From 48d3aee9dbe5d61b31068ed170c886d7df2ecb24 Mon Sep 17 00:00:00 2001 From: sdawley Date: Thu, 16 Mar 2023 14:06:23 -0700 Subject: [PATCH] Remove keycloak and postgres. Move che dockerfiles to build/dockerfiles. Add brew.Dockerfile. --- .github/workflows/next-build.yml | 6 - {dockerfiles => build}/README.md | 0 {dockerfiles => build}/build.include | 0 {dockerfiles => build}/build.sh | 0 .../che => build/dockerfiles}/.cccp.yml | 0 .../che => build/dockerfiles}/Dockerfile | 0 build/dockerfiles/brew.Dockerfile | 40 + .../che => build/dockerfiles}/build.sh | 0 .../che => build/dockerfiles}/entrypoint.sh | 0 dockerfiles/keycloak/Dockerfile | 23 - dockerfiles/keycloak/build.sh | 15 - dockerfiles/keycloak/che-realm.json.erb | 606 ------- .../login/login-update-profile.ftl | 56 - .../login/theme.properties | 1 - dockerfiles/keycloak/che-users-0.json.erb | 37 - .../account/messages/messages_en.properties | 166 -- .../che/account/resources/css/che-account.css | 102 -- dockerfiles/keycloak/che/account/template.ftl | 82 - .../keycloak/che/account/theme.properties | 4 - .../che/email/html/email-verification.ftl | 17 - .../che/email/html/event-login_error.ftl | 15 - .../che/email/html/event-remove_totp.ftl | 15 - .../che/email/html/event-update_password.ftl | 15 - .../che/email/html/event-update_totp.ftl | 15 - .../che/email/html/executeActions.ftl | 17 - .../keycloak/che/email/html/footer.ftl | 5 - .../keycloak/che/email/html/header.ftl | 5 - .../che/email/html/identity-provider-link.ftl | 17 - .../che/email/html/password-reset.ftl | 17 - .../che/email/messages/messages_en.properties | 51 - .../che/email/text/email-verification.ftl | 8 - .../che/email/text/event-login_error.ftl | 6 - .../che/email/text/event-remove_totp.ftl | 6 - .../che/email/text/event-update_password.ftl | 6 - .../che/email/text/event-update_totp.ftl | 6 - .../che/email/text/executeActions.ftl | 8 - .../keycloak/che/email/text/footer.ftl | 3 - .../keycloak/che/email/text/header.ftl | 3 - .../che/email/text/identity-provider-link.ftl | 8 - .../che/email/text/password-reset.ftl | 8 - .../keycloak/che/email/theme.properties | 2 - .../che/login/login-reset-password.ftl | 34 - .../che/login/login-update-password.ftl | 40 - .../che/login/login-update-profile.ftl | 56 - dockerfiles/keycloak/che/login/login.ftl | 75 - dockerfiles/keycloak/che/login/logo.ftl | 4 - .../che/login/messages/messages_en.properties | 8 - dockerfiles/keycloak/che/login/register.ftl | 76 - .../che/login/resources/css/che-login.css | 244 --- .../che/login/resources/img/che-logo.svg | 23 - .../che/login/resources/img/favicon.ico | Bin 20502 -> 0 bytes .../keycloak/che/login/theme.properties | 2 - .../cli/add_openshift_certificate.cli | 4 - dockerfiles/keycloak/kc_realm_user.sh | 105 -- dockerfiles/keycloak/keycloak_config.sh | 36 - dockerfiles/keycloak/master-realm.json.erb | 1483 ----------------- dockerfiles/keycloak/master-users-0.json.erb | 29 - dockerfiles/postgres/Dockerfile | 20 - dockerfiles/postgres/build.sh | 14 - .../postgres/init-che-user-and-run.sh.erb | 4 - dockerfiles/postgres/init-che-user.sh.erb | 34 - dockerfiles/postgres/init-debug.sh | 22 - dockerfiles/postgres/postgresql.conf.debug | 24 - make-release.sh | 4 - 64 files changed, 40 insertions(+), 3692 deletions(-) rename {dockerfiles => build}/README.md (100%) rename {dockerfiles => build}/build.include (100%) rename {dockerfiles => build}/build.sh (100%) rename {dockerfiles/che => build/dockerfiles}/.cccp.yml (100%) rename {dockerfiles/che => build/dockerfiles}/Dockerfile (100%) create mode 100644 build/dockerfiles/brew.Dockerfile rename {dockerfiles/che => build/dockerfiles}/build.sh (100%) rename {dockerfiles/che => build/dockerfiles}/entrypoint.sh (100%) delete mode 100644 dockerfiles/keycloak/Dockerfile delete mode 100755 dockerfiles/keycloak/build.sh delete mode 100644 dockerfiles/keycloak/che-realm.json.erb delete mode 100644 dockerfiles/keycloak/che-username-readonly/login/login-update-profile.ftl delete mode 100644 dockerfiles/keycloak/che-username-readonly/login/theme.properties delete mode 100644 dockerfiles/keycloak/che-users-0.json.erb delete mode 100644 dockerfiles/keycloak/che/account/messages/messages_en.properties delete mode 100644 dockerfiles/keycloak/che/account/resources/css/che-account.css delete mode 100644 dockerfiles/keycloak/che/account/template.ftl delete mode 100644 dockerfiles/keycloak/che/account/theme.properties delete mode 100644 dockerfiles/keycloak/che/email/html/email-verification.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/event-login_error.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/event-remove_totp.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/event-update_password.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/event-update_totp.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/executeActions.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/footer.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/header.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/identity-provider-link.ftl delete mode 100644 dockerfiles/keycloak/che/email/html/password-reset.ftl delete mode 100644 dockerfiles/keycloak/che/email/messages/messages_en.properties delete mode 100644 dockerfiles/keycloak/che/email/text/email-verification.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/event-login_error.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/event-remove_totp.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/event-update_password.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/event-update_totp.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/executeActions.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/footer.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/header.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/identity-provider-link.ftl delete mode 100644 dockerfiles/keycloak/che/email/text/password-reset.ftl delete mode 100644 dockerfiles/keycloak/che/email/theme.properties delete mode 100644 dockerfiles/keycloak/che/login/login-reset-password.ftl delete mode 100644 dockerfiles/keycloak/che/login/login-update-password.ftl delete mode 100644 dockerfiles/keycloak/che/login/login-update-profile.ftl delete mode 100644 dockerfiles/keycloak/che/login/login.ftl delete mode 100644 dockerfiles/keycloak/che/login/logo.ftl delete mode 100644 dockerfiles/keycloak/che/login/messages/messages_en.properties delete mode 100644 dockerfiles/keycloak/che/login/register.ftl delete mode 100644 dockerfiles/keycloak/che/login/resources/css/che-login.css delete mode 100644 dockerfiles/keycloak/che/login/resources/img/che-logo.svg delete mode 100644 dockerfiles/keycloak/che/login/resources/img/favicon.ico delete mode 100644 dockerfiles/keycloak/che/login/theme.properties delete mode 100644 dockerfiles/keycloak/cli/add_openshift_certificate.cli delete mode 100755 dockerfiles/keycloak/kc_realm_user.sh delete mode 100755 dockerfiles/keycloak/keycloak_config.sh delete mode 100644 dockerfiles/keycloak/master-realm.json.erb delete mode 100644 dockerfiles/keycloak/master-users-0.json.erb delete mode 100644 dockerfiles/postgres/Dockerfile delete mode 100755 dockerfiles/postgres/build.sh delete mode 100644 dockerfiles/postgres/init-che-user-and-run.sh.erb delete mode 100644 dockerfiles/postgres/init-che-user.sh.erb delete mode 100755 dockerfiles/postgres/init-debug.sh delete mode 100644 dockerfiles/postgres/postgresql.conf.debug diff --git a/.github/workflows/next-build.yml b/.github/workflows/next-build.yml index db46b5ad96..488f0d2ed7 100644 --- a/.github/workflows/next-build.yml +++ b/.github/workflows/next-build.yml @@ -49,12 +49,6 @@ jobs: ./dockerfiles/build.sh --tag:next --sha-tag - name: Push docker images run: | - docker push quay.io/eclipse/che-keycloak:next - docker push quay.io/eclipse/che-keycloak:${{ steps.build.outputs.short_sha1 }} - - docker push quay.io/eclipse/che-postgres:next - docker push quay.io/eclipse/che-postgres:${{ steps.build.outputs.short_sha1 }} - docker push quay.io/eclipse/che-server:next docker push quay.io/eclipse/che-server:${{ steps.build.outputs.short_sha1 }} - name: Create failure MM message diff --git a/dockerfiles/README.md b/build/README.md similarity index 100% rename from dockerfiles/README.md rename to build/README.md diff --git a/dockerfiles/build.include b/build/build.include similarity index 100% rename from dockerfiles/build.include rename to build/build.include diff --git a/dockerfiles/build.sh b/build/build.sh similarity index 100% rename from dockerfiles/build.sh rename to build/build.sh diff --git a/dockerfiles/che/.cccp.yml b/build/dockerfiles/.cccp.yml similarity index 100% rename from dockerfiles/che/.cccp.yml rename to build/dockerfiles/.cccp.yml diff --git a/dockerfiles/che/Dockerfile b/build/dockerfiles/Dockerfile similarity index 100% rename from dockerfiles/che/Dockerfile rename to build/dockerfiles/Dockerfile diff --git a/build/dockerfiles/brew.Dockerfile b/build/dockerfiles/brew.Dockerfile new file mode 100644 index 0000000000..3ab60c141d --- /dev/null +++ b/build/dockerfiles/brew.Dockerfile @@ -0,0 +1,40 @@ +# Copyright (c) 2018-2023 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# +# Contributors: +# Red Hat, Inc. - initial API and implementation +# + +# https://access.redhat.com/containers/?tab=tags#/registry.access.redhat.com/ubi8-minimal +FROM ubi8-minimal:8.7-1085 +USER root +ENV CHE_HOME=/home/user/devspaces +ENV JAVA_HOME=/usr/lib/jvm/jre +RUN microdnf install java-11-openjdk-headless tar gzip shadow-utils findutils && \ + microdnf update -y && \ + microdnf -y clean all && rm -rf /var/cache/yum && echo "Installed Packages" && rpm -qa | sort -V && echo "End Of Installed Packages" && \ + adduser -G root user && mkdir -p /home/user/devspaces +COPY entrypoint.sh /entrypoint.sh +ENTRYPOINT ["/entrypoint.sh"] + +# see fetch-artifacts-pnc.yaml +COPY artifacts/assembly-main.tar.gz /tmp/assembly-main.tar.gz +RUN tar xzf /tmp/assembly-main.tar.gz --strip-components=1 -C /home/user/devspaces; rm -f /tmp/assembly-main.tar.gz + +# this should fail if the startup script is not found in correct path /home/user/devspaces/tomcat/bin/catalina.sh +RUN mkdir /logs /data && \ + chmod 0777 /logs /data && \ + chgrp -R 0 /home/user /logs /data && \ + chown -R user /home/user && \ + chmod -R g+rwX /home/user && \ + find /home/user -type d -exec chmod 777 {} \; && \ + java -version && echo -n "Server startup script in: " && \ + find /home/user/devspaces -name catalina.sh | grep -z /home/user/devspaces/tomcat/bin/catalina.sh + +USER user + +# append Brew metadata here diff --git a/dockerfiles/che/build.sh b/build/dockerfiles/build.sh similarity index 100% rename from dockerfiles/che/build.sh rename to build/dockerfiles/build.sh diff --git a/dockerfiles/che/entrypoint.sh b/build/dockerfiles/entrypoint.sh similarity index 100% rename from dockerfiles/che/entrypoint.sh rename to build/dockerfiles/entrypoint.sh diff --git a/dockerfiles/keycloak/Dockerfile b/dockerfiles/keycloak/Dockerfile deleted file mode 100644 index 0af6915087..0000000000 --- a/dockerfiles/keycloak/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright (c) 2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# - -FROM quay.io/keycloak/keycloak:15.0.2 - -ADD che /opt/jboss/keycloak/themes/che -ADD che-username-readonly /opt/jboss/keycloak/themes/che-username-readonly -ADD . /scripts/ -ADD cli /scripts/cli -USER root -RUN microdnf install findutils && microdnf clean all && \ - ln -s /opt/jboss/tools/docker-entrypoint.sh && chmod +x /opt/jboss/tools/docker-entrypoint.sh - -USER root -RUN chown -R 1000:0 /scripts && \ - chmod -R g+rwX /scripts - -USER 1000:1000 diff --git a/dockerfiles/keycloak/build.sh b/dockerfiles/keycloak/build.sh deleted file mode 100755 index 0b2419330c..0000000000 --- a/dockerfiles/keycloak/build.