edx-enterprise/keycloak-devstack-realm.json at master · openedx/edx-enterprise · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
{
  "realm": "$(env:REALM_NAME)",
  "enabled": true,
  "clientScopes": [
    {
      "name": "saml-user-attributes",
      "protocol": "saml",
      "protocolMappers": [
        {
          "name": "email",
          "protocol": "saml",
          "protocolMapper": "saml-user-property-mapper",
          "consentRequired": false,
          "config": {
            "user.attribute": "email",
            "friendly.name": "email",
            "attribute.name": "$(env:OID_EMAIL)",
            "attribute.nameformat": "URI Reference"
          }
        },
        {
          "name": "firstName",
          "protocol": "saml",
          "protocolMapper": "saml-user-property-mapper",
          "consentRequired": false,
          "config": {
            "user.attribute": "firstName",
            "friendly.name": "givenName",
            "attribute.name": "$(env:OID_GIVEN_NAME)",
            "attribute.nameformat": "URI Reference"
          }
        },
        {
          "name": "lastName",
          "protocol": "saml",
          "protocolMapper": "saml-user-property-mapper",
          "consentRequired": false,
          "config": {
            "user.attribute": "lastName",
            "friendly.name": "sn",
            "attribute.name": "$(env:OID_SURNAME)",
            "attribute.nameformat": "URI Reference"
          }
        }
      ]
    },
    {
      "name": "role_list",
      "protocol": "saml",
      "protocolMappers": [
        {
          "name": "role list",
          "protocol": "saml",
          "protocolMapper": "saml-role-list-mapper",
          "consentRequired": false,
          "config": {
            "single": "true",
            "attribute.nameformat": "Basic",
            "attribute.name": "Role"
          }
        }
      ]
    }
  ],
  "clients": [
    {
      "clientId": "$(env:SP_ENTITY_ID)",
      "protocol": "saml",
      "enabled": true,
      "rootUrl": "$(env:SP_ENTITY_ID)",
      "redirectUris": ["$(env:ACS_URL)*"],
      "adminUrl": "$(env:ACS_URL)",
      "attributes": {
        "saml.assertion.signature": "true",
        "saml.force.post.binding": "true",
        "saml_assertion_consumer_url_post": "$(env:ACS_URL)",
        "saml_name_id_format": "email",
        "saml.force.name.id.format": "true",
        "saml.client.signature": "false"
      },
      "defaultClientScopes": ["saml-user-attributes", "role_list"]
    }
  ],
  "users": [
    {
      "username": "$(env:TEST_USERNAME)",
      "email": "$(env:TEST_EMAIL)",
      "emailVerified": true,
      "enabled": true,
      "firstName": "$(env:TEST_FIRST_NAME)",
      "lastName": "$(env:TEST_LAST_NAME)",
      "credentials": [
        {
          "type": "password",
          "value": "$(env:TEST_PASSWORD)",
          "temporary": false
        }
      ]
    }
  ]
}