diff --git a/dashboard/.env.development b/dashboard/.env.development index f63958dc9..eb686a1dc 100644 --- a/dashboard/.env.development +++ b/dashboard/.env.development @@ -1,5 +1,5 @@ VITE_OIDC_ENABLED=true -VITE_OIDC_AUTHORITY=http://keycloak:7470/realms/enduro +VITE_OIDC_AUTHORITY=http://keycloak:7470/realms/artefactual VITE_OIDC_CLIENT_ID=enduro VITE_OIDC_REDIRECT_URI=http://localhost:8080/user/signin-callback VITE_OIDC_EXTRA_SCOPES=enduro diff --git a/enduro.toml b/enduro.toml index ad33dfa2d..254caa4e8 100644 --- a/enduro.toml +++ b/enduro.toml @@ -23,7 +23,7 @@ enabled = true [api.auth.oidc] # OIDC provider URL. Required when auth. is enabled. -providerURL = "http://keycloak:7470/realms/enduro" +providerURL = "http://keycloak:7470/realms/artefactual" # OIDC client ID. The client ID must be included in the `aud` claim of # the access token. Required when auth. is enabled. clientID = "enduro" diff --git a/hack/kube/components/dev/enduro-secret.yaml b/hack/kube/components/dev/enduro-secret.yaml index 6d280b235..fe74699e5 100644 --- a/hack/kube/components/dev/enduro-secret.yaml +++ b/hack/kube/components/dev/enduro-secret.yaml @@ -5,7 +5,7 @@ metadata: type: Opaque stringData: oidc-enabled: "true" - oidc-provider-url: http://keycloak:7470/realms/enduro + oidc-provider-url: http://keycloak:7470/realms/artefactual oidc-redirect-url: http://localhost:8080/user/signin-callback oidc-client-id: enduro oidc-extra-scopes: enduro diff --git a/hack/kube/components/dev/keycloak.yaml b/hack/kube/components/dev/keycloak.yaml index 5a93664eb..0e04c7127 100644 --- a/hack/kube/components/dev/keycloak.yaml +++ b/hack/kube/components/dev/keycloak.yaml @@ -72,10 +72,10 @@ kind: ConfigMap metadata: name: keycloak-realm-config data: - enduro-realm.json: | + artefactual-realm.json: | { "id": "edc1624d-4b30-4f22-a6d0-3a171fe08a6a", - "realm": "enduro", + "realm": "artefactual", "enabled": true, "users": [ { diff --git a/hack/kube/components/dev/minio-secret.yaml b/hack/kube/components/dev/minio-secret.yaml index d5c455267..775f4140a 100644 --- a/hack/kube/components/dev/minio-secret.yaml +++ b/hack/kube/components/dev/minio-secret.yaml @@ -6,7 +6,7 @@ type: Opaque stringData: user: minio password: minio123 - oidc-url: http://keycloak:7470/realms/enduro/.well-known/openid-configuration + oidc-url: http://keycloak:7470/realms/artefactual/.well-known/openid-configuration oidc-client-id: minio oidc-client-secret: K5do3lZeHEzR3ajzCEudH4OGe7KWUmfe oidc-scopes: openid email profile minio diff --git a/hack/kube/components/dev/temporal-ui-secret.yaml b/hack/kube/components/dev/temporal-ui-secret.yaml index 343dadeba..e2f6107c3 100644 --- a/hack/kube/components/dev/temporal-ui-secret.yaml +++ b/hack/kube/components/dev/temporal-ui-secret.yaml @@ -5,7 +5,7 @@ metadata: type: Opaque stringData: cors-origins: http://localhost:7440 - auth-provider-url: http://keycloak:7470/realms/enduro + auth-provider-url: http://keycloak:7470/realms/artefactual auth-callback-url: http://localhost:7440/auth/sso/callback auth-client-id: temporal auth-client-secret: R0oJNfvLrUiSyHnB9tAATMPcrcW2xRdK diff --git a/internal/api/auth/config_test.go b/internal/api/auth/config_test.go index 8174ee5a2..2982697ca 100644 --- a/internal/api/auth/config_test.go +++ b/internal/api/auth/config_test.go @@ -28,7 +28,7 @@ func TestConfig(t *testing.T) { config: &auth.Config{ Enabled: true, OIDC: &auth.OIDCConfig{ - ProviderURL: "http://keycloak:7470/realms/enduro", + ProviderURL: "http://keycloak:7470/realms/artefactual", ClientID: "enduro", }, }, @@ -38,7 +38,7 @@ func TestConfig(t *testing.T) { config: &auth.Config{ Enabled: true, OIDC: &auth.OIDCConfig{ - ProviderURL: "http://keycloak:7470/realms/enduro", + ProviderURL: "http://keycloak:7470/realms/artefactual", ClientID: "enduro", ABAC: auth.OIDCABACConfig{ Enabled: true, @@ -67,7 +67,7 @@ func TestConfig(t *testing.T) { config: &auth.Config{ Enabled: true, OIDC: &auth.OIDCConfig{ - ProviderURL: "http://keycloak:7470/realms/enduro", + ProviderURL: "http://keycloak:7470/realms/artefactual", ClientID: "enduro", ABAC: auth.OIDCABACConfig{ Enabled: true,