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# - -base_dir=$(cd "$(dirname "$0")"; pwd) -. "${base_dir}"/../build.include - -init --name:keycloak "$@" -build diff --git a/dockerfiles/keycloak/che-realm.json.erb b/dockerfiles/keycloak/che-realm.json.erb deleted file mode 100644 index 96ad6ed224..0000000000 --- a/dockerfiles/keycloak/che-realm.json.erb +++ /dev/null @@ -1,606 +0,0 @@ -{ - "id" : "che", - "realm" : "che", - "notBefore" : 0, - "revokeRefreshToken" : false, - "accessTokenLifespan" : 300, - "accessTokenLifespanForImplicitFlow" : 900, - "ssoSessionIdleTimeout" : 36000, - "ssoSessionMaxLifespan" : 36000, - "offlineSessionIdleTimeout" : 2592000, - "accessCodeLifespan" : 60, - "accessCodeLifespanUserAction" : 300, - "accessCodeLifespanLogin" : 1800, - "enabled" : true, - "sslRequired" : "none", - "registrationAllowed" : true, - "registrationEmailAsUsername" : false, - "rememberMe" : false, - "verifyEmail" : false, - "loginWithEmailAllowed" : true, - "duplicateEmailsAllowed" : false, - "resetPasswordAllowed" : true, - "editUsernameAllowed" : false, - "bruteForceProtected" : false, - "maxFailureWaitSeconds" : 900, - "minimumQuickLoginWaitSeconds" : 60, - "waitIncrementSeconds" : 60, - "quickLoginCheckMilliSeconds" : 1000, - "maxDeltaTimeSeconds" : 43200, - "failureFactor" : 30, - "groups" : [ ], - "requiredCredentials" : [ "password" ], - "passwordPolicy" : "hashIterations(20000)", - "otpPolicyType" : "totp", - "otpPolicyAlgorithm" : "HmacSHA1", - "otpPolicyInitialCounter" : 0, - "otpPolicyDigits" : 6, - "otpPolicyLookAheadWindow" : 1, - "otpPolicyPeriod" : 30, - "clients" : [ { - "id" : "40162c8f-5c44-4b61-91cf-a6eac6b9e61a", - "clientId" : "che-public", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "56abc663-1c41-4ab2-81d1-d4b704249221", - "redirectUris" : [ "<%= scope.lookupvar('che::che_server_url') %>/*" ], - "webOrigins" : [ "<%= scope.lookupvar('che::che_server_url') %>" ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.force.post.binding" : "false", - "saml.multivalued.roles" : "false", - "saml.encrypt" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "saml.authnstatement" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false", - "saml.onetimeuse.condition" : "false" - }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "baf9d083-ada2-4a91-b75d-23b2bc639ab0", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "a32d7fa0-12e7-4032-b7f2-1e473f0f7b09", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "c4e9e195-4420-479b-b28d-e1791d29596f", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "bd31d88f-4605-44de-bc6e-03ce7bade978", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "1a2d4749-19d8-4d1c-b62e-084541644323", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "6e55493a-57ca-4d31-8f0a-ae8a046f13b1", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - } ], - "clientTemplates" : [ ], - "browserSecurityHeaders" : { - "xContentTypeOptions" : "nosniff", - "xRobotsTag" : "none", - "xFrameOptions" : "SAMEORIGIN", - "xXSSProtection" : "1; mode=block", - "contentSecurityPolicy" : "frame-src 'self'" - }, - "loginTheme" : "che", - "accountTheme" : "che", - "emailTheme" : "che", - "smtpServer" : { }, - "eventsEnabled" : false, - "eventsListeners" : [ "jboss-logging", "email" ], - "enabledEventTypes" : [ ], - "adminEventsEnabled" : false, - "adminEventsDetailsEnabled" : false, - "components" : { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { - "id" : "aff05d47-02ea-4e0d-a0b9-cc95373c7015", - "name" : "Trusted Hosts", - "providerId" : "trusted-hosts", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "host-sending-registration-request-must-match" : [ "true" ], - "client-uris-must-match" : [ "true" ] - } - }, { - "id" : "a94ae6e0-c99f-4e16-8f78-943950cdc175", - "name" : "Consent Required", - "providerId" : "consent-required", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "c4ccdc54-c827-4c43-b38f-802046d1eef0", - "name" : "Full Scope Disabled", - "providerId" : "scope", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "6ce2d388-0a46-4ad4-b57a-d330467bdd5d", - "name" : "Max Clients Limit", - "providerId" : "max-clients", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "max-clients" : [ "200" ] - } - }, { - "id" : "ea856e2e-1442-4b44-b458-00a02e9228e1", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper" ], - "consent-required-for-all-mappers" : [ "true" ] - } - }, { - "id" : "a9872891-68cc-4620-828d-be936f9e202e", - "name" : "Allowed Client Templates", - "providerId" : "allowed-client-templates", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "a2b4ca87-e7db-4ae9-84f8-e7df9bb018f9", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper" ], - "consent-required-for-all-mappers" : [ "true" ] - } - }, { - "id" : "cbcd0895-6551-4ac9-99e2-abc384a71a17", - "name" : "Allowed Client Templates", - "providerId" : "allowed-client-templates", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { } - } ], - "org.keycloak.keys.KeyProvider" : [ { - "id" : "b7f1417f-b956-4c99-9e38-d43504dcdb84", - "name" : "rsa-generated", - "providerId" : "rsa-generated", - "subComponents" : { }, - "config" : { - "privateKey" : [ "MIIEowIBAAKCAQEAhTRwl5+7W6y0upRhyX69a2O2AlfYzm9Dy/dnzYS9H+V9a4fbI9mIjrYjreU9pP6L5gpXKcGsaAiDaEvL37Io7wlbW09jY6zt3/8DQGZ1fxuvJD9MkeiLtTNBczU+aClXeg3or6zmFkRTdWv+pp1X92vSlErE8UWUtdk8HhCyKIyTzfdRMwM4JSi4AN3bJbS+Wagv4Y7Vo1O1r7xXa8byzgGA+dTih5bfQRHAj9+YQzGmeb/YbGpdQmmmOQk1bEwYDl5TYb4H7VzYrLzwWcBaHmxDug5obrvLqnbPGdkWP1sy9GcNeHziAOiFFWcMNuJcvsCL44jtidZX4cZNlCN8bQIDAQABAoIBAD5gukEm2fQqQlAFYG2dXlLF1NvwC2VQkW0YpJGHkZE4RK1wZ1y4Z8x82uR6L43ubdECEqNJQNVO90qGBCjzI1wdA50U5jQtLQ/yObGUyX0Gl9PfmJnTTmlCYWn0Cw94HLDZhpeN3gmbYYHhWtTnZeRFp80t3mAl92fZHN/vbZ6y14MmEE0utp3+FWSLl2trEJbh0Q/Pb7CyFphEUfTbZv5glefHULAnWkktfWMutaazeh/TJhrl+Hv1f9n0mvA31K3FiBdHsfgSuL0PCAlvQQu1UTn4qJ3kbYJvZ+jLE247s78KRbiebMWzNz6VB4s5C03hzSzVQyqR0ZKOrAEjXoECgYEA0/VPacGoiqSsmJGCzJ6TYoDzInWjleVORABu1rLqJGzK+EXlfAu8g6/QEb0F0HAfWliS5F4i/25egT3wE7MwA4tTYbVSNxdDW55wwPfBmHw5Le6CkzRpfGo+PBgAtlWUg7BwbF1IvaciKQLNdMJUtW87e6dpgcqwJGPHbGCe3zECgYEAoOIAen4f+NpZoKfrXViuUCKxWWphRLZy9PoI5o/PpQIBw3DGrF+GY4EK6HUojPBGH9vdLQ+hJIXeCQqcCRNTIFwvtuSHGUJMqkB3FaMZE/1Ez7MBrSrdSJqVvuX+PjxuQ97/e0uVQjIJQB0bol0kab4m5V78iW1T6UiCDZifOf0CgYAfcvqBepaDW8OwL4b0zWKY7wEkT8gh6ZAfTuEjQhCzruC+zcArE6K491EsEJvYPYqpYRMKh10yATJMguAoTCIHpJiOmtTED9OSuIOKXjh/Y48oXYdKSDCOoUTyra0NYM1UbM2BhqXQXggXha7ucBcZhJOS2VgyRdy0yYlBb2SjQQKBgQCXxn5TEReSilORx7i4mIfiG8iaJUzcKQ9sY1HwSW3IKouFWKhlR70dtEiZIqX9yFMvjRksgJkyPoRInVS1DyEV30I4VYHKZ4yx9R0jMXngLMg09Zg4SL731rY8oPdouVQA/aiiJZ0LFO87J/rBAwPuKjDBpQmzkItgAkKHFxvn9QKBgD1qGk8cP5F56zDCQp5PBE9j2TNI40pcP2gw0rdt6RvGY0ht7YUzPEVhplDus3w/UvCI7AFbTpMJs6faeLXnDUlELM0rBzDcDQ6uDpZ5GCOKztrb7179c81N1kcIAfol3ABRFGi+zEdRwv+BxSWxxMg54X9LHOnzsjhefBVdGSEG" ], - "certificate" : [ "MIIClTCCAX0CBgFcwNsbqzANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDDANjaGUwHhcNMTcwNjE5MTQ1NTAzWhcNMjcwNjE5MTQ1NjQzWjAOMQwwCgYDVQQDDANjaGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFNHCXn7tbrLS6lGHJfr1rY7YCV9jOb0PL92fNhL0f5X1rh9sj2YiOtiOt5T2k/ovmClcpwaxoCINoS8vfsijvCVtbT2NjrO3f/wNAZnV/G68kP0yR6Iu1M0FzNT5oKVd6DeivrOYWRFN1a/6mnVf3a9KUSsTxRZS12TweELIojJPN91EzAzglKLgA3dsltL5ZqC/hjtWjU7WvvFdrxvLOAYD51OKHlt9BEcCP35hDMaZ5v9hsal1CaaY5CTVsTBgOXlNhvgftXNisvPBZwFoebEO6Dmhuu8uqds8Z2RY/WzL0Zw14fOIA6IUVZww24ly+wIvjiO2J1lfhxk2UI3xtAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAC36rlGrQ0fhEmQV1c13UWQd5YUQvBIVpL4t9RgrCmUpYlEsXRT8+XsHXngnSYkyEnoegVtWxY9C0m7llUCBhMkhaKuwebkHdr1/yHgEd1GXk77MBkYFugwrRj58LvzMjEpwkZLbo+z2YCocqrAiT8xRNOENVQsdulvVDUrLrd8sc1tYsKcKRreGwg1/upnAcOUYq9CX5xeu+6XL51ckUTEVdesoguvjK94dN4Ee1noMw8fIiib0QK3KWYJSO4FRu9poSO6qPGnlXztcuqqf4M5FfJj2GuGA96np+YfNn/ImONZocN2fqipSNOK5upfAw3ZL4mLKm6YxHtdg2YSk/ac=" ], - "priority" : [ "100" ] - } - }, { - "id" : "65669621-692a-48d7-81ee-d432bde0e354", - "name" : "hmac-generated", - "providerId" : "hmac-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "51276d4b-5b9b-46bb-a8f5-fb934855e20c" ], - "secret" : [ "O2wyrQXdNjHV70HvsXIQBBFMP3AU4ezJWEq56N_WL4I" ], - "priority" : [ "100" ] - } - } ] - }, - "internationalizationEnabled" : false, - "supportedLocales" : [ ], - "authenticationFlows" : [ { - "id" : "e2ab06c1-9944-401b-9481-950a7cf3a685", - "alias" : "Handle Existing Account", - "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-confirm-link", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "idp-email-verification", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "Verify Existing Account by Re-authentication", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "76a32481-5864-4905-809c-7ecf1efb0d28", - "alias" : "Verify Existing Account by Re-authentication", - "description" : "Reauthentication of existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "OPTIONAL", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "69febc58-ca1e-4fce-879f-0f250f450cb7", - "alias" : "browser", - "description" : "browser based authentication", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-cookie", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-spnego", - "requirement" : "DISABLED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "identity-provider-redirector", - "requirement" : "ALTERNATIVE", - "priority" : 25, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "forms", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "9018edc3-d650-487b-84d5-e140c7f2fbb0", - "alias" : "clients", - "description" : "Base authentication for clients", - "providerId" : "client-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "client-secret", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "client-jwt", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "e0b6874d-2996-4f2e-b2a0-cd44f537164e", - "alias" : "direct grant", - "description" : "OpenID Connect Resource Owner Grant", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "direct-grant-validate-username", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-password", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-otp", - "requirement" : "OPTIONAL", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "ce59cdae-cd38-4eac-b8e0-d844d4eb54e1", - "alias" : "first broker login", - "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "review profile config", - "authenticator" : "idp-review-profile", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticatorConfig" : "create unique user config", - "authenticator" : "idp-create-user-if-unique", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "Handle Existing Account", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "39ba9cd2-0d0d-448c-ae3f-7d751a3c6f27", - "alias" : "forms", - "description" : "Username, password, otp and other auth forms.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "OPTIONAL", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "dfec6403-169e-43d9-9d48-762e573dc9a7", - "alias" : "registration", - "description" : "registration flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-page-form", - "requirement" : "REQUIRED", - "priority" : 10, - "flowAlias" : "registration form", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "d0969be5-b8fe-4400-857a-b186f58f79dd", - "alias" : "registration form", - "description" : "registration form", - "providerId" : "form-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-user-creation", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-profile-action", - "requirement" : "REQUIRED", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-password-action", - "requirement" : "REQUIRED", - "priority" : 50, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-recaptcha-action", - "requirement" : "DISABLED", - "priority" : 60, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "100c254d-662e-4a01-807f-d4af498bb377", - "alias" : "reset credentials", - "description" : "Reset credentials for a user if they forgot their password or something", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "reset-credentials-choose-user", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-credential-email", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-password", - "requirement" : "REQUIRED", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-otp", - "requirement" : "OPTIONAL", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "e761034d-e1a9-4e2e-acb9-bb84205ea342", - "alias" : "saml ecp", - "description" : "SAML ECP Profile Authentication Flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "http-basic-authenticator", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - } ], - "authenticatorConfig" : [ { - "id" : "cb2c77b8-656b-40d0-a653-098037ca5730", - "alias" : "create unique user config", - "config" : { - "require.password.update.after.registration" : "false" - } - }, { - "id" : "a9067668-e684-4b9c-a042-6c3c87ab18e5", - "alias" : "review profile config", - "config" : { - "update.profile.on.first.login" : "missing" - } - } ], - "requiredActions" : [ { - "alias" : "CONFIGURE_TOTP", - "name" : "Configure OTP", - "providerId" : "CONFIGURE_TOTP", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "UPDATE_PASSWORD", - "name" : "Update Password", - "providerId" : "UPDATE_PASSWORD", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "UPDATE_PROFILE", - "name" : "Update Profile", - "providerId" : "UPDATE_PROFILE", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "VERIFY_EMAIL", - "name" : "Verify Email", - "providerId" : "VERIFY_EMAIL", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "terms_and_conditions", - "name" : "Terms and Conditions", - "providerId" : "terms_and_conditions", - "enabled" : false, - "defaultAction" : false, - "config" : { } - } ], - "browserFlow" : "browser", - "registrationFlow" : "registration", - "directGrantFlow" : "direct grant", - "resetCredentialsFlow" : "reset credentials", - "clientAuthenticationFlow" : "clients", - "attributes" : { - "_browser_header.xXSSProtection" : "1; mode=block", - "_browser_header.xFrameOptions" : "SAMEORIGIN", - "failureFactor" : "30", - "quickLoginCheckMilliSeconds" : "1000", - "maxDeltaTimeSeconds" : "43200", - "_browser_header.xContentTypeOptions" : "nosniff", - "_browser_header.xRobotsTag" : "none", - "bruteForceProtected" : "false", - "maxFailureWaitSeconds" : "900", - "_browser_header.contentSecurityPolicy" : "frame-src 'self'", - "minimumQuickLoginWaitSeconds" : "60", - "waitIncrementSeconds" : "60" - }, - "keycloakVersion" : "3.2.1.Final" -} diff --git a/dockerfiles/keycloak/che-username-readonly/login/login-update-profile.ftl b/dockerfiles/keycloak/che-username-readonly/login/login-update-profile.ftl deleted file mode 100644 index 5b41c46131..0000000000 --- a/dockerfiles/keycloak/che-username-readonly/login/login-update-profile.ftl +++ /dev/null @@ -1,56 +0,0 @@ -<#import "template.ftl" as layout> -<@layout.registrationLayout; section> - <#if section = "header"> - ${msg("loginProfileTitle")} - <#elseif section = "form"> -
