diff --git a/.github/workflows/helm-checks.yaml b/.github/workflows/helm-checks.yaml index 43c0e35..8734d8a 100644 --- a/.github/workflows/helm-checks.yaml +++ b/.github/workflows/helm-checks.yaml @@ -183,13 +183,21 @@ jobs: helm dep up charts/tx-data-provider helm dep up charts/umbrella helm install umbrella charts/umbrella --namespace data-exchange --create-namespace --debug --timeout 10m \ - -f charts/values-test-data-exchange.yaml -f charts/values-test-iam-init-container.yaml \ + -f charts/values-test-data-exchange.yaml + helm uninstall umbrella --namespace data-exchange + + - name: Install chart for data exchange with iatp-mock (umbrella) + run: | + helm dep up charts/tx-data-provider + helm dep up charts/umbrella + helm install umbrella charts/umbrella --namespace data-exchange --create-namespace --debug --timeout 10m \ + -f charts/values-test-data-exchange-iatp-mock.yaml -f charts/values-test-iam-init-container.yaml \ --set iatpmock.image.repository=kind-registry:5000/iatp-mock --set iatpmock.image.tag=testing helm uninstall umbrella --namespace data-exchange - name: Install chart for shared services one (umbrella) run: | - helm install umbrella charts/umbrella -f charts/values-test-shared-services-1.yaml -f charts/values-test-iam-init-container.yaml --namespace shared-services --create-namespace --debug --timeout 10m --set iatpmock.image.repository=kind-registry:5000/iatp-mock --set iatpmock.image.tag=testing + helm install umbrella charts/umbrella -f charts/values-test-shared-services-1.yaml -f charts/values-test-iam-init-container.yaml --namespace shared-services --create-namespace --debug --timeout 10m helm uninstall umbrella --namespace shared-services - name: Install chart for shared services two (umbrella) diff --git a/charts/umbrella/Chart.yaml b/charts/umbrella/Chart.yaml index 6ada84c..0f8cc9f 100644 --- a/charts/umbrella/Chart.yaml +++ b/charts/umbrella/Chart.yaml @@ -36,7 +36,7 @@ dependencies: - condition: portal.enabled name: portal repository: https://eclipse-tractusx.github.io/charts/dev - version: 2.0.0 + version: 2.2.0 # cx-iam - condition: centralidp.enabled name: centralidp @@ -109,3 +109,8 @@ dependencies: version: 0.1.0 repository: file://charts/iatpmock condition: iatpmock.enabled + # ssi-dim-wallet-stub + - name: ssi-dim-wallet-stub + repository: https://eclipse-tractusx.github.io/charts/dev + version: 0.1.2 + condition: ssi-dim-wallet-stub.enabled diff --git a/charts/umbrella/README.md b/charts/umbrella/README.md index ea95f5f..385661f 100644 --- a/charts/umbrella/README.md +++ b/charts/umbrella/README.md @@ -256,6 +256,7 @@ Collection of hosts to be added to the `/etc/hosts` (Linux and Mac) or the `C:\W 192.168.49.2 iatpmock.tx.test 192.168.49.2 business-partners.tx.test 192.168.49.2 pgadmin4.tx.test +192.168.49.2 ssi-dim-wallet-stub.tx.test ``` Replace `192.168.49.2` with your `minikube ip` if it differs. @@ -287,6 +288,7 @@ The currently available components are following: - [bdrs](https://github.com/eclipse-tractusx/bpn-did-resolution-service/tree/0.0.4) (**in memory** - no persistance possible) - [iatp-mock](https://github.com/eclipse-tractusx/tractus-x-umbrella/tree/main/charts/umbrella/charts/iatpmock/Chart.yaml) - [bpdm](https://github.com/eclipse-tractusx/bpdm/tree/release/6.0.x) +- [ssi-dim-wallet-stub](https://github.com/eclipse-tractusx/ssi-dim-wallet-stub/releases/tag/ssi-dim-wallet-stub-0.1.2) > :warning: **Note** > @@ -449,6 +451,12 @@ dataconsumerTwo: helm upgrade -f values-adopter-data-exchange.yaml umbrella . --namespace umbrella ``` +*iatp-mock Version* + +```bash +helm install -f values-adopter-data-exchange-iatp-mock.yaml umbrella . --namespace umbrella --create-namespace +``` + **Portal Subset** ```bash @@ -587,6 +595,7 @@ Currently enabled ingresses: - http://bdrs-server.tx.test - http://iatpmock.tx.test - http://pgadmin4.tx.test +- http://ssi-dim-wallet-stub.tx.test ### Database Access diff --git a/charts/umbrella/values-adopter-data-exchange-iatp-mock.yaml b/charts/umbrella/values-adopter-data-exchange-iatp-mock.yaml new file mode 100644 index 0000000..377f3e7 --- /dev/null +++ b/charts/umbrella/values-adopter-data-exchange-iatp-mock.yaml @@ -0,0 +1,245 @@ +# ############################################################################# +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ############################################################################# +--- + +centralidp: + enabled: true + + +iatpmock: + enabled: true + ingress: + enabled: true + hosts: + - host: iatpmock.tx.test + paths: + - path: / + pathType: ImplementationSpecific + +bdrs-server-memory: + enabled: true + seeding: + bpnList: + - bpn: "BPNL00000003B3NX" + did: "did:web:mock-util-service/BPNL00000003B3NX" + - bpn: "BPNL00000003CSGV" + did: "did:web:mock-util-service/BPNL00000003CSGV" + - bpn: "BPNL00000003B6LU" + did: "did:web:mock-util-service/BPNL00000003B6LU" + - bpn: "BPNL00000003AXS3" + did: "did:web:mock-util-service/BPNL00000003AXS3" + - bpn: "BPNL00000003AZQP" + did: "did:web:mock-util-service/BPNL00000003AZQP" + - bpn: "BPNL00000003AWSS" + did: "did:web:mock-util-service/BPNL00000003AWSS" + - bpn: "BPNL00000003AYRE" + did: "did:web:mock-util-service/BPNL00000003AYRE" + - bpn: "BPNL00000003AVTH" + did: "did:web:mock-util-service/BPNL00000003AVTH" + - bpn: "BPNL00000000BJTL" + did: "did:web:mock-util-service/BPNL00000000BJTL" + - bpn: "BPNL00000003CML1" + did: "did:web:mock-util-service/BPNL00000003CML1" + - bpn: "BPNL00000003B2OM" + did: "did:web:mock-util-service/BPNL00000003B2OM" + - bpn: "BPNL00000003B0Q0" + did: "did:web:mock-util-service/BPNL00000003B0Q0" + - bpn: "BPNL00000003B5MJ" + did: "did:web:mock-util-service/BPNL00000003B5MJ" + - bpn: "BPNS0000000008ZZ" + did: "did:web:mock-util-service/BPNS0000000008ZZ" + - bpn: "BPNL00000003CNKC" + did: "did:web:mock-util-service/BPNL00000003CNKC" + - bpn: "BPNS00000008BDFH" + did: "did:web:mock-util-service/BPNS00000008BDFH" + + hostname: &hostname bdrs-server.tx.test + server: + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + ingresses: + - enabled: true + hostname: *hostname + endpoints: + - directory + - management + tls: + enabled: false + +dataconsumerOne: + enabled: true + secrets: + edc-miw-keycloak-secret: UbfW4CR1xH4OskkovqJ2JzcwnQIrG7oj + tractusx-connector: + participant: + id: BPNL00000003AZQP + iatp: + id: did:web:mock-util-service/BPNL00000003AZQP + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + sts: + dim: + url: http://mock-util-service/sts + oauth: + token_url: http://centralidp.tx.test/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: satest01 + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + endpoints: + management: + authKey: TEST1 + ingresses: + - enabled: true + hostname: "dataconsumer-1-controlplane.tx.test" + endpoints: + - default + - protocol + - management + tls: + enabled: false + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + ingresses: + - enabled: true + hostname: "dataconsumer-1-dataplane.tx.test" + endpoints: + - default + - public + tls: + enabled: false + # -- uncomment the following for persistence + # postgresql: + # primary: + # persistence: + # enabled: true + +tx-data-provider: + seedTestdata: true + enabled: true + secrets: + edc-miw-keycloak-secret: pyFUZP2L9UCSVJUScHcN3ZEgy2PGyEpg + tractusx-connector: + participant: + id: BPNL00000003AYRE + iatp: + id: did:web:mock-util-service/BPNL00000003AYRE + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + sts: + dim: + url: http://mock-util-service/sts + oauth: + token_url: http://centralidp.tx.test/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: satest02 + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + endpoints: + management: + authKey: TEST2 + ingresses: + - enabled: true + hostname: "dataprovider-controlplane.tx.test" + endpoints: + - default + - protocol + - management + tls: + enabled: false + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + ingresses: + - enabled: true + hostname: "dataprovider-dataplane.tx.test" + endpoints: + - default + - public + tls: + enabled: false + # -- uncomment the following for persistence + # postgresql: + # primary: + # persistence: + # enabled: true + # digital-twin-registry: + # postgresql: + # primary: + # persistence: + # enabled: true + +dataconsumerTwo: + enabled: false + secrets: + edc-miw-keycloak-secret: tPwy4exxH1sXBRQouobSA2nNVaaPuwCs + tractusx-connector: + participant: + id: BPNL00000003AVTH + iatp: + id: did:web:mock-util-service/BPNL00000003AVTH + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + sts: + dim: + url: http://mock-util-service/sts + oauth: + token_url: http://centralidp.tx.test/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: satest03 + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + endpoints: + management: + authKey: TEST3 + ingresses: + - enabled: true + hostname: "dataconsumer-2-controlplane.tx.test" + endpoints: + - default + - protocol + - management + tls: + enabled: false + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + ingresses: + - enabled: true + hostname: "dataconsumer-2-dataplane.tx.test" + endpoints: + - default + - public + tls: + enabled: false + # -- uncomment the following for persistence + # postgresql: + # primary: + # persistence: + # enabled: true + +pgadmin4: + enabled: true + # -- uncomment the following for persistence + # persistentVolume: + # enabled: true diff --git a/charts/umbrella/values-test-data-exchange-azure.yaml b/charts/umbrella/values-test-data-exchange-azure.yaml new file mode 100644 index 0000000..dfb8a9e --- /dev/null +++ b/charts/umbrella/values-test-data-exchange-azure.yaml @@ -0,0 +1,1477 @@ +# ############################################################################# +# Copyright (c) 2023,2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ############################################################################# +--- +portal: + enabled: true + replicaCount: 1 + postgresql: + nameOverride: "portal-backend-postgresql" + architecture: standalone + auth: + password: "dbpasswordportal" + portalPassword: "dbpasswordportal" + replicationPassword: "dbpasswordportal" + provisioningPassword: "dbpasswordportal" + primary: + persistence: + enabled: false + portalAddress: "https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io" + portalBackendAddress: "https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io" + centralidp: + address: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + sharedidpAddress: "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + semanticsAddress: "https://semantics.dd0929a713804ca78962.germanywestcentral.aksapp.io" + bpdm: + poolAddress: "https://business-partners.dd0929a713804ca78962.germanywestcentral.aksapp.io" + poolApiPath: "/pool/v6" + portalGateAddress: "https://business-partners.dd0929a713804ca78962.germanywestcentral.aksapp.io" + portalGateApiPath: "/gate/v6" + custodianAddress: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io" + dimWrapper: + baseAddress: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io" + apiPath: "/api/dim" + decentralIdentityManagementAuthAddress: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/sts" + sdfactoryAddress: "https://sdfactory.dd0929a713804ca78962.germanywestcentral.aksapp.io" + clearinghouseAddress: "https://validation.dd0929a713804ca78962.germanywestcentral.aksapp.io" + clearinghouseTokenAddress: "https://keycloak.dd0929a713804ca78962.germanywestcentral.aksapp.io/realms/example/protocol/openid-connect/token" + issuerComponentAddress: "https://ssi-credential-issuer.dd0929a713804ca78962.germanywestcentral.aksapp.io" + frontend: + ingress: + enabled: true + className : "addon-http-application-routing" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/rewrite-target: "/$1" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/cors-allow-origin: "https://*.dd0929a713804ca78962.germanywestcentral.aksapp.io" + tls: + # -- Provide tls secret. + - secretName: "portal.tx.test-tls" + # -- Provide host for tls secret. + hosts: + - "portal.dd0929a713804ca78962.germanywestcentral.aksapp.io" + hosts: + - host: "portal.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/(.*)" + pathType: "ImplementationSpecific" + backend: + service: "portal" + port: 8080 + - path: "/registration/(.*)" + pathType: "ImplementationSpecific" + backend: + service: "registration" + port: 8080 + - path: "/((assets|documentation)/.*)" + pathType: "ImplementationSpecific" + backend: + service: "assets" + port: 8080 + backend: + dotnetEnvironment: "Development" + useDimWallet: true + keycloak: + central: + clientId: "sa-cl1-reg-2" + clientSecret: "changeme" + jwtBearerOptions: + requireHttpsMetadata: "false" + shared: + clientId: "sa-cl1-reg-1" + clientSecret: "changeme" + registration: + logging: + default: "Debug" + bpdmLibrary: "Debug" + registrationService: "Debug" + swaggerEnabled: true + administration: + logging: + default: "Debug" + businessLogic: "Debug" + sdfactoryLibrary: "Debug" + bpdmLibrary: "Debug" + custodianLibrary: "Debug" + serviceAccount: + encryptionConfigs: + index0: + encryptionKey: "deb8261ec7b89c344f1c5ef5a11606e305f14e0d231b1357d90ad0180c5081d3" + issuerdid: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK" + swaggerEnabled: true + appmarketplace: + logging: + default: "Debug" + offersLibrary: "Debug" + swaggerEnabled: true + services: + logging: + default: "Debug" + offersLibrary: "Debug" + swaggerEnabled: true + notification: + logging: + default: "Debug" + swaggerEnabled: true + processesworker: + clearinghouseConnectDisabled: true + logging: + default: "Debug" + processesLibrary: "Debug" + bpdmLibrary: "Debug" + clearinghouseLibrary: "Debug" + custodianLibrary: "Debug" + sdfactoryLibrary: "Debug" + offerProvider: "Debug" + bpdm: + clientId: &bpdmAdminClientId "sa-cl7-cx-5" + clientSecret: &bpdmAdminClientSecret "changeme" + # -- no configuration for clearinghouse because it's an external component + # clientId and clientSecret aren't in the centralidp Keycloak + # clearinghouse: + # clientId: "clearinghouse-client-id" + # clientSecret: "" + custodian: + clientId: "sa-cl5-custodian-2" + clientSecret: "changeme" + sdfactory: + issuerBpn: "BPNL00000003CRHK" + clientId: "sa-cl8-cx-1" + clientSecret: "changeme" + offerprovider: + clientId: "sa-cl2-03" + clientSecret: "changeme" + dim: + clientId: "sa-cl2-05" + clientSecret: "zuBGfr67Tj0WJ5fAJSIRvoPEP5hSQFMT" + grantType: "client_credentials" + scope: "openid" + baseAddress: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io" + universalResolverAddress: "https://dev.uniresolver.io/" + encryptionConfigs: + index0: + encryptionKey: + "6cbaf47ee30c778088e6faa44e2f0eed98beda86db06c7d2e37e32ab78e14b33" + issuerComponent: + clientId: "sa-cl2-04" + clientSecret: "changeme" + encryptionConfigs: + index0: + encryptionKey: + "39ffab76f99ece1e4ac72f973d5c703737324a75c6445e84fa317a7833476a15" + bpnDidResolver: + # -- ApiKey for management endpoint of the bpnDidResolver. Secret-key 'bpndidresolver-api-key'. + apiKey: "" + onboardingServiceProvider: + encryptionConfigs: + index0: + cipherMode: "CBC" + paddingMode: "PKCS7" + encryptionKey: + "f7bc3d99f1ace73e7a75b794affbbc26206ab29909821a102aaccb2e95e45f7c" + index1: + encryptionKey: + "8027152fe7a869c88acc86981760acd70ff1d660c2bd129eece94edef933caf7" + invitation: + encryptionConfigs: + index0: + encryptionKey: + "d84fea29d6eac0fa51e36682b164e7d61693cd4202ed04306d2d9c5d46655e2c" + mailing: + encryptionConfigs: + index0: + encryptionKey: + "d2e27d71b018cb36029184852f1baa3e26891be94718f77de4c7cc6c882fe317" + mailing: + host: "smtp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + port: "587" + user: "smtp-user" + senderEmail: "smtp@23961bac374844fd9fe0.germanywestcentral.aksapp.io" + password: "" + portalmigrations: + logging: + default: "Debug" + provisioning: + sharedRealm: + smtpServer: + host: "smtp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + port: "587" + user: "smtp-user" + password: "" + from: "smtp@23961bac374844fd9fe0.germanywestcentral.aksapp.io" + replyTo: "smtp@23961bac374844fd9fe0.germanywestcentral.aksapp.io" + # -- docs: https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/administration/swagger/index.html + # https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/registration/swagger/index.html + # https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/apps/swagger/index.html + # https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/services/swagger/index.html + # https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/notification/swagger/index.html + ingress: + enabled: true + className : "addon-http-application-routing" + name: "portal-backend" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "8m" + nginx.ingress.kubernetes.io/cors-allow-origin: "http://localhost:3000, https://*.dd0929a713804ca78962.germanywestcentral.aksapp.io" + tls: + # -- Provide tls secret. + - secretName: "portal-backend.tx.test-tls" + # -- Provide host for tls secret. + hosts: + - "portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io" + hosts: + - host: "portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/api/registration" + pathType: "Prefix" + backend: + service: "registration-service" + port: 8080 + - path: "/api/administration" + pathType: "Prefix" + backend: + service: "administration-service" + port: 8080 + - path: "/api/notification" + pathType: "Prefix" + backend: + service: "notification-service" + port: 8080 + - path: "/api/provisioning" + pathType: "Prefix" + backend: + service: "provisioning-service" + port: 8080 + - path: "/api/apps" + pathType: "Prefix" + backend: + service: "marketplace-app-service" + port: 8080 + - path: "/api/services" + pathType: "Prefix" + backend: + service: "services-service" + port: 8080 + +centralidp: + enabled: true + keycloak: + nameOverride: "centralidp" + replicaCount: 1 + auth: + adminPassword: "adminconsolepwcentralidp" + postgresql: + nameOverride: "centralidp-postgresql" + auth: + password: "dbpasswordcentralidp" + postgresPassword: "dbpasswordcentralidp" + architecture: standalone + primary: + persistence: + enabled: false + ingress: + enabled: true + ingressClassName: "" + hostname: "centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS" + nginx.ingress.kubernetes.io/cors-allow-origin: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + # uncomment the following line for tls + # initContainers: + # - name: init-certs + # image: docker.io/bitnami/keycloak:23.0.7-debian-12-r1 + # imagePullPolicy: IfNotPresent + # command: ["/bin/bash"] + # args: + # - -ec + # - |- + # keytool -import -file "/certs/tls.crt" \ + # -keystore "/opt/bitnami/keycloak/certs/keycloak.truststore.jks" \ + # -storepass "${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD}" \ + # -noprompt + # env: + # - name: KEYCLOAK_SPI_TRUSTSTORE_PASSWORD + # value: "changeit" + # volumeMounts: + # - name: certificates + # mountPath: /certs + # - name: shared-certs + # mountPath: "/opt/bitnami/keycloak/certs" + # extraEnvVars: + # - name: KEYCLOAK_SPI_TRUSTSTORE_FILE + # value: "/opt/bitnami/keycloak/certs/keycloak.truststore.jks" + # - name: KEYCLOAK_SPI_TRUSTSTORE_PASSWORD + # value: "changeit" + # extraVolumes: + # - name: certificates + # secret: + # secretName: root-secret + # defaultMode: 420 + # - name: shared-certs + # emptyDir: {} + # extraVolumeMounts: + # - name: certificates + # mountPath: /certs + # - name: shared-certs + # mountPath: "/opt/bitnami/keycloak/certs" + realmSeeding: + sslRequired: "none" + clients: + registration: + redirects: + - https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/* + portal: + rootUrl: https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/home + redirects: + - https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/* + semantics: + redirects: + - https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/* + miw: + clientSecret: "changeme" + redirects: + - https://managed-identity-wallets.dd0929a713804ca78962.germanywestcentral.aksapp.io/* + bpdm: + clientSecret: "changeme" + redirects: + - https://partners-pool.dd0929a713804ca78962.germanywestcentral.aksapp.io/* + bpdmGate: + clientSecret: "changeme" + redirects: + - https://partners-gate.dd0929a713804ca78962.germanywestcentral.aksapp.io/* + bpdmOrchestrator: + clientSecret: "changeme" + serviceAccounts: + clientSecrets: + - clientId: "sa-cl1-reg-2" + clientSecret: "changeme" + - clientId: "sa-cl2-01" + clientSecret: "changeme" + - clientId: "sa-cl2-02" + clientSecret: "changeme" + - clientId: "sa-cl2-03" + clientSecret: "changeme" + - clientId: "sa-cl2-04" + clientSecret: "changeme" + - clientId: "sa-cl2-05" + clientSecret: "changeme" + - clientId: "sa-cl3-cx-1" + clientSecret: "changeme" + - clientId: "sa-cl5-custodian-2" + clientSecret: "changeme" + - clientId: "sa-cl7-cx-1" + clientSecret: "changeme" + - clientId: "sa-cl7-cx-5" + clientSecret: "changeme" + - clientId: "sa-cl7-cx-7" + clientSecret: "changeme" + - clientId: "sa-cl8-cx-1" + clientSecret: "changeme" + - clientId: "sa-cl21-01" + clientSecret: "changeme" + - clientId: "sa-cl22-01" + clientSecret: "changeme" + - clientId: "sa-cl24-01" + clientSecret: "changeme" + - clientId: "sa-cl25-cx-1" + clientSecret: "changeme" + - clientId: "sa-cl25-cx-2" + clientSecret: "changeme" + - clientId: "sa-cl25-cx-3" + clientSecret: "changeme" + bpn: "BPNL00000003CRHK" + sharedidp: "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + # -- test service accounts for EDC - MIW which are obsolete since R24.05; + # uncomment once EDC uses SSI DIM Wallet Stub and the helm chart testing has been updated; + # currently the post-install testdata-upload-job fails if not available + extraServiceAccounts: + clientSecretsAndBpn: + - clientId: satest01 + clientSecret: UbfW4CR1xH4OskkovqJ2JzcwnQIrG7oj + bpn: BPNL00000003AZQP + - clientId: satest02 + clientSecret: pyFUZP2L9UCSVJUScHcN3ZEgy2PGyEpg + bpn: BPNL00000003AYRE + - clientId: satest03 + clientSecret: tPwy4exxH1sXBRQouobSA2nNVaaPuwCs + bpn: BPNL00000003AVTH + - clientId: satest04 + clientSecret: BxZ3cwYUPJKK7gI4wq7q6Hgoxel6MphF + bpn: BPNL00000003AWSS + - clientId: satest05 + clientSecret: dR00GN1AWCYbRGbZY8TXjs2YEPMeCxLF + bpn: BPNL00000003B0Q0 + - clientId: satest06 + clientSecret: pDSziT0TUFAkMx0qGFcvpE4XkMqPh13v + bpn: BPNS0000000008ZZ + - clientId: satest07 + clientSecret: GY5a44sNuNIjrTyjHvdEPLeNRHH0Kt39 + bpn: BPNL00000003CNKC + - clientId: satest08 + clientSecret: WUXpQx1aIclA7enqtk4o2uvLDLMreUMI + bpn: BPNL00000003B6LU + - clientId: satest09 + clientSecret: N08TGNdhUskJcmVEnOh1tAGwr9oca9PU + bpn: BPNL00000003CML1 + - clientId: satest10 + clientSecret: gzdSG0CBDJrtv1gje0zUASu1S9P4I7xP + bpn: BPNS00000008BDFH + - clientId: satest11 + clientSecret: CC3fz3dQGZsBp2NCbowOV65efBFZTgEO + bpn: BPNL00000003B2OM + - clientId: satest12 + clientSecret: 2gjSlFxBO7spEM4aTz3f8CqDS0klbt7C + bpn: BPNL00000003CSGV + - clientId: satest13 + clientSecret: 3YQzDqEsdUZ83DVHSIRYUCK4pot61r5M + bpn: BPNL00000003B5MJ + - clientId: satest14 + clientSecret: 7qtMpfN3otq5dGiEPssVongXK56lb9LE + bpn: BPNL00000003AXS3 + - clientId: satest15 + clientSecret: 8QiZ8ineW0Lt8ZOlC2MYuCR0TvM6vMYX + bpn: BPNL00000003B3NX + - clientId: satest16 + clientSecret: d2sqUurBH9Vd8DNRmjiMfObU67ajorCq + bpn: BPNL00000000BJTL + initContainer: + image: + name: docker.io/tractusx/umbrella-init-container:1.1.0-init + pullPolicy: IfNotPresent + +sharedidp: + enabled: true + keycloak: + nameOverride: "sharedidp" + auth: + adminPassword: "adminconsolepwsharedidp" + postgresql: + nameOverride: "sharedidp-postgresql" + auth: + password: "dbpasswordsharedidp" + postgresPassword: "dbpasswordsharedidp" + architecture: standalone + primary: + persistence: + enabled: false + ingress: + enabled: true + ingressClassName: "" + hostname: "sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS" + nginx.ingress.kubernetes.io/cors-allow-origin: "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + # uncomment the following line for tls + # initContainers: + # - name: init-certs + # image: docker.io/bitnami/keycloak:23.0.7-debian-12-r1 + # imagePullPolicy: IfNotPresent + # command: ["/bin/bash"] + # args: + # - -ec + # - |- + # keytool -import -file "/certs/tls.crt" \ + # -keystore "/opt/bitnami/keycloak/certs/keycloak.truststore.jks" \ + # -storepass "${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD}" \ + # -noprompt + # env: + # - name: KEYCLOAK_SPI_TRUSTSTORE_PASSWORD + # value: "changeit" + # volumeMounts: + # - name: certificates + # mountPath: /certs + # - name: shared-certs + # mountPath: "/opt/bitnami/keycloak/certs" + # extraEnvVars: + # - name: KEYCLOAK_SPI_TRUSTSTORE_FILE + # value: "/opt/bitnami/keycloak/certs/keycloak.truststore.jks" + # - name: KEYCLOAK_SPI_TRUSTSTORE_PASSWORD + # value: "changeit" + # extraVolumes: + # - name: certificates + # secret: + # secretName: root-secret + # defaultMode: 420 + # - name: shared-certs + # emptyDir: {} + # extraVolumeMounts: + # - name: certificates + # mountPath: /certs + # - name: shared-certs + # mountPath: "/opt/bitnami/keycloak/certs" + realmSeeding: + realms: + cxOperator: + sslRequired: "none" + centralidp: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + initialUser: + username: "cx-operator@tx.test" + password: "tractusx-umbr3lla!" + mailing: + host: "smtp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + port: "587" + username: "smtp-user" + password: "" + from: "smtp@tx.test" + replyTo: "smtp@tx.test" + master: + serviceAccounts: + provisioning: + clientSecret: "changeme" + saCxOperator: + clientSecret: "changeme" + +bpndiscovery: + enabled: true + enablePostgres: true + bpndiscovery: + host: semantics.dd0929a713804ca78962.germanywestcentral.aksapp.io + ingress: + enabled: true + tls: true + urlPrefix: "/bpndiscovery" + className: "" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/x-forwarded-prefix: "/bpndiscovery" + authentication: true + idp: + issuerUri: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Central" + publicClientId: "Cl22-CX-BPND" + bpndiscoverEndpoint: + allowedTypes: oen,wmi,passtype,manufacturerPartId + description: Service to discover BPN for different kind of type numbers + endpointAddress: /bpndiscovery + documentation: /bpndiscovery/swagger-ui/index.html + timeToLive: "31536000" + livenessProbe: + initialDelaySeconds: 200 + readinessProbe: + initialDelaySeconds: 200 + postgresql: + nameOverride: "bpndiscovery-postgresql" + primary: + persistence: + enabled: false + size: 8Gi + auth: + password: "dbpasswordbpndiscovery" + postgresPassword: "dbpasswordbpndiscovery" + +discoveryfinder: + enabled: true + enablePostgres: true + discoveryfinder: + authentication: true + livenessProbe: + initialDelaySeconds: 200 + readinessProbe: + initialDelaySeconds: 200 + host: semantics.dd0929a713804ca78962.germanywestcentral.aksapp.io + properties: + discoveryfinder: + initialEndpoints: + - type: bpn + endpointAddress: https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/administration/Connectors/discovery + description: Service to discover connector endpoints based on bpns + documentation: https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/administration/swagger/index.html + idp: + issuerUri: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Central" + publicClientId: "Cl21-CX-DF" + dataSource: + url: "jdbc:postgresql://{{ .Release.Name }}-discoveryfinder-postgresql:5432/discoveryfinder" + # -- docs: https://semantics.dd0929a713804ca78962.germanywestcentral.aksapp.io/discoveryfinder/swagger-ui/index.html + ingress: + enabled: true + tls: true + urlPrefix: "/discoveryfinder" + className: "" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/x-forwarded-prefix: "/discoveryfinder" + postgresql: + nameOverride: "discoveryfinder-postgresql" + primary: + persistence: + enabled: false + size: 8Gi + auth: + password: "dbpassworddiscoveryfinder" + postgresPassword: "dbpassworddiscoveryfinder" + +selfdescription: + enabled: true + sdfactory: + secret: + # -- JWK Set URI + jwkSetUri: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Central/protocol/openid-connect/certs" + # -- Custodian wallet client id + clientId: "sa-cl5-custodian-1" + # -- Custodian wallet client secret + clientSecret: "6pnnap7byS1TImL9Uj7g2psud9Fdq4tJ" + # -- Keycloak URL + authServerUrl: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth" + # -- Keycloak Realm detail + realm: "CX-Central" + # -- Keycloak Resource detail + resource: "Cl5-CX-Custodian" + # -- Details for Custodian wallet URI + custodianWalletUri: "" + # -- Details for Clearing House URI + clearingHouseUri: "" + # -- Details for Clearing House URL + clearingHouseServerUrl: "" + # -- Details for Clearing House Realm + clearingHouseRealm: "" + # -- Details for Clearing House Client ID + clearingHouseClientId: "" + # -- Details for Clearing House Client Secret + clearingHouseClientSecret: "" + ingress: + enabled: true + hosts: + - host: "sdfactory.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/" + pathType: "Prefix" + # uncomment the following lines for tls + tls: + - tlsName: sdfactory.tx.test-tls + hosts: + - sdfactory.dd0929a713804ca78962.germanywestcentral.aksapp.io + className: "" + # annotations: + # # uncomment the following line for tls + # cert-manager.io/cluster-issuer: "my-ca-issuer" + +iatpmock: + enabled: false + nameOverride: mock-util-service + fullnameOverride: mock-util-service + # -- see README ## Precondition for IATP Mock + # image: + # # override with locally built image if needed, default "tractusx/iatp-mock" + # repository: "" + # # override tag if needed, default "testing" + # tag: "" + ingress: + enabled: true + hosts: + - host: iatpmock.dd0929a713804ca78962.germanywestcentral.aksapp.io + paths: + - path: / + pathType: ImplementationSpecific + +ssi-credential-issuer: + enabled: true + portalBackendAddress: "https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io" + walletAddress: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io" + walletTokenAddress: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/oauth/token" + issuer: + swaggerEnabled: true + logging: + businessLogic: "Debug" + default: "Debug" + portal: + # -- Provide portal client-id from CX IAM centralidp. + # You must specify the technical user with the required roles for the interaction with the portal + clientId: "sa-cl24-01" + # -- Client-secret for portal client-id. Secret-key 'portal-client-secret'. + clientSecret: "changeme" + credential: + issuerDid: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK" + issuerBpn: "BPNL00000003CRHK" + statusListUrl: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/status-list/BPNL00000003CRHK/8a6c7486-1e1f-4555-bdd2-1a178182651e" + encryptionConfigIndex: 0 + encryptionConfigs: + index0: + # EncryptionKey for wallet. Secret-key 'credential-encryption-key0'. Expected format is 256 bit (64 digits) hex. + encryptionKey: "deb8261ec7b89c344f1c5ef5a11606e305f14e0d231b1357d90ad0180c5081d3" + processesworker: + portal: + # -- Provide portal client-id from CX IAM centralidp. + # You must specify the technical user with the required roles for the interaction with the portal + clientId: "sa-cl24-01" + # -- Client-secret for portal client-id. Secret-key 'portal-client-secret'. + clientSecret: "changeme" + logging: + default: "Debug" + processIdentity: + identityId: ac1cf001-7fbc-1f2f-817f-bce058020006 + wallet: + # -- Provide wallet client-id from CX IAM centralidp. + # You must specify the technical user with the required roles for the interaction with the managed-identity-wallet + clientId: "wallet-client-id" + # -- Client-secret for wallet client-id. Secret-key 'wallet-client-secret'. + clientSecret: "" + encryptionConfigIndex: 0 + encryptionConfigs: + index0: + # EncryptionKey for wallet. Secret-key 'process-wallet-encryption-key0'. Expected format is 256 bit (64 digits) hex. + encryptionKey: "deb8261ec7b89c344f1c5ef5a11606e305f14e0d231b1357d90ad0180c5081d3" + issuermigrations: + logging: + default: "Debug" + credentialExpiry: + logging: + default: "Debug" + postgresql: + enabled: true + architecture: standalone + primary: + persistence: + enabled: false + auth: + # -- Password for the root username 'postgres'. Secret-key 'postgres-password'. + postgrespassword: "rootissuerpassword" + # -- Password for the non-root username 'issuer'. Secret-key 'password'. + password: "issuerpassword" + + centralidp: + # -- Provide centralidp base address (CX IAM), without trailing '/auth'. + address: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io" + jwtBearerOptions: + requireHttpsMetadata: "false" + ingress: + enabled: true + className: "" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "8m" + nginx.ingress.kubernetes.io/cors-allow-origin: "https://*.dd0929a713804ca78962.germanywestcentral.aksapp.io" + # -- Ingress TLS configuration + tls: + - secretName: "ssi-credential-issuer.tx.test-tls" + hosts: + - "ssi-credential-issuer.dd0929a713804ca78962.germanywestcentral.aksapp.io" + hosts: + - host: "ssi-credential-issuer.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/" + pathType: "Prefix" + backend: + port: 8080 + +# Set up services for a business partner pool, golden record process +# and a gate with which the Portal and the users can share business partner data +bpdm: + enabled: false + postgres: + # We use the default name for BPDM postgres + fullnameOverride: + nameOverride: bpdm-postgres + auth: + # BPDM can't handle random initial passwords at the moment + # so need to set a fixed one here and use it in the app configs later + password: &bpdmPostgresPassword "dbpasswordbpdm" + postgresPassword: *bpdmPostgresPassword + architecture: standalone + primary: + persistence: + enabled: false + keycloak: + # We use Central-IDP as authentication server + enabled: false + # Set up a Gate that acts as the Portal's Gate + bpdm-gate: + postgres: + # App uses BPDM postgres default name to find connection to the Postgres + fullnameOverride: + nameOverride: bpdm-postgres + ingress: + enabled: true + annotations: + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/x-forwarded-prefix: "/gate" + # The Portal expects its Gate on that specific url path so we provide it here through ingress + hosts: + - host: "business-partners.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/gate(/|$)(.*)" + pathType: "ImplementationSpecific" + applicationConfig: + server: + # App should take the x-forward-header-prefix into account for Swagger-UI and redirects to work correctly + forward-headers-strategy: "FRAMEWORK" + bpdm: + bpn: + # This Gate has no owner restriction as other companies can write into the Gate under their own tenant + owner-bpn-l: + tasks: + creation: + fromSharingMember: + # Portal needs to set uploaded business partner data as ready to be shared by itself (disables setting it automatically as ready) + starts-as-ready: false + security: + # App's API is authenticated over Central-IDP + auth-server-url: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth" + realm: "CX-Central" + # Is Central-IDPs name for the Gate client + # The Gate will use that name to check for existing client permissions here + client-id: "Cl16-CX-BPDMGate" + # The Gate needs to connect to the Pool and Orchestrator to realize the Golden Record Process + # Setup client connection for both here (where to connect and the authentication) + # By default the Gate assumes that the authentication server of the Pool and Orchestrator are the same as its own + # We will reuse the general BPDM admin technical user to establish connection between the services + client: + pool: + registration: + client-id: *bpdmAdminClientId + orchestrator: + registration: + client-id: *bpdmAdminClientId + applicationSecrets: + spring: + datasource: + # Set the password of the postgres BPDM user here (Currently, BPDM can't deal with random initial passwords) + password: *bpdmPostgresPassword + bpdm: + client: + orchestrator: + registration: + client-secret: *bpdmAdminClientSecret + pool: + registration: + client-secret: *bpdmAdminClientSecret + + # Configures the central business partner Pool + bpdm-pool: + postgres: + # App uses BPDM postgres default name to find connection to the Postgres + fullnameOverride: + nameOverride: bpdm-postgres + ingress: + enabled: true + annotations: + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/x-forwarded-prefix: "/pool" + hosts: + - host: "business-partners.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/pool(/|$)(.*)" + pathType: "ImplementationSpecific" + applicationConfig: + server: + # App should take the x-forward-header-prefix into account for Swagger-UI and redirects to work correctly + forward-headers-strategy: "FRAMEWORK" + bpdm: + security: + # App's API is authenticated over Central-IDP + auth-server-url: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth" + realm: "CX-Central" + # Is Central-IDPs name for the Pool client + # The Pool will use that name to check for existing client permissions here + client-id: "Cl7-CX-BPDM" + # The Pool needs to connect to the Orchestrator to realize the Golden Record Process + # Setup client connection (where to connect and the authentication) + # By default the Pool assumes that the authentication server of the Orchestrator matches that one of the Pool + # We will reuse the general BPDM admin technical user to establish connection between the services + client: + orchestrator: + registration: + client-id: *bpdmAdminClientId + applicationSecrets: + bpdm: + client: + orchestrator: + registration: + client-secret: *bpdmAdminClientSecret + spring: + datasource: + # Set the password of the postgres BPDM user here (Currently, BPDM can't deal with random initial passwords) + password: *bpdmPostgresPassword + + # Configures the central service for orchestrating the Golden Record Process + bpdm-orchestrator: + ingress: + enabled: true + annotations: + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/x-forwarded-prefix: "/orchestrator" + hosts: + - host: "business-partners.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/orchestrator(/|$)(.*)" + pathType: "ImplementationSpecific" + applicationConfig: + server: + # App should take the x-forward-header-prefix into account for Swagger-UI and redirects to work correctly + forward-headers-strategy: "FRAMEWORK" + bpdm: + security: + auth-server-url: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth" + realm: "CX-Central" + # The Central-IDP does not yet have dedicated Orchestrator permissions + # Therefore, we just reuse the permissions from the Pool for now + # Basically it is saying: If you would be able to write into the Pool directly, + # you are also able to create golden record tasks which eventually will write data into the Pool + # (We are stricter with the permissions now than we will have to be when using dedicated permissions) + client-id: "Cl7-CX-BPDM" + permissions: + createTask: "write_partner" + readTask: "write_partner" + reservation: + clean: "write_partner" + cleanAndSync: "write_partner" + poolSync: "write_partner" + result: + clean: "write_partner" + cleanAndSync: "write_partner" + poolSync: "write_partner" + + # This installs a dummy cleaning service which performs rudimentary cleaning operations in order to realize the golden record process + bpdm-cleaning-service-dummy: + applicationConfig: + bpdm: + # The cleaning dummy needs to connect to the Orchestrator to realize the Golden Record Process + # Setup client connection (where to connect and the authentication) + # We reuse the general BPDM admin technical user to establish connection between the services + client: + orchestrator: + provider: + issuer-uri: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Central" + registration: + client-id: *bpdmAdminClientId + applicationSecrets: + bpdm: + client: + orchestrator: + registration: + client-secret: *bpdmAdminClientSecret + +dataconsumerOne: + enabled: true + seedTestdata: false + nameOverride: dataconsumer-1 + secrets: + edc-miw-keycloak-secret: changeme + tractusx-connector: + nameOverride: dataconsumer-1-edc + participant: + id: BPNL00000003AZQP + iatp: + id: did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AZQP + trustedIssuers: + - did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK + sts: + dim: + url: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/sts + oauth: + token_url: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/oauth/token + client: + id: BPNL00000003AZQP + secret_alias: edc-miw-keycloak-secret + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api + EDC_IAM_DID_WEB_USE_HTTPS: false + bdrs: + server: + url: https://bdrs-server.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/directory + endpoints: + management: + authKey: TEST1 + ingresses: + - enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + hostname: "dataconsumer-1-controlplane.dd0929a713804ca78962.germanywestcentral.aksapp.io" + endpoints: + - default + - protocol + - management + # className: "" + tls: + enabled: true + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api + EDC_IAM_DID_WEB_USE_HTTPS: false + ingresses: + - enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + hostname: "dataconsumer-1-dataplane.dd0929a713804ca78962.germanywestcentral.aksapp.io" + endpoints: + - default + - public + # className: "" + tls: + enabled: true + token: + signer: + privatekey_alias: tokenSignerPrivateKey + verifier: + publickey_alias: tokenSignerPublicKey + postgresql: + nameOverride: dataconsumer-1-db + jdbcUrl: "jdbc:postgresql://{{ .Release.Name }}-dataconsumer-1-db:5432/edc" + auth: + password: "dbpassworddataconsumerone" + postgresPassword: "dbpassworddataconsumerone" + vault: + hashicorp: + url: http://edc-dataconsumer-1-vault:8200 + secretNames: + transferProxyTokenSignerPrivateKey: tokenSignerPrivateKey + transferProxyTokenSignerPublicKey: tokenSignerPublicKey + transferProxyTokenEncryptionAesKey: tokenEncryptionAesKey + + vault: + nameOverride: edc-dataconsumer-1-vault + fullnameOverride: edc-dataconsumer-1-vault + enabled: true + server: + postStart: [] + + digital-twin-registry: + enabled: false + + simple-data-backend: + enabled: false + +tx-data-provider: + enabled: true + seedTestdata: true + backendUrl: http://{{ .Release.Name }}-dataprovider-submodelserver:8080 + registryUrl: http://{{ .Release.Name }}-dataprovider-dtr:8080/api/v3 + controlplanePublicUrl: http://{{ .Release.Name }}-dataprovider-edc-controlplane:8084 + controlplaneManagementUrl: http://{{ .Release.Name }}-dataprovider-edc-controlplane:8081 + dataplaneUrl: http://{{ .Release.Name }}-dataprovider-edc-dataplane:8081 + nameOverride: dataprovider + secrets: + edc-miw-keycloak-secret: changeme + tractusx-connector: + nameOverride: dataprovider-edc + participant: + id: BPNL00000003AYRE + iatp: + id: did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AYRE + trustedIssuers: + - did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK + sts: + dim: + url: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/sts + oauth: + token_url: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/oauth/token + client: + id: BPNL00000003AYRE + secret_alias: edc-miw-keycloak-secret + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api + EDC_IAM_DID_WEB_USE_HTTPS: false + bdrs: + server: + url: https://bdrs-server.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/directory + endpoints: + management: + authKey: TEST2 + ingresses: + - enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + hostname: "dataprovider-controlplane.dd0929a713804ca78962.germanywestcentral.aksapp.io" + endpoints: + - default + - protocol + - management + # className: "" + tls: + enabled: true + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api + EDC_IAM_DID_WEB_USE_HTTPS: false + ingresses: + - enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: addon-http-application-routing + hostname: "dataprovider-dataplane.dd0929a713804ca78962.germanywestcentral.aksapp.io" + endpoints: + - default + - public + # className: "" + tls: + enabled: true + token: + signer: + privatekey_alias: tokenSignerPrivateKey + verifier: + publickey_alias: tokenSignerPublicKey + postgresql: + nameOverride: dataprovider-db + jdbcUrl: "jdbc:postgresql://{{ .Release.Name }}-dataprovider-db:5432/edc" + auth: + password: "dbpasswordtxdataprovider" + postgresPassword: "dbpasswordtxdataprovider" + vault: + hashicorp: + url: http://edc-dataprovider-vault:8200 + secretNames: + transferProxyTokenSignerPrivateKey: tokenSignerPrivateKey + transferProxyTokenSignerPublicKey: tokenSignerPublicKey + transferProxyTokenEncryptionAesKey: tokenEncryptionAesKey + + vault: + nameOverride: edc-dataprovider-vault + fullnameOverride: edc-dataprovider-vault + enabled: true + server: + postStart: [] + + digital-twin-registry: + nameOverride: dataprovider-dtr + postgresql: + nameOverride: dataprovider-dtr-db + auth: + password: "dbpassworddtrdataprovider" + existingSecret: dataprovider-secret-dtr-postgres-init + registry: + host: dataprovider-dtr.test + + simple-data-backend: + nameOverride: dataprovider-submodelserver + ingress: + enabled: true + ingressClassName: "" + annotations: + # uncomment the following line for tls + kubernetes.io/ingress.class: addon-http-application-routing + # nginx.ingress.kubernetes.io/proxy-body-size: 50m + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: "submodelserver.dd0929a713804ca78962.germanywestcentral.aksapp.io" + paths: + - path: "/" + pathType: "ImplementationSpecific" + tls: + - secretName: "submodelserver.tx.test-tls" + hosts: + - "submodelserver.dd0929a713804ca78962.germanywestcentral.aksapp.io" + resources: + limits: + cpu: 500m + memory: 1024Mi + requests: + cpu: 500m + memory: 1024Mi + +semantic-hub: + enabled: false + enableKeycloak: false + keycloak: + postgresql: + architecture: standalone + primary: + persistence: + enabled: false + hub: + authentication: false + livenessProbe: + initialDelaySeconds: 200 + readinessProbe: + initialDelaySeconds: 200 + host: semantics.dd0929a713804ca78962.germanywestcentral.aksapp.io + ingress: + enabled: true + tls: false + urlPrefix: "/hub" + className: "nginx" + annotations: + cert-manager.io/cluster-issuer: "my-ca-issuer" + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/x-forwarded-prefix: "/hub" + graphdb: + enabled: true + image: jena-fuseki-docker:4.7.0 + imagePullPolicy: Never + storageClassName: "" + storageSize: 8Gi + +dataconsumerTwo: + enabled: false + seedTestdata: false + nameOverride: dataconsumer-2 + secrets: + edc-miw-keycloak-secret: changeme + tractusx-connector: + nameOverride: dataconsumer-2-edc + participant: + id: BPNL00000003AVTH + iatp: + id: did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AVTH + trustedIssuers: + - did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK + sts: + dim: + url: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/sts + oauth: + token_url: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/oauth/token + client: + id: BPNL00000003AVTH + secret_alias: edc-miw-keycloak-secret + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api + EDC_IAM_DID_WEB_USE_HTTPS: false + bdrs: + server: + url: https://bdrs-server.dd0929a713804ca78962.germanywestcentral.aksapp.io/api/directory + endpoints: + management: + authKey: TEST3 + ingresses: + - enabled: true + hostname: "dataconsumer-2-controlplane.dd0929a713804ca78962.germanywestcentral.aksapp.io" + endpoints: + - default + - protocol + - management + className: "nginx" + tls: + enabled: false + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io/api + EDC_IAM_DID_WEB_USE_HTTPS: false + ingresses: + - enabled: true + hostname: "dataconsumer-2-dataplane.dd0929a713804ca78962.germanywestcentral.aksapp.io" + endpoints: + - default + - public + className: "nginx" + tls: + enabled: false + token: + signer: + privatekey_alias: tokenSignerPrivateKey + verifier: + publickey_alias: tokenSignerPublicKey + postgresql: + nameOverride: dataconsumer-2-db + jdbcUrl: "jdbc:postgresql://{{ .Release.Name }}-dataconsumer-2-db:5432/edc" + auth: + password: "dbpassworddataconsumertwo" + postgresPassword: "dbpassworddataconsumertwo" + vault: + hashicorp: + url: http://edc-dataconsumer-2-vault:8200 + secretNames: + transferProxyTokenSignerPrivateKey: tokenSignerPrivateKey + transferProxyTokenSignerPublicKey: tokenSignerPublicKey + transferProxyTokenEncryptionAesKey: tokenEncryptionAesKey + + vault: + nameOverride: edc-dataconsumer-2-vault + fullnameOverride: edc-dataconsumer-2-vault + enabled: true + server: + postStart: [] + + digital-twin-registry: + enabled: false + + simple-data-backend: + enabled: false + +pgadmin4: + enabled: true + env: + email: pgadmin4@txtest.org + password: tractusxpgdamin4 + persistentVolume: + enabled: false + ingress: + enabled: true + ingressClassName: "" + annotations: + # uncomment the following line for tls + kubernetes.io/ingress.class: addon-http-application-routing + # nginx.ingress.kubernetes.io/proxy-body-size: 50m + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: pgadmin4.dd0929a713804ca78962.germanywestcentral.aksapp.io + paths: + - path: / + pathType: Prefix + tls: + - secretName: "pgadmin4.tx.test-tls" + hosts: + - "pgadmin4.dd0929a713804ca78962.germanywestcentral.aksapp.io" + + +bdrs-server-memory: + nameOverride: bdrs-server + fullnameOverride: bdrs-server + enabled: true + seeding: + url: "http://bdrs-server:8081" + enabled: true + bpnList: + - bpn: "BPNL00000003CRHK" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK" + - bpn: "BPNL00000003B3NX" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003B3NX" + - bpn: "BPNL00000003CSGV" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CSGV" + - bpn: "BPNL00000003B6LU" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003B6LU" + - bpn: "BPNL00000003AXS3" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AXS3" + - bpn: "BPNL00000003AZQP" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AZQP" + - bpn: "BPNL00000003AWSS" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AWSS" + - bpn: "BPNL00000003AYRE" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AYRE" + - bpn: "BPNL00000003AVTH" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003AVTH" + - bpn: "BPNL00000000BJTL" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000000BJTL" + - bpn: "BPNL00000003CML1" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CML1" + - bpn: "BPNL00000003B2OM" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003B2OM" + - bpn: "BPNL00000003B0Q0" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003B0Q0" + - bpn: "BPNL00000003B5MJ" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003B5MJ" + - bpn: "BPNS0000000008ZZ" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNS0000000008ZZ" + - bpn: "BPNL00000003CNKC" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CNKC" + - bpn: "BPNS00000008BDFH" + did: "did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNS00000008BDFH" + + server: + trustedIssuers: + - did:web:ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io:BPNL00000003CRHK + env: + EDC_IAM_DID_WEB_USE_HTTPS: false + endpoints: + management: + authKey: TEST + ingresses: + - enabled: true + annotations: + # uncomment the following line for tls + kubernetes.io/ingress.class: addon-http-application-routing + # nginx.ingress.kubernetes.io/proxy-body-size: 50m + cert-manager.io/cluster-issuer: letsencrypt-prod + hostname: bdrs-server.dd0929a713804ca78962.germanywestcentral.aksapp.io + endpoints: + - directory + - management + # className: "nginx" + tls: + enabled: true + + +ssi-dim-wallet-stub: + enabled: true + wallet: + replicaCount: 1 + host: ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io + nameSpace: "umbrella-saud" + appName: "ssi-dim-wallet-stub" + configName: "ssi-dim-wallet-config" + serviceName: "ssi-dim-wallet-service" + secretName: "ssi-dim-wallet-secret" + ingressName: "ssi-dim-wallet-ingress" + ingress: + enabled: true + tls: true + urlPrefix: / + className: "addon-http-application-routing" + annotations: + # uncomment the following line for tls + kubernetes.io/ingress.class: addon-http-application-routing + cert-manager.io/cluster-issuer: letsencrypt-prod + swagger: + ui: + status: true + apiDoc: + status: true + logLevel: "debug" + environment: "default" + baseWalletBpn: "BPNL00000003CRHK" + didHost: "ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io" + stubUrl: "https://ssi-dim-wallet-stub.dd0929a713804ca78962.germanywestcentral.aksapp.io" + statusListVcId: "8a6c7486-1e1f-4555-bdd2-1a178182651e" + tokenExpiryTime: "5" + portal: + waitTime: "60" + host: "https://portal-backend.dd0929a713804ca78962.germanywestcentral.aksapp.io" + clientId: "sa-cl2-05" + clientSecret: "zuBGfr67Tj0WJ5fAJSIRvoPEP5hSQFMT" + keycloak: + realm: "CX-Central" + authServerUrl: "https://centralidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth" + service: + type: ClusterIP + port: 8080 + keycloak: + enabled: false diff --git a/charts/umbrella/values.yaml b/charts/umbrella/values.yaml index 8a1a445..c59bdb4 100644 --- a/charts/umbrella/values.yaml +++ b/charts/umbrella/values.yaml @@ -42,7 +42,11 @@ portal: poolApiPath: "/pool/v6" portalGateAddress: "http://business-partners.tx.test" portalGateApiPath: "/gate/v6" - custodianAddress: "http://managed-identity-wallets.tx.test" + custodianAddress: "http://ssi-dim-wallet-stub.tx.test" + dimWrapper: + baseAddress: "http://ssi-dim-wallet-stub.tx.test" + apiPath: "/api/dim" + decentralIdentityManagementAuthAddress: "http://ssi-dim-wallet-stub.tx.test/api/sts" sdfactoryAddress: "http://sdfactory.tx.test" clearinghouseAddress: "http://validation.tx.test" clearinghouseTokenAddress: "http://keycloak.tx.test/realms/example/protocol/openid-connect/token" @@ -111,7 +115,7 @@ portal: encryptionConfigs: index0: encryptionKey: "deb8261ec7b89c344f1c5ef5a11606e305f14e0d231b1357d90ad0180c5081d3" - issuerdid: "did:web:managed-identity-wallets.tx.test:BPNL00000003CRHK" + issuerdid: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK" swaggerEnabled: true appmarketplace: logging: @@ -128,6 +132,7 @@ portal: default: "Debug" swaggerEnabled: true processesworker: + clearinghouseConnectDisabled: true logging: default: "Debug" processesLibrary: "Debug" @@ -155,8 +160,11 @@ portal: clientId: "sa-cl2-03" clientSecret: "changeme" dim: - clientId: "dim-client-id" - clientSecret: "" + clientId: "sa-cl2-05" + clientSecret: "zuBGfr67Tj0WJ5fAJSIRvoPEP5hSQFMT" + grantType: "client_credentials" + scope: "openid" + baseAddress: "http://ssi-dim-wallet-stub.tx.test" universalResolverAddress: "https://dev.uniresolver.io/" encryptionConfigs: index0: @@ -697,11 +705,11 @@ iatpmock: nameOverride: mock-util-service fullnameOverride: mock-util-service # -- see README ## Precondition for IATP Mock - image: - # override with locally built image if needed, default "tractusx/iatp-mock" - repository: "" - # override tag if needed, default "testing" - tag: "" + # image: + # # override with locally built image if needed, default "tractusx/iatp-mock" + # repository: "" + # # override tag if needed, default "testing" + # tag: "" ingress: enabled: true hosts: @@ -713,8 +721,8 @@ iatpmock: ssi-credential-issuer: enabled: false portalBackendAddress: "http://portal-backend.tx.test" - walletAddress: "http://iatpmock.tx.test" - walletTokenAddress: "https://iatpmock-token-address.tx.test/oauth/token" + walletAddress: "http://ssi-dim-wallet-stub.tx.test" + walletTokenAddress: "http://ssi-dim-wallet-stub.tx.test/oauth/token" issuer: swaggerEnabled: true logging: @@ -727,9 +735,9 @@ ssi-credential-issuer: # -- Client-secret for portal client-id. Secret-key 'portal-client-secret'. clientSecret: "changeme" credential: - issuerDid: "did:web:managed-identity-wallets.tx.test:BPNL00000003CRHK" + issuerDid: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK" issuerBpn: "BPNL00000003CRHK" - # statusListUrl: "https://example.org/statuslist" + statusListUrl: "http://ssi-dim-wallet-stub.tx.test/status-list/BPNL00000003CRHK/8a6c7486-1e1f-4555-bdd2-1a178182651e" encryptionConfigIndex: 0 encryptionConfigs: index0: @@ -778,6 +786,8 @@ ssi-credential-issuer: centralidp: # -- Provide centralidp base address (CX IAM), without trailing '/auth'. address: "http://centralidp.tx.test" + jwtBearerOptions: + requireHttpsMetadata: "false" ingress: enabled: true className: "nginx" @@ -994,26 +1004,26 @@ dataconsumerOne: seedTestdata: false nameOverride: dataconsumer-1 secrets: - edc-miw-keycloak-secret: UbfW4CR1xH4OskkovqJ2JzcwnQIrG7oj + edc-miw-keycloak-secret: changeme tractusx-connector: nameOverride: dataconsumer-1-edc participant: id: BPNL00000003AZQP iatp: - id: did:web:mock-util-service/BPNL00000003AZQP + id: did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AZQP trustedIssuers: - - did:web:mock-util-service/trusted-issuer + - did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK sts: dim: - url: http://mock-util-service/sts + url: http://ssi-dim-wallet-stub.tx.test/api/sts oauth: - token_url: http://centralidp.tx.test/auth/realms/CX-Central/protocol/openid-connect/token + token_url: http://ssi-dim-wallet-stub.tx.test/oauth/token client: - id: satest01 + id: BPNL00000003AZQP secret_alias: edc-miw-keycloak-secret controlplane: env: - TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub.tx.test/api EDC_IAM_DID_WEB_USE_HTTPS: false bdrs: server: @@ -1033,7 +1043,7 @@ dataconsumerOne: enabled: false dataplane: env: - TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub.tx.test/api EDC_IAM_DID_WEB_USE_HTTPS: false ingresses: - enabled: true @@ -1086,26 +1096,26 @@ tx-data-provider: dataplaneUrl: http://{{ .Release.Name }}-dataprovider-edc-dataplane:8081 nameOverride: dataprovider secrets: - edc-miw-keycloak-secret: pyFUZP2L9UCSVJUScHcN3ZEgy2PGyEpg + edc-miw-keycloak-secret: changeme tractusx-connector: nameOverride: dataprovider-edc participant: id: BPNL00000003AYRE iatp: - id: did:web:mock-util-service/BPNL00000003AYRE + id: did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AYRE trustedIssuers: - - did:web:mock-util-service/trusted-issuer + - did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK sts: dim: - url: http://mock-util-service/sts + url: http://ssi-dim-wallet-stub.tx.test/api/sts oauth: - token_url: http://centralidp.tx.test/auth/realms/CX-Central/protocol/openid-connect/token + token_url: http://ssi-dim-wallet-stub.tx.test/oauth/token client: - id: satest02 + id: BPNL00000003AYRE secret_alias: edc-miw-keycloak-secret controlplane: env: - TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub.tx.test/api EDC_IAM_DID_WEB_USE_HTTPS: false bdrs: server: @@ -1125,7 +1135,7 @@ tx-data-provider: enabled: false dataplane: env: - TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub.tx.test/api EDC_IAM_DID_WEB_USE_HTTPS: false ingresses: - enabled: true @@ -1217,26 +1227,26 @@ dataconsumerTwo: seedTestdata: false nameOverride: dataconsumer-2 secrets: - edc-miw-keycloak-secret: tPwy4exxH1sXBRQouobSA2nNVaaPuwCs + edc-miw-keycloak-secret: changeme tractusx-connector: nameOverride: dataconsumer-2-edc participant: id: BPNL00000003AVTH iatp: - id: did:web:mock-util-service/BPNL00000003AVTH + id: did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AVTH trustedIssuers: - - did:web:mock-util-service/trusted-issuer + - did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK sts: dim: - url: http://mock-util-service/sts + url: http://ssi-dim-wallet-stub.tx.test/api/sts oauth: - token_url: http://centralidp.tx.test/auth/realms/CX-Central/protocol/openid-connect/token + token_url: http://ssi-dim-wallet-stub.tx.test/oauth/token client: - id: satest03 + id: BPNL00000003AVTH secret_alias: edc-miw-keycloak-secret controlplane: env: - TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub.tx.test/api EDC_IAM_DID_WEB_USE_HTTPS: false bdrs: server: @@ -1256,7 +1266,7 @@ dataconsumerTwo: enabled: false dataplane: env: - TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub.tx.test/api EDC_IAM_DID_WEB_USE_HTTPS: false ingresses: - enabled: true @@ -1323,45 +1333,46 @@ bdrs-server-memory: url: "http://bdrs-server:8081" enabled: true bpnList: + - bpn: "BPNL00000003CRHK" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK" - bpn: "BPNL00000003B3NX" - did: "did:web:mock-util-service/BPNL00000003B3NX" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003B3NX" - bpn: "BPNL00000003CSGV" - did: "did:web:mock-util-service/BPNL00000003CSGV" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CSGV" - bpn: "BPNL00000003B6LU" - did: "did:web:mock-util-service/BPNL00000003B6LU" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003B6LU" - bpn: "BPNL00000003AXS3" - did: "did:web:mock-util-service/BPNL00000003AXS3" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AXS3" - bpn: "BPNL00000003AZQP" - did: "did:web:mock-util-service/BPNL00000003AZQP" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AZQP" - bpn: "BPNL00000003AWSS" - did: "did:web:mock-util-service/BPNL00000003AWSS" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AWSS" - bpn: "BPNL00000003AYRE" - did: "did:web:mock-util-service/BPNL00000003AYRE" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AYRE" - bpn: "BPNL00000003AVTH" - did: "did:web:mock-util-service/BPNL00000003AVTH" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003AVTH" - bpn: "BPNL00000000BJTL" - did: "did:web:mock-util-service/BPNL00000000BJTL" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000000BJTL" - bpn: "BPNL00000003CML1" - did: "did:web:mock-util-service/BPNL00000003CML1" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CML1" - bpn: "BPNL00000003B2OM" - did: "did:web:mock-util-service/BPNL00000003B2OM" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003B2OM" - bpn: "BPNL00000003B0Q0" - did: "did:web:mock-util-service/BPNL00000003B0Q0" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003B0Q0" - bpn: "BPNL00000003B5MJ" - did: "did:web:mock-util-service/BPNL00000003B5MJ" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003B5MJ" - bpn: "BPNS0000000008ZZ" - did: "did:web:mock-util-service/BPNS0000000008ZZ" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNS0000000008ZZ" - bpn: "BPNL00000003CNKC" - did: "did:web:mock-util-service/BPNL00000003CNKC" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CNKC" - bpn: "BPNS00000008BDFH" - did: "did:web:mock-util-service/BPNS00000008BDFH" + did: "did:web:ssi-dim-wallet-stub.tx.test:BPNS00000008BDFH" server: trustedIssuers: - - did:web:mock-util-service/trusted-issuer + - did:web:ssi-dim-wallet-stub.tx.test:BPNL00000003CRHK env: EDC_IAM_DID_WEB_USE_HTTPS: false - endpoints: management: authKey: TEST @@ -1374,3 +1385,46 @@ bdrs-server-memory: className: "nginx" tls: enabled: false + +ssi-dim-wallet-stub: + enabled: false + wallet: + replicaCount: 1 + host: ssi-dim-wallet-stub.tx.test + nameSpace: "umbrella" + appName: "ssi-dim-wallet-stub" + configName: "ssi-dim-wallet-config" + serviceName: "ssi-dim-wallet-service" + secretName: "ssi-dim-wallet-secret" + ingressName: "ssi-dim-wallet-ingress" + ingress: + enabled: true + tls: false + urlPrefix: / + className: nginx + annotations: {} + swagger: + ui: + status: true + apiDoc: + status: true + logLevel: "debug" + environment: "default" + baseWalletBpn: "BPNL00000003CRHK" + didHost: "ssi-dim-wallet-stub.tx.test" + stubUrl: "http://ssi-dim-wallet-stub.tx.test" + statusListVcId: "8a6c7486-1e1f-4555-bdd2-1a178182651e" + tokenExpiryTime: "5" + portal: + waitTime: "60" + host: "http://portal-backend.tx.test" + clientId: "sa-cl2-05" + clientSecret: "zuBGfr67Tj0WJ5fAJSIRvoPEP5hSQFMT" + keycloak: + realm: "CX-Central" + authServerUrl: "http://centralidp.tx.test/auth" + service: + type: ClusterIP + port: 8080 + keycloak: + enabled: false \ No newline at end of file diff --git a/charts/values-test-data-exchange-iatp-mock.yaml b/charts/values-test-data-exchange-iatp-mock.yaml new file mode 100644 index 0000000..05dcf57 --- /dev/null +++ b/charts/values-test-data-exchange-iatp-mock.yaml @@ -0,0 +1,131 @@ +############################################################### +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +centralidp: + enabled: true + realmSeeding: + initContainer: + image: + name: kind-registry:5000/init-container:testing + pullPolicy: Always + +iatpmock: + enabled: true + +bdrs-server-memory: + enabled: true + seeding: + bpnList: + - bpn: "BPNL00000003B3NX" + did: "did:web:mock-util-service/BPNL00000003B3NX" + - bpn: "BPNL00000003CSGV" + did: "did:web:mock-util-service/BPNL00000003CSGV" + - bpn: "BPNL00000003B6LU" + did: "did:web:mock-util-service/BPNL00000003B6LU" + - bpn: "BPNL00000003AXS3" + did: "did:web:mock-util-service/BPNL00000003AXS3" + - bpn: "BPNL00000003AZQP" + did: "did:web:mock-util-service/BPNL00000003AZQP" + - bpn: "BPNL00000003AWSS" + did: "did:web:mock-util-service/BPNL00000003AWSS" + - bpn: "BPNL00000003AYRE" + did: "did:web:mock-util-service/BPNL00000003AYRE" + - bpn: "BPNL00000003AVTH" + did: "did:web:mock-util-service/BPNL00000003AVTH" + - bpn: "BPNL00000000BJTL" + did: "did:web:mock-util-service/BPNL00000000BJTL" + - bpn: "BPNL00000003CML1" + did: "did:web:mock-util-service/BPNL00000003CML1" + - bpn: "BPNL00000003B2OM" + did: "did:web:mock-util-service/BPNL00000003B2OM" + - bpn: "BPNL00000003B0Q0" + did: "did:web:mock-util-service/BPNL00000003B0Q0" + - bpn: "BPNL00000003B5MJ" + did: "did:web:mock-util-service/BPNL00000003B5MJ" + - bpn: "BPNS0000000008ZZ" + did: "did:web:mock-util-service/BPNS0000000008ZZ" + - bpn: "BPNL00000003CNKC" + did: "did:web:mock-util-service/BPNL00000003CNKC" + - bpn: "BPNS00000008BDFH" + did: "did:web:mock-util-service/BPNS00000008BDFH" + + hostname: &hostname bdrs-server.tx.test + server: + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + ingresses: + - enabled: true + hostname: *hostname + endpoints: + - directory + - management + tls: + enabled: false + +dataconsumerOne: + enabled: true + secrets: + edc-miw-keycloak-secret: UbfW4CR1xH4OskkovqJ2JzcwnQIrG7oj + tractusx-connector: + iatp: + id: did:web:mock-util-service/BPNL00000003AZQP + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + sts: + dim: + url: http://mock-util-service/sts + oauth: + token_url: http://umbrella-centralidp:80/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: satest01 + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + bdrs: + server: + url: http://bdrs-server:8082/api/directory + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + +tx-data-provider: + enabled: true + secrets: + edc-miw-keycloak-secret: pyFUZP2L9UCSVJUScHcN3ZEgy2PGyEpg + tractusx-connector: + iatp: + id: did:web:mock-util-service/BPNL00000003AYRE + trustedIssuers: + - did:web:mock-util-service/trusted-issuer + sts: + dim: + url: http://mock-util-service/sts + oauth: + token_url: http://umbrella-centralidp:80/auth/realms/CX-Central/protocol/openid-connect/token + client: + id: satest02 + controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service + bdrs: + server: + url: http://bdrs-server:8082/api/directory + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://mock-util-service diff --git a/charts/values-test-data-exchange.yaml b/charts/values-test-data-exchange.yaml index 876f720..358fdcc 100644 --- a/charts/values-test-data-exchange.yaml +++ b/charts/values-test-data-exchange.yaml @@ -17,40 +17,73 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -centralidp: - enabled: true - realmSeeding: - initContainer: - image: - name: kind-registry:5000/init-container:testing - pullPolicy: Always - -iatpmock: +ssi-dim-wallet-stub: enabled: true + wallet: + nameSpace: "data-exchange" + didHost: "ssi-dim-wallet-service" + stubUrl: "http://ssi-dim-wallet-service" + service: + type: ClusterIP + port: 80 bdrs-server-memory: enabled: true + seeding: + url: "http://bdrs-server:8081" + enabled: true + bpnList: + - bpn: "BPNL00000003CRHK" + did: "did:web:ssi-dim-wallet-service:BPNL00000003CRHK" + - bpn: "BPNL00000003AZQP" + did: "did:web:ssi-dim-wallet-service:BPNL00000003AZQP" + - bpn: "BPNL00000003AYRE" + did: "did:web:ssi-dim-wallet-service:BPNL00000003AYRE" + + server: + trustedIssuers: + - did:web:ssi-dim-wallet-service:BPNL00000003CRHK dataconsumerOne: enabled: true tractusx-connector: iatp: + id: did:web:ssi-dim-wallet-service:BPNL00000003AZQP + trustedIssuers: + - did:web:ssi-dim-wallet-service:BPNL00000003CRHK sts: + dim: + url: http://ssi-dim-wallet-service/api/sts oauth: - token_url: http://umbrella-centralidp:80/auth/realms/CX-Central/protocol/openid-connect/token + token_url: http://ssi-dim-wallet-service/oauth/token controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-stub/api bdrs: server: url: http://bdrs-server:8082/api/directory + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-service/api tx-data-provider: enabled: true tractusx-connector: iatp: + id: did:web:ssi-dim-wallet-service:BPNL00000003AYRE + trustedIssuers: + - did:web:ssi-dim-wallet-service:BPNL00000003CRHK sts: + dim: + url: http://ssi-dim-wallet-service/api/sts oauth: - token_url: http://umbrella-centralidp:80/auth/realms/CX-Central/protocol/openid-connect/token + token_url: http://ssi-dim-wallet-service/oauth/token controlplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-service/api bdrs: server: url: http://bdrs-server:8082/api/directory + dataplane: + env: + TX_IAM_IATP_CREDENTIALSERVICE_URL: http://ssi-dim-wallet-service/api diff --git a/charts/values-test-shared-services-1.yaml b/charts/values-test-shared-services-1.yaml index b5851bb..fe4f645 100644 --- a/charts/values-test-shared-services-1.yaml +++ b/charts/values-test-shared-services-1.yaml @@ -34,8 +34,15 @@ sharedidp: selfdescription: enabled: true -iatpmock: +ssi-dim-wallet-stub: enabled: true + wallet: + nameSpace: "shared-services" + didHost: "ssi-dim-wallet-service" + stubUrl: "http://ssi-dim-wallet-service" + service: + type: ClusterIP + port: 80 bdrs-server-memory: enabled: true diff --git a/init-container/iam/centralidp/CX-Central-realm.json b/init-container/iam/centralidp/CX-Central-realm.json index 5a87665..a2ff76e 100644 --- a/init-container/iam/centralidp/CX-Central-realm.json +++ b/init-container/iam/centralidp/CX-Central-realm.json @@ -70,18 +70,10 @@ "description": "${role_default-roles}", "composite": true, "composites": { - "realm": [ - "offline_access", - "uma_authorization" - ], + "realm": ["offline_access", "uma_authorization"], "client": { - "Cl23-CX-Policy-Hub": [ - "view_policy_hub" - ], - "account": [ - "manage-account", - "view-profile" - ] + "Cl23-CX-Policy-Hub": ["view_policy_hub"], + "account": ["manage-account", "view-profile"] } }, "clientRole": false, @@ -152,19 +144,10 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "delete_documents", - "view_registration" - ], - "Cl24-CX-SSI-CredentialIssuer": [ - "view_credential_requests" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["delete_documents", "view_registration"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], "Cl2-CX-Portal": [ "view_license_types", "delete_connectors", @@ -293,18 +276,10 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], - "Cl24-CX-SSI-CredentialIssuer": [ - "view_credential_requests" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], "Cl2-CX-Portal": [ "view_license_types", "view_technical_setup", @@ -331,15 +306,9 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], "Cl24-CX-SSI-CredentialIssuer": [ "view_credential_requests", "view_certificates", @@ -670,15 +639,9 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], "Cl24-CX-SSI-CredentialIssuer": [ "view_credential_requests", "view_use_case_participation", @@ -729,9 +692,7 @@ "view_connectors", "view_partner_network" ], - "Cl3-CX-Semantic": [ - "view_semantic_model" - ] + "Cl3-CX-Semantic": ["view_semantic_model"] } }, "clientRole": true, @@ -744,18 +705,10 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], - "Cl24-CX-SSI-CredentialIssuer": [ - "view_credential_requests" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], "Cl2-CX-Portal": [ "view_app_subscription", "view_service_subscriptions", @@ -827,6 +780,14 @@ "composite": true, "composites": { "client": { + "Cl7-CX-BPDM": [ + "read_partner_member", + "read_metadata", + "read_changelog_member" + ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -914,18 +875,10 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], - "Cl24-CX-SSI-CredentialIssuer": [ - "view_credential_requests" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], "Cl2-CX-Portal": [ "view_documents", "view_membership", @@ -944,9 +897,7 @@ "delete_notifications", "view_partner_network" ], - "Cl3-CX-Semantic": [ - "view_semantic_model" - ] + "Cl3-CX-Semantic": ["view_semantic_model"] } }, "clientRole": true, @@ -994,18 +945,10 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], - "Cl24-CX-SSI-CredentialIssuer": [ - "view_credential_requests" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], "Cl2-CX-Portal": [ "add_apps", "add_tech_user_management", @@ -1128,18 +1071,10 @@ "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet" - ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], - "Cl24-CX-SSI-CredentialIssuer": [ - "view_credential_requests" - ], + "Cl5-CX-Custodian": ["view_wallet"], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], "Cl2-CX-Portal": [ "view_app_subscription", "view_service_subscriptions", @@ -1206,12 +1141,8 @@ "update_wallet", "delete_wallet" ], - "technical_roles_management": [ - "BPDM Pool Consumer" - ], - "Cl1-CX-Registration": [ - "view_registration" - ], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl1-CX-Registration": ["view_registration"], "Cl24-CX-SSI-CredentialIssuer": [ "decision_ssicredential", "revoke_credential", @@ -1336,6 +1267,14 @@ "composite": true, "composites": { "client": { + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_metadata", + "read_partner_member" + ], + "technical_roles_management": ["BPDM Pool Consumer"], + "Cl24-CX-SSI-CredentialIssuer": ["view_credential_requests"], + "Cl2-CX-Portal": ["CX User"] "technical_roles_management": [ "BPDM Sharing Output Consumer", "BPDM Sharing Input Manager", @@ -1510,6 +1449,246 @@ "attributes": {} } ], + "technical_roles_management": [ + { + "id": "94f74d64-272b-497d-b280-e2007bf4adb4", + "name": "BPDM Pool Sharing Consumer", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_metadata", + "read_partner_member", + "read_changelog" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl3-CX-Semantic": ["view_semantic_model"] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "80d0af88-3cad-47d2-b2b5-3992941573b8", + "name": "BPDM Sharing Input Manager", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "write_input_partner", + "read_stats" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "e2f27c6d-b183-4a3a-abfa-332edaa09bf5", + "name": "BPDM Sharing Admin", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_output_changelog", + "read_output_partner", + "write_sharing_state", + "read_input_partner", + "write_input_partner", + "write_output_partner", + "read_stats" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "d26cf5c3-665c-4522-bbc4-fb28f6c62d11", + "name": "BPDM Pool Admin", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_partner", + "read_metadata", + "read_partner_member", + "write_metadata", + "read_changelog", + "write_partner" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", + "composite": true, + "composites": { + "client": { + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": ["view_discovery_endpoint"], + "Cl2-CX-Portal": ["view_connectors"] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "bf0d0e2e-a58a-4f2e-ae40-a4f9754b55e1", + "name": "BPDM Sharing Output Consumer", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "read_sharing_state", + "read_output_changelog", + "read_output_partner", + "read_stats" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": ["view_membership"] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": ["view_wallet", "update_wallet"] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "3ffec12b-e9da-46d2-ae71-d9b0a196d030", + "name": "BPDM Pool Consumer", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_metadata", + "read_changelog" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "4348abf6-499f-41cd-91a5-c22afee81629", + "name": "BPDM Sharing Input Consumer", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + } + ], "satest14": [], "admin-cli": [], "satest13": [], @@ -1561,10 +1740,7 @@ "composite": true, "composites": { "client": { - "realm-management": [ - "query-users", - "query-groups" - ] + "realm-management": ["query-users", "query-groups"] } }, "clientRole": true, @@ -1683,9 +1859,7 @@ "composite": true, "composites": { "client": { - "realm-management": [ - "query-clients" - ] + "realm-management": ["query-clients"] } }, "clientRole": true, @@ -2655,9 +2829,7 @@ "composite": true, "composites": { "client": { - "account": [ - "view-consent" - ] + "account": ["view-consent"] } }, "clientRole": true, @@ -2680,9 +2852,7 @@ "composite": true, "composites": { "client": { - "account": [ - "manage-account-links" - ] + "account": ["manage-account-links"] } }, "clientRole": true, @@ -2759,9 +2929,7 @@ "clientRole": false, "containerId": "CX-Central" }, - "requiredCredentials": [ - "password" - ], + "requiredCredentials": ["password"], "otpPolicyType": "totp", "otpPolicyAlgorithm": "HmacSHA1", "otpPolicyInitialCounter": 0, @@ -2776,9 +2944,7 @@ ], "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", - "webAuthnPolicySignatureAlgorithms": [ - "ES256" - ], + "webAuthnPolicySignatureAlgorithms": ["ES256"], "webAuthnPolicyRpId": "", "webAuthnPolicyAttestationConveyancePreference": "not specified", "webAuthnPolicyAuthenticatorAttachment": "not specified", @@ -2789,9 +2955,7 @@ "webAuthnPolicyAcceptableAaguids": [], "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", - "webAuthnPolicyPasswordlessSignatureAlgorithms": [ - "ES256" - ], + "webAuthnPolicyPasswordlessSignatureAlgorithms": ["ES256"], "webAuthnPolicyPasswordlessRpId": "", "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", @@ -2802,6 +2966,37 @@ "webAuthnPolicyPasswordlessAcceptableAaguids": [], "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ + { + "id": "502dabcf-01c7-47d9-a88e-0be4279097b5", + "createdTimestamp": 1652788086549, + "username": "ac1cf001-7fbc-1f2f-817f-bce058020006", + "enabled": true, + "totp": false, + "emailVerified": false, + "firstName": "Operator", + "lastName": "CX Admin", + "email": "tobeadded@tx.test", + "attributes": { + "bpn": ["BPNL00000003CRHK"], + "organisation": ["CX-Operator"] + }, + "credentials": [], + "disableableCredentialTypes": [], + "requiredActions": [], + "federatedIdentities": [ + { + "identityProvider": "CX-Operator", + "userId": "656e8a94-188b-4a3e-9eec-b45d8efd8347", + "userName": "cx-operator@tx.test" + } + ], + "realmRoles": ["default-roles-catena-x realm"], + "clientRoles": { + "Cl2-CX-Portal": ["CX Admin"] + }, + "notBefore": 0, + "groups": [] + }, { "id": "e69c1397-eee8-434a-b83b-dc7944bb9bdd", "createdTimestamp": 1651730911692, @@ -2811,12 +3006,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl1-reg-2", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -2839,19 +3033,16 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl2-01", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "Cl2-CX-Portal": [ - "update_application_checklist_value" - ] + "Cl2-CX-Portal": ["update_application_checklist_value"] }, "notBefore": 0, "groups": [] @@ -2865,12 +3056,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl2-02", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -2892,12 +3082,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl2-03", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -2913,12 +3102,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl2-04", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -2944,16 +3132,16 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl2-05", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { + "Cl2-CX-Portal": ["store_didDocument"] "Cl2-CX-Portal": [ "store_didDocument", "technical_roles_management" @@ -2971,12 +3159,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl21-01", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -2999,12 +3186,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl22-01", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -3026,6 +3212,30 @@ "totp": false, "emailVerified": false, "serviceAccountClientId": "sa-cl24-01", + "attributes": { + "bpn": ["BPNL00000003CRHK"] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], + "clientRoles": { + "Cl2-CX-Portal": [ + "send_mail", + "update_application_bpn_credential", + "update_application_membership_credential" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "bbb919dd-b3aa-4ec3-8786-582787886276", + "createdTimestamp": 1722276592957, + "username": "service-account-sa-cl25-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl25-cx-1", "attributes": { "bpn": [ "BPNL00000003CRHK" @@ -3126,15 +3336,13 @@ "groups": [] }, { - "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", - "createdTimestamp": 1658347753956, - "username": "service-account-sa-cl3-cx-1", + "id": "e24da044-7290-45f4-a2ea-cb8165393f0a", + "createdTimestamp": 1722276592957, + "username": "service-account-sa-cl25-cx-2", "enabled": true, "totp": false, "emailVerified": false, - "firstName": "", - "lastName": "", - "serviceAccountClientId": "sa-cl3-cx-1", + "serviceAccountClientId": "sa-cl25-cx-2", "attributes": { "bpn": [ "BPNL00000003CRHK" @@ -3167,12 +3375,11 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl5-custodian-2", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], @@ -3218,13 +3425,13 @@ "groups": [] }, { - "id": "f014ed5d-9e05-4f29-a5c0-227c7e7b479e", - "createdTimestamp": 1670157703230, - "username": "service-account-sa-cl7-cx-5", + "id": "95796de5-c9c6-46fc-a3f7-7af782ea9024", + "createdTimestamp": 1722276592957, + "username": "service-account-sa-cl7-cx-1", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-5", + "serviceAccountClientId": "sa-cl7-cx-1", "attributes": { "bpn": [ "BPNL00000003CRHK" @@ -3273,6 +3480,26 @@ "notBefore": 0, "groups": [] }, + { + "id": "f014ed5d-9e05-4f29-a5c0-227c7e7b479e", + "createdTimestamp": 1670157703230, + "username": "service-account-sa-cl7-cx-5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-5", + "attributes": { + "bpn": ["BPNL00000003CRHK"] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], + "clientRoles": { + "technical_roles_management": ["BPDM Sharing Admin", "BPDM Pool Admin"] + }, + "notBefore": 0, + "groups": [] + }, { "id": "dcb9a153-e1b4-4fac-bc51-7032023e9db9", "createdTimestamp": 1675867052982, @@ -3282,19 +3509,16 @@ "emailVerified": false, "serviceAccountClientId": "sa-cl8-cx-1", "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] + "bpn": ["BPNL00000003CRHK"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "Cl2-CX-Portal": [ - "add_self_descriptions" - ] + "Cl2-CX-Portal": ["add_self_descriptions"] }, "notBefore": 0, "groups": [] @@ -3310,19 +3534,16 @@ "lastName": "", "serviceAccountClientId": "satest01", "attributes": { - "bpn": [ - "BPNL00000003AZQP" - ] + "bpn": ["BPNL00000003AZQP"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3338,19 +3559,16 @@ "lastName": "", "serviceAccountClientId": "satest02", "attributes": { - "bpn": [ - "BPNL00000003AYRE" - ] + "bpn": ["BPNL00000003AYRE"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3366,19 +3584,16 @@ "lastName": "", "serviceAccountClientId": "satest03", "attributes": { - "bpn": [ - "BPNL00000003AVTH" - ] + "bpn": ["BPNL00000003AVTH"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3394,19 +3609,16 @@ "lastName": "", "serviceAccountClientId": "satest04", "attributes": { - "bpn": [ - "BPNL00000003AWSS" - ] + "bpn": ["BPNL00000003AWSS"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3422,19 +3634,16 @@ "lastName": "", "serviceAccountClientId": "satest05", "attributes": { - "bpn": [ - "BPNL00000003B0Q0" - ] + "bpn": ["BPNL00000003B0Q0"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3450,19 +3659,16 @@ "lastName": "", "serviceAccountClientId": "satest06", "attributes": { - "bpn": [ - "BPNS0000000008ZZ" - ] + "bpn": ["BPNS0000000008ZZ"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3478,19 +3684,16 @@ "lastName": "", "serviceAccountClientId": "satest07", "attributes": { - "bpn": [ - "BPNL00000003CNKC" - ] + "bpn": ["BPNL00000003CNKC"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3506,19 +3709,16 @@ "lastName": "", "serviceAccountClientId": "satest08", "attributes": { - "bpn": [ - "BPNL00000003B6LU" - ] + "bpn": ["BPNL00000003B6LU"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3534,19 +3734,16 @@ "lastName": "", "serviceAccountClientId": "satest09", "attributes": { - "bpn": [ - "BPNL00000003CML1" - ] + "bpn": ["BPNL00000003CML1"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3562,19 +3759,16 @@ "lastName": "", "serviceAccountClientId": "satest10", "attributes": { - "bpn": [ - "BPNS00000008BDFH" - ] + "bpn": ["BPNS00000008BDFH"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3590,19 +3784,16 @@ "lastName": "", "serviceAccountClientId": "satest11", "attributes": { - "bpn": [ - "BPNL00000003B2OM" - ] + "bpn": ["BPNL00000003B2OM"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3618,19 +3809,16 @@ "lastName": "", "serviceAccountClientId": "satest12", "attributes": { - "bpn": [ - "BPNL00000003CSGV" - ] + "bpn": ["BPNL00000003CSGV"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3646,19 +3834,16 @@ "lastName": "", "serviceAccountClientId": "satest13", "attributes": { - "bpn": [ - "BPNL00000003B5MJ" - ] + "bpn": ["BPNL00000003B5MJ"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3674,19 +3859,16 @@ "lastName": "", "serviceAccountClientId": "satest14", "attributes": { - "bpn": [ - "BPNL00000003AXS3" - ] + "bpn": ["BPNL00000003AXS3"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3702,19 +3884,16 @@ "lastName": "", "serviceAccountClientId": "satest15", "attributes": { - "bpn": [ - "BPNL00000003B3NX" - ] + "bpn": ["BPNL00000003B3NX"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3730,19 +3909,16 @@ "lastName": "", "serviceAccountClientId": "satest16", "attributes": { - "bpn": [ - "BPNL00000000BJTL" - ] + "bpn": ["BPNL00000000BJTL"] }, "disableableCredentialTypes": [], "requiredActions": [], + "realmRoles": ["default-roles-catena-x realm"], "realmRoles": [ "default-roles-cx-central" ], "clientRoles": { - "technical_roles_management": [ - "Identity Wallet Management" - ] + "technical_roles_management": ["Identity Wallet Management"] }, "notBefore": 0, "groups": [] @@ -3751,9 +3927,7 @@ "scopeMappings": [ { "clientScope": "offline_access", - "roles": [ - "offline_access" - ] + "roles": ["offline_access"] } ], "clientScopeMappings": { @@ -3770,11 +3944,7 @@ "realm-management": [ { "client": "sa-cl1-reg-2", - "roles": [ - "manage-identity-providers", - "manage-users", - "manage-clients" - ] + "roles": ["manage-identity-providers", "manage-users", "manage-clients"] } ], "Cl21-CX-DF": [ @@ -3869,31 +4039,21 @@ "account": [ { "client": "account-console", - "roles": [ - "manage-account", - "view-groups" - ] + "roles": ["manage-account", "view-groups"] } ], "Cl2-CX-Portal": [ { "client": "sa-cl2-01", - "roles": [ - "update_application_checklist_value" - ] + "roles": ["update_application_checklist_value"] }, { "client": "sa-cl2-02", - "roles": [ - "submit_connector_sd", - "update_application_checklist_value" - ] + "roles": ["submit_connector_sd", "update_application_checklist_value"] }, { "client": "sa-cl2-05", - "roles": [ - "store_didDocument" - ] + "roles": ["store_didDocument"] }, { "client": "sa-cl24-01", @@ -3906,9 +4066,7 @@ }, { "client": "sa-cl8-cx-1", - "roles": [ - "add_self_descriptions" - ] + "roles": ["add_self_descriptions"] } ], "Cl3-CX-Semantic": [ @@ -3933,12 +4091,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "redirectUris": [ - "/realms/CX-Central/account/*" - ], - "webOrigins": [ - "+" - ], + "redirectUris": ["/realms/CX-Central/account/*"], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -3977,11 +4131,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "email"], "optionalClientScopes": [ "address", "phone", @@ -3999,12 +4149,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "redirectUris": [ - "/realms/CX-Central/account/*" - ], - "webOrigins": [ - "+" - ], + "redirectUris": ["/realms/CX-Central/account/*"], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4069,12 +4215,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4108,12 +4249,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4147,12 +4283,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4174,11 +4305,11 @@ "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ + "https://partners-gate.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", + "https://partners-gate.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", "http://partners-gate.tx.test/*" ], - "webOrigins": [ - "+" - ], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4217,12 +4348,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4240,12 +4366,12 @@ "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ + "https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", + "https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", "http://portal.tx.test/*", "http://localhost:3000/*" ], - "webOrigins": [ - "+" - ], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4329,12 +4455,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4390,12 +4511,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4451,12 +4567,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -4476,14 +4587,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "redirectUris": [ - "", - "/*" - ], - "webOrigins": [ - "", - "/*" - ], + "redirectUris": ["", "/*"], + "webOrigins": ["", "/*"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4544,12 +4649,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "redirectUris": [ - "/*" - ], - "webOrigins": [ - "/*" - ], + "redirectUris": ["/*"], + "webOrigins": ["/*"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4700,7 +4801,7 @@ "clientId": "Cl2-CX-Portal", "name": "", "description": "", - "rootUrl": "http://portal.tx.test/home", + "rootUrl": "https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/home", "adminUrl": "", "baseUrl": "", "surrogateAuthRequired": false, @@ -4804,11 +4905,11 @@ "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ + "https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", + "https://portal.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", "http://portal.tx.test/*" ], - "webOrigins": [ - "+" - ], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4899,6 +5000,8 @@ "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ + "https://managed-identity-wallets.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", + "https://managed-identity-wallets.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", "http://managed-identity-wallets.tx.test/*" ], "webOrigins": [], @@ -4988,9 +5091,7 @@ } } ], - "defaultClientScopes": [ - "roles" - ], + "defaultClientScopes": ["roles"], "optionalClientScopes": [] }, { @@ -5007,11 +5108,11 @@ "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ + "https://partners-pool.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", + "https://partners-pool.dd0929a713804ca78962.germanywestcentral.aksapp.io/*", "http://partners-pool.tx.test/*" ], - "webOrigins": [ - "+" - ], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -5050,12 +5151,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -5089,12 +5185,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -5110,6 +5201,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "aEoUADDw2aNPa0WAaKGAyKfC80n8sKxJ", + "redirectUris": ["*"], "secret": "**********", "redirectUris": [ "*" @@ -5215,12 +5308,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -5339,12 +5427,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -5463,12 +5546,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -5587,12 +5665,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -5612,6 +5685,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "c0gFPfWWUpeOr7MP6DIqdRPhUfaX4GRC", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -5729,6 +5805,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "zuBGfr67Tj0WJ5fAJSIRvoPEP5hSQFMT", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -5944,12 +6023,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -6068,12 +6142,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -6093,6 +6162,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "VRHQM2NOA4176Vrscxey1DdO4P7ikUQc", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -6563,6 +6635,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "jzTX8jBBpDCag224ihfhmBP5NABGqdsf", + "redirectUris": ["*"], "secret": "**********", "redirectUris": [ "*" @@ -6667,12 +6741,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -6692,6 +6761,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "UIqawwoohsvZ6AZOd1llLhnsUTKMWe4D", + "redirectUris": ["*"], "secret": "**********", "redirectUris": [ "*" @@ -7175,6 +7246,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "clbQOPHcVKY9tUUd068vyf8CrsPZ8BgZ", + "redirectUris": ["*"], "secret": "**********", "redirectUris": [ "*" @@ -7280,13 +7353,8 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles" - ], - "optionalClientScopes": [ - "microprofile-jwt" - ] + "defaultClientScopes": ["web-origins", "roles"], + "optionalClientScopes": ["microprofile-jwt"] }, { "id": "dfb156e1-1c4b-4ea5-b4bc-d042ea729927", @@ -7300,6 +7368,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "UbfW4CR1xH4OskkovqJ2JzcwnQIrG7oj", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -7416,6 +7487,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "pyFUZP2L9UCSVJUScHcN3ZEgy2PGyEpg", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -7532,6 +7606,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "tPwy4exxH1sXBRQouobSA2nNVaaPuwCs", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -7648,6 +7725,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "BxZ3cwYUPJKK7gI4wq7q6Hgoxel6MphF", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -7765,6 +7845,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "dR00GN1AWCYbRGbZY8TXjs2YEPMeCxLF", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -7882,6 +7965,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "pDSziT0TUFAkMx0qGFcvpE4XkMqPh13v", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -7998,6 +8084,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "GY5a44sNuNIjrTyjHvdEPLeNRHH0Kt39", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8115,6 +8204,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "WUXpQx1aIclA7enqtk4o2uvLDLMreUMI", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8231,6 +8323,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "N08TGNdhUskJcmVEnOh1tAGwr9oca9PU", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8347,6 +8442,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "gzdSG0CBDJrtv1gje0zUASu1S9P4I7xP", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8464,6 +8562,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "CC3fz3dQGZsBp2NCbowOV65efBFZTgEO", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8580,6 +8681,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "2gjSlFxBO7spEM4aTz3f8CqDS0klbt7C", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8696,6 +8800,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "3YQzDqEsdUZ83DVHSIRYUCK4pot61r5M", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8812,6 +8919,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "7qtMpfN3otq5dGiEPssVongXK56lb9LE", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -8928,6 +9038,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "8QiZ8ineW0Lt8ZOlC2MYuCR0TvM6vMYX", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -9044,6 +9157,9 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "d2sqUurBH9Vd8DNRmjiMfObU67ajorCq", + "redirectUris": ["/*"], + "webOrigins": ["/*"], "secret": "**********", "redirectUris": [ "/*" @@ -9158,12 +9274,8 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "redirectUris": [ - "/admin/CX-Central/console/*" - ], - "webOrigins": [ - "+" - ], + "redirectUris": ["/admin/CX-Central/console/*"], + "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9198,12 +9310,7 @@ } } ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -9258,12 +9365,7 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], + "defaultClientScopes": ["web-origins", "roles", "profile", "email"], "optionalClientScopes": [ "address", "phone", @@ -9864,9 +9966,7 @@ "smtpServer": {}, "loginTheme": "catenax-central", "eventsEnabled": true, - "eventsListeners": [ - "jboss-logging" - ], + "eventsListeners": ["jboss-logging"], "enabledEventTypes": [ "SEND_RESET_PASSWORD", "UPDATE_CONSENT_ERROR", @@ -9968,11 +10068,11 @@ "hideOnLoginPage": "false", "validateSignature": "true", "clientId": "central-idp", - "tokenUrl": "http://sharedidp.tx.test/auth/realms/CX-Operator/protocol/openid-connect/token", - "jwksUrl": "http://sharedidp.tx.test/auth/realms/CX-Operator/protocol/openid-connect/certs", - "authorizationUrl": "http://sharedidp.tx.test/auth/realms/CX-Operator/protocol/openid-connect/auth", + "tokenUrl": "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Operator/protocol/openid-connect/token", + "jwksUrl": "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Operator/protocol/openid-connect/certs", + "authorizationUrl": "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Operator/protocol/openid-connect/auth", "clientAuthMethod": "private_key_jwt", - "logoutUrl": "http://sharedidp.tx.test/auth/realms/CX-Operator/protocol/openid-connect/logout", + "logoutUrl": "https://sharedidp.dd0929a713804ca78962.germanywestcentral.aksapp.io/auth/realms/CX-Operator/protocol/openid-connect/logout", "clientAssertionSigningAlg": "RS256", "syncMode": "FORCE", "useJwksUrl": "true" @@ -10001,9 +10101,7 @@ "subType": "anonymous", "subComponents": {}, "config": { - "max-clients": [ - "200" - ] + "max-clients": ["200"] } }, { @@ -10021,12 +10119,8 @@ "subType": "anonymous", "subComponents": {}, "config": { - "host-sending-registration-request-must-match": [ - "true" - ], - "client-uris-must-match": [ - "true" - ] + "host-sending-registration-request-must-match": ["true"], + "client-uris-must-match": ["true"] } }, { @@ -10082,9 +10176,7 @@ "subType": "anonymous", "subComponents": {}, "config": { - "allow-default-scopes": [ - "true" - ] + "allow-default-scopes": ["true"] } }, { @@ -10094,9 +10186,7 @@ "subType": "authenticated", "subComponents": {}, "config": { - "allow-default-scopes": [ - "true" - ] + "allow-default-scopes": ["true"] } } ], @@ -10115,12 +10205,8 @@ "providerId": "hmac-generated", "subComponents": {}, "config": { - "priority": [ - "100" - ], - "algorithm": [ - "HS256" - ] + "priority": ["100"], + "algorithm": ["HS256"] } }, { @@ -10129,12 +10215,8 @@ "providerId": "rsa-enc-generated", "subComponents": {}, "config": { - "priority": [ - "100" - ], - "algorithm": [ - "RSA-OAEP" - ] + "priority": ["100"], + "algorithm": ["RSA-OAEP"] } }, { @@ -10143,9 +10225,7 @@ "providerId": "rsa-generated", "subComponents": {}, "config": { - "priority": [ - "100" - ] + "priority": ["100"] } }, { @@ -10154,18 +10234,13 @@ "providerId": "aes-generated", "subComponents": {}, "config": { - "priority": [ - "100" - ] + "priority": ["100"] } } ] }, "internationalizationEnabled": true, - "supportedLocales": [ - "de", - "en" - ], + "supportedLocales": ["de", "en"], "defaultLocale": "en", "authenticationFlows": [ { @@ -11058,4 +11133,4 @@ "clientPolicies": { "policies": [] } -} \ No newline at end of file +}