308 lines
9.0 KiB
JSON
308 lines
9.0 KiB
JSON
{
|
|
"realm": "unionflow",
|
|
"displayName": "UnionFlow",
|
|
"displayNameHtml": "<div class=\"kc-logo-text\"><span>UnionFlow</span></div>",
|
|
"enabled": true,
|
|
"sslRequired": "external",
|
|
"registrationAllowed": true,
|
|
"registrationEmailAsUsername": true,
|
|
"rememberMe": true,
|
|
"verifyEmail": false,
|
|
"loginWithEmailAllowed": true,
|
|
"duplicateEmailsAllowed": false,
|
|
"resetPasswordAllowed": true,
|
|
"editUsernameAllowed": false,
|
|
"bruteForceProtected": true,
|
|
"permanentLockout": false,
|
|
"maxFailureWaitSeconds": 900,
|
|
"minimumQuickLoginWaitSeconds": 60,
|
|
"waitIncrementSeconds": 60,
|
|
"quickLoginCheckMilliSeconds": 1000,
|
|
"maxDeltaTimeSeconds": 43200,
|
|
"failureFactor": 30,
|
|
"defaultRoles": ["offline_access", "uma_authorization", "default-roles-unionflow"],
|
|
"requiredCredentials": ["password"],
|
|
"otpPolicyType": "totp",
|
|
"otpPolicyAlgorithm": "HmacSHA1",
|
|
"otpPolicyInitialCounter": 0,
|
|
"otpPolicyDigits": 6,
|
|
"otpPolicyLookAheadWindow": 1,
|
|
"otpPolicyPeriod": 30,
|
|
"supportedLocales": ["fr", "en"],
|
|
"defaultLocale": "fr",
|
|
"internationalizationEnabled": true,
|
|
"clients": [
|
|
{
|
|
"clientId": "unionflow-server",
|
|
"name": "UnionFlow Server API",
|
|
"description": "Client pour l'API serveur UnionFlow",
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "dev-secret",
|
|
"redirectUris": ["http://localhost:8080/*"],
|
|
"webOrigins": ["http://localhost:8080", "http://localhost:3000"],
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"saml.assertion.signature": "false",
|
|
"saml.force.post.binding": "false",
|
|
"saml.multivalued.roles": "false",
|
|
"saml.encrypt": "false",
|
|
"saml.server.signature": "false",
|
|
"saml.server.signature.keyinfo.ext": "false",
|
|
"exclude.session.state.from.auth.response": "false",
|
|
"saml_force_name_id_format": "false",
|
|
"saml.client.signature": "false",
|
|
"tls.client.certificate.bound.access.tokens": "false",
|
|
"saml.authnstatement": "false",
|
|
"display.on.consent.screen": "false",
|
|
"saml.onetimeuse.condition": "false"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"protocolMappers": [
|
|
{
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"name": "given_name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"name": "family_name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"name": "roles",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "roles",
|
|
"jsonType.label": "String",
|
|
"multivalued": "true"
|
|
}
|
|
}
|
|
],
|
|
"defaultClientScopes": ["web-origins", "role_list", "profile", "roles", "email"],
|
|
"optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"]
|
|
},
|
|
{
|
|
"clientId": "unionflow-mobile",
|
|
"name": "UnionFlow Mobile App",
|
|
"description": "Client pour l'application mobile UnionFlow",
|
|
"enabled": true,
|
|
"publicClient": true,
|
|
"redirectUris": ["unionflow://callback", "http://localhost:3000/callback"],
|
|
"webOrigins": ["*"],
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"pkce.code.challenge.method": "S256"
|
|
},
|
|
"fullScopeAllowed": true,
|
|
"defaultClientScopes": ["web-origins", "role_list", "profile", "roles", "email"],
|
|
"optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"]
|
|
}
|
|
],
|
|
"roles": {
|
|
"realm": [
|
|
{
|
|
"name": "ADMIN",
|
|
"description": "Administrateur système avec tous les droits",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
},
|
|
{
|
|
"name": "PRESIDENT",
|
|
"description": "Président de l'union avec droits de gestion complète",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
},
|
|
{
|
|
"name": "SECRETAIRE",
|
|
"description": "Secrétaire avec droits de gestion des membres et événements",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
},
|
|
{
|
|
"name": "TRESORIER",
|
|
"description": "Trésorier avec droits de gestion financière",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
},
|
|
{
|
|
"name": "GESTIONNAIRE_MEMBRE",
|
|
"description": "Gestionnaire des membres avec droits de CRUD sur les membres",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
},
|
|
{
|
|
"name": "ORGANISATEUR_EVENEMENT",
|
|
"description": "Organisateur d'événements avec droits de gestion des événements",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
},
|
|
{
|
|
"name": "MEMBRE",
|
|
"description": "Membre standard avec droits de consultation",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "unionflow"
|
|
}
|
|
]
|
|
},
|
|
"users": [
|
|
{
|
|
"username": "admin",
|
|
"enabled": true,
|
|
"emailVerified": true,
|
|
"firstName": "Administrateur",
|
|
"lastName": "Système",
|
|
"email": "admin@unionflow.dev",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "admin123",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"realmRoles": ["ADMIN", "PRESIDENT"],
|
|
"clientRoles": {}
|
|
},
|
|
{
|
|
"username": "president",
|
|
"enabled": true,
|
|
"emailVerified": true,
|
|
"firstName": "Jean",
|
|
"lastName": "Dupont",
|
|
"email": "president@unionflow.dev",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "president123",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"realmRoles": ["PRESIDENT", "MEMBRE"],
|
|
"clientRoles": {}
|
|
},
|
|
{
|
|
"username": "secretaire",
|
|
"enabled": true,
|
|
"emailVerified": true,
|
|
"firstName": "Marie",
|
|
"lastName": "Martin",
|
|
"email": "secretaire@unionflow.dev",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "secretaire123",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"realmRoles": ["SECRETAIRE", "GESTIONNAIRE_MEMBRE", "MEMBRE"],
|
|
"clientRoles": {}
|
|
},
|
|
{
|
|
"username": "tresorier",
|
|
"enabled": true,
|
|
"emailVerified": true,
|
|
"firstName": "Pierre",
|
|
"lastName": "Durand",
|
|
"email": "tresorier@unionflow.dev",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "tresorier123",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"realmRoles": ["TRESORIER", "MEMBRE"],
|
|
"clientRoles": {}
|
|
},
|
|
{
|
|
"username": "membre1",
|
|
"enabled": true,
|
|
"emailVerified": true,
|
|
"firstName": "Sophie",
|
|
"lastName": "Bernard",
|
|
"email": "membre1@unionflow.dev",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "membre123",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"realmRoles": ["MEMBRE"],
|
|
"clientRoles": {}
|
|
}
|
|
],
|
|
"groups": [
|
|
{
|
|
"name": "Administration",
|
|
"path": "/Administration",
|
|
"realmRoles": ["ADMIN"],
|
|
"subGroups": []
|
|
},
|
|
{
|
|
"name": "Bureau",
|
|
"path": "/Bureau",
|
|
"realmRoles": ["PRESIDENT", "SECRETAIRE", "TRESORIER"],
|
|
"subGroups": []
|
|
},
|
|
{
|
|
"name": "Gestionnaires",
|
|
"path": "/Gestionnaires",
|
|
"realmRoles": ["GESTIONNAIRE_MEMBRE", "ORGANISATEUR_EVENEMENT"],
|
|
"subGroups": []
|
|
},
|
|
{
|
|
"name": "Membres",
|
|
"path": "/Membres",
|
|
"realmRoles": ["MEMBRE"],
|
|
"subGroups": []
|
|
}
|
|
]
|
|
}
|