diff --git a/labs/3-Add-Identity/end/Keycloak/data/import/eshop-realm.json b/labs/3-Add-Identity/end/Keycloak/data/import/eshop-realm.json index 349ae7c..6d1e2c2 100644 --- a/labs/3-Add-Identity/end/Keycloak/data/import/eshop-realm.json +++ b/labs/3-Add-Identity/end/Keycloak/data/import/eshop-realm.json @@ -640,9 +640,9 @@ "clientId" : "webapp", "name" : "eShop Web Frontend", "description" : "The frontend web site of the eShop system.", - "rootUrl": "${WEBAPP_HTTP}", - "adminUrl": "${WEBAPP_HTTP}", - "baseUrl": "${WEBAPP_HTTP}", + "rootUrl": "${WEBAPP_HTTPS}", + "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}", + "baseUrl": "${WEBAPP_HTTPS}", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, diff --git a/labs/3-Add-Identity/src/Keycloak/data/import/eshop-realm.json b/labs/3-Add-Identity/src/Keycloak/data/import/eshop-realm.json index 51d21c1..433a7b8 100644 --- a/labs/3-Add-Identity/src/Keycloak/data/import/eshop-realm.json +++ b/labs/3-Add-Identity/src/Keycloak/data/import/eshop-realm.json @@ -697,9 +697,9 @@ "clientId": "webapp", "name": "eShop Web Frontend", "description": "The frontend web site of the eShop system.", - "rootUrl": "${WEBAPP_HTTP}", - "adminUrl": "${WEBAPP_HTTP}", - "baseUrl": "${WEBAPP_HTTP}", + "rootUrl": "${WEBAPP_HTTPS}", + "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}", + "baseUrl": "${WEBAPP_HTTPS}", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, diff --git a/labs/4-Add-Shopping-Basket/end/Keycloak/data/import/eshop-realm.json b/labs/4-Add-Shopping-Basket/end/Keycloak/data/import/eshop-realm.json index 796fcb1..d1196e2 100644 --- a/labs/4-Add-Shopping-Basket/end/Keycloak/data/import/eshop-realm.json +++ b/labs/4-Add-Shopping-Basket/end/Keycloak/data/import/eshop-realm.json @@ -1,4 +1,4 @@ -"${WEBAPP_CLIENT_SECRET}","${WEBAPP_CLIENT_SECRET}",{ +{ "id" : "e3a46e00-f700-4eaa-b1d3-6aad1045be73", "realm" : "eShop", "displayName" : "", @@ -255,7 +255,6 @@ "attributes" : { } } ], "security-admin-console" : [ ], - "orderingswaggerui" : [ ], "admin-cli" : [ ], "account-console" : [ ], "broker" : [ { @@ -562,42 +561,7 @@ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { - "id" : "6bbe9167-4ac5-49e3-a0ea-06fa6b9fe56c", - "clientId" : "orderingswaggerui", - "name" : "Ordering Swagger UI", - "description" : "", - "rootUrl" : "${ORDERINGAPI_HTTP}", - "adminUrl" : "${ORDERINGAPI_HTTP}", - "baseUrl" : "${ORDERINGAPI_HTTP}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "${ORDERINGAPI_HTTP}/*" ], - "webOrigins" : [ "${ORDERINGAPI_HTTP}" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : true, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : true, - "protocol" : "openid-connect", - "attributes" : { - "oidc.ciba.grant.enabled" : "false", - "post.logout.redirect.uris" : "+", - "oauth2.device.authorization.grant.enabled" : "false", - "backchannel.logout.session.required" : "true", - "backchannel.logout.revoke.offline.tokens" : "false" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { + "id" : "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0", "clientId" : "realm-management", "name" : "${client_realm-management}", @@ -684,7 +648,7 @@ "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "secret" : "dAayhA7hWQFrNpKJvskRodHSDuf1burR", + "secret" : "${WEBAPP_CLIENT_SECRET}", "redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ], "webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ], "notBefore" : 0, diff --git a/labs/4-Add-Shopping-Basket/src/Keycloak/data/import/eshop-realm.json b/labs/4-Add-Shopping-Basket/src/Keycloak/data/import/eshop-realm.json index 796fcb1..4508b97 100644 --- a/labs/4-Add-Shopping-Basket/src/Keycloak/data/import/eshop-realm.json +++ b/labs/4-Add-Shopping-Basket/src/Keycloak/data/import/eshop-realm.json @@ -1,4 +1,4 @@ -"${WEBAPP_CLIENT_SECRET}","${WEBAPP_CLIENT_SECRET}",{ +{ "id" : "e3a46e00-f700-4eaa-b1d3-6aad1045be73", "realm" : "eShop", "displayName" : "", @@ -255,7 +255,6 @@ "attributes" : { } } ], "security-admin-console" : [ ], - "orderingswaggerui" : [ ], "admin-cli" : [ ], "account-console" : [ ], "broker" : [ { @@ -436,328 +435,308 @@ "roles" : [ "manage-account", "view-groups" ] } ] }, - "clients" : [ { - "id" : "82385f82-f986-49fe-a512-5a8ea45f09ee", - "clientId" : "account", - "name" : "${client_account}", - "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/eShop/account/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/eShop/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "d84cf061-eeeb-4675-b0d0-5cd609bc44c6", - "clientId" : "account-console", - "name" : "${client_account-console}", - "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/eShop/account/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/eShop/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+", - "pkce.code.challenge.method" : "S256" - }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "6abcbb09-2122-4bbb-91f4-4c61c8abff65", - "name" : "audience resolve", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-audience-resolve-mapper", - "consentRequired" : false, - "config" : { } - } ], - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "f63db859-cf66-42f4-9ce0-1d40ca5c922c", - "clientId" : "admin-cli", - "name" : "${client_admin-cli}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" + "clients": [ + { + "id": "82385f82-f986-49fe-a512-5a8ea45f09ee", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/eShop/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ "/realms/eShop/account/*" ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "1790c30e-7010-4d4f-bc3b-181a65868873", - "clientId" : "broker", - "name" : "${client_broker}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" + { + "id": "d84cf061-eeeb-4675-b0d0-5cd609bc44c6", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/eShop/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ "/realms/eShop/account/*" ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "6abcbb09-2122-4bbb-91f4-4c61c8abff65", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "6bbe9167-4ac5-49e3-a0ea-06fa6b9fe56c", - "clientId" : "orderingswaggerui", - "name" : "Ordering Swagger UI", - "description" : "", - "rootUrl" : "${ORDERINGAPI_HTTP}", - "adminUrl" : "${ORDERINGAPI_HTTP}", - "baseUrl" : "${ORDERINGAPI_HTTP}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "${ORDERINGAPI_HTTP}/*" ], - "webOrigins" : [ "${ORDERINGAPI_HTTP}" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : true, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : true, - "protocol" : "openid-connect", - "attributes" : { - "oidc.ciba.grant.enabled" : "false", - "post.logout.redirect.uris" : "+", - "oauth2.device.authorization.grant.enabled" : "false", - "backchannel.logout.session.required" : "true", - "backchannel.logout.revoke.offline.tokens" : "false" + { + "id": "f63db859-cf66-42f4-9ce0-1d40ca5c922c", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0", - "clientId" : "realm-management", - "name" : "${client_realm-management}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+" + { + "id": "1790c30e-7010-4d4f-bc3b-181a65868873", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "e6a9aea6-f8d4-40f6-a832-6537fce8791e", - "clientId" : "security-admin-console", - "name" : "${client_security-admin-console}", - "rootUrl" : "${authAdminUrl}", - "baseUrl" : "/admin/eShop/console/", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/admin/eShop/console/*" ], - "webOrigins" : [ "+" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "post.logout.redirect.uris" : "+", - "pkce.code.challenge.method" : "S256" + { + "id": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "ad67051f-d487-417e-9375-f6563ee86ddf", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "config" : { - "introspection.token.claim" : "true", - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" - } - } ], - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - }, { - "id" : "cc5ff175-d0b3-4759-8b01-49e60dfa9269", - "clientId" : "webapp", - "name" : "eShop Web Frontend", - "description" : "The frontend web site of the eShop system.", - "rootUrl": "${WEBAPP_HTTPS}", - "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}", - "baseUrl": "${WEBAPP_HTTPS}", - "surrogateAuthRequired" : false, - "enabled" : true, - "alwaysDisplayInConsole" : false, - "clientAuthenticatorType" : "client-secret", - "secret" : "dAayhA7hWQFrNpKJvskRodHSDuf1burR", - "redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ], - "webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : true, - "protocol" : "openid-connect", - "attributes" : { - "oidc.ciba.grant.enabled" : "false", - "client.secret.creation.time" : "1705700546", - "backchannel.logout.session.required" : "true", - "post.logout.redirect.uris" : "+", - "oauth2.device.authorization.grant.enabled" : "false", - "display.on.consent.screen" : "false", - "backchannel.logout.revoke.offline.tokens" : "false" + { + "id": "e6a9aea6-f8d4-40f6-a832-6537fce8791e", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/eShop/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ "/admin/eShop/console/*" ], + "webOrigins": [ "+" ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "ad67051f-d487-417e-9375-f6563ee86ddf", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, - "authenticationFlowBindingOverrides" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "46526429-fa70-4518-9512-089a9830f179", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientHost", - "introspection.token.claim" : "true", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" - } - }, { - "id" : "9eee2065-3d31-4621-be61-b83f05f2c113", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "client_id", - "introspection.token.claim" : "true", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "client_id", - "jsonType.label" : "String" - } - }, { - "id" : "4951c816-a177-4193-b714-585b0bb23ab5", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "config" : { - "user.session.note" : "clientAddress", - "introspection.token.claim" : "true", - "userinfo.token.claim" : "true", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" - } - } ], - "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], - "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] - } ], + { + "id": "cc5ff175-d0b3-4759-8b01-49e60dfa9269", + "clientId": "webapp", + "name": "eShop Web Frontend", + "description": "The frontend web site of the eShop system.", + "rootUrl": "${WEBAPP_HTTPS}", + "adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}", + "baseUrl": "${WEBAPP_HTTPS}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "${WEBAPP_CLIENT_SECRET}", + "redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ], + "webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "client.secret.creation.time": "1705700546", + "backchannel.logout.session.required": "true", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "display.on.consent.screen": "false", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "46526429-fa70-4518-9512-089a9830f179", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9eee2065-3d31-4621-be61-b83f05f2c113", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "4951c816-a177-4193-b714-585b0bb23ab5", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] + } + ], "clientScopes" : [ { "id" : "4d6f4264-5a7e-4d41-894c-6b721f14fd1f", "name" : "address", diff --git a/labs/5-Add-Checkout/end/Keycloak/data/import/eshop-realm.json b/labs/5-Add-Checkout/end/Keycloak/data/import/eshop-realm.json index 796fcb1..4dc04ab 100644 --- a/labs/5-Add-Checkout/end/Keycloak/data/import/eshop-realm.json +++ b/labs/5-Add-Checkout/end/Keycloak/data/import/eshop-realm.json @@ -1,4 +1,4 @@ -"${WEBAPP_CLIENT_SECRET}","${WEBAPP_CLIENT_SECRET}",{ +{ "id" : "e3a46e00-f700-4eaa-b1d3-6aad1045be73", "realm" : "eShop", "displayName" : "", @@ -684,7 +684,7 @@ "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "secret" : "dAayhA7hWQFrNpKJvskRodHSDuf1burR", + "secret" : "${WEBAPP_CLIENT_SECRET}", "redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ], "webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ], "notBefore" : 0, diff --git a/labs/5-Add-Checkout/src/Keycloak/data/import/eshop-realm.json b/labs/5-Add-Checkout/src/Keycloak/data/import/eshop-realm.json index 796fcb1..4dc04ab 100644 --- a/labs/5-Add-Checkout/src/Keycloak/data/import/eshop-realm.json +++ b/labs/5-Add-Checkout/src/Keycloak/data/import/eshop-realm.json @@ -1,4 +1,4 @@ -"${WEBAPP_CLIENT_SECRET}","${WEBAPP_CLIENT_SECRET}",{ +{ "id" : "e3a46e00-f700-4eaa-b1d3-6aad1045be73", "realm" : "eShop", "displayName" : "", @@ -684,7 +684,7 @@ "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "secret" : "dAayhA7hWQFrNpKJvskRodHSDuf1burR", + "secret" : "${WEBAPP_CLIENT_SECRET}", "redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ], "webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ], "notBefore" : 0, diff --git a/labs/6-Add-Resiliency/src/Keycloak/data/import/eshop-realm.json b/labs/6-Add-Resiliency/src/Keycloak/data/import/eshop-realm.json index 796fcb1..4dc04ab 100644 --- a/labs/6-Add-Resiliency/src/Keycloak/data/import/eshop-realm.json +++ b/labs/6-Add-Resiliency/src/Keycloak/data/import/eshop-realm.json @@ -1,4 +1,4 @@ -"${WEBAPP_CLIENT_SECRET}","${WEBAPP_CLIENT_SECRET}",{ +{ "id" : "e3a46e00-f700-4eaa-b1d3-6aad1045be73", "realm" : "eShop", "displayName" : "", @@ -684,7 +684,7 @@ "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "secret" : "dAayhA7hWQFrNpKJvskRodHSDuf1burR", + "secret" : "${WEBAPP_CLIENT_SECRET}", "redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ], "webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ], "notBefore" : 0,