You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by is...@apache.org on 2020/05/25 13:18:55 UTC
[airavata-custos] branch develop updated: Add redirect uris as web
origins
This is an automated email from the ASF dual-hosted git repository.
isjarana pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-custos.git
The following commit(s) were added to refs/heads/develop by this push:
new 7c24f82 Add redirect uris as web origins
new bfedec7 Merge pull request #67 from isururanawaka/non_central_repo_removal
7c24f82 is described below
commit 7c24f826a5389ee52edc08b3fbee4037e9e86643
Author: Isuru Ranawaka <ir...@gmail.com>
AuthorDate: Mon May 25 08:47:32 2020 -0400
Add redirect uris as web origins
---
.../main/resources/federatedAuthenticationCoreService.properties | 4 ++--
.../src/main/resources/iamAdminCoreService.properties | 9 ++++++---
.../federated/services/clients/keycloak/KeycloakClient.java | 5 +++++
3 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/custos-core-services/utility-services/custos-configuration-service/src/main/resources/federatedAuthenticationCoreService.properties b/custos-core-services/utility-services/custos-configuration-service/src/main/resources/federatedAuthenticationCoreService.properties
index 8551cda..750a9f6 100644
--- a/custos-core-services/utility-services/custos-configuration-service/src/main/resources/federatedAuthenticationCoreService.properties
+++ b/custos-core-services/utility-services/custos-configuration-service/src/main/resources/federatedAuthenticationCoreService.properties
@@ -1,3 +1,3 @@
-ciLogon.admin.client.id=admin_client_id
-ciLogon.admin.client.secret=admin_client_sec
+ciLogon.admin.client.id={{vault_cilogon_id}}
+ciLogon.admin.client.secret={{vault_cilogon_password}}
ciLogon.admin.auth.endpoint=https://test.cilogon.org/oauth2/oidc-cm
\ No newline at end of file
diff --git a/custos-core-services/utility-services/custos-configuration-service/src/main/resources/iamAdminCoreService.properties b/custos-core-services/utility-services/custos-configuration-service/src/main/resources/iamAdminCoreService.properties
index ead628f..c0c440e 100644
--- a/custos-core-services/utility-services/custos-configuration-service/src/main/resources/iamAdminCoreService.properties
+++ b/custos-core-services/utility-services/custos-configuration-service/src/main/resources/iamAdminCoreService.properties
@@ -2,8 +2,8 @@ iam.server.client.id=admin-cli
iam.server.truststore.path=/home/ubuntu/keystore/keycloak-client-truststore.pkcs12
iam.server.truststore.password=keycloak
iam.server.url=https://keycloak.custos.scigap.org:31000/auth/
-iam.server.admin.username=iam_user
-iam.server.admin.password=iam_password
+iam.server.admin.username={{vault_iam_username}}
+iam.server.admin.password={{vault_iam_password}}
iam.server.super.admin.realm.id=master
iam.federated.cilogon.authorization.endpoint=https://cilogon.org/authorize
iam.federated.cilogon.token.endpoint=https://cilogon.org/oauth2/token
@@ -17,4 +17,7 @@ token.endpoint=https://custos.scigap.org/apiserver/identity-management/v1.0.0/to
end.session.endpoint=https://custos.scigap.org/apiserver/identity-management/v1.0.0/logout
user.info.endpoint=https://custos.scigap.org/apiserver/user-management/v1.0.0/userinfo
jwks_uri=https://custos.scigap.org/apiserver/identity-management/v1.0.0/certs
-registration.endpoint=https://custos.scigap.org/apiserver/tenant-management/v1.0.0/oauth2/tenant
\ No newline at end of file
+registration.endpoint=https://custos.scigap.org/apiserver/tenant-management/v1.0.0/oauth2/tenant
+ciLogon.admin.client.id={{vault_cilogon_id}}
+ciLogon.admin.client.secret={{vault_cilogon_password}}
+ciLogon.admin.auth.endpoint=https://test.cilogon.org/oauth2/oidc-cm
\ No newline at end of file
diff --git a/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java b/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java
index ac1def1..9374019 100644
--- a/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java
+++ b/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java
@@ -346,6 +346,11 @@ public class KeycloakClient {
pgaClient.setRedirectUris(newList);
+
+ List<String> webOrigins = new ArrayList<>();
+ webOrigins.add("+");
+ pgaClient.setWebOrigins(webOrigins);
+
pgaClient.setPublicClient(false);
Response httpResponse = client.realms().realm(realmId).clients().create(pgaClient);
LOGGER.debug("Realm client configuration exited with code : " + httpResponse.getStatus() + " : " + httpResponse.getStatusInfo());