- <#if user.editUsernameAllowed> -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
-
-
-
- -
- -
-
-
- - diff --git a/dockerfiles/keycloak/che-username-readonly/login/theme.properties b/dockerfiles/keycloak/che-username-readonly/login/theme.properties deleted file mode 100644 index 902f581691..0000000000 --- a/dockerfiles/keycloak/che-username-readonly/login/theme.properties +++ /dev/null @@ -1 +0,0 @@ -parent=che diff --git a/dockerfiles/keycloak/che-users-0.json.erb b/dockerfiles/keycloak/che-users-0.json.erb deleted file mode 100644 index ce0ebab9fb..0000000000 --- a/dockerfiles/keycloak/che-users-0.json.erb +++ /dev/null @@ -1,37 +0,0 @@ -{ - "realm" : "che", - "users" : [ { - "id" : "b07e3a58-ed50-4a6e-be17-fcf49ff8b242", - "createdTimestamp" : 1498139671076, - "username" : "admin", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "firstName" : "Admin", - "lastName" : "Admin", - "email" : "admin@admin.com", - "credentials" : [ { - "type" : "password", - "hashedSaltedValue" : "5RAyLGBHmVbAOPfvjm+IdGpvEOEJx98UwA0pGpPQHEk6BwYpOc8WL8TtB7MdJyGlEYVF/L3uGurfdbRmihlXrA==", - "salt" : "dRvJ8IcAnfNiU5VMtuxuZQ==", - "hashIterations" : 20000, - "counter" : 0, - "algorithm" : "pbkdf2", - "digits" : 0, - "period" : 0, - "createdDate" : 1498139677908, - "config" : { } - } ], - "disableableCredentialTypes" : [ "password" ], - <% if scope.lookupvar('keycloak::che_keycloak_admin_require_update_password') == 'true' -%> - "requiredActions" : [ "UPDATE_PASSWORD" ], - <% else -%> - "requiredActions" : [ ], - <% end -%> - "realmRoles" : ["uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] - }, - "groups" : [ ] - } ] -} diff --git a/dockerfiles/keycloak/che/account/messages/messages_en.properties b/dockerfiles/keycloak/che/account/messages/messages_en.properties deleted file mode 100644 index 6f51984a94..0000000000 --- a/dockerfiles/keycloak/che/account/messages/messages_en.properties +++ /dev/null @@ -1,166 +0,0 @@ -doSave=Save -doCancel=Cancel -doLogOutAllSessions=Log out all sessions -doRemove=Remove -doAdd=Add -doSignOut=Sign Out - -editAccountHtmlTitle=Edit Account -federatedIdentitiesHtmlTitle=Federated Identities -accountLogHtmlTitle=Account Log -changePasswordHtmlTitle=Change Password -sessionsHtmlTitle=Sessions -accountManagementTitle=Keycloak Account Management -authenticatorTitle=Authenticator -applicationsHtmlTitle=Applications - -authenticatorCode=One-time code -email=Email -firstName=First name -givenName=Given name -fullName=Full name -lastName=Last name -familyName=Family name -password=Password -passwordConfirm=Confirmation -passwordNew=New Password -username=Username -address=Address -street=Street -locality=City or Locality -region=State, Province, or Region -postal_code=Zip or Postal code -country=Country -emailVerified=Email verified -gssDelegationCredential=GSS Delegation Credential - -role_admin=Admin -role_realm-admin=Realm Admin -role_create-realm=Create realm -role_view-realm=View realm -role_view-users=View users -role_view-applications=View applications -role_view-clients=View clients -role_view-events=View events -role_view-identity-providers=View identity providers -role_manage-realm=Manage realm -role_manage-users=Manage users -role_manage-applications=Manage applications -role_manage-identity-providers=Manage identity providers -role_manage-clients=Manage clients -role_manage-events=Manage events -role_view-profile=View profile -role_manage-account=Manage account -role_manage-account-links=Manage account links -role_read-token=Read token -role_offline-access=Offline access -role_uma_authorization=Obtain permissions -client_account=Account -client_security-admin-console=Security Admin Console -client_admin-cli=Admin CLI -client_realm-management=Realm Management -client_broker=Broker - - -requiredFields=Required fields -allFieldsRequired=All fields required - -backToApplication=« Back to application -backTo=Back to Dashboard - -date=Date -event=Event -ip=IP -client=Client -clients=Clients -details=Details -started=Started -lastAccess=Last Access -expires=Expires -applications=Applications - -account=Account -federatedIdentity=Federated Identity -authenticator=Authenticator -sessions=Sessions -log=Log - -application=Application -availablePermissions=Available Permissions -grantedPermissions=Granted Permissions -grantedPersonalInfo=Granted Personal Info -additionalGrants=Additional Grants -action=Action -inResource=in -fullAccess=Full Access -offlineToken=Offline Token -revoke=Revoke Grant - -configureAuthenticators=Configured Authenticators -mobile=Mobile -totpStep1=Install FreeOTP or Google Authenticator on your device. Both applications are available in Google Play and Apple App Store. -totpStep2=Open the application and scan the barcode or enter the key. -totpStep3=Enter the one-time code provided by the application and click Save to finish the setup. - -missingUsernameMessage=Please specify username. -missingFirstNameMessage=Please specify first name. -invalidEmailMessage=Invalid email address. -missingLastNameMessage=Please specify last name. -missingEmailMessage=Please specify email. -missingPasswordMessage=Please specify password. -notMatchPasswordMessage=Passwords don''t match. - -missingTotpMessage=Please specify authenticator code. -invalidPasswordExistingMessage=Invalid existing password. -invalidPasswordConfirmMessage=Password confirmation doesn''t match. -invalidTotpMessage=Invalid authenticator code. - -usernameExistsMessage=Username already exists. -emailExistsMessage=Email already exists. - -readOnlyUserMessage=You can''t update your account as it is read only. -readOnlyPasswordMessage=You can''t update your password as your account is read only. - -successTotpMessage=Mobile authenticator configured. -successTotpRemovedMessage=Mobile authenticator removed. - -successGrantRevokedMessage=Grant revoked successfully. - -accountUpdatedMessage=Your account has been updated. -accountPasswordUpdatedMessage=Your password has been updated. - -missingIdentityProviderMessage=Identity provider not specified. -invalidFederatedIdentityActionMessage=Invalid or missing action. -identityProviderNotFoundMessage=Specified identity provider not found. -federatedIdentityLinkNotActiveMessage=This identity is not active anymore. -federatedIdentityRemovingLastProviderMessage=You can''t remove last federated identity as you don''t have password. -identityProviderRedirectErrorMessage=Failed to redirect to identity provider. -identityProviderRemovedMessage=Identity provider removed successfully. -identityProviderAlreadyLinkedMessage=Federated identity returned by {0} is already linked to another user. -staleCodeAccountMessage=The page expired. Please try one more time. -consentDenied=Consent denied. - -accountDisabledMessage=Account is disabled, contact admin. - -accountTemporarilyDisabledMessage=Account is temporarily disabled, contact admin or try again later. -invalidPasswordMinLengthMessage=Invalid password: minimum length {0}. -invalidPasswordMinLowerCaseCharsMessage=Invalid password: must contain at least {0} lower case characters. -invalidPasswordMinDigitsMessage=Invalid password: must contain at least {0} numerical digits. -invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least {0} upper case characters. -invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters. -invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username. -invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s). -invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords. -invalidPasswordGenericMessage=Invalid password: new password doesn''t match password policies. - -locale_ca=Catal\u00E0 -locale_de=Deutsch -locale_en=English -locale_es=Espa\u00F1ol -locale_fr=Fran\u00e7ais -locale_it=Italian -locale_ja=\u65E5\u672C\u8A9E -locale_no=Norsk -locale_lt=Lietuvi\u0173 -locale_pt-BR=Portugu\u00EAs (Brasil) -locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439 diff --git a/dockerfiles/keycloak/che/account/resources/css/che-account.css b/dockerfiles/keycloak/che/account/resources/css/che-account.css deleted file mode 100644 index 6b0d5d2716..0000000000 --- a/dockerfiles/keycloak/che/account/resources/css/che-account.css +++ /dev/null @@ -1,102 +0,0 @@ -body { - background-color: #fff; -} - -header div.container { - width: 100%; - margin: 0; -} - -#referrer { - max-height: 36px; - background-color: #fdb940; - border-radius: 5px; - padding: 5px 15px; - margin-top: 5px; - margin-right: 10px; -} - -#referrer:hover { - background-color: #fca70e; -} - -#content { - width: 100%; - margin: 0; - padding: 0; -} - -#tabs-menu li a, #tabs-menu li a:hover { - font-size: 13px; - font-family: "Open Sans"; - color: rgba(0, 0, 0, 0.54); - background-color: #fff; - padding: 12px 24px; -} - -#tabs-menu li.active a { - color: #4a90e2; - border-bottom: 5px solid #fdb940; -} - -#tabs-menu li a:active { - transition: background-color 0.35s cubic-bezier(0.35, 0, 0.25, 1); - background-color: #cce0f6; -} - -#tab-content { - border-top: 1px solid #e4e4e4; - border-right: none; - border-left: none; -} - -#tab-content div > label.control-label { - color: #5a5a5a; - text-align: left; - font-size: 13px; - font-weight: bold; - letter-spacing: 1.3px; - font-family: "Open Sans"; - padding-top: 10px; -} - -#tab-content div > input { - box-shadow: none; - border-color: #e4e4e4; - border-radius: 2px; - font-size: 13px; - font-family: "Open Sans"; - height: 38px; - padding: 0 15px; -} - -#tab-content div > input:focus { - border-color: #4a90e2; -} - -#tab-content div > button { - min-width: 88px; - min-height: 36px; - border-radius: 2px; - border-color: rgba(255, 255, 255, 0.87); - box-shadow: none; - background-image: none; -} - -#tab-content div > button[value="Save"] { - background-color: #46af00; - text-transform: uppercase; -} - -#tab-content div > button[value="Save"]:hover { - background-color: #3f9d00; -} - -#tab-content div > button[value="Cancel"] { - color: #9c9c9c; - background-color: #d7d7d7; -} - -#tab-content div > button[value="Cancel"]:hover { - background-color: #c9c9c9; -} diff --git a/dockerfiles/keycloak/che/account/template.ftl b/dockerfiles/keycloak/che/account/template.ftl deleted file mode 100644 index 7188b53ec2..0000000000 --- a/dockerfiles/keycloak/che/account/template.ftl +++ /dev/null @@ -1,82 +0,0 @@ -<#macro mainLayout active bodyClass> - - - - - - - - ${msg("accountManagementTitle")} - - <#if properties.styles?has_content> - <#list properties.styles?split(' ') as style> - - - - <#if properties.scripts?has_content> - <#list properties.scripts?split(' ') as script> - - - - - - -
- -
- -
-
- -
- -
- <#if message?has_content> -
- <#if message.type=='success' > - <#if message.type=='error' > - ${message.summary} -
- - - <#nested "content"> -
-
- - - - diff --git a/dockerfiles/keycloak/che/account/theme.properties b/dockerfiles/keycloak/che/account/theme.properties deleted file mode 100644 index ce81ca56a2..0000000000 --- a/dockerfiles/keycloak/che/account/theme.properties +++ /dev/null @@ -1,4 +0,0 @@ -parent=keycloak -locales=en - -styles=lib/patternfly/css/patternfly.css css/account.css css/che-account.css diff --git a/dockerfiles/keycloak/che/email/html/email-verification.ftl b/dockerfiles/keycloak/che/email/html/email-verification.ftl deleted file mode 100644 index 0f6e2e6725..0000000000 --- a/dockerfiles/keycloak/che/email/html/email-verification.ftl +++ /dev/null @@ -1,17 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("emailVerificationTitle")> - <#include "header.ftl"> - -
-

${msg("emailVerificationLetterText")}

- ${msg("button", msg('emailVerificationButtonText'), link)?no_esc} -

${msg("emailLinkExpirationText", linkExpiration)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/event-login_error.ftl b/dockerfiles/keycloak/che/email/html/event-login_error.ftl deleted file mode 100644 index 036bdb1933..0000000000 --- a/dockerfiles/keycloak/che/email/html/event-login_error.ftl +++ /dev/null @@ -1,15 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("eventLoginErrorTitle")> - <#include "header.ftl"> - -
-

${msg("eventLoginErrorLetterText", event.date, event.ipAddress)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/event-remove_totp.ftl b/dockerfiles/keycloak/che/email/html/event-remove_totp.ftl deleted file mode 100644 index 162c16d79d..0000000000 --- a/dockerfiles/keycloak/che/email/html/event-remove_totp.ftl +++ /dev/null @@ -1,15 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("eventRemoveTotpTitle")> - <#include "header.ftl"> - -
-

${msg("eventRemoveTotpLetterText", event.date, event.ipAddress)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/event-update_password.ftl b/dockerfiles/keycloak/che/email/html/event-update_password.ftl deleted file mode 100644 index 514e04b214..0000000000 --- a/dockerfiles/keycloak/che/email/html/event-update_password.ftl +++ /dev/null @@ -1,15 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("eventUpdatePasswordTitle")> - <#include "header.ftl"> - -
-

${msg("eventUpdatePasswordLetterText",event.date, event.ipAddress)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/event-update_totp.ftl b/dockerfiles/keycloak/che/email/html/event-update_totp.ftl deleted file mode 100644 index 28b8a095a9..0000000000 --- a/dockerfiles/keycloak/che/email/html/event-update_totp.ftl +++ /dev/null @@ -1,15 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("eventUpdateTotpTitle")> - <#include "header.ftl"> - -
-

${msg("eventUpdateTotpLetterText",event.date, event.ipAddress)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/executeActions.ftl b/dockerfiles/keycloak/che/email/html/executeActions.ftl deleted file mode 100644 index 941b483a6e..0000000000 --- a/dockerfiles/keycloak/che/email/html/executeActions.ftl +++ /dev/null @@ -1,17 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("executeActionsTitle")> - <#include "header.ftl"> - -
-

${msg("executeActionsLetterText", realmName)}

- ${msg("button", msg('executeActionsButtonText'), link)?no_esc} -

${msg("emailLinkExpirationText", linkExpiration)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/footer.ftl b/dockerfiles/keycloak/che/email/html/footer.ftl deleted file mode 100644 index a3257ec250..0000000000 --- a/dockerfiles/keycloak/che/email/html/footer.ftl +++ /dev/null @@ -1,5 +0,0 @@ -
- - - -
diff --git a/dockerfiles/keycloak/che/email/html/header.ftl b/dockerfiles/keycloak/che/email/html/header.ftl deleted file mode 100644 index 0aed0d5b25..0000000000 --- a/dockerfiles/keycloak/che/email/html/header.ftl +++ /dev/null @@ -1,5 +0,0 @@ -
- ${msg("product")} -
- ${letterTitle} -
diff --git a/dockerfiles/keycloak/che/email/html/identity-provider-link.ftl b/dockerfiles/keycloak/che/email/html/identity-provider-link.ftl deleted file mode 100644 index ce46a6a3a0..0000000000 --- a/dockerfiles/keycloak/che/email/html/identity-provider-link.ftl +++ /dev/null @@ -1,17 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("identityProviderLinkTitle")> - <#include "header.ftl"> - -
-

${msg("identityProviderLinkLetterText", identityProviderAlias, realmName, identityProviderContext.username)}

- ${msg("button", msg('identityProviderLinkButtonText'), link)?no_esc} -

${msg("emailLinkExpirationText", linkExpiration)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/html/password-reset.ftl b/dockerfiles/keycloak/che/email/html/password-reset.ftl deleted file mode 100644 index 8b1aa00b98..0000000000 --- a/dockerfiles/keycloak/che/email/html/password-reset.ftl +++ /dev/null @@ -1,17 +0,0 @@ - - -${msg("robotoFontIncludeStyle")?no_esc} - - - <#assign letterTitle=msg("passwordResetTitle")> - <#include "header.ftl"> - -
-

${msg("passwordResetLetterText", realmName)}

- ${msg("button", msg('passwordResetButtonText'), link)?no_esc} -

${msg("emailLinkExpirationText", linkExpiration)}

-
- - <#include "footer.ftl"> - - diff --git a/dockerfiles/keycloak/che/email/messages/messages_en.properties b/dockerfiles/keycloak/che/email/messages/messages_en.properties deleted file mode 100644 index 3fef97b478..0000000000 --- a/dockerfiles/keycloak/che/email/messages/messages_en.properties +++ /dev/null @@ -1,51 +0,0 @@ -product=Eclipse Che - -button=

{0}

- -emailLinkExpirationText=Link will expire within {0} minutes. - -emailVerificationSubject=Eclipse Che: Email address verification -emailVerificationTitle=Email address verification -emailVerificationLetterText=Please click on "Verify email" to complete the email address registration and get access to Che. -emailVerificationButtonText=Verify Email - -identityProviderLinkSubject=Link {0} -identityProviderLinkTitle=Link Account -identityProviderLinkLetterText=Someone wants to link your "{1}" account with "{0}" account of user {2}. If this was you, click the link below to link accounts. If you don''t want to link account, just ignore this message. If you link accounts, you will be able to login to {1} through {0}. -identityProviderLinkButtonText=Link Account - -passwordResetSubject=Reset password -passwordResetTitle=Reset your password -passwordResetLetterText=Someone just requested to change your {0} account''s credentials. If this was you, click on the link below to reset them. If you don''t want to reset your credentials, just ignore this message and nothing will be changed. -passwordResetButtonText=Reset Password - -executeActionsSubject=Update Your Account -executeActionsTitle=Update Your Account -executeActionsLetterText=Your Che admin has just requested that you update your {0} account. Click on the link below to start this process. If you are unaware that your Che admin has requested this, just ignore this message and nothing will be changed. -executeActionsButtonText=Update Account - -eventLoginErrorSubject=Login error -eventLoginErrorTitle=Login error -eventLoginErrorLetterText=A failed login attempt was detected to your account on {0} from {1}. If this was not you, please contact an admin. - -eventRemoveTotpSubject=Remove TOTP -eventRemoveTotpTitle=Remove TOTP -eventRemoveTotpLetterText=TOTP was removed from your account on {0} from {1}. If this was not you, please contact your Che admin. - -eventUpdatePasswordSubject=Password successfully changed -eventUpdatePasswordTitle=Password successfully changed -eventUpdatePasswordLetterText=Your password was successfully changed on {0} from {1}. If this was not you, please contact your Che admin. - -eventUpdateTotpSubject=Update TOTP -eventUpdateTotpTitle=Update TOTP -eventUpdateTotpLetterText=TOTP was updated for your account on {0} from {1}. If this was not you, please contact an admin. - -eclipseCheMainSiteLink=http://www.eclipse.org/che/ -eclipseCheLogoLink=https://www.eclipse.org/che/images/logo-eclipseche.svg - -robotoFontIncludeStyle= -mailBodyStyle=width: 700px; margin: 0 auto; font-size: 16px; font-family: 'Roboto'; -productTitleStyle=font-size: 26px; color: #cccccc; -mailTitleStyle=font-size: 24px; color: white; -mailBannerStyle=background-color: #292c2f; color: white; padding: 25px 10px; -mailContentStyle=padding: 10px; diff --git a/dockerfiles/keycloak/che/email/text/email-verification.ftl b/dockerfiles/keycloak/che/email/text/email-verification.ftl deleted file mode 100644 index fb2c811bf3..0000000000 --- a/dockerfiles/keycloak/che/email/text/email-verification.ftl +++ /dev/null @@ -1,8 +0,0 @@ -<#assign letterTitle=msg("emailVerificationTitle")> -<#include "header.ftl"> - -${msg("emailVerificationLetterText")} -${link} -${msg("emailLinkExpirationText", linkExpiration)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/event-login_error.ftl b/dockerfiles/keycloak/che/email/text/event-login_error.ftl deleted file mode 100644 index 7d43a43dd2..0000000000 --- a/dockerfiles/keycloak/che/email/text/event-login_error.ftl +++ /dev/null @@ -1,6 +0,0 @@ -<#assign letterTitle=msg("eventLoginErrorTitle")> -<#include "header.ftl"> - -${msg("eventLoginErrorLetterText", event.date, event.ipAddress)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/event-remove_totp.ftl b/dockerfiles/keycloak/che/email/text/event-remove_totp.ftl deleted file mode 100644 index 6e8613d486..0000000000 --- a/dockerfiles/keycloak/che/email/text/event-remove_totp.ftl +++ /dev/null @@ -1,6 +0,0 @@ -<#assign letterTitle=msg("eventRemoveTotpTitle")> -<#include "header.ftl"> - -${msg("eventRemoveTotpLetterText", event.date, event.ipAddress)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/event-update_password.ftl b/dockerfiles/keycloak/che/email/text/event-update_password.ftl deleted file mode 100644 index b8aca71c07..0000000000 --- a/dockerfiles/keycloak/che/email/text/event-update_password.ftl +++ /dev/null @@ -1,6 +0,0 @@ -<#assign letterTitle=msg("eventUpdatePasswordTitle")> -<#include "header.ftl"> - -${msg("eventUpdatePasswordLetterText", event.date, event.ipAddress)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/event-update_totp.ftl b/dockerfiles/keycloak/che/email/text/event-update_totp.ftl deleted file mode 100644 index ba8371a1f1..0000000000 --- a/dockerfiles/keycloak/che/email/text/event-update_totp.ftl +++ /dev/null @@ -1,6 +0,0 @@ -<#assign letterTitle=msg("eventUpdateTotpTitle")> -<#include "header.ftl"> - -${msg("eventUpdateTotpLetterText", event.date, event.ipAddress)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/executeActions.ftl b/dockerfiles/keycloak/che/email/text/executeActions.ftl deleted file mode 100644 index e7bee97e10..0000000000 --- a/dockerfiles/keycloak/che/email/text/executeActions.ftl +++ /dev/null @@ -1,8 +0,0 @@ -<#assign letterTitle=msg("executeActionsTitle")> -<#include "header.ftl"> - -${msg("executeActionsLetterText")} -${link} -${msg("emailLinkExpirationText", linkExpiration)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/footer.ftl b/dockerfiles/keycloak/che/email/text/footer.ftl deleted file mode 100644 index 4eee3e682a..0000000000 --- a/dockerfiles/keycloak/che/email/text/footer.ftl +++ /dev/null @@ -1,3 +0,0 @@ --------------------------------------------------- - ${msg("eclipseCheMainSiteLink")} --------------------------------------------------- diff --git a/dockerfiles/keycloak/che/email/text/header.ftl b/dockerfiles/keycloak/che/email/text/header.ftl deleted file mode 100644 index 5fa456b741..0000000000 --- a/dockerfiles/keycloak/che/email/text/header.ftl +++ /dev/null @@ -1,3 +0,0 @@ --------------------------------------------------- - ${letterTitle} --------------------------------------------------- diff --git a/dockerfiles/keycloak/che/email/text/identity-provider-link.ftl b/dockerfiles/keycloak/che/email/text/identity-provider-link.ftl deleted file mode 100644 index 8920fdcc12..0000000000 --- a/dockerfiles/keycloak/che/email/text/identity-provider-link.ftl +++ /dev/null @@ -1,8 +0,0 @@ -<#assign letterTitle=msg("identityProviderLinkTitle")> -<#include "header.ftl"> - -${msg("identityProviderLinkLetterText", identityProviderAlias, realmName, identityProviderContext.username)} -${link} -${msg("emailLinkExpirationText", linkExpiration)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/text/password-reset.ftl b/dockerfiles/keycloak/che/email/text/password-reset.ftl deleted file mode 100644 index 62528a2a92..0000000000 --- a/dockerfiles/keycloak/che/email/text/password-reset.ftl +++ /dev/null @@ -1,8 +0,0 @@ -<#assign letterTitle=msg("passwordResetTitle")> -<#include "header.ftl"> - -${msg("passwordResetLetterText", realmName)} -${link} -${msg("emailLinkExpirationText", linkExpiration)} - -<#include "footer.ftl"> diff --git a/dockerfiles/keycloak/che/email/theme.properties b/dockerfiles/keycloak/che/email/theme.properties deleted file mode 100644 index 0f4cd40af3..0000000000 --- a/dockerfiles/keycloak/che/email/theme.properties +++ /dev/null @@ -1,2 +0,0 @@ -parent=base -locales=en diff --git a/dockerfiles/keycloak/che/login/login-reset-password.ftl b/dockerfiles/keycloak/che/login/login-reset-password.ftl deleted file mode 100644 index 8693947081..0000000000 --- a/dockerfiles/keycloak/che/login/login-reset-password.ftl +++ /dev/null @@ -1,34 +0,0 @@ -<#import "template.ftl" as layout> -<@layout.registrationLayout displayInfo=true; section> - <#if section = "title"> - ${msg("emailForgotTitle")} - <#elseif section = "header"> - ${msg("emailForgotTitle")} - <#elseif section = "form"> - <#include "logo.ftl"> - -
-
-
${msg("passwordRecover")}
- -
- ${msg("usernameOrEmail")}<#else>${msg("email")}"/> -
-
- -
- - -
- -
-
-
- <#elseif section = "info" > - ${msg("emailInstruction")} - - diff --git a/dockerfiles/keycloak/che/login/login-update-password.ftl b/dockerfiles/keycloak/che/login/login-update-password.ftl deleted file mode 100644 index 96599c641c..0000000000 --- a/dockerfiles/keycloak/che/login/login-update-password.ftl +++ /dev/null @@ -1,40 +0,0 @@ -<#import "template.ftl" as layout> -<@layout.registrationLayout displayInfo=true; section> - <#if section = "title"> - ${msg("updatePasswordTitle")} - <#elseif section = "header"> - ${msg("updatePasswordTitle")} - <#elseif section = "form"> - <#include "logo.ftl"> - -
- - - -
Setup your password.
- -
-
- -
-
- -
-
- -
-
- -
-
-
-
-
- -
- -
-
-
- - diff --git a/dockerfiles/keycloak/che/login/login-update-profile.ftl b/dockerfiles/keycloak/che/login/login-update-profile.ftl deleted file mode 100644 index d2131a3634..0000000000 --- a/dockerfiles/keycloak/che/login/login-update-profile.ftl +++ /dev/null @@ -1,56 +0,0 @@ -<#import "template.ftl" as layout> -<@layout.registrationLayout; section> - <#if section = "header"> - ${msg("loginProfileTitle")} - <#elseif section = "form"> -
- <#if user.editUsernameAllowed> -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
-
-
-
- -
- -
-
-
- - diff --git a/dockerfiles/keycloak/che/login/login.ftl b/dockerfiles/keycloak/che/login/login.ftl deleted file mode 100644 index dd0bde5bfd..0000000000 --- a/dockerfiles/keycloak/che/login/login.ftl +++ /dev/null @@ -1,75 +0,0 @@ -<#import "template.ftl" as layout> -<@layout.registrationLayout displayInfo=social.displayInfo; section> - <#if section = "title"> - ${msg("loginTitle",(realm.displayName!''))} - <#elseif section = "header"> - ${msg("loginTitleHtml",(realm.displayNameHtml!''))} - <#elseif section = "form"> - <#include "logo.ftl"> - - <#if realm.password> -
-
-
${msg("passwordLogin")}
-
- <#if usernameEditDisabled??> - - <#else> - ${msg("usernameOrEmail")}<#else>${msg("email")}" /> - -
-
- -
-
- -
-
- -
-
- <#if realm.rememberMe && !usernameEditDisabled??> -
- -
- -
- <#if realm.resetPasswordAllowed> - ${msg("doForgotPassword")} - -
-
- -
-
- -
-
-
-
- - <#elseif section = "info" > - <#if realm.password && social.providers??> -
${msg("oauthLogin")}
-
- -
- - - <#if realm.password && realm.registrationAllowed && !usernameEditDisabled??> -
- ${msg("noAccount")} ${msg("doRegister")} -
- - - diff --git a/dockerfiles/keycloak/che/login/logo.ftl b/dockerfiles/keycloak/che/login/logo.ftl deleted file mode 100644 index bee2371847..0000000000 --- a/dockerfiles/keycloak/che/login/logo.ftl +++ /dev/null @@ -1,4 +0,0 @@ -
- - ${msg("product")} -
diff --git a/dockerfiles/keycloak/che/login/messages/messages_en.properties b/dockerfiles/keycloak/che/login/messages/messages_en.properties deleted file mode 100644 index dd2494e222..0000000000 --- a/dockerfiles/keycloak/che/login/messages/messages_en.properties +++ /dev/null @@ -1,8 +0,0 @@ -product=Eclipse Che -passwordLogin=Login with password -oauthLogin=Login with OAuth -formRegister=Create an account with a form -passwordRecover=Forgot your password?
Enter your email below. -usernameTitle=Username has to comply with the DNS naming convention. An alphanumeric (a-z, and 0-9) string, with a maximum length of 63 characters, with the '-' character allowed anywhere except the first or last character. -registerWithTitle=Register with {0} -registerWithTitleHtml={0} diff --git a/dockerfiles/keycloak/che/login/register.ftl b/dockerfiles/keycloak/che/login/register.ftl deleted file mode 100644 index fc73f7aec0..0000000000 --- a/dockerfiles/keycloak/che/login/register.ftl +++ /dev/null @@ -1,76 +0,0 @@ -<#import "template.ftl" as layout> -<@layout.registrationLayout; section> - <#if section = "title"> - ${msg("registerWithTitle",(realm.displayName!''))} - <#elseif section = "header"> - ${msg("registerWithTitleHtml",(realm.displayNameHtml!''))?no_esc} - <#elseif section = "form"> - <#include "logo.ftl"> - -
- - - -
${msg("formRegister")}
- - <#if !realm.registrationEmailAsUsername> -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
- - <#if passwordRequired> -
-
- -
-
- -
-
- -
-
- - - <#if recaptchaRequired??> -
-
-
-
-
- - -
- - -
- -
-
-
- - diff --git a/dockerfiles/keycloak/che/login/resources/css/che-login.css b/dockerfiles/keycloak/che/login/resources/css/che-login.css deleted file mode 100644 index 82381af0ad..0000000000 --- a/dockerfiles/keycloak/che/login/resources/css/che-login.css +++ /dev/null @@ -1,244 +0,0 @@ - -@import url('https://fonts.googleapis.com/css?family=Roboto'); - -body { - background-color: #1b2b57; - color: #4a90e2; - font-family: 'Roboto'; - font-size: 14px; -} - -a { - color: #fff; - text-decoration: none; -} - -a:hover { - text-decoration: underline; -} - -div#kc-content { - position: absolute; - top: 20%; - left: 50%; - width: 400px; - margin-left: -225px; -} - -div#kc-form { - float: left; - width: 400px; -} - -div#kc-form label { - display: block; - font-family: 'Roboto'; - font-size: 24px; - margin-bottom: 10px; -} - -div#info-area { - position: fixed; - bottom: 0; - left: 0; - margin-top: 40px; - background-color: rgba(0, 0, 0, 0.4); - padding: 20px; - width: 100%; -} - -div#info-area p { - margin-right: 30px; - display: inline; - text-shadow: none; -} - -input { - font-family: 'Roboto'; -} - -input[type=text], input[type=password] { - width: 375px; - height: 46px; - margin: 0 0 10px 0; - border-radius: 5px; - padding-left: 21px; - color: #fff; - background: #2d407d; - font-size: 16px; - font-size: 18px; - vertical-align: middle; - border: none; -} - -input[type=text]:focus, input[type=password]:focus { - background: #3f55ae; - outline: none; -} - -input[type=submit] { - border: none; - width: 180px; - height: 40px; - border-radius: 5px; - font-size: 16px; - font-weight: bold; - color: #fff; - background: #44a73b; - cursor: pointer; - - padding: 10px; - margin-top: 20px; - margin-right: 10px; - margin-bottom: 25px; -} - -input[type=submit]:hover { - background-color: #398842; -} - -div#kc-form-options div { - display: inline-block; - margin-right: 20px; - font-size: 12px; -} - -div#kc-form-options a { - font-size: 14px; - font-family: 'Roboto'; -} - -div#kc-form-options div label { - font-size: 14px; -} - -div#kc-feedback { - box-shadow: 0px 0px 6px rgba(0,0,0,0.5); - position: fixed; - top: 0; - left: 0; - width: 100%; - text-align: center; -} - -.kc-feedback-text { - color: #fff; - font-size: 18px; - text-align: left; - display: block; - margin-bottom: 25px; - padding: 15px; -} - -div#kc-feedback-wrapper { - padding: 1em; -} - -div.feedback-success { - background-color: rgba(155,155,255,0.1); -} - -div.feedback-warning { - background-color: rgba(255,175,0,0.1); -} - -div.feedback-error { - background-color: rgba(255,0,0,0.1); -} - -.alert { - border-radius: 5px; -} - -.alert-success { - background-color: #44a73b; -} - -.alert-warning { - background-color: #8c9837; -} - -.alert-error { - background-color: #d7342d; -} - - -div#kc-error-message { - color: #fff; - background-color: #d7342d; - border-radius: 5px; - text-align: center; - display: inline-block; - font-size: 16px; - padding-left: 15px; - padding-right: 15px; -} - -div#kc-header { - display: none; -} - -div#kc-registration { - font-size: 20px; - margin-top: 20px; - margin-bottom: 20px; -} - -div#social-login { - border-left: 1px solid rgba(255, 255, 255, 0.2); - float: right; - width: 150px; - padding: 20px 0 200px 40px; -} - -div.social-login span { - display: none; -} - -div#kc-social-providers ul { - list-style: none; - margin: 0; - padding: 0; - - font-size: 18px; -} - -div#kc-social-providers ul li { - margin-bottom: 10px; -} - -div#kc-social-providers ul li span { - display: inline; -} - -a.zocial { - border: none; - padding-top: 0.2em; - padding-bottom: 0.2em; -} - -#logo-banner { - color: #fff; - font-weight: bold; - font-size: 36px; - display: inline-block; - margin-bottom: 25px; -} - -#logo-banner #che-logo { - width: 64px; - height: 64px; - vertical-align: middle; -} - -#logo-banner span { - display: inline-block; - vertical-align: middle; - margin-left: 10px; -} - -.kc-form-title { - font-family: 'Roboto'; - font-size: 20px; - margin-bottom: 10px; -} diff --git a/dockerfiles/keycloak/che/login/resources/img/che-logo.svg b/dockerfiles/keycloak/che/login/resources/img/che-logo.svg deleted file mode 100644 index e42f534d84..0000000000 --- a/dockerfiles/keycloak/che/login/resources/img/che-logo.svg +++ /dev/null @@ -1,23 +0,0 @@ - - - - - - - - - diff --git a/dockerfiles/keycloak/che/login/resources/img/favicon.ico b/dockerfiles/keycloak/che/login/resources/img/favicon.ico deleted file mode 100644 index 903abcb13f0ac160bcc56706ddf89b6ed56aab30..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 20502 zcmeI3c~BEq7{E6-B#;m;g~}nfAeRDB4kHCYAP8E)n@+`}RY&aDid8G%(c;)~^bb2) zYY#hiMkv#cirRXV={WtPwsus!%G6?=X+2P|trZp7zHgIV*EA%%n@zGom)Y#MZ{Pdg z`+o23+wUDQ>^*c6;pi&VLo5gY`2%wnmhS7PPx>b>X+*tLB32AWKG26`L=RuEdTPl{OZM9e zTV7Vskr?(u#b9CseF*fawrpqeygEPo*bpCef;;o^S9`}+`G7R&7EL+CcMk(U&|cse}LKSzjc`0PX2 zFrmkVch*Ox3=;w$=tEx4%{)jipDX2t>1Fqf-*t(HEBJWI<-XAOZJ0Irkt;b2ly~iv zqTgXm;Vd>(A5vksHBgy^6h3c4&WWK~O_C$|nEH@*A=%BOEE{J{ehgy@m4_mLPd))^ z?>N+lv@$7!kmI~vS$fCxU6J<8^E61_QMNrr|>1vaB@!d`$3=iRQL5xhK|{ zO7hMywU=o;S8{>8VII%k`9_gQB!;$x+zz*-^n30g1JaHh6$iKkI|hQRy*b83=$h{`WFT6p%Q(U-gsH(shHN1}(?C-|MfBl#`lN*m7Qw>i{bX41Sv|bOn%m@5U z@C(^;sjl7BRor}yVnOEuvi{J6M=>=!cFHsXyspVOnh9OMueU04Qbx*ldYCOaeb>43 z<}57TXSa0S39VdFE0)TM`4d}u-TgUJE+ngr-4`zTWfYgVyWO_RpRud`0%3k)m#GfuNA2Zd zo<4Ei{sW#tk&#TxK#!;J3l4^NQ-AnjpSfOV_Gymb0`@@P6ZP8GZBmtn(H>KYLa78l zAm^)|zsz~i@7e05GiM`18>Q#Vx17~{vuoJor8NWgJ!mo)#vEflyVA)fZ<~7AK(G+k z(OgJd)3*P3+9ye`rx!sTr_+tvdh&ZR4wvib?WcayjLhME@2a!7kTxf*X=(;O32VP- zA;avx9_j0kU%B^lML>^ z!W^AD^MUVD_?)_WvD|~#|EW-h#Kk3TJapLY*dRY9VfDTykH9d8{tu4d7(=Ph1q7yn3}(kS;03L?h;=({HbKGe8cspfUh z%~M9Rxbco2Jvw#EcPCxRhM0#5jc2rPkA-RWN2TTle!J>SKE%9TMp3c-1~^s&%q7A1 zaNL1=_Z`V6yXAJbJFZ>9_#S+1zS(f~;T_u=*lS1gD&y03{CtKFKK6|H*q7W1DMVs1 zjPWz~{dt26AIf*PV~)THR&ve)#uP9|G_Ljj115YZ-(BG;h<$3D4QH58IV?6das9zo zYiwX$#nHYy!{RzU8ZnZtF_rPR7ird;^mHOwW0LEUEHTRcNJNQ=`0#^ab%fkQ z$YF%sM#vgMCPYjEGLaNrL535KHRxn2`_SS;Ix;QjHOUgZo{}|qCnf7~WSS{X9TeUu zBM3MtBRF`QDI7t=drYz($$cgniFm(JmVk`c6M8g++)0yr3E3E@&zKhx2RF)f#7!S6 zcOO&`I*c-ufs~@(IE+#`l{WH`DF zqsc^l!96;N`ZCEx{m| "/scripts/openshift.jks", password => "openshift", disabled => "false" },enabled=true) -stop-embedded-server \ No newline at end of file diff --git a/dockerfiles/keycloak/kc_realm_user.sh b/dockerfiles/keycloak/kc_realm_user.sh deleted file mode 100755 index 357f42cc2b..0000000000 --- a/dockerfiles/keycloak/kc_realm_user.sh +++ /dev/null @@ -1,105 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# - -function jks_import_ca_bundle { - CA_FILE=$1 - KEYSTORE_PATH=$2 - KEYSTORE_PASSWORD=$3 - - if [ ! -f "$CA_FILE" ]; then - # CA bundle file doesn't exist, skip it - echo "Failed to import CA certificates from ${CA_FILE}. File doesn't exist" - return - fi - - bundle_name=$(basename "$CA_FILE") - certs_imported=0 - cert_index=0 - tmp_file=/tmp/cert.pem - is_cert=false - while IFS= read -r line; do - if [ "$line" == "-----BEGIN CERTIFICATE-----" ]; then - # Start copying a new certificate - is_cert=true - cert_index=$((cert_index+1)) - # Reset destination file and add header line - echo "$line" > ${tmp_file} - elif [ "$line" == "-----END CERTIFICATE-----" ]; then - # End of the certificate is reached, add it to trust store - is_cert=false - echo "$line" >> ${tmp_file} - keytool -importcert -alias "${bundle_name}_${cert_index}" -keystore "$KEYSTORE_PATH" -file $tmp_file -storepass "$KEYSTORE_PASSWORD" -noprompt && \ - certs_imported=$((certs_imported+1)) - elif [ "$is_cert" == true ]; then - # In the middle of a certificate, copy line to target file - echo "$line" >> ${tmp_file} - fi - done < "$CA_FILE" - echo "Imported ${certs_imported} certificates from ${CA_FILE}" - # Clean up - rm -f $tmp_file -} - -echo "Configuring Keycloak by modifying realm and user templates..." - -cat /scripts/che-users-0.json.erb | \ - sed -e "/<% if scope.lookupvar('keycloak::che_keycloak_admin_require_update_password') == 'true' -%>/d" | \ - sed -e "/<% else -%>/d" | \ - sed -e "/<% end -%>/d" | \ - sed -e "/\"requiredActions\" : \[ \],/d" > /scripts/che-users-0.json - -if [ "${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}" == "false" ]; then - sed -i -e "s#\"UPDATE_PASSWORD\"##" /scripts/che-users-0.json -fi - -DEFAULT_CHE_HOST="che-${NAMESPACE}.${ROUTING_SUFFIX}" -CHE_HOST=${CHE_HOST:-${DEFAULT_CHE_HOST}} - -cat /scripts/che-realm.json.erb | \ - sed -e "s@<%= scope\.lookupvar('che::che_server_url') %>@${PROTOCOL}://${CHE_HOST}@" \ - > /scripts/che-realm.json - -# Handle CA certificates -KEYSTORE_PATH=/scripts/openshift.jks -TRUST_STORE_PASSWORD=${TRUSTPASS:-openshift} -CUSTOM_CERTS_DIR=/public-certs - -# Check for additional CA certificates propagated to Keycloak -if [[ -d $CUSTOM_CERTS_DIR && -n $(find "${CUSTOM_CERTS_DIR}" -type f) ]]; then - for certfile in ${CUSTOM_CERTS_DIR}/* ; do - jks_import_ca_bundle "$certfile" "$KEYSTORE_PATH" "$TRUST_STORE_PASSWORD" - done -fi - -# Check for self-sighed certificate -if [ "${CHE_SELF__SIGNED__CERT}" != "" ]; then - echo "${CHE_SELF__SIGNED__CERT}" > /scripts/openshift.cer - keytool -importcert -alias HOSTDOMAIN -keystore $KEYSTORE_PATH -file /scripts/openshift.cer -storepass $TRUST_STORE_PASSWORD -noprompt -fi - -# Export Java trust store into one that is propagated to Keycloak -if [ -f "$KEYSTORE_PATH" ]; then - keytool -importkeystore -srckeystore $JAVA_HOME/jre/lib/security/cacerts -destkeystore $KEYSTORE_PATH -srcstorepass changeit -deststorepass $TRUST_STORE_PASSWORD - /opt/jboss/keycloak/bin/jboss-cli.sh --file=/scripts/cli/add_openshift_certificate.cli && rm -rf /opt/jboss/keycloak/standalone/configuration/standalone_xml_history -fi - -# POSTGRES_PORT is assigned by Kubernetes controller -# and it isn't fit to docker-entrypoin.sh. -unset POSTGRES_PORT - -echo "Starting Keycloak server..." - -SYS_PROPS="-Dkeycloak.migration.action=import \ - -Dkeycloak.migration.provider=dir \ - -Dkeycloak.migration.strategy=IGNORE_EXISTING \ - -Dkeycloak.migration.dir=/scripts/ \ - -Djboss.bind.address=0.0.0.0" - -exec /opt/jboss/tools/docker-entrypoint.sh $SYS_PROPS diff --git a/dockerfiles/keycloak/keycloak_config.sh b/dockerfiles/keycloak/keycloak_config.sh deleted file mode 100755 index bde97b3a27..0000000000 --- a/dockerfiles/keycloak/keycloak_config.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# - -echo "Configuring Keycloak..." - -cat /scripts/che-users-0.json.erb | \ - sed -e "/<% if scope.lookupvar('keycloak::che_keycloak_admin_require_update_password') == 'true' -%>/d" | \ - sed -e "/<% else -%>/d" | \ - sed -e "/<% end -%>/d" | \ - sed -e "/\"requiredActions\" : \[ \],/d" | \ - jq .users[] > /scripts/che-user.json - -if [ "${CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD}" == "false" ]; then - sed -i -e "s#\"UPDATE_PASSWORD\"##" /scripts/che-user.json -fi - -cat /scripts/che-realm.json.erb | sed -e "s@<%= scope\.lookupvar('che::che_server_url') %>@${HTTP_PROTOCOL}://${CHE_HOST}@" > /scripts/realm.json - -echo "Creating Che realm and che-public client..." - -cd /opt/jboss/keycloak/bin - -./kcadm.sh create realms -f /scripts/realm.json --no-config --server ${HTTP_PROTOCOL}://${KC_HOST}/auth --realm master --user admin --password admin - -echo "Creating default Che user with the following credentials 'admin:admin'" - -./kcadm.sh create users -r che -f /scripts/che-user.json --no-config --server ${HTTP_PROTOCOL}://${KC_HOST}/auth --realm master --user admin --password admin - -echo "Done!" diff --git a/dockerfiles/keycloak/master-realm.json.erb b/dockerfiles/keycloak/master-realm.json.erb deleted file mode 100644 index 8d324e6ab2..0000000000 --- a/dockerfiles/keycloak/master-realm.json.erb +++ /dev/null @@ -1,1483 +0,0 @@ -{ - "id" : "master", - "realm" : "master", - "displayName" : "Keycloak", - "displayNameHtml" : "
Keycloak
", - "notBefore" : 0, - "revokeRefreshToken" : false, - "accessTokenLifespan" : 60, - "accessTokenLifespanForImplicitFlow" : 900, - "ssoSessionIdleTimeout" : 1800, - "ssoSessionMaxLifespan" : 36000, - "offlineSessionIdleTimeout" : 2592000, - "accessCodeLifespan" : 60, - "accessCodeLifespanUserAction" : 300, - "accessCodeLifespanLogin" : 1800, - "enabled" : true, - "sslRequired" : "none", - "registrationAllowed" : false, - "registrationEmailAsUsername" : false, - "rememberMe" : false, - "verifyEmail" : false, - "loginWithEmailAllowed" : true, - "duplicateEmailsAllowed" : false, - "resetPasswordAllowed" : false, - "editUsernameAllowed" : false, - "bruteForceProtected" : false, - "maxFailureWaitSeconds" : 900, - "minimumQuickLoginWaitSeconds" : 60, - "waitIncrementSeconds" : 60, - "quickLoginCheckMilliSeconds" : 1000, - "maxDeltaTimeSeconds" : 43200, - "failureFactor" : 30, - "roles" : { - "realm" : [ { - "id" : "aec0182b-9391-43f3-ac65-23f5bb3877e7", - "name" : "admin", - "description" : "${role_admin}", - "scopeParamRequired" : false, - "composite" : true, - "composites" : { - "realm" : [ "create-realm" ], - "client" : { - "che-realm" : [ "view-events", "view-realm", "view-users", "view-identity-providers", "manage-events", "manage-users", "manage-clients", "manage-authorization", "view-clients", "view-authorization", "create-client", "manage-identity-providers", "impersonation", "manage-realm" ], - "master-realm" : [ "manage-users", "manage-clients", "view-authorization", "manage-identity-providers", "view-users", "impersonation", "manage-realm", "manage-authorization", "view-clients", "view-identity-providers", "view-events", "create-client", "view-realm", "manage-events" ] - } - }, - "clientRole" : false, - "containerId" : "master" - }, { - "id" : "3e3a9c5f-01e4-4f55-847c-dec70214e188", - "name" : "uma_authorization", - "description" : "${role_uma_authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "master" - }, { - "id" : "7fe6fec2-4e44-4425-9fa3-045123bb66a1", - "name" : "create-realm", - "description" : "${role_create-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "master" - }, { - "id" : "16992f6c-e2b1-4888-b072-d0d28c89772d", - "name" : "offline_access", - "description" : "${role_offline-access}", - "scopeParamRequired" : true, - "composite" : false, - "clientRole" : false, - "containerId" : "master" - } ], - "client" : { - "che-realm" : [ { - "id" : "3b1283d2-84db-4d57-b7de-9793e0e0c93e", - "name" : "view-clients", - "description" : "${role_view-clients}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "ee353295-0c1a-41e9-94d7-0bb5fd7afff0", - "name" : "view-events", - "description" : "${role_view-events}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "b1697942-c65d-4448-91e0-4f54ff7f7f3e", - "name" : "view-realm", - "description" : "${role_view-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "36bdd2b7-e81c-472f-b0be-2dd46b8f4654", - "name" : "view-authorization", - "description" : "${role_view-authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "2a7278ab-1976-48ea-9fde-e8e2b37a4489", - "name" : "view-users", - "description" : "${role_view-users}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "8ccbbf67-b5b1-450c-b354-b8cbf99d0e0c", - "name" : "view-identity-providers", - "description" : "${role_view-identity-providers}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "ed51fbf0-8821-4138-b7a0-7e146c061438", - "name" : "manage-events", - "description" : "${role_manage-events}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "c055ffc8-f8d1-4bca-989e-3a17df647b6a", - "name" : "create-client", - "description" : "${role_create-client}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "5334d8d1-1aa4-45e5-ba8f-7bb2cc63cad7", - "name" : "manage-users", - "description" : "${role_manage-users}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "e725bc9b-7686-4cb7-a4bd-94b667dfc7ff", - "name" : "manage-identity-providers", - "description" : "${role_manage-identity-providers}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "205ab1a2-321a-453e-91b9-2868076ecdc4", - "name" : "manage-clients", - "description" : "${role_manage-clients}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "7dd2eedd-5823-48de-90de-5a11b41e1eb3", - "name" : "impersonation", - "description" : "${role_impersonation}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "2d323fe8-9a1c-4cf1-8b5a-2be04d882e98", - "name" : "manage-realm", - "description" : "${role_manage-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - }, { - "id" : "4e852fb0-1e5a-4c4c-af6f-0981a9e9ff37", - "name" : "manage-authorization", - "description" : "${role_manage-authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0" - } ], - "security-admin-console" : [ ], - "admin-cli" : [ ], - "broker" : [ { - "id" : "5c4334ef-5425-4e94-bc05-482b6a2360a3", - "name" : "read-token", - "description" : "${role_read-token}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "fbf888ef-6b51-42d6-a83a-b114637db8af" - } ], - "master-realm" : [ { - "id" : "753f263d-2e5c-457d-b332-ccc8d270a5cb", - "name" : "manage-users", - "description" : "${role_manage-users}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "06c9e6f0-9c82-472a-b5e4-d19402bae29f", - "name" : "manage-clients", - "description" : "${role_manage-clients}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "64fa1949-633c-4422-a1c0-b9e02e3be26d", - "name" : "view-identity-providers", - "description" : "${role_view-identity-providers}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "49f3c789-dfdf-49ce-b516-09c310658a9b", - "name" : "view-events", - "description" : "${role_view-events}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "8e405273-c09e-4dd4-9151-67e7a4bf3ded", - "name" : "view-authorization", - "description" : "${role_view-authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "66a52e90-5cd7-483b-9dcf-4361b964844a", - "name" : "manage-identity-providers", - "description" : "${role_manage-identity-providers}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "e68033ce-07ee-420c-8fbc-8760af4b8150", - "name" : "view-users", - "description" : "${role_view-users}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "76b3b225-c7ef-49c7-8506-252901dcb14a", - "name" : "create-client", - "description" : "${role_create-client}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "68d768a7-7cd0-48d2-a98c-8656a4266250", - "name" : "impersonation", - "description" : "${role_impersonation}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "7dd1c948-f15b-4886-873d-e85b0f8b5582", - "name" : "manage-realm", - "description" : "${role_manage-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "618ac9b7-1cc3-4555-800d-91abf6d874a0", - "name" : "manage-authorization", - "description" : "${role_manage-authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "358ec048-f818-46a5-af45-e543739c190b", - "name" : "view-clients", - "description" : "${role_view-clients}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "f7db4919-441c-4ee6-a14b-54f21f27ad1e", - "name" : "view-realm", - "description" : "${role_view-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - }, { - "id" : "05ad458b-d1a9-4cb8-bf94-2f2a016e9539", - "name" : "manage-events", - "description" : "${role_manage-events}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "bb41adf9-9683-4627-9e14-59d4565dedb6" - } ], - "account" : [ { - "id" : "b4d14fcf-4420-4d64-90c1-26f857facf9c", - "name" : "manage-account", - "description" : "${role_manage-account}", - "scopeParamRequired" : false, - "composite" : true, - "composites" : { - "client" : { - "account" : [ "manage-account-links" ] - } - }, - "clientRole" : true, - "containerId" : "70305e3d-519e-4b53-9025-385f8b7450bd" - }, { - "id" : "86eafabe-9789-4ee3-8790-2c1f66ec29f1", - "name" : "manage-account-links", - "description" : "${role_manage-account-links}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "70305e3d-519e-4b53-9025-385f8b7450bd" - }, { - "id" : "f8f8b55e-3155-4e59-b726-2ac613aa2d82", - "name" : "view-profile", - "description" : "${role_view-profile}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "70305e3d-519e-4b53-9025-385f8b7450bd" - } ] - } - }, - "groups" : [ ], - "defaultRoles" : [ "uma_authorization", "offline_access" ], - "requiredCredentials" : [ "password" ], - "passwordPolicy" : "hashIterations(20000)", - "otpPolicyType" : "totp", - "otpPolicyAlgorithm" : "HmacSHA1", - "otpPolicyInitialCounter" : 0, - "otpPolicyDigits" : 6, - "otpPolicyLookAheadWindow" : 1, - "otpPolicyPeriod" : 30, - "scopeMappings" : [ { - "client" : "admin-cli", - "roles" : [ "admin" ] - }, { - "client" : "security-admin-console", - "roles" : [ "admin" ] - } ], - "clients" : [ { - "id" : "70305e3d-519e-4b53-9025-385f8b7450bd", - "clientId" : "account", - "name" : "${client_account}", - "baseUrl" : "/auth/realms/master/account", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "346a8605-33f2-4651-b6a0-6b170dc669cb", - "defaultRoles" : [ "manage-account", "view-profile" ], - "redirectUris" : [ "/auth/realms/master/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "b204c566-00b8-4c65-a436-85017a70f1c2", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "3268594a-5e10-446a-ac65-3acbfd0f5428", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "b519785a-e83f-4c10-95ba-6cce57187532", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "1198c008-073b-49a4-b257-464eafd3847c", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "f6515dd0-75c6-42a7-a3c4-c67636833858", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "ca08bcfa-00b1-459a-8a7a-3ab25779120c", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "df4f6879-dc31-45b5-8c5d-77422e3e2d46", - "clientId" : "admin-cli", - "name" : "${client_admin-cli}", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "99ffe6c6-5ff6-488c-80cf-fca30c8e5692", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "212ad048-038d-45b7-abcc-e3c4a613be41", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "8e1afe70-8899-43fc-a74d-76aa23dfc10a", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "1df6bb38-e63b-4533-9333-45038104e118", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "3bb8442f-e6e3-4857-9bae-2c03de410b32", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "8a69005f-8ceb-4ceb-b98a-a22b00201e7e", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "6b168fb4-34be-499b-b80e-30fc6af6099b", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "fbf888ef-6b51-42d6-a83a-b114637db8af", - "clientId" : "broker", - "name" : "${client_broker}", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "b59b1baf-df65-455d-b185-fda173e29d1b", - "defaultRoles": [ "read-token" ], - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "9533d6b5-2b0f-4e1e-b04c-73db603f01d4", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "8729962d-3cd2-44f1-8e70-d8331956fbe6", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "f1f5aa32-b608-4bcf-a7aa-d416cdfb6ddd", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "ab6e6a72-45f0-4a82-85f8-41e2b94ff957", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "8638e256-0bda-4e42-a68a-32105eed3af5", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "b812aacc-11ef-4b45-b716-d49486f62f40", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "71d0fe7e-1630-4593-b2e9-55609d03ffa0", - "clientId" : "che-realm", - "name" : "che Realm", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "ea6c20cd-ad8d-40e6-83d3-575627238bc9", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "42b1e40d-6da4-4cec-9bc7-5dba990a172c", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "8eeb76b6-7b7a-40ea-80f7-ad87b32bcf33", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "0cdd4ce4-5f02-43e1-88d1-f1fea18495b0", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "5462174e-88e8-4964-9ed7-3b6eaf240e7a", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "5fa8316f-f095-4771-a358-c681542e6960", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "b114c292-7469-4344-a98d-895d349b5e76", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "bb41adf9-9683-4627-9e14-59d4565dedb6", - "clientId" : "master-realm", - "name" : "master Realm", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "8f6c9c08-fa59-4676-86ee-39b2332abc34", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "e2b326b8-1e71-46a1-8af1-ea5901d6f265", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "956f2275-759a-4d08-8290-a346f165ea34", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "1297bf8c-4cc1-43d8-a163-80e30ea27206", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "bdc44923-bf69-4d23-8a9a-59f92d9c2dc5", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "b77d7398-b18b-4ecb-9a87-0a9cdcf99e70", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "e4cbc802-df71-4273-ac7b-f92af87f613b", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "ccb6ee37-fbab-4a13-a534-d5aaf15b4f59", - "clientId" : "security-admin-console", - "name" : "${client_security-admin-console}", - "baseUrl" : "/auth/admin/master/console/index.html", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "d4ef6505-966c-4020-8d6f-322be097132b", - "redirectUris" : [ "/auth/admin/master/console/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "0a109af4-3e43-45b5-b051-5b3338e087b6", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "consentText" : "${locale}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" - } - }, { - "id" : "1dfc14fc-50c5-463a-b02b-69253e6d4a68", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "fa677b21-0f3b-461d-bc7a-c14f08ac0b59", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "a869ca3a-8a44-4cd0-8985-5574209b25f3", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "ba594f1b-4cbe-448c-a40c-b620ffb9c38f", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true", - "userinfo.token.claim" : "true" - } - }, { - "id" : "b18d9179-12bd-4fc7-b2ce-c9a0b6e95b93", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "95bd7e17-d6c0-4ebc-88ee-89490766e9d7", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - } ], - "clientTemplates" : [ ], - "browserSecurityHeaders" : { - "xContentTypeOptions" : "nosniff", - "xRobotsTag" : "none", - "xFrameOptions" : "SAMEORIGIN", - "xXSSProtection" : "1; mode=block", - "contentSecurityPolicy" : "frame-src 'self'" - }, - "smtpServer" : { }, - "eventsEnabled" : false, - "eventsListeners" : [ "jboss-logging" ], - "enabledEventTypes" : [ ], - "adminEventsEnabled" : false, - "adminEventsDetailsEnabled" : false, - "components" : { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { - "id" : "b4276bca-9a3b-48f2-a330-0e8550a17e98", - "name" : "Trusted Hosts", - "providerId" : "trusted-hosts", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "host-sending-registration-request-must-match" : [ "true" ], - "client-uris-must-match" : [ "true" ] - } - }, { - "id" : "6f77ce20-d283-4d7f-8fff-3e0947bc4fbc", - "name" : "Consent Required", - "providerId" : "consent-required", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "d5947b79-d025-4712-a1ff-e02dc01ba85d", - "name" : "Full Scope Disabled", - "providerId" : "scope", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "c54719df-588a-4c81-bfc0-5e442d1819cd", - "name" : "Max Clients Limit", - "providerId" : "max-clients", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "max-clients" : [ "200" ] - } - }, { - "id" : "847214e7-248e-436d-b383-2dfdfa727b3a", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper" ], - "consent-required-for-all-mappers" : [ "true" ] - } - }, { - "id" : "9262bbcb-5913-4ccb-bcc1-5a8415a1b145", - "name" : "Allowed Client Templates", - "providerId" : "allowed-client-templates", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "12fe031d-e817-43e2-92e6-db37c88dea6f", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper" ], - "consent-required-for-all-mappers" : [ "true" ] - } - }, { - "id" : "b5fddced-fca8-4119-915d-352af0485f45", - "name" : "Allowed Client Templates", - "providerId" : "allowed-client-templates", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { } - } ], - "org.keycloak.keys.KeyProvider" : [ { - "id" : "a7ca9a13-eef4-4e4a-8981-7a85200285fd", - "name" : "rsa-generated", - "providerId" : "rsa-generated", - "subComponents" : { }, - "config" : { - "privateKey" : [ "MIIEogIBAAKCAQEAxfEcF+SP1vGxDARCH8XVYGVHDahgKsUn6S/fLNbDsur12Ts7nSCzTGQhLDuz1T83U0K2u9pUr42ZvLhjgefnUFMROUQ+A3uCcTfVOfVqOBD1vOmjzEAnmhF8vxB4CW4R8sjhlhwxNv+dnqfLmNpga64huU3AeqjgkXANHxnK1qdfgnxhK9t/cr9s9jbhesBwZeB5B2ES0jFgIo0N5yspfAyK/7J9wDuPnv1I71ywQlBRUVAT+sYD2lVOVy9nJ/+BscXSmIu86SUqyp0GE+gJ/AtqYlkGm112rrm4YxU/UiUMt1tXWjWj27GUnoFrbCENOpUk2641PNVp2orcC4lYXwIDAQABAoIBAG3Xrs9Tdr7AwI76jfczwYUMrrFVjogtgEhW2HH5e//9gxBZXmuDifwKVJ5HQzRDMGBz1RPJxNTmrzma2R1to19fuV8eD4u/LlPFt/3Bwn/6aWO8A7mEoHVO3vroGLSi8DLaZtT2MBllIAK6+rCH/pnCt9Qs4XMv4+7RT3bCyVzz6p1y0YyxGqLGvqGkajWLn5ySxWDqTpe7rRVkODHcgDvvIplsnGpeJmyDs3X46+T0rgF5UkxtAE/O1efuyTIMAqCBmvD1oTinLpk6XjhPm1FzmtrFd2AXoaC+u2iDD0gRK4S8eWzAeG9ChX1EpNhK0WiBYJblz7VwzGWoTPLFf4ECgYEA5M36onEIZ9rpiO+mr7+8n/OGLfWM43k3VJZVP/OPvdwp39+wB2Il0e8fnVIZ/BqaMa+fGL3Faajhgbz0wnshkuQlQDp9oFeQfQECIDOt8Edq52M0IeSJXNRdWDNACVC9PsrEm2FUhsFyX4Q+T4XAuLqUgUnp1xOHpIUF+rfrqbsCgYEA3XgLYbQpMyjGrR4UrBXdCNCas6x3nASMFncI+Af1npXA5A3FCjJskgaEW5TWy18Byad/D7IjihwsBBRlUh07RGyDbvwQ6XLGS8yyC+y+aTZhWrAT+/0dS8zX12hE/oPS4w5u4J+cCYHmFiG8njr2DhXGr1ZBVjLCxt2J7haOH60CgYAsiLsD6yRLspxJ/vtesd8w8uFnCKhHjkxqtmgZbnrH5ZZw8MT+augZmIV6xYQxQaxJh3lcA3PtQOXDrtelEvpR8P4fJkNVdjW1XwDe67ArWHtCVljLUAQ8gUk55Z/NMF3lXuotpCAjqntsg/zs1YfRbN+C2rQdHLwGFa44QpwoCQKBgDLlRJBWi+VS6J2ePRfzClHdRsAl0XMMZHlBL9F4WszwE10VgQO/5M2GK+K0CMzB77I9COk9ggdaRA9H9KTzTMyDt4zI5sYPd1yyFPTCmlupgKQLtPwDBjmGQNAjCUAIYW2Gwppic8SHkq3hYOxoFmXUQU3IH8nEbpivDuSlUFIdAoGAFVXwU76rrupxY1vlR4DNffn+hzFMP7SVAxNgkzDszm0uKebp6BoJfZ5z6+LXXoJB2v5+8DrRYn+dsJSLDb9EeUPwbeiC3RxGGy/8oLypXeFTkj8Xre6cohYywAufN00r+7r5+4euYghgxmoexBZ2qBHQcRTpggtHLpIhfEMIRzc=" ], - "certificate" : [ "MIICmzCCAYMCBgFcwNn1MDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMTcwNjE5MTQ1MzQ4WhcNMjcwNjE5MTQ1NTI4WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF8RwX5I/W8bEMBEIfxdVgZUcNqGAqxSfpL98s1sOy6vXZOzudILNMZCEsO7PVPzdTQra72lSvjZm8uGOB5+dQUxE5RD4De4JxN9U59Wo4EPW86aPMQCeaEXy/EHgJbhHyyOGWHDE2/52ep8uY2mBrriG5TcB6qOCRcA0fGcrWp1+CfGEr239yv2z2NuF6wHBl4HkHYRLSMWAijQ3nKyl8DIr/sn3AO4+e/UjvXLBCUFFRUBP6xgPaVU5XL2cn/4GxxdKYi7zpJSrKnQYT6An8C2piWQabXXauubhjFT9SJQy3W1daNaPbsZSegWtsIQ06lSTbrjU81WnaitwLiVhfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJOJKxMb9b30Dv9J62Usdq/dM3JXRpqMRU4o/iGEKPu+jnItcgppfVycSx1lKVzDVcxJqcITP0lLw17BBOLQiUDZ32He0CwqtgUEzdrBVPVFZZKs0hlcwSuf607S66kzVlr/zWHFFyQuFaHPkNJ71YHJDUQCoYpy7LIXByDsXa8lSifSeX1bumCL7ot7/pfrb+XM3/ZfunaBs8pnVDIZkb34Br+eI+aENsv371+vA/anBWQpwqJ/LTzsakeCFZovqFZWEUPMLH+DzUJDRT6N7iYig9akkgyQH7Wh4Ub8b3XJh5pjeKWFMNs6GAM0Emd9fPYMmouBgReWFxBWSi2FEAQ=" ], - "priority" : [ "100" ] - } - }, { - "id" : "e866af2b-e523-40fc-8620-1531e7d220d6", - "name" : "hmac-generated", - "providerId" : "hmac-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "c4c11ec4-1622-4018-b4ec-cd906c17f0f9" ], - "secret" : [ "JUV1tXHh-9vCGBJVd6IQhiuD0h9kBHMsjbJek-rD17M" ], - "priority" : [ "100" ] - } - } ] - }, - "internationalizationEnabled" : false, - "supportedLocales" : [ ], - "authenticationFlows" : [ { - "id" : "916c2c9a-579c-49a3-a33b-92596ca9f962", - "alias" : "Handle Existing Account", - "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-confirm-link", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "idp-email-verification", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "Verify Existing Account by Re-authentication", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "8f9247e1-f5b9-414b-bd93-e505287f31af", - "alias" : "Verify Existing Account by Re-authentication", - "description" : "Reauthentication of existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "OPTIONAL", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "3e4455ae-5f48-4ba5-9ae4-df48c2ffe6ad", - "alias" : "browser", - "description" : "browser based authentication", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-cookie", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-spnego", - "requirement" : "DISABLED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "identity-provider-redirector", - "requirement" : "ALTERNATIVE", - "priority" : 25, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "forms", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "150b7ced-d285-471a-9cb1-22de067875fa", - "alias" : "clients", - "description" : "Base authentication for clients", - "providerId" : "client-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "client-secret", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "client-jwt", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "c0943a5d-ceaf-4c73-a479-0f164f259e8e", - "alias" : "direct grant", - "description" : "OpenID Connect Resource Owner Grant", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "direct-grant-validate-username", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-password", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-otp", - "requirement" : "OPTIONAL", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "dd035fec-d985-421c-bed7-d8a3980bb663", - "alias" : "first broker login", - "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "review profile config", - "authenticator" : "idp-review-profile", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticatorConfig" : "create unique user config", - "authenticator" : "idp-create-user-if-unique", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "Handle Existing Account", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "96452540-e86a-4398-a722-0359a29da147", - "alias" : "forms", - "description" : "Username, password, otp and other auth forms.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "OPTIONAL", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "b5fd1e00-abe8-4dab-b7a6-2f1118af6ace", - "alias" : "registration", - "description" : "registration flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-page-form", - "requirement" : "REQUIRED", - "priority" : 10, - "flowAlias" : "registration form", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "7fa12813-6915-4abe-b66f-6e1e5d399c43", - "alias" : "registration form", - "description" : "registration form", - "providerId" : "form-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-user-creation", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-profile-action", - "requirement" : "REQUIRED", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-password-action", - "requirement" : "REQUIRED", - "priority" : 50, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-recaptcha-action", - "requirement" : "DISABLED", - "priority" : 60, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "f12bfceb-9531-4610-8844-29cfa3b3ca4f", - "alias" : "reset credentials", - "description" : "Reset credentials for a user if they forgot their password or something", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "reset-credentials-choose-user", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-credential-email", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-password", - "requirement" : "REQUIRED", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-otp", - "requirement" : "OPTIONAL", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "3f503b9b-b5fd-41fc-bc4f-f19432a0502e", - "alias" : "saml ecp", - "description" : "SAML ECP Profile Authentication Flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "http-basic-authenticator", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - } ], - "authenticatorConfig" : [ { - "id" : "e4357662-a12c-4342-bc9d-07a75795bf55", - "alias" : "create unique user config", - "config" : { - "require.password.update.after.registration" : "false" - } - }, { - "id" : "a8ac98a3-8af8-476f-ab47-11d4f5e5b195", - "alias" : "review profile config", - "config" : { - "update.profile.on.first.login" : "missing" - } - } ], - "requiredActions" : [ { - "alias" : "CONFIGURE_TOTP", - "name" : "Configure OTP", - "providerId" : "CONFIGURE_TOTP", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "UPDATE_PASSWORD", - "name" : "Update Password", - "providerId" : "UPDATE_PASSWORD", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "UPDATE_PROFILE", - "name" : "Update Profile", - "providerId" : "UPDATE_PROFILE", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "VERIFY_EMAIL", - "name" : "Verify Email", - "providerId" : "VERIFY_EMAIL", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "terms_and_conditions", - "name" : "Terms and Conditions", - "providerId" : "terms_and_conditions", - "enabled" : false, - "defaultAction" : false, - "config" : { } - } ], - "browserFlow" : "browser", - "registrationFlow" : "registration", - "directGrantFlow" : "direct grant", - "resetCredentialsFlow" : "reset credentials", - "clientAuthenticationFlow" : "clients", - "attributes" : { - "_browser_header.xXSSProtection" : "1; mode=block", - "_browser_header.xFrameOptions" : "SAMEORIGIN", - "quickLoginCheckMilliSeconds" : "1000", - "displayName" : "Keycloak", - "_browser_header.xRobotsTag" : "none", - "maxFailureWaitSeconds" : "900", - "minimumQuickLoginWaitSeconds" : "60", - "displayNameHtml" : "
Keycloak
", - "failureFactor" : "30", - "maxDeltaTimeSeconds" : "43200", - "_browser_header.xContentTypeOptions" : "nosniff", - "bruteForceProtected" : "false", - "_browser_header.contentSecurityPolicy" : "frame-src 'self'", - "waitIncrementSeconds" : "60" - }, - "keycloakVersion" : "3.1.0.Final" -} diff --git a/dockerfiles/keycloak/master-users-0.json.erb b/dockerfiles/keycloak/master-users-0.json.erb deleted file mode 100644 index 425cc3f5c1..0000000000 --- a/dockerfiles/keycloak/master-users-0.json.erb +++ /dev/null @@ -1,29 +0,0 @@ -{ - "realm" : "master", - "users" : [ { - "id" : "a4d4ecf5-e719-47d2-be81-718d87b9e26b", - "createdTimestamp" : 1497884129165, - "username" : "admin", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "credentials" : [ { - "type" : "password", - "hashedSaltedValue" : "YmXv1rWvJTpy9309iHNxNFkzQAhxe1/B7YIEH8268oe6LOAH7uVaYrxWPfEGhNh7qgAXpsXq7KdRxS0Vrr8lGw==", - "salt" : "Vh1keHKOBVXIwgCEJnmOIw==", - "hashIterations" : 20000, - "counter" : 0, - "algorithm" : "pbkdf2", - "digits" : 0, - "period" : 0, - "config" : { } - } ], - "disableableCredentialTypes" : [ "password" ], - "requiredActions" : [ ], - "realmRoles" : [ "admin", "uma_authorization", "offline_access" ], - "clientRoles" : { - "account" : [ "manage-account", "view-profile" ] - }, - "groups" : [ ] - } ] -} diff --git a/dockerfiles/postgres/Dockerfile b/dockerfiles/postgres/Dockerfile deleted file mode 100644 index fe02d72cc0..0000000000 --- a/dockerfiles/postgres/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) 2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# - -FROM centos/postgresql-96-centos7 -ADD init-che-user-and-run.sh.erb init-che-user.sh.erb /var/lib/pgsql/ -RUN cat /var/lib/pgsql/init-che-user.sh.erb | \ - sed -e "/exit 0/d" > /var/lib/pgsql/init-che-user-and-run.sh && \ - echo "exec run-postgresql \"\$@\"" >> /var/lib/pgsql/init-che-user-and-run.sh -USER root -RUN chmod +x /var/lib/pgsql/init-che-user-and-run.sh -USER postgres -ADD --chown=postgres postgresql.conf.debug /opt/app-root/src/postgresql-cfg/ -ADD init-debug.sh /opt/app-root/src/postgresql-pre-start/ -RUN chgrp -R 0 /opt/app-root/src/postgresql-cfg/ && chmod -R g+rwX /opt/app-root/src/postgresql-cfg/ -CMD ["/var/lib/pgsql/init-che-user-and-run.sh"] diff --git a/dockerfiles/postgres/build.sh b/dockerfiles/postgres/build.sh deleted file mode 100755 index cdbc81d8ac..0000000000 --- a/dockerfiles/postgres/build.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# -base_dir=$(cd "$(dirname "$0")"; pwd) -. "${base_dir}"/../build.include - -init --name:postgres "$@" -build diff --git a/dockerfiles/postgres/init-che-user-and-run.sh.erb b/dockerfiles/postgres/init-che-user-and-run.sh.erb deleted file mode 100644 index 163ce091e2..0000000000 --- a/dockerfiles/postgres/init-che-user-and-run.sh.erb +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -$(dirname "$0")/init-che-user.sh -exec run-postgresql diff --git a/dockerfiles/postgres/init-che-user.sh.erb b/dockerfiles/postgres/init-che-user.sh.erb deleted file mode 100644 index 8eb5f7a834..0000000000 --- a/dockerfiles/postgres/init-che-user.sh.erb +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -echo "Initial call to run-postgresql..." -run-postgresql --version -export PGDATA=/var/lib/pgsql/data/userdata -pg_ctl -w start -o "-h ''" -echo "Initializing Che user..." - -psql -v ON_ERROR_STOP=1 --username "postgres" <<-EOSQL - ALTER USER $POSTGRESQL_USER WITH SUPERUSER; -EOSQL - -psql -v ON_ERROR_STOP=1 --username "$POSTGRESQL_USER" <<-EOSQL - CREATE USER $CHE_POSTGRES_USERNAME WITH PASSWORD '$CHE_POSTGRES_PASSWORD'; - CREATE DATABASE $CHE_POSTGRES_DATABASE; - GRANT ALL PRIVILEGES ON DATABASE $CHE_POSTGRES_DATABASE TO $CHE_POSTGRES_USERNAME; - ALTER USER $CHE_POSTGRES_USERNAME WITH SUPERUSER; -EOSQL -if [[ $? -ne 0 ]] -then - echo "Warning: Failed initializing the Che user and database" -fi - -psql -v ON_ERROR_STOP=1 --username "postgres" <<-EOSQL - ALTER USER $POSTGRESQL_USER WITH NOSUPERUSER; -EOSQL - -pg_ctl -w stop - -unset CHE_POSTGRES_DATABASE -unset CHE_POSTGRES_USERNAME -unset CHE_POSTGRES_PASSWORD - -exit 0 diff --git a/dockerfiles/postgres/init-debug.sh b/dockerfiles/postgres/init-debug.sh deleted file mode 100755 index 840165ba26..0000000000 --- a/dockerfiles/postgres/init-debug.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2012-2018 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# -# Contributors: -# Red Hat, Inc. - initial API and implementation -# -if [ -n "${POSTGRESQL_LOG_DEBUG+set}" ] && [ "${POSTGRESQL_LOG_DEBUG}" == "true" ]; then - echo "POSTGRESQL_LOG_DEBUG is set, enabling additional logging configuration" - - if [ ! -f /opt/app-root/src/postgresql-cfg/postgresql.log.debug.conf ]; then - echo "postgresql.conf not found!" - mv /opt/app-root/src/postgresql-cfg/postgresql.conf.debug /opt/app-root/src/postgresql-cfg/postgresql.log.debug.conf - else - echo OK - fi -fi diff --git a/dockerfiles/postgres/postgresql.conf.debug b/dockerfiles/postgres/postgresql.conf.debug deleted file mode 100644 index 4da21b57ca..0000000000 --- a/dockerfiles/postgres/postgresql.conf.debug +++ /dev/null @@ -1,24 +0,0 @@ -#------------------------------------------------------------------------------ -# ERROR REPORTING AND LOGGING -#------------------------------------------------------------------------------ -log_destination = 'stderr' -log_directory = 'pg_logs' -log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' -log_file_mode = 0644 -log_truncate_on_rotation = off -log_rotation_size = 10MB -client_min_messages = notice -log_min_messages = warning -log_min_error_statement = error -log_min_duration_statement = 0 -log_checkpoints = on -log_connections = on -log_disconnections = on -log_duration = off -log_error_verbosity = default -log_line_prefix = '%t [%p]: [%l-1] user=%u,db=%d ' -log_lock_waits = on -log_statement = 'none' -log_temp_files = 0 -log_autovacuum_min_duration = 0 -lc_messages='C' diff --git a/make-release.sh b/make-release.sh index c97098815f..150ffcf87f 100755 --- a/make-release.sh +++ b/make-release.sh @@ -8,14 +8,10 @@ ORGANIZATION="eclipse" # KEEP RIGHT ORDER!!! DOCKER_FILES_LOCATIONS=( - che-server/dockerfiles/keycloak - che-server/dockerfiles/postgres che-server/dockerfiles/che ) IMAGES_LIST=( - quay.io/eclipse/che-keycloak - quay.io/eclipse/che-postgres quay.io/eclipse/che-server )