▒▒▒▒▒▒' '███████████████████████▒▒▒▒▒▒▒▒▒' '████████████████████████▒▒▒▒▒▒▒▒' '█████████████████████████▒▒▒▒▒▒▒' '██████████████████████████▒▒▒▒▒▒' '███████████████████████████▒▒▒▒▒' '████████████████████████████▒▒▒▒' '█████████████████████████████▒▒▒' '██████████████████████████████▒▒' '███████████████████████████████▒' '████████████████████████████████')
## UTF-8 animations ##
# Require Unicode support (will work in most modern terminals, but not in TTY).
# Some animations may not render properly with certain fonts.
BLA_classic_utf8=( 0.25 '—' "\\" '|' '/' )
BLA_bounce=( 0.3 . · ˙ · )
BLA_vertical_block=( 0.25 ▁ ▂ ▃ ▄ ▅ ▆ ▇ █ █ ▇ ▆ ▅ ▄ ▃ ▂ ▁ )
BLA_horizontal_block=( 0.25 ▏ ▎ ▍ ▌ ▋ ▊ ▉ ▉ ▊ ▋ ▌ ▍ ▎ ▏ )
BLA_quarter=( 0.25 ▖ ▘ ▝ ▗ )
BLA_triangle=( 0.45 ◢ ◣ ◤ ◥)
BLA_semi_circle=( 0.1 ◐ ◓ ◑ ◒ )
BLA_rotating_eyes=( 0.4 ◡◡ ⊙⊙ ⊙⊙ ◠◠ )
BLA_firework=( 0.4 '⢀' '⠠' '⠐' '⠈' '*' '*' ' ' )
BLA_braille=( 0.2 ⠁ ⠂ ⠄ ⡀ ⢀ ⠠ ⠐ ⠈ )
BLA_braille_whitespace=( 0.2 ⣾ ⣽ ⣻ ⢿ ⡿ ⣟ ⣯ ⣷ )
BLA_trigram=( 0.25 ☰ ☱ ☳ ☶ ☴ )
BLA_arrow=( 0.15 ▹▹▹▹▹ ▸▹▹▹▹ ▹▸▹▹▹ ▹▹▸▹▹ ▹▹▹▸▹ ▹▹▹▹▸ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ )
BLA_bouncing_ball=( 0.4 '(●     )' '( ●    )' '(  ●   )' '(   ●  )' '(    ● )' '(     ●)' '(    ● )' '(   ●  )' '(  ●   )' '( ●    )' )
BLA_big_dot=( 0.7 ∙∙∙ ●∙∙ ∙●∙ ∙∙● )
BLA_modern_metro=( 0.15 ▰▱▱▱▱▱▱ ▰▰▱▱▱▱▱ ▰▰▰▱▱▱▱ ▱▰▰▰▱▱▱ ▱▱▰▰▰▱▱ ▱▱▱▰▰▰▱ ▱▱▱▱▰▰▰ ▱▱▱▱▱▰▰ ▱▱▱▱▱▱▰ ▱▱▱▱▱▱▱ ▱▱▱▱▱▱▱ ▱▱▱▱▱▱▱ ▱▱▱▱▱▱▱ )
BLA_pong=( 0.35 '▐⠂       ▌' '▐⠈       ▌' '▐ ⠂      ▌' '▐ ⠠      ▌' '▐  ⡀     ▌' '▐  ⠠     ▌' '▐   ⠂    ▌' '▐   ⠈    ▌' '▐    ⠂   ▌' '▐    ⠠   ▌' '▐     ⡀  ▌' '▐     ⠠  ▌' '▐      ⠂ ▌' '▐      ⠈ ▌' '▐       ⠂▌' '▐       ⠠▌' '▐       ⡀▌' '▐      ⠠ ▌' '▐      ⠂ ▌' '▐     ⠈  ▌' '▐     ⠂  ▌' '▐    ⠠   ▌' '▐    ⡀   ▌' '▐   ⠠    ▌' '▐   ⠂    ▌' '▐  ⠈     ▌' '▐  ⠂     ▌' '▐ ⠠      ▌' '▐ ⡀      ▌' '▐⠠       ▌' )
BLA_earth=( 0.45 🌍 🌎 🌏 )
BLA_clock=( 0.2 🕛 🕐 🕑 🕒 🕓 🕔 🕕 🕖 🕗 🕘 🕙 🕚 )
BLA_moon=( 0.8 🌑 🌒 🌓 🌔 🌕 🌖 🌗 🌘 )
BLA_orange_pulse=( 0.35 🔸 🔶 🟠 🟠 🔶 )
BLA_blue_pulse=( 0.35 🔹 🔷 🔵 🔵 🔷 )
BLA_football=( 0.25 ' 👧⚽️       👦' '👧  ⚽️      👦' '👧   ⚽️     👦' '👧    ⚽️    👦' '👧     ⚽️   👦' '👧      ⚽️  👦' '👧       ⚽️👦 ' '👧      ⚽️  👦' '👧     ⚽️   👦' '👧    ⚽️    👦' '👧   ⚽️     👦' '👧  ⚽️      👦' )
BLA_blink=( 0.25 😐 😐 😐 😐 😐 😐 😐 😐 😐 😑 )
BLA_camera=( 0.1 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📸 📷 📸 )
BLA_sparkling_camera=( 0.1 '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📸✨' '📷 ' '📸✨' )
BLA_sick=( 0.9 🤢 🤢 🤮 )
BLA_monkey=( 0.4 🙉 🙈 🙊 🙈 )
BLA_bomb=( 0.25 '💣   ' ' 💣  ' '  💣 ' '   💣' '   💣' '   💣' '   💣' '   💣' '   💥' '    ' '    ' )
declare -a BLA_active_loading_animation
BLA::play_loading_animation_loop() {
while true ; do
for frame in "${BLA_active_loading_animation[@]}" ; do
printf "\r%s" "${frame}"
sleep "${BLA_loading_animation_frame_interval}"
done
done
}
BLA::start_loading_animation() {
BLA_active_loading_animation=( "${@}" )
# Extract the delay between each frame from array BLA_active_loading_animation
BLA_loading_animation_frame_interval="${BLA_active_loading_animation[0]}"
unset "BLA_active_loading_animation[0]"
tput civis # Hide the terminal cursor
BLA::play_loading_animation_loop &
BLA_loading_animation_pid="${!}"
}
BLA::stop_loading_animation() {
kill "${BLA_loading_animation_pid}" &> /dev/null
printf "\n"
tput cnorm # Restore the terminal cursor
}
###############################################################################
################################# USAGE GUIDE #################################
###############################################################################
################## Read below for the explanations on how to ##################
################### show loading animations in your script. ###################
###############################################################################
:<<'EXAMPLES'
## Put these lines at the top of your script:
## (replace /path/to/bash_loading_animations.sh with the appropriate filepath)
# Load in the functions and animations
source /path/to/bash_loading_animations.sh
# Run BLA::stop_loading_animation if the script is interrupted
trap BLA::stop_loading_animation SIGINT
# Show a loading animation for the command "foo"
BLA::start_loading_animation "${BLA_name_of_the_animation[@]}"
foo
BLA::stop_loading_animation
# If foo prints some output in the terminal, you may want to add:
foo 1> /dev/null # hide standard output
# or
foo 2> /dev/null # hide error messages
# or
foo &> /dev/null # hide all output
EXAMPLES

View File

@ -0,0 +1,186 @@
#!/bin/bash
TPUT=/usr/bin/tput
#test si TPUT est utilisable
if [ ! "$TERM" = "" ] && $TPUT hpa 60 >/dev/null 2>&1 && $TPUT setaf 1 >/dev/null 2>&1; then
FANCYTTY=1
else
FANCYTTY=0
fi
Pause() {
if [ "$ModeTxt" == "yes" ];then
echo
elif [ "$ModeEad" == "yes" ];then
echo "<br>"
else
[ $FANCYTTY = 1 ] && $TPUT setaf 6
echo " Appuyez sur Entrée pour continuer ..."
[ $FANCYTTY = 1 ] && $TPUT sgr0
read BiDon
fi
}
Echo() {
if [ "$ModeEad" != "yes" ];
then
echo "$1"
else
echo "$1<br>"
fi
}
EchoColor() {
if [ "$ModeTxt" = "yes" ];then
echo "$1"
elif [ "$ModeEad" = "yes" ];then
echo "<FONT color=\"$3\"> $1 </FONT><br>"
else
[ "$FANCYTTY" = 1 ] && $TPUT setaf $2
echo "$1"
[ "$FANCYTTY" = 1 ] && $TPUT sgr0
fi
}
EchoRouge() {
EchoColor "$1" "1" "red"
}
EchoVert() {
EchoColor "$1" "2" "green"
}
EchoOrange() {
EchoColor "$1" "3" "orange"
}
EchoBleu() {
EchoColor "$1" "4" "blue"
}
EchoMagenta() {
EchoColor "$1" "5" "magenta"
}
EchoCyan() {
EchoColor "$1" "6" "cyan"
}
EchoBlanc() {
EchoColor "$1" "7" "white"
}
EchoGras() {
if [ "$ModeTxt" == "yes" ];then
echo "$1"
elif [ "$ModeEad" == "yes" ];then
echo "<b> $1 </b><br>"
else
[ $FANCYTTY = 1 ] && $TPUT bold
echo "$1"
[ $FANCYTTY = 1 ] && $TPUT sgr0
fi
}
Clear() {
if [ "$ModeEad" != "yes" -a "$ModeTxt" != "yes" ];then
clear
fi
}
Question_ouinon() {
#attention, il faut synchroniser les modifications avec /usr/share/pyshared/pyeole/ihm.py
question=$1
[ "$2" = "" ] && interactive='True' || interactive=$2
[ "$3" = "" ] && default="non" || default=$3
[ "$4" = "" ] && level="info" || level=$4
[ "$5" = "" ] && default_uninteractive=$default || default_uninteractive=$5
[ ! "$interactive" = "True" ] && [ ! "$interactive" = "False" ] && echo "Question_ouinon : interactive doit être True ou False" && exit 1
[ ! "$default" = "oui" ] && [ ! "$default" = "non" ] && echo "Question_ouinon : default doit etre oui ou non" && exit 1
[ ! "$default_uninteractive" = "oui" ] && [ ! "$default_uninteractive" = "non" ] && echo "Question_ouinon : default_uninteractive doit etre oui ou non" && exit 1
[ ! "$level" = "info" ] && [ ! "$level" = "warn" ] && [ ! "$level" = "err" ] && echo "Question_ouinon : level doit etre info, warn ou err" && exit 1
#non interactive
if [ "$interactive" = "False" ]; then
Rep=default_uninteractive
else
question="$question [oui/non]"
if [ $level = "info" ]; then
echo "$question"
elif [ $level = "warn" ]; then
EchoOrange "$question"
else
EchoRouge "$question"
fi
echo -n "[$default] : "
read Rep
#passe en minuscule
Rep=`echo $Rep | tr A-Z a-z`
fi
if [ "$default" = "non" ]; then
if [ "$Rep" = "oui" -o "$Rep" = "o" -o "$Rep" = "yes" -o "$Rep" = "y" ];then
return 0
else
return 1
fi
else
if [ "$Rep" = "non" -o "$Rep" = "n" -o "$Rep" = "no" ];then
return 1
else
return 0
fi
fi
}
EchoStart() {
for i in $(eval echo "{1..30}")
do
ligne+="="
done
clear
}
BigTitle(){
size=`tput cols`
nb=${#1}
nbchar=$(($size - $nb - 4))
ligne=""
for i in $(eval echo "{1..$size}")
do
ligne+="="
done
finligne=""
for i in $(eval echo "{1..$nbchar}")
do
finligne+="="
done
echo
EchoVert $ligne
EchoVert "== $1 $finligne"
EchoVert $ligne
echo
}
Title(){
size=`tput cols`
nb=${#1}
nbchar=$(($size - $nb - 4))
ligne=""
for i in $(eval echo "{1..$size}")
do
ligne+="="
done
finligne=""
for i in $(eval echo "{1..$nbchar}")
do
finligne+="="
done
echo
EchoCyan "== $1 $finligne"
echo
}

View File

@ -0,0 +1,2422 @@
{
"id": "envole",
"realm": "envole",
"displayName": "Keycloak",
"displayNameHtml": "<div class=\"kc-logo-text\"><span>Envole</span></div>",
"notBefore": 0,
"defaultSignatureAlgorithm": "RS256",
"revokeRefreshToken": false,
"refreshTokenMaxReuse": 0,
"accessTokenLifespan": 60,
"accessTokenLifespanForImplicitFlow": 900,
"ssoSessionIdleTimeout": 1800,
"ssoSessionMaxLifespan": 36000,
"ssoSessionIdleTimeoutRememberMe": 0,
"ssoSessionMaxLifespanRememberMe": 0,
"offlineSessionIdleTimeout": 2592000,
"offlineSessionMaxLifespanEnabled": false,
"offlineSessionMaxLifespan": 5184000,
"clientSessionIdleTimeout": 0,
"clientSessionMaxLifespan": 0,
"clientOfflineSessionIdleTimeout": 0,
"clientOfflineSessionMaxLifespan": 0,
"accessCodeLifespan": 60,
"accessCodeLifespanUserAction": 300,
"accessCodeLifespanLogin": 1800,
"actionTokenGeneratedByAdminLifespan": 43200,
"actionTokenGeneratedByUserLifespan": 300,
"oauth2DeviceCodeLifespan": 600,
"oauth2DevicePollingInterval": 600,
"enabled": true,
"sslRequired": "external",
"registrationAllowed": false,
"registrationEmailAsUsername": false,
"rememberMe": false,
"verifyEmail": false,
"loginWithEmailAllowed": true,
"duplicateEmailsAllowed": false,
"resetPasswordAllowed": false,
"editUsernameAllowed": false,
"bruteForceProtected": false,
"permanentLockout": false,
"maxFailureWaitSeconds": 900,
"minimumQuickLoginWaitSeconds": 60,
"waitIncrementSeconds": 60,
"quickLoginCheckMilliSeconds": 1000,
"maxDeltaTimeSeconds": 43200,
"failureFactor": 30,
"defaultRole": {
"id": "778a9da1-89ea-4523-9537-0dc533265465",
"name": "default-roles-master",
"description": "${role_default-roles}",
"composite": true,
"clientRole": false,
"containerId": "envole"
},
"requiredCredentials": [
"password"
],
"otpPolicyType": "totp",
"otpPolicyAlgorithm": "HmacSHA1",
"otpPolicyInitialCounter": 0,
"otpPolicyDigits": 6,
"otpPolicyLookAheadWindow": 1,
"otpPolicyPeriod": 30,
"otpSupportedApplications": [
"FreeOTP",
"Google Authenticator"
],
"webAuthnPolicyRpEntityName": "keycloak",
"webAuthnPolicySignatureAlgorithms": [
"ES256"
],
"webAuthnPolicyRpId": "",
"webAuthnPolicyAttestationConveyancePreference": "not specified",
"webAuthnPolicyAuthenticatorAttachment": "not specified",
"webAuthnPolicyRequireResidentKey": "not specified",
"webAuthnPolicyUserVerificationRequirement": "not specified",
"webAuthnPolicyCreateTimeout": 0,
"webAuthnPolicyAvoidSameAuthenticatorRegister": false,
"webAuthnPolicyAcceptableAaguids": [],
"webAuthnPolicyPasswordlessRpEntityName": "keycloak",
"webAuthnPolicyPasswordlessSignatureAlgorithms": [
"ES256"
],
"webAuthnPolicyPasswordlessRpId": "",
"webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified",
"webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified",
"webAuthnPolicyPasswordlessRequireResidentKey": "not specified",
"webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified",
"webAuthnPolicyPasswordlessCreateTimeout": 0,
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
"webAuthnPolicyPasswordlessAcceptableAaguids": [],
"scopeMappings": [
{
"clientScope": "offline_access",
"roles": [
"offline_access"
]
}
],
"clientScopeMappings": {
"account": [
{
"client": "account-console",
"roles": [
"manage-account"
]
}
]
},
"clients": [
{
"id": "87270d83-7d5e-4dbe-a2d5-33d0cf465ac8",
"clientId": "account",
"name": "${client_account}",
"rootUrl": "${authBaseUrl}",
"baseUrl": "/realms/envole/account/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"/realms/envole/account/*"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "7158adbd-5fbc-4452-87ec-f0d566a34f45",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
},
{
"id": "f5914a8b-94fc-48d4-998e-ef199b0b0882",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
},
{
"id": "86ebd837-9e65-4081-a1cb-8836f310445e",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
},
{
"id": "e6a441b6-524f-407c-a516-127da17b95b7",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "3b851809-0f59-4b0d-9f85-bce72dfe250e",
"clientId": "account-console",
"name": "${client_account-console}",
"rootUrl": "${authBaseUrl}",
"baseUrl": "/realms/envole/account/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"/realms/envole/account/*"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"pkce.code.challenge.method": "S256"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "a255ef19-0537-4a44-84a8-c0b1ff4313b9",
"name": "audience resolve",
"protocol": "openid-connect",
"protocolMapper": "oidc-audience-resolve-mapper",
"consentRequired": false,
"config": {}
},
{
"id": "6b88ea94-98d6-47dd-b656-82933d77ae18",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
},
{
"id": "512a8304-56af-49e5-90b5-c9c05b70033c",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
},
{
"id": "624dd437-2e33-4369-8c7e-a2de1c239f5f",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
},
{
"id": "75e0b103-fbc5-4cc7-9cc4-a68b7d3fdbfd",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "d239802f-534d-4c4f-9a8c-95fe57a928ed",
"clientId": "admin-cli",
"name": "${client_admin-cli}",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": false,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "5ad3b564-2e34-4f06-9ae8-833633ece218",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
},
{
"id": "8eca5774-5f4b-4519-a1b1-227978cf8183",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
},
{
"id": "6a0101c8-2972-4acd-aac6-72149b803555",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
},
{
"id": "620a7c64-22d1-4c33-bda2-d86ff7c702ce",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "7671be05-b84f-481f-b6f8-6254c939268d",
"clientId": "broker",
"name": "${client_broker}",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": true,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "ed454920-baa4-4815-bef6-6f20787d249e",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
},
{
"id": "aa39dee5-5ccb-4461-a79a-0384af9d44ad",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
},
{
"id": "e008d88c-8028-431b-8671-f900635f35fc",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
},
{
"id": "1ff4922e-5c6e-4498-82cc-6766b20c8c1e",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "133d3397-41e7-4ec1-aaf0-a0939da72f58",
"clientId": "envole",
"name": "envole",
"rootUrl": "https://localhost",
"baseUrl": "http://localhost:8000",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"secret": "**********",
"redirectUris": [
"http://localhost*",
"https://localhost*"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "cas",
"attributes": {
"id.token.as.detached.signature": "false",
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"login_theme": "keycloak",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"use.refresh.tokens": "true",
"exclude.session.state.from.auth.response": "false",
"oidc.ciba.grant.enabled": "false",
"saml.artifact.binding": "false",
"backchannel.logout.session.required": "false",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"require.pushed.authorization.requests": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"protocolMappers": [
{
"id": "4e60ce83-fc4e-4f13-addc-ded389802592",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
},
{
"id": "5ebc6595-9386-4834-9f1c-5df10d8a68aa",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
},
{
"id": "5ca43923-49cb-47f2-8c5f-d646808f665c",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
},
{
"id": "e99e05dc-e158-4232-a1a0-a972e9397782",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [
"envole"
],
"optionalClientScopes": []
},
{
"id": "d5474573-906e-4f00-914a-a436049f5ac0",
"clientId": "realm-management",
"name": "${client_realm-management}",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": true,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "eb04593d-ec09-4a65-8b8e-b177bf23b8bc",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
},
{
"id": "9434f197-308e-4266-93e6-1d162a52c6d5",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
},
{
"id": "5195c729-1853-4b2f-a239-16e439265873",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
},
{
"id": "565cf014-8114-47ca-861f-1710035a7023",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "e4c15b58-2e15-4ff3-8e16-ecbd02551978",
"clientId": "security-admin-console",
"name": "${client_security-admin-console}",
"rootUrl": "${authAdminUrl}",
"baseUrl": "/admin/envole/console/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"/admin/envole/console/*"
],
"webOrigins": [
"+"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"pkce.code.challenge.method": "S256"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "26bfca71-394c-4ca2-8e74-865a7b9b4182",
"name": "email",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "email",
"claim.name": "mail",
"jsonType.label": "String"
}
},
{
"id": "31a8e7ec-b19b-4195-bcb7-1e8d57f525f6",
"name": "full name",
"protocol": "cas",
"protocolMapper": "cas-full-name-mapper",
"consentRequired": false,
"config": {
"claim.name": "cn",
"jsonType.label": "String"
}
},
{
"id": "f8257533-9a9a-4ac2-85dc-50921351f67b",
"name": "given name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "firstName",
"claim.name": "givenName",
"jsonType.label": "String"
}
},
{
"id": "58da24e2-5491-452c-8a9f-c13e27c01b4f",
"name": "locale",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "locale",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "locale",
"jsonType.label": "String"
}
},
{
"id": "b34ad4e4-ed15-485a-9d7c-8b8ca89386b3",
"name": "family name",
"protocol": "cas",
"protocolMapper": "cas-usermodel-property-mapper",
"consentRequired": false,
"config": {
"user.attribute": "lastName",
"claim.name": "sn",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": [],
"optionalClientScopes": []
}
],
"clientScopes": [
{
"id": "e5bab9e6-0003-405a-bc2a-d96d1c2f7046",
"name": "email",
"description": "OpenID Connect built-in scope: email",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${emailScopeConsentText}"
},
"protocolMappers": [
{
"id": "2cf129d5-5a52-4522-94d3-aeefe5074af1",
"name": "email",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "email",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "email",
"jsonType.label": "String"
}
},
{
"id": "d07c04b4-0c9b-4168-9a87-0d1f8db41c01",
"name": "email verified",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "emailVerified",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "email_verified",
"jsonType.label": "boolean"
}
}
]
},
{
"id": "bd3e8ff5-e456-49bb-8fc5-a4b10bdb161e",
"name": "role_list",
"description": "SAML role list",
"protocol": "saml",
"attributes": {
"consent.screen.text": "${samlRoleListScopeConsentText}",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
"id": "2f00f403-1835-4a67-a05d-31bb0264c0bf",
"name": "role list",
"protocol": "saml",
"protocolMapper": "saml-role-list-mapper",
"consentRequired": false,
"config": {
"single": "false",
"attribute.nameformat": "Basic",
"attribute.name": "Role"
}
}
]
},
{
"id": "df9cfc10-8f39-43fc-a5b3-99e6014dffea",
"name": "profile",
"description": "OpenID Connect built-in scope: profile",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${profileScopeConsentText}"
},
"protocolMappers": [
{
"id": "10b45997-ab67-448b-9396-0adb49948e4c",
"name": "nickname",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "nickname",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "nickname",
"jsonType.label": "String"
}
},
{
"id": "0f172771-2ce4-42e3-926a-ff2f1075af6f",
"name": "locale",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "locale",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "locale",
"jsonType.label": "String"
}
},
{
"id": "3dcf78c2-cd43-4101-a02b-007260a9b612",
"name": "picture",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "picture",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "picture",
"jsonType.label": "String"
}
},
{
"id": "e9ea9414-335f-4c79-8ada-a8cd960100d1",
"name": "website",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "website",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "website",
"jsonType.label": "String"
}
},
{
"id": "2fac0274-ece3-4a89-9818-14adda3a67bc",
"name": "gender",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "gender",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "gender",
"jsonType.label": "String"
}
},
{
"id": "b0f98586-8113-4552-a3fb-fd507c829128",
"name": "zoneinfo",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "zoneinfo",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "zoneinfo",
"jsonType.label": "String"
}
},
{
"id": "6968296c-04b8-45dc-9540-d1f0f3f60221",
"name": "middle name",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "middleName",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "middle_name",
"jsonType.label": "String"
}
},
{
"id": "0d0ad251-5054-4827-be19-44d289ba213d",
"name": "profile",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "profile",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "profile",
"jsonType.label": "String"
}
},
{
"id": "16cdcafc-e1d2-401c-aa06-5bbb865dc216",
"name": "username",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "username",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "preferred_username",
"jsonType.label": "String"
}
},
{
"id": "f367af39-837f-4ebf-b899-515b85bebf74",
"name": "given name",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "firstName",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "given_name",
"jsonType.label": "String"
}
},
{
"id": "c98e8531-fe14-4836-afff-453573504cb5",
"name": "birthdate",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "birthdate",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "birthdate",
"jsonType.label": "String"
}
},
{
"id": "d2a55e94-0e99-4b65-a9dd-2994f41d5f0c",
"name": "updated at",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "updatedAt",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "updated_at",
"jsonType.label": "String"
}
},
{
"id": "cf433524-2dcc-49ef-8493-bf9d92b88101",
"name": "full name",
"protocol": "openid-connect",
"protocolMapper": "oidc-full-name-mapper",
"consentRequired": false,
"config": {
"id.token.claim": "true",
"access.token.claim": "true",
"userinfo.token.claim": "true"
}
},
{
"id": "90a63c1f-a529-47fb-8412-a37bc511d8f7",
"name": "family name",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "lastName",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "family_name",
"jsonType.label": "String"
}
}
]
},
{
"id": "6aa23421-70a4-4e86-88f6-9f0660a61c9b",
"name": "web-origins",
"description": "OpenID Connect scope for add allowed web origins to the access token",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "false",
"display.on.consent.screen": "false",
"consent.screen.text": ""
},
"protocolMappers": [
{
"id": "4949c89a-5149-41ba-87a5-f3cd9b3f6b77",
"name": "allowed web origins",
"protocol": "openid-connect",
"protocolMapper": "oidc-allowed-origins-mapper",
"consentRequired": false,
"config": {}
}
]
},
{
"id": "26b70183-e9a3-4383-893d-578ee135ac91",
"name": "phone",
"description": "OpenID Connect built-in scope: phone",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${phoneScopeConsentText}"
},
"protocolMappers": [
{
"id": "3e193f09-c5c4-4a5e-bf18-a191830cba62",
"name": "phone number verified",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "phoneNumberVerified",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "phone_number_verified",
"jsonType.label": "boolean"
}
},
{
"id": "dcbb0641-3ddf-47aa-ad90-5f5f76f63cbe",
"name": "phone number",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "phoneNumber",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "phone_number",
"jsonType.label": "String"
}
}
]
},
{
"id": "cb7a60bc-d71f-4379-8bbc-d22e48a78a2e",
"name": "address",
"description": "OpenID Connect built-in scope: address",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${addressScopeConsentText}"
},
"protocolMappers": [
{
"id": "b177c977-c857-4c15-b985-8d489f3ab4aa",
"name": "address",
"protocol": "openid-connect",
"protocolMapper": "oidc-address-mapper",
"consentRequired": false,
"config": {
"user.attribute.formatted": "formatted",
"user.attribute.country": "country",
"user.attribute.postal_code": "postal_code",
"userinfo.token.claim": "true",
"user.attribute.street": "street",
"id.token.claim": "true",
"user.attribute.region": "region",
"access.token.claim": "true",
"user.attribute.locality": "locality"
}
}
]
},
{
"id": "a31d82e9-ae91-42e2-ba0d-115f53749780",
"name": "roles",
"description": "OpenID Connect scope for add user roles to the access token",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "false",
"display.on.consent.screen": "true",
"consent.screen.text": "${rolesScopeConsentText}"
},
"protocolMappers": [
{
"id": "0e76249d-2f86-4e0d-8ddc-f034f96837f6",
"name": "audience resolve",
"protocol": "openid-connect",
"protocolMapper": "oidc-audience-resolve-mapper",
"consentRequired": false,
"config": {}
},
{
"id": "fad5d917-9728-43fb-99b8-b23547a125e2",
"name": "client roles",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-client-role-mapper",
"consentRequired": false,
"config": {
"user.attribute": "foo",
"access.token.claim": "true",
"claim.name": "resource_access.${client_id}.roles",
"jsonType.label": "String",
"multivalued": "true"
}
},
{
"id": "cbed5763-4f17-4f30-ae15-d9bcdc20d50a",
"name": "realm roles",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-realm-role-mapper",
"consentRequired": false,
"config": {
"user.attribute": "foo",
"access.token.claim": "true",
"claim.name": "realm_access.roles",
"jsonType.label": "String",
"multivalued": "true"
}
}
]
},
{
"id": "7bc8ebde-3563-4ce1-a0d2-ad58aba2cd7c",
"name": "microprofile-jwt",
"description": "Microprofile - JWT built-in scope",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "false"
},
"protocolMappers": [
{
"id": "e5e10473-8bd1-42b5-89fa-d0b3e90a18ed",
"name": "upn",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-property-mapper",
"consentRequired": false,
"config": {
"userinfo.token.claim": "true",
"user.attribute": "username",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "upn",
"jsonType.label": "String"
}
},
{
"id": "7d0b5233-08f1-47c1-9b21-ae8c471d67e1",
"name": "groups",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-realm-role-mapper",
"consentRequired": false,
"config": {
"multivalued": "true",
"userinfo.token.claim": "true",
"user.attribute": "foo",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "groups",
"jsonType.label": "String"
}
}
]
},
{
"id": "238cdd25-3e87-45cf-badf-89033829a1af",
"name": "envole",
"protocol": "cas",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
"id": "d4e42326-ec8b-4103-8e7b-afdc1c64d904",
"name": "siren",
"protocol": "cas",
"protocolMapper": "cas-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"user.attribute": "siren",
"claim.name": "siren",
"jsonType.label": "String"
}
},
{
"id": "fcd2b58e-8be8-40b4-aec0-132fb6259d93",
"name": "niveau01",
"protocol": "cas",
"protocolMapper": "cas-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"user.attribute": "niveau01",
"claim.name": "niveau01",
"jsonType.label": "String"
}
}
]
},
{
"id": "44ab982e-a384-41a3-8610-a65600c489e4",
"name": "offline_access",
"description": "OpenID Connect built-in scope: offline_access",
"protocol": "openid-connect",
"attributes": {
"consent.screen.text": "${offlineAccessScopeConsentText}",
"display.on.consent.screen": "true"
}
}
],
"defaultDefaultClientScopes": [
"web-origins",
"roles",
"role_list",
"profile",
"email"
],
"defaultOptionalClientScopes": [
"phone",
"offline_access",
"microprofile-jwt",
"address"
],
"browserSecurityHeaders": {
"contentSecurityPolicyReportOnly": "",
"xContentTypeOptions": "nosniff",
"xRobotsTag": "none",
"xFrameOptions": "SAMEORIGIN",
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"xXSSProtection": "1; mode=block",
"strictTransportSecurity": "max-age=31536000; includeSubDomains"
},
"smtpServer": {},
"eventsEnabled": false,
"eventsListeners": [
"jboss-logging"
],
"enabledEventTypes": [],
"adminEventsEnabled": false,
"adminEventsDetailsEnabled": false,
"identityProviders": [],
"identityProviderMappers": [],
"components": {
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
{
"id": "4534f093-d690-4e0e-afe1-3590257718f4",
"name": "Max Clients Limit",
"providerId": "max-clients",
"subType": "anonymous",
"subComponents": {},
"config": {
"max-clients": [
"200"
]
}
},
{
"id": "6c90c03e-45f7-4ea6-83eb-fc6131e24c34",
"name": "Allowed Protocol Mapper Types",
"providerId": "allowed-protocol-mappers",
"subType": "anonymous",
"subComponents": {},
"config": {
"allowed-protocol-mapper-types": [
"oidc-usermodel-attribute-mapper",
"saml-user-property-mapper",
"oidc-address-mapper",
"oidc-full-name-mapper",
"saml-role-list-mapper",
"oidc-sha256-pairwise-sub-mapper",
"oidc-usermodel-property-mapper",
"saml-user-attribute-mapper"
]
}
},
{
"id": "55c9c339-6151-47cb-9f95-99076e157e1c",
"name": "Full Scope Disabled",
"providerId": "scope",
"subType": "anonymous",
"subComponents": {},
"config": {}
},
{
"id": "e7af1382-7b01-4b25-9ae1-57bec1f0fec2",
"name": "Trusted Hosts",
"providerId": "trusted-hosts",
"subType": "anonymous",
"subComponents": {},
"config": {
"host-sending-registration-request-must-match": [
"true"
],
"client-uris-must-match": [
"true"
]
}
},
{
"id": "09380ed6-96a9-43ab-ba83-cb864a3f509a",
"name": "Allowed Client Scopes",
"providerId": "allowed-client-templates",
"subType": "anonymous",
"subComponents": {},
"config": {
"allow-default-scopes": [
"true"
]
}
},
{
"id": "64924b80-6b72-4991-a838-b1c275cb79f8",
"name": "Consent Required",
"providerId": "consent-required",
"subType": "anonymous",
"subComponents": {},
"config": {}
},
{
"id": "509b7501-be18-4425-bb25-68fe6868dc73",
"name": "Allowed Protocol Mapper Types",
"providerId": "allowed-protocol-mappers",
"subType": "authenticated",
"subComponents": {},
"config": {
"allowed-protocol-mapper-types": [
"saml-user-attribute-mapper",
"oidc-sha256-pairwise-sub-mapper",
"saml-user-property-mapper",
"oidc-usermodel-attribute-mapper",
"oidc-full-name-mapper",
"oidc-address-mapper",
"oidc-usermodel-property-mapper",
"saml-role-list-mapper"
]
}
},
{
"id": "164c42e5-13a3-4d67-82dd-3a24a21099c5",
"name": "Allowed Client Scopes",
"providerId": "allowed-client-templates",
"subType": "authenticated",
"subComponents": {},
"config": {
"allow-default-scopes": [
"true"
]
}
}
],
"org.keycloak.userprofile.UserProfileProvider": [
{
"id": "57b8edbf-3395-4ac3-80d7-2bd0ca1ec792",
"providerId": "declarative-user-profile",
"subComponents": {},
"config": {}
}
],
"org.keycloak.storage.UserStorageProvider": [
{
"id": "cc488d45-7acf-4460-9ce3-92fa33f2169a",
"name": "ldap",
"providerId": "ldap",
"subComponents": {
"org.keycloak.storage.ldap.mappers.LDAPStorageMapper": [
{
"id": "05b4c1c5-f1b3-418f-b4e3-40149e08cb9f",
"name": "email",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"mail"
],
"is.mandatory.in.ldap": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"true"
],
"always.read.value.from.ldap": [
"false"
],
"user.model.attribute": [
"email"
]
}
},
{
"id": "a019bec6-f45a-4cee-a2e2-04454e31c8a7",
"name": "username",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"uid"
],
"is.mandatory.in.ldap": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"true"
],
"user.model.attribute": [
"username"
]
}
},
{
"id": "a5717a47-a717-4655-98cf-0cdfab2c8d9b",
"name": "modify date",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"modifyTimestamp"
],
"is.mandatory.in.ldap": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"modifyTimestamp"
]
}
},
{
"id": "3dc5921d-44ac-4748-8c61-a4f1e2052d95",
"name": "niveau01",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"niveau01"
],
"is.mandatory.in.ldap": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"true"
],
"user.model.attribute": [
"niveau01"
]
}
},
{
"id": "4dc6f603-4c19-466e-8929-279fd246c3b5",
"name": "last name",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"sn"
],
"is.mandatory.in.ldap": [
"true"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"lastName"
]
}
},
{
"id": "b35862bf-04c1-4b72-9eb4-1a511b44d66e",
"name": "first name",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"givenName"
],
"is.mandatory.in.ldap": [
"false"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"firstname"
]
}
},
{
"id": "207e55ef-e171-4a96-ad85-7d9899472991",
"name": "siren",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"siren"
],
"is.mandatory.in.ldap": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"true"
],
"user.model.attribute": [
"siren"
]
}
},
{
"id": "faf41ea6-f9f8-4872-9b9e-2461e0d9b834",
"name": "creation date",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"createTimestamp"
],
"is.mandatory.in.ldap": [
"false"
],
"read.only": [
"true"
],
"always.read.value.from.ldap": [
"true"
],
"user.model.attribute": [
"createTimestamp"
]
}
}
]
},
"config": {
"pagination": [
"true"
],
"fullSyncPeriod": [
"-1"
],
"connectionPooling": [
"true"
],
"usersDn": [
"ou=user,ou=ninegate,dc=envole,dc=org"
],
"cachePolicy": [
"DEFAULT"
],
"useKerberosForPasswordAuthentication": [
"false"
],
"importEnabled": [
"false"
],
"enabled": [
"true"
],
"usernameLDAPAttribute": [
"uid"
],
"bindCredential": [
"changeme"
],
"changedSyncPeriod": [
"-1"
],
"bindDn": [
"cn=admin,dc=envole,dc=org"
],
"lastSync": [
"1698698495"
],
"vendor": [
"other"
],
"uuidLDAPAttribute": [
"entryUUID"
],
"connectionUrl": [
"ldap://openldap:1389"
],
"allowKerberosAuthentication": [
"false"
],
"syncRegistrations": [
"false"
],
"authType": [
"simple"
],
"debug": [
"false"
],
"searchScope": [
"1"
],
"useTruststoreSpi": [
"ldapsOnly"
],
"trustEmail": [
"false"
],
"priority": [
"0"
],
"userObjectClasses": [
"inetOrgPerson, organizationalPerson"
],
"rdnLDAPAttribute": [
"uid"
],
"editMode": [
"READ_ONLY"
],
"validatePasswordPolicy": [
"false"
],
"batchSizeForSync": [
"1000"
]
}
}
],
"org.keycloak.keys.KeyProvider": [
{
"id": "20be504c-5093-4f94-b9c8-8048c49301dd",
"name": "hmac-generated",
"providerId": "hmac-generated",
"subComponents": {},
"config": {
"priority": [
"100"
],
"algorithm": [
"HS256"
]
}
},
{
"id": "89c846d9-b9e9-4022-8cf7-03a63e4efc03",
"name": "rsa-enc-generated",
"providerId": "rsa-enc-generated",
"subComponents": {},
"config": {
"priority": [
"100"
],
"algorithm": [
"RSA-OAEP"
]
}
},
{
"id": "048bb6eb-5423-476b-9c19-d39e6640a1cf",
"name": "aes-generated",
"providerId": "aes-generated",
"subComponents": {},
"config": {
"priority": [
"100"
]
}
},
{
"id": "f1c978f6-a133-46f6-a784-bc1c6a9dace9",
"name": "rsa-generated",
"providerId": "rsa-generated",
"subComponents": {},
"config": {
"priority": [
"100"
]
}
}
]
},
"internationalizationEnabled": false,
"supportedLocales": [],
"authenticationFlows": [
{
"id": "2769839a-7135-4319-bcf2-1208e18004cb",
"alias": "Account verification options",
"description": "Method with which to verity the existing account",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "idp-email-verification",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "ALTERNATIVE",
"priority": 20,
"flowAlias": "Verify Existing Account by Re-authentication",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "a03d0c39-b304-479f-beb3-0ac34048b3e7",
"alias": "Authentication Options",
"description": "Authentication options.",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "basic-auth",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "basic-auth-otp",
"authenticatorFlow": false,
"requirement": "DISABLED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-spnego",
"authenticatorFlow": false,
"requirement": "DISABLED",
"priority": 30,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "ccb129aa-f7e7-4111-a463-a19206b7fb37",
"alias": "Browser - Conditional OTP",
"description": "Flow to determine if the OTP is required for the authentication",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "conditional-user-configured",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-otp-form",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "e590c666-bf10-455b-8a0b-fe26d15a5c0a",
"alias": "Direct Grant - Conditional OTP",
"description": "Flow to determine if the OTP is required for the authentication",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "conditional-user-configured",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "direct-grant-validate-otp",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "272ef112-7124-4361-83e1-fab3a43cb68d",
"alias": "First broker login - Conditional OTP",
"description": "Flow to determine if the OTP is required for the authentication",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "conditional-user-configured",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-otp-form",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "2e80c4de-0a90-4751-919e-4cad083ebb39",
"alias": "Handle Existing Account",
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "idp-confirm-link",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "REQUIRED",
"priority": 20,
"flowAlias": "Account verification options",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "501be6a7-b886-4e0f-9b13-5ceabdb59ef6",
"alias": "Reset - Conditional OTP",
"description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "conditional-user-configured",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "reset-otp",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "06e92c43-c436-4a32-91c5-6bb536403405",
"alias": "User creation or linking",
"description": "Flow for the existing/non-existing user alternatives",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticatorConfig": "create unique user config",
"authenticator": "idp-create-user-if-unique",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "ALTERNATIVE",
"priority": 20,
"flowAlias": "Handle Existing Account",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "96c60c50-0210-48c7-b39d-3118e11227b9",
"alias": "Verify Existing Account by Re-authentication",
"description": "Reauthentication of existing account",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "idp-username-password-form",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "CONDITIONAL",
"priority": 20,
"flowAlias": "First broker login - Conditional OTP",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "731ece9d-bfbb-4174-864d-3d609a6a9a8d",
"alias": "browser",
"description": "browser based authentication",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "auth-cookie",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-spnego",
"authenticatorFlow": false,
"requirement": "DISABLED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "identity-provider-redirector",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 25,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "ALTERNATIVE",
"priority": 30,
"flowAlias": "forms",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "3b6dedee-71b5-408c-a4ef-c3d9d56491fa",
"alias": "clients",
"description": "Base authentication for clients",
"providerId": "client-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "client-secret",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "client-jwt",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "client-secret-jwt",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 30,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "client-x509",
"authenticatorFlow": false,
"requirement": "ALTERNATIVE",
"priority": 40,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "05623406-4a49-4f73-a52e-16119b5ee7fa",
"alias": "direct grant",
"description": "OpenID Connect Resource Owner Grant",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "direct-grant-validate-username",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "direct-grant-validate-password",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "CONDITIONAL",
"priority": 30,
"flowAlias": "Direct Grant - Conditional OTP",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "7b96140b-16c1-4fb8-a59f-a362603b9830",
"alias": "docker auth",
"description": "Used by Docker clients to authenticate against the IDP",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "docker-http-basic-authenticator",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "53ce2fa4-56a0-4165-839d-62c3e14c15f7",
"alias": "first broker login",
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticatorConfig": "review profile config",
"authenticator": "idp-review-profile",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "REQUIRED",
"priority": 20,
"flowAlias": "User creation or linking",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "f9a1fd59-e174-40e9-a28a-643b51366e4d",
"alias": "forms",
"description": "Username, password, otp and other auth forms.",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "auth-username-password-form",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "CONDITIONAL",
"priority": 20,
"flowAlias": "Browser - Conditional OTP",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "19d3a997-c030-401e-903c-d168650f0413",
"alias": "http challenge",
"description": "An authentication flow based on challenge-response HTTP Authentication Schemes",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "no-cookie-redirect",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "REQUIRED",
"priority": 20,
"flowAlias": "Authentication Options",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "100db2b7-d0b1-4287-909a-8ab0a5f268bb",
"alias": "registration",
"description": "registration flow",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "registration-page-form",
"authenticatorFlow": true,
"requirement": "REQUIRED",
"priority": 10,
"flowAlias": "registration form",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "549011b0-b533-48cf-90d0-d1b8ca11105c",
"alias": "registration form",
"description": "registration form",
"providerId": "form-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "registration-user-creation",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "registration-profile-action",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 40,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "registration-password-action",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 50,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "registration-recaptcha-action",
"authenticatorFlow": false,
"requirement": "DISABLED",
"priority": 60,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "98bc4f2e-8bc3-4187-97dc-90ce7ef0909d",
"alias": "reset credentials",
"description": "Reset credentials for a user if they forgot their password or something",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "reset-credentials-choose-user",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "reset-credential-email",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "reset-password",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 30,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorFlow": true,
"requirement": "CONDITIONAL",
"priority": 40,
"flowAlias": "Reset - Conditional OTP",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "30f9008c-cba1-480f-9547-e0ad994f6165",
"alias": "saml ecp",
"description": "SAML ECP Profile Authentication Flow",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "http-basic-authenticator",
"authenticatorFlow": false,
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
}
],
"authenticatorConfig": [
{
"id": "8e916fa6-4d7e-4247-a9fa-5a185f23b6cb",
"alias": "create unique user config",
"config": {
"require.password.update.after.registration": "false"
}
},
{
"id": "91f281c4-3965-4897-a495-b61d15083306",
"alias": "review profile config",
"config": {
"update.profile.on.first.login": "missing"
}
}
],
"requiredActions": [
{
"alias": "CONFIGURE_TOTP",
"name": "Configure OTP",
"providerId": "CONFIGURE_TOTP",
"enabled": true,
"defaultAction": false,
"priority": 10,
"config": {}
},
{
"alias": "terms_and_conditions",
"name": "Terms and Conditions",
"providerId": "terms_and_conditions",
"enabled": false,
"defaultAction": false,
"priority": 20,
"config": {}
},
{
"alias": "UPDATE_PASSWORD",
"name": "Update Password",
"providerId": "UPDATE_PASSWORD",
"enabled": true,
"defaultAction": false,
"priority": 30,
"config": {}
},
{
"alias": "UPDATE_PROFILE",
"name": "Update Profile",
"providerId": "UPDATE_PROFILE",
"enabled": true,
"defaultAction": false,
"priority": 40,
"config": {}
},
{
"alias": "VERIFY_EMAIL",
"name": "Verify Email",
"providerId": "VERIFY_EMAIL",
"enabled": true,
"defaultAction": false,
"priority": 50,
"config": {}
},
{
"alias": "delete_account",
"name": "Delete Account",
"providerId": "delete_account",
"enabled": false,
"defaultAction": false,
"priority": 60,
"config": {}
},
{
"alias": "update_user_locale",
"name": "Update User Locale",
"providerId": "update_user_locale",
"enabled": true,
"defaultAction": false,
"priority": 1000,
"config": {}
}
],
"browserFlow": "browser",
"registrationFlow": "registration",
"directGrantFlow": "direct grant",
"resetCredentialsFlow": "reset credentials",
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth",
"attributes": {
"cibaBackchannelTokenDeliveryMode": "poll",
"cibaExpiresIn": "120",
"cibaAuthRequestedUserHint": "login_hint",
"oauth2DeviceCodeLifespan": "600",
"clientOfflineSessionMaxLifespan": "0",
"oauth2DevicePollingInterval": "600",
"clientSessionIdleTimeout": "0",
"userProfileEnabled": "false",
"parRequestUriLifespan": "60",
"clientSessionMaxLifespan": "0",
"clientOfflineSessionIdleTimeout": "0",
"cibaInterval": "5"
},
"keycloakVersion": "16.1.1",
"userManagedAccessAllowed": false,
"clientProfiles": {
"profiles": []
},
"clientPolicies": {
"policies": []
}
}

View File

@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIUdsa5zX+n2WvMe/ke0WnjLDmwh1YwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yMzEwMzAxOTQzMzlaGA8yMTIz
MTAwNjE5NDMzOVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMfsg3/PMBKOYQUkpx93r21JRJC2nsBnSFUcNmZr
LIXHBcdwy/NJyk/hQt6/RPbZ8+6caIM0pEf5miaYmtnqXv35ktG63UgpIq3uz6cx
7ymLE9BDqJ+nqw0JDgE5gQjhzMwDvDJinFfoPomj6Z+zW1MlCfUg/lwPKnfGm1Qa
qTh882EPirCWQI5OUwXDecvUMNaCb0I7ROBJo3VB3/1pJAlRXgwvu4ALtb+4b+kF
HP7kBCts/FiUocrZfM2c6ghHDCr98UBMxIrI9tZMTRuQI3u0Wh+98JFf40tDUxd5
uRcykgnHXZKTbkNH8BXXr3QZpWqe3pJvABg07OETWjiD318CAwEAAaNTMFEwHQYD
VR0OBBYEFP75y7FWY7Z71/MBWJJMw3Vj3SetMB8GA1UdIwQYMBaAFP75y7FWY7Z7
1/MBWJJMw3Vj3SetMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AAZHrzEMcjMAvfZvNsbNVUmOS860iq8uH1hRhykukNxmN1VdvP8jTgl1iHidJ3RX
DYnqr9JM1Zqzin3tjsDBriaKLc/NGLtjqUiTV77C6mUrHOVOr93qT9Sd38HPPlED
CC4356Vvl555vHUcOMRA4YnV+pZRT7m8Ac4pzRir9GuWR4sVyxehe9VM44v/sVLe
i9yzcPrP+zhLbjXCM1cI+A9u5TQYFFp8XTdOXP2duXiuEJWb5tgWKaPatUL91bpE
66Vuc+OogescrIjQTkFFSS3waqVxRqjI4EzUpib5YzFYKVCinPtvDsP9iHA9Focv
qItOHHxZ48HM+tyYo7Ule1A=
-----END CERTIFICATE-----

View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDH7IN/zzASjmEF
JKcfd69tSUSQtp7AZ0hVHDZmayyFxwXHcMvzScpP4ULev0T22fPunGiDNKRH+Zom
mJrZ6l79+ZLRut1IKSKt7s+nMe8pixPQQ6ifp6sNCQ4BOYEI4czMA7wyYpxX6D6J
o+mfs1tTJQn1IP5cDyp3xptUGqk4fPNhD4qwlkCOTlMFw3nL1DDWgm9CO0TgSaN1
Qd/9aSQJUV4ML7uAC7W/uG/pBRz+5AQrbPxYlKHK2XzNnOoIRwwq/fFATMSKyPbW
TE0bkCN7tFofvfCRX+NLQ1MXebkXMpIJx12Sk25DR/AV1690GaVqnt6SbwAYNOzh
E1o4g99fAgMBAAECggEAH4eLEZFmXnbP5uoUj/Tl2LwbsSBBQczIGTbIKYzbdQRM
mAXk/wBzL00yU5jMp+BQWnWWUfhFCbOGqRxGHPnxHegfTIObjwbVw6KMYyzlL/hm
w+Cia6jGDtnlDd0OHuLQKUNUNIoIEsu7bnpIR6Rspwc0s9EOlwwulryJa1EtFjhE
I1Blzx2gcqcoVY1g4f6TJ2oH5beAQCyFW4O4xaK9AEukNxBVOaTKfc30KYaxwqvJ
L424PllpWa31cw62yW1weomEmjmuGGwKV5UKchBOwRz26ZdhkUCLMJchtqfSEGmW
cSde8xvf9/G9WB1iFXkdWPInIv622kwPa7agPtsHiQKBgQD5aLU1OqnHVInjDDlw
v4ejgdYtsn9tSld6uIkCwCesk8BjAI2y7nfhQ3KtF5YMFomrggA24T0aHcx9Eg0J
sb+eIl9uhuSZ+DSKeApGYyhwJYsKt7bE0875sh8RdBXwfexrBH/ofqdM4OjXfFUM
H5idobKNfdvje4j6cpV5XhUYQwKBgQDNNQfq2iSo1ypA0HSInzLSc7Hx9iAjpl+I
SQrkBnixbvZDaPsA3b+vAQmmABW+TbWBr80PaDErva3q2BVIqwisuTxj9877J5nP
7Cwpw+ubKQX/bmk5z1Sl1hS4Dc6miT/GI/jY9Swha/jvWvOaSOyFtxXozyTJthHk
rrDWLJ/otQKBgHA0dzGXTsJqeg43dbAPusoIo36zizhz9Z80Xg9qu26cmjTwDs+t
ESm62mCc99hAW3dZaRdHheG1/kVWVZ9C5F4UQLLM5ROP4rNZBeZcvdiWS1NrC0LJ
t5gGVovXmfcz76TFxXWnZUTk+lvXh7uIi3R/RoD5Wm+hKCLkYfLULNFZAoGBAL8b
hjYX1lBPohAekoiyCnioOq5mU2QgC5Q2wie+RySnfD0nRat22I843i10ostKP6F5
gfW5SSG9Un0FpDy63CdPk4hePqr0JHDZN//lcEReHjHWN7UY+3I+P6lxYmUCKRx0
X8pd+i1eCsWO5JNpGq0k5wib8VzRbTSV5CZyBLKJAoGBAJOzVV4JMFiwKhB1S7rQ
CfvZ9mVcw1dXNxkmka51ifzDY4m8LKQk6YQj0GepbtM0qXOcuuB6m6ArU2sj2ZRp
OMstL3ZtZJJavHZrwmonrVpBk1M962b0VKaLQRsJwnzHk88tPMclmo/qC22fHO9z
LRRHIzyAw96gP0rUr/Jh+p0H
-----END PRIVATE KEY-----

View File

@ -0,0 +1,2 @@
#!/bin/bash
mariadb mysql -u root -p${MARIADB_ROOT_PASSWORD} -h localhost -e "select 1"

View File

@ -0,0 +1,2 @@
#!/bin/bash
mariadb -u root -p$MARIADB_ROOT_PASSWORD -e "DROP DATABASE IF EXISTS $1;"

View File

@ -0,0 +1,3 @@
#!/bin/bash
mariadb -u root -p$MARIADB_ROOT_PASSWORD < /envole/$1.sql
mariadb -u root -p$MARIADB_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON $1.* TO '$MARIADB_USER'@'%';"

View File

@ -0,0 +1 @@
CREATE DATABASE IF NOT EXISTS keycloak;

View File

@ -0,0 +1 @@
CREATE DATABASE IF NOT EXISTS nextcloud;

View File

@ -0,0 +1 @@
CREATE DATABASE IF NOT EXISTS ninegate;

@ -0,0 +1 @@
Subproject commit 827586bed4424e225ac1efb77e343313f5a113df

View File

@ -0,0 +1,75 @@
#!/bin/bash
run_as() {
if [ "$(id -u)" = 0 ]; then
su -p www-data -s /bin/sh -c "$1"
else
sh -c "$1"
fi
}
echo
echo "== INSTALLATION APP NEXTCLOUD ================================================"
echo
echo "== CALENDAR"
run_as 'php occ app:install calendar'
run_as 'php occ app:update calendar'
run_as 'php occ app:enable calendar'
echo
echo "==GROUP FOLDERS"
run_as 'php occ app:install groupfolders'
run_as 'php occ app:update groupfolders'
run_as 'php occ app:enable groupfolders'
echo
echo "== DECK"
run_as 'php occ app:install deck'
run_as 'php occ app:update deck'
run_as 'php occ app:enable deck'
echo
echo "== DRAWIO"
run_as 'php occ app:install drawio'
run_as 'php occ app:update drawio'
run_as 'php occ app:enable drawio'
echo
echo "== TASKS"
run_as 'php occ app:install tasks'
run_as 'php occ app:update tasks'
run_as 'php occ app:enable tasks'
echo
echo "== FILES EXTERNAL"
run_as 'php occ app:install files_external'
run_as 'php occ app:update files_external'
run_as 'php occ app:enable files_external'
echo
echo "== FILES MINDMAP"
run_as 'php occ app:install files_mindmap'
run_as 'php occ app:update files_mindmap'
run_as 'php occ app:enable files_mindmap'
echo
echo "== USER CAS"
cp -rf /envole/app/user_cas /var/www/html/custom_apps
run_as 'php occ config:app:set user_cas cas_server_hostname --value=${CAS_HOST} -q'
run_as 'php occ config:app:set user_cas cas_server_path --value=/${CAS_PATH} -q'
run_as 'php occ config:app:set user_cas cas_server_port --value=${CAS_PORT} -q'
run_as 'php occ config:app:set user_cas cas_use_proxy --value=0 -q'
run_as 'php occ config:app:set user_cas cas_server_version --value=2.0 -q'
run_as 'php occ config:app:set user_cas cas_force_login --value=1 -q'
run_as 'php occ config:app:set user_cas cas_disable_logout --value=0 -q'
run_as 'php occ app:enable user_cas'
echo
echo "== USER LDAP"
run_as 'php occ app:install user_ldap'
run_as 'php occ app:update user_ldap'
run_as 'php occ app:enable user_ldap'
echo
echo

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 936 B

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 122 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.7 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.2 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.4 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.4 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 14 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.2 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.4 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 13 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.0 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.7 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.7 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.4 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 8.4 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.0 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.4 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.7 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.0 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 8.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.2 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 10 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.0 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.4 KiB

Some files were not shown because too many files have changed in this diff Show More