work/timetrack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

not yet completed migration to jakarta - still keycloak roles missing

Browse Source
This commit is contained in:
Jörg Henke
2023-07-27 19:35:36 +02:00
parent 059dcadb01
commit f07f8f3c06
33 changed files with 310 additions and 453 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/main/resources/application.properties
View File

@ -1,21 +1,25 @@
# jooq
spring.datasource.driver-class-name=org.postgresql.Driver
spring.datasource.url=jdbc:postgresql://localhost:5432/timetrack
spring.datasource.username=timetrack
spring.datasource.password=timetrack
spring.datasource.driver-class-name = org.postgresql.Driver
# todo: export to /etc/timetrack
spring.datasource.url = jdbc:postgresql://localhost:5432/timetrack
spring.datasource.username = timetrack
spring.datasource.password = timetrack
# security
keycloak.url = http://localhost:8080/realms/jottyfan
keycloak.openid.url = ${keycloak.url}/protocol/openid-connect
spring.security.oauth2.client.registration.keycloak.client-id = timetrack
spring.security.oauth2.client.registration.keycloak.scope = openid
spring.security.oauth2.client.registration.keycloak.authorization-grant-type = authorization_code
# todo: export to /etc/timetrack
spring.security.oauth2.client.registration.keycloak.redirect-uri = http://localhost:8888/timetrack/login/oauth2/code/timetrack
spring.security.oauth2.client.provider.keycloak.issuer-uri = ${keycloak.url}
spring.security.oauth2.client.provider.keycloak.authorization-uri = ${keycloak.openid.url}/auth
spring.security.oauth2.client.provider.keycloak.token-uri = ${keycloak.openid.url}/token
spring.security.oauth2.client.provider.keycloak.user-info-uri = ${keycloak.openid.url}/userinfo
spring.security.oauth2.client.provider.keycloak.jwk-set-uri = ${keycloak.openid.url}/certs
spring.security.oauth2.client.provider.keycloak.user-name-attribute = preferred_username
# application
server.port = 8083
server.servlet.context-path=/timetrack
# keycloak
keycloak.auth-server-url = https://www.jottyfan.de/auth
keycloak.realm = jottyfan
keycloak.resource = timetrack
keycloak.public-client = true
keycloak.security-constraints[0].authRoles[0] = timetrack_user
keycloak.security-constraints[0].securityCollections[0].patterns[0] = /*
#keycloak.credentia
keycloak.use-resource-role-mappings=true
#keycloak.bearer-only=true
server:.port = 8083
server.servlet.context-path = /timetrack