forked from OpenConext/OpenConext-myconext
-
Notifications
You must be signed in to change notification settings - Fork 0
/
application.yml
151 lines (131 loc) · 4.57 KB
/
application.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
logging:
config: classpath:logback.xml
level:
myconext: DEBUG
tiqr.org: DEBUG
org.springframework.data.mongodb: INFO
org.springframework.data.convert: INFO
org.springframework.security: INFO
server:
port: 8081
error:
path: "/error"
email:
from: [email protected]
magic-link-url: http://localhost:8081/saml/guest-idp/magic
my-surfconext-url: http://localhost:3001
# mail-templates-directory: file://opt/build/main/resources/mail_templates
mail-templates-directory: classpath:mail_templates
schac_home_organization: eduid.nl
cron:
node-cron-job-responsible: True
token-cleaner-expression: "0 0/15 * * * *"
service-name-resolver-initial-delay-milliseconds: 15000
service-name-resolver-fixed-rate-milliseconds: 43_200_000
metadata-resolver-initial-delay-milliseconds: 1
metadata-resolver-fixed-rate-milliseconds: 86_400_000
metadata-resolver-url: "classpath:/metadata/idps-metadata.xml"
manage:
username: myconext
password: secret
base_url: https://manage.test2.surfconext.nl
mongodb_db: surf_id_test
base_domain: test2.surfconext.nl
saml_metadata_base_path: http://localhost:8081
base_path: http://localhost:8081
continue_after_login_url: http://localhost:8081/saml/guest-idp/continue
idp_redirect_url: http://localhost:3000
rp_id: localhost
rp_origin: http://localhost:3000
sp_redirect_url: http://localhost:3001
sp_entity_id: https://engine.test2.surfconext.nl/authentication/sp/metadata, https://engine.test.surfconext.nl/authentication/sp/metadata
sp_entity_metadata_url: https://engine.test2.surfconext.nl/authentication/sp/metadata, https://engine.test.surfconext.nl/authentication/sp/metadata
onegini_entity_id: http://mock-idp
guest_idp_entity_id: https://localhost.surf.id
my_conext_url: https://my.test2.surfconext.nl
domain: eduid.nl
mijn_eduid_entity_id: http://mijn.localhost/shibboleth
feature:
webauthn: True
warning_educational_email_domain: True
# Show / hide the connections page in the mijn GUI
connections: True
# Do we allow the account linking to take place with the accounting IdP, e.g. add extra button in IdP link screen
use_external_validation: True
# Do we allow for multiple linked (institutional) accounts? Not yet implemented
# multiple_linked_account: False
use_deny_allow_list:
allow_enabled: False
allow_location: "classpath:/deny-allow/allowed.json"
secure_cookie: false
idp_entity_id: https://localhost.surf.id
private_key_path: classpath:/myconext.pem
certificate_path: classpath:/myconext.crt
remember_me_max_age_seconds: 15_768_000
nudge_eduid_app_days: 7
remember_me_question_asked_days: 30
email_guessing_sleep_millis: 500
email_spam_threshold_seconds: 15
sms:
url: "http://localhost:8081/sms"
bearer: "secret"
tiqr_configuration: "classpath:/tiqr.configuration.yml"
attribute_aggregation:
user: aa
password: secret
attribute_manipulation:
user: oidcng
password: secret
oidc-token-api:
token-url: https://connect.test2.surfconext.nl/tokens
user: eduid
password: secret
enabled: true
oidc:
client-id: myconext.rp.localhost
secret: secret
idp-flow-redirect-url: http://localhost:8081/myconext/api/idp/oidc/redirect
sp-flow-redirect-url: http://localhost:8081/myconext/api/sp/oidc/redirect
base-url: https://connect.test2.surfconext.nl
linked_accounts:
# The duration that non validated linked accounts are valid - note that they are not removed and will be used for EPPN Pseudonymisation
expiry-duration-days-non-validated: 180
# The duration after which non validated linked accounts are removed
removal-duration-days-non-validated: 540
# The duration after which validated linked accounts are removed
removal-duration-days-validated: 2190
account_linking_context_class_ref:
linked_institution: https://eduid.nl/trust/linked-institution
validate_names: https://eduid.nl/trust/validate-names
affiliation_student: https://eduid.nl/trust/affiliation-student
account_linking:
idp_external_validation_entity_id: http://mock-idp
myconext_sp_entity_id: https://mijn.test2.eduid.nl/shibboleth
eduid_api:
# oidcng_introspection_uri: http://localhost:8098/introspect
oidcng_introspection_uri: https://connect.test2.surfconext/nl/oidc/introspect
oidcng_client_id: myconext.local.rs
oidcng_secret: secret
spring:
data:
mongodb:
uri: mongodb://127.0.0.1:27017/${mongodb_db}
auto-index-creation: false
mail:
host: localhost
port: 3025
management:
health:
mail:
enabled: false
endpoints:
web:
exposure:
include: "health,info"
base-path: "/internal"
endpoint:
info:
enabled: true
info:
git:
mode: full