diff --git a/spiffworkflow-backend/keycloak/realm_exports/spiffworkflow-realm.json b/spiffworkflow-backend/keycloak/realm_exports/spiffworkflow-realm.json index c6ca21edf..9bacd5066 100644 --- a/spiffworkflow-backend/keycloak/realm_exports/spiffworkflow-realm.json +++ b/spiffworkflow-backend/keycloak/realm_exports/spiffworkflow-realm.json @@ -899,6 +899,29 @@ "realmRoles" : [ "default-roles-spiffworkflow" ], "notBefore" : 0, "groups" : [ ] + }, { + "id" : "8c6cf190-66e3-4c8d-aa06-1b9972ecd982", + "createdTimestamp" : 1680538438437, + "username" : "core6.contributor", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "core6.contributor@status.im", + "attributes" : { + "spiffworkflow-employeeid" : [ "199" ] + }, + "credentials" : [ { + "id" : "1dadc9a8-6f7d-4795-bcc7-2b9d8aacb54a", + "type" : "password", + "createdDate" : 1680538438553, + "secretData" : "{\"value\":\"YbDgbKbiIjHB76RAJN7Q1AWYkdNvDMHUC1P3RJ6AV8ASEUr6fJ8U11WroIMmkiWs1TlewJi0mF4rWBsVkLzjlg==\",\"salt\":\"BbrA/rjtvxwrZAsS3BYARA==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-spiffworkflow" ], + "notBefore" : 0, + "groups" : [ ] }, { "id" : "7b9767ac-24dc-43b0-838f-29e16b4fd14e", "createdTimestamp" : 1675718483773, @@ -1500,8 +1523,8 @@ "notBefore" : 0, "groups" : [ ] }, { - "id" : "9a4d176c-e61e-4392-8c50-a04988606aa6", - "createdTimestamp" : 1678461818383, + "id" : "ec8a613d-de94-4696-910d-635ab0d90fc1", + "createdTimestamp" : 1680538439046, "username" : "infra6.sme", "enabled" : true, "totp" : false, @@ -1511,10 +1534,10 @@ "spiffworkflow-employeeid" : [ "212" ] }, "credentials" : [ { - "id" : "c381e58c-3e06-4e10-bd23-46f258c1c91f", + "id" : "59e02828-28cb-4555-9497-0b9f674ecd43", "type" : "password", - "createdDate" : 1678461818420, - "secretData" : "{\"value\":\"m17+awcU3Ezhfi/gBK0xyxvnGKHads95lhn7uxvEXaPCJF0ioN8C27tH1RwU1w9ptdWjWKWAM9dcimIegy7M7g==\",\"salt\":\"0kCljoos7qzCnVdv+3IMjQ==\",\"additionalParameters\":{}}", + "createdDate" : 1680538439110, + "secretData" : "{\"value\":\"DFa3Yz3ZRdFGmAFqiq6Sg+s673FFnjVGOzS/e4SnDAdv1JzavYka2QngSHDvZfi5bO7ecDE0+idwJP/vtcMjyQ==\",\"salt\":\"iSHEw6brz62W6RqGULCyug==\",\"additionalParameters\":{}}", "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" } ], "disableableCredentialTypes" : [ ], @@ -1892,6 +1915,29 @@ "realmRoles" : [ "default-roles-spiffworkflow" ], "notBefore" : 0, "groups" : [ ] + }, { + "id" : "a8f54828-b188-41e6-80a6-920cab95f7db", + "createdTimestamp" : 1680538439162, + "username" : "legal6.sme", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "legal6.sme@status.im", + "attributes" : { + "spiffworkflow-employeeid" : [ "213" ] + }, + "credentials" : [ { + "id" : "8e70e379-7974-40b6-ba31-08a1632a1a08", + "type" : "password", + "createdDate" : 1680538439219, + "secretData" : "{\"value\":\"Mwqt3FKuQ1q+OUpb8dIOOGwTKNmVuOCBnnJhSzFHUSa/9nrfWuL2GXCspHwPnMP4fF1eEXAg5B8SBC8cL/paEQ==\",\"salt\":\"o5Sj16r/DznxOzGJi6xJJg==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-spiffworkflow" ], + "notBefore" : 0, + "groups" : [ ] }, { "id" : "8a03f00f-310d-4bae-b918-f6f128f98095", "createdTimestamp" : 1677187934419, @@ -2168,6 +2214,29 @@ "realmRoles" : [ "default-roles-spiffworkflow" ], "notBefore" : 0, "groups" : [ ] + }, { + "id" : "b5bd1dc1-308d-4912-b3e4-92bf5fc45ed5", + "createdTimestamp" : 1680538439258, + "username" : "peopleops.partner6.sme", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "peopleops.partner6.sme@status.im", + "attributes" : { + "spiffworkflow-employeeid" : [ "216" ] + }, + "credentials" : [ { