diff --git a/deployments/examples/opencloud_full/config/keycloak/clients/android_app.json b/deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudAndroid.json similarity index 84% rename from deployments/examples/opencloud_full/config/keycloak/clients/android_app.json rename to deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudAndroid.json index 7310cdd63a..c21838d67b 100644 --- a/deployments/examples/opencloud_full/config/keycloak/clients/android_app.json +++ b/deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudAndroid.json @@ -1,13 +1,12 @@ { - "clientId": "e4rAsNUSIUs0lF4nbv9FmCeUkTlV9GdgTLDH1b5uie7syb90SzEVrbN7HIpmWJeD", - "name": "openCloud Android app", + "clientId": "OpenCloudAndroid", + "name": "OpenCloud Android App", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "secret": "dInFYGV33xKzhbRmpqQltYNdfLdJIfJ9L5ISoKhNoT9qZftpdWSP71VrpGR9pmoD", "redirectUris": [ - "oc://android.opencloud.com" + "oc://android.opencloud.eu" ], "webOrigins": [], "notBefore": 0, @@ -17,7 +16,7 @@ "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, - "publicClient": false, + "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { @@ -25,7 +24,7 @@ "saml.force.post.binding": "false", "saml.multivalued.roles": "false", "saml.encrypt": "false", - "post.logout.redirect.uris": "+", + "post.logout.redirect.uris": "oc://android.opencloud.eu", "backchannel.logout.revoke.offline.tokens": "false", "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", diff --git a/deployments/examples/opencloud_full/config/keycloak/clients/ios_app.json b/deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudDesktop.json similarity index 86% rename from deployments/examples/opencloud_full/config/keycloak/clients/ios_app.json rename to deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudDesktop.json index 8161996823..d17a7cb6cf 100644 --- a/deployments/examples/opencloud_full/config/keycloak/clients/ios_app.json +++ b/deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudDesktop.json @@ -1,13 +1,13 @@ { - "clientId": "mxd5OQDk6es5LzOzRvidJNfXLUZS2oN3oUFeXPP8LpPrhx3UroJFduGEYIBOxkY1", - "name": "OpenCloud iOS app", + "clientId": "OpenCloudDesktop", + "name": "OpenCloud Desktop Client", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "secret": "KFeFWWEZO9TkisIQzR3fo7hfiMXlOpaqP8CFuTbSHzV1TUuGECglPxpiVKJfOXIx", "redirectUris": [ - "oc://ios.opencloud.com" + "http://127.0.0.1", + "http://localhost" ], "webOrigins": [], "notBefore": 0, @@ -17,7 +17,7 @@ "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, - "publicClient": false, + "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { diff --git a/deployments/examples/opencloud_full/config/keycloak/clients/desktop_client.json b/deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudIOS.json similarity index 83% rename from deployments/examples/opencloud_full/config/keycloak/clients/desktop_client.json rename to deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudIOS.json index 0b89849979..d09e089570 100644 --- a/deployments/examples/opencloud_full/config/keycloak/clients/desktop_client.json +++ b/deployments/examples/opencloud_full/config/keycloak/clients/OpenCloudIOS.json @@ -1,14 +1,12 @@ { - "clientId": "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69", - "name": "openCloud Desktop Client", + "clientId": "OpenCloudIOS", + "name": "OpenCloud iOS App", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "secret": "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh", "redirectUris": [ - "http://127.0.0.1:*", - "http://localhost:*" + "oc://ios.opencloud.eu" ], "webOrigins": [], "notBefore": 0, @@ -18,7 +16,7 @@ "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, - "publicClient": false, + "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { @@ -26,7 +24,7 @@ "saml.force.post.binding": "false", "saml.multivalued.roles": "false", "saml.encrypt": "false", - "post.logout.redirect.uris": "+", + "post.logout.redirect.uris": "oc://ios.opencloud.eu", "backchannel.logout.revoke.offline.tokens": "false", "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", diff --git a/deployments/examples/opencloud_full/config/keycloak/clients/cyberduck.json b/deployments/examples/opencloud_full/config/keycloak/clients/cyberduck.json index 85a4e72c5c..5143323a44 100644 --- a/deployments/examples/opencloud_full/config/keycloak/clients/cyberduck.json +++ b/deployments/examples/opencloud_full/config/keycloak/clients/cyberduck.json @@ -1,12 +1,11 @@ { - "clientId": "3keLfua0olYvW1zKXTDB3OjAMPEYWEQNuiscli395GKJOiPnPURNQWGvGCJZf4Hw", + "clientId": "Cyberduck", "name": "Cyberduck", - "description": "", + "description": "File transfer utility client", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "secret": "yoqICbLIeYbpZPqDH4D8k4NKb04HqnrWBntEeVZEQ5gO1RmaUlln0Aqu1dj2UoF4", "redirectUris": [ "x-cyberduck-action:oauth", "x-mountainduck-action:oauth" @@ -19,7 +18,7 @@ "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, - "publicClient": false, + "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { diff --git a/deployments/examples/opencloud_full/config/keycloak/clients/web.json b/deployments/examples/opencloud_full/config/keycloak/clients/web.json index 18c7f09e98..9ab819a44e 100644 --- a/deployments/examples/opencloud_full/config/keycloak/clients/web.json +++ b/deployments/examples/opencloud_full/config/keycloak/clients/web.json @@ -1,19 +1,21 @@ { "clientId": "web", - "name": "", + "name": "OpenCloud Web App", "description": "", - "rootUrl": "https://cloud.opencloud.test", - "adminUrl": "https://cloud.opencloud.test", + "rootUrl": "{{OC_URL}}", + "adminUrl": "{{OC_URL}}", "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ - "https://cloud.opencloud.test/*" + "{{OC_URL}}/", + "{{OC_URL}}/oidc-callback.html", + "{{OC_URL}}/oidc-silent-redirect.html" ], "webOrigins": [ - "https://cloud.opencloud.test" + "{{OC_URL}}" ], "notBefore": 0, "bearerOnly": false, @@ -37,7 +39,7 @@ "saml.server.signature.keyinfo.ext": "false", "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "backchannel.logout.url": "https://cloud.opencloud/backchannel_logout", + "backchannel.logout.url": "{{OC_URL}}/backchannel_logout", "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", diff --git a/deployments/examples/opencloud_full/config/keycloak/opencloud-realm.dist.json b/deployments/examples/opencloud_full/config/keycloak/opencloud-realm.dist.json index 3610658380..0076cc1ef0 100644 --- a/deployments/examples/opencloud_full/config/keycloak/opencloud-realm.dist.json +++ b/deployments/examples/opencloud_full/config/keycloak/opencloud-realm.dist.json @@ -279,12 +279,12 @@ "containerId" : "7848ee94-cc9b-40db-946f-a86ac73dc9b7", "attributes" : { } } ], - "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69" : [ ], + "OpenCloudDesktop" : [ ], "web" : [ ], "security-admin-console" : [ ], - "e4rAsNUSIUs0lF4nbv9FmCeUkTlV9GdgTLDH1b5uie7syb90SzEVrbN7HIpmWJeD" : [ ], + "OpenCloudAndroid" : [ ], "admin-cli" : [ ], - "mxd5OQDk6es5LzOzRvidJNfXLUZS2oN3oUFeXPP8LpPrhx3UroJFduGEYIBOxkY1" : [ ], + "OpenCloudIOS" : [ ], "account-console" : [ ], "broker" : [ { "id" : "81fad68a-8dd8-4d79-9a8f-206a82460145", @@ -797,14 +797,14 @@ "optionalClientScopes" : [ ] }, { "id" : "c8367556-1d13-4979-b4f6-5e2cff1f82ae", - "clientId" : "e4rAsNUSIUs0lF4nbv9FmCeUkTlV9GdgTLDH1b5uie7syb90SzEVrbN7HIpmWJeD", - "name" : "openCloud Android app", + "clientId" : "OpenCloudAndroid", + "name" : "OpenCloud Android App", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "secret" : "**********", - "redirectUris" : [ "oc://android.opencloud.com" ], + "redirectUris" : [ "oc://android.opencloud.eu" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -813,7 +813,7 @@ "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : true, "serviceAccountsEnabled" : false, - "publicClient" : false, + "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { @@ -821,7 +821,7 @@ "saml.force.post.binding" : "false", "saml.multivalued.roles" : "false", "saml.encrypt" : "false", - "post.logout.redirect.uris" : "+", + "post.logout.redirect.uris" : "oc://android.opencloud.eu", "backchannel.logout.revoke.offline.tokens" : "false", "saml.server.signature" : "false", "saml.server.signature.keyinfo.ext" : "false", @@ -842,14 +842,14 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "6ae0e3da-38ff-47a4-a76e-b59eec0a2de9", - "clientId" : "mxd5OQDk6es5LzOzRvidJNfXLUZS2oN3oUFeXPP8LpPrhx3UroJFduGEYIBOxkY1", - "name" : "openCloud iOS app", + "clientId" : "OpenCloudIOS", + "name" : "OpenCloud iOS App", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "secret" : "**********", - "redirectUris" : [ "oc://ios.opencloud.com" ], + "redirectUris" : [ "oc://ios.opencloud.eu" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -858,7 +858,7 @@ "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : true, "serviceAccountsEnabled" : false, - "publicClient" : false, + "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { @@ -866,7 +866,7 @@ "saml.force.post.binding" : "false", "saml.multivalued.roles" : "false", "saml.encrypt" : "false", - "post.logout.redirect.uris" : "+", + "post.logout.redirect.uris" : "oc://ios.opencloud.eu", "backchannel.logout.revoke.offline.tokens" : "false", "saml.server.signature" : "false", "saml.server.signature.keyinfo.ext" : "false", @@ -962,7 +962,7 @@ }, { "id" : "54b18eca-cf79-4263-9db9-2d79f8a1c831", "clientId" : "web", - "name" : "", + "name" : "OpenCloud Web App", "description" : "", "rootUrl" : "https://cloud.opencloud.test", "adminUrl" : "https://cloud.opencloud.test", @@ -971,7 +971,7 @@ "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "https://cloud.opencloud.test/*" ], + "redirectUris" : [ "https://cloud.opencloud.test/", "https://cloud.opencloud.test/oidc-callback.html", "https://cloud.opencloud.test/oidc-silent-redirect.html" ], "webOrigins" : [ "https://cloud.opencloud.test" ], "notBefore" : 0, "bearerOnly" : false, @@ -1012,14 +1012,14 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "fc7d8a8e-cb92-4cb0-b404-d723c07d8d4f", - "clientId" : "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69", - "name" : "openCloud Desktop Client", + "clientId" : "OpenCloudDesktop", + "name" : "OpenCloud Desktop Client", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "secret" : "**********", - "redirectUris" : [ "http://127.0.0.1:*", "http://localhost:*" ], + "redirectUris" : [ "http://127.0.0.1", "http://localhost" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -1028,7 +1028,7 @@ "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : true, "serviceAccountsEnabled" : false, - "publicClient" : false, + "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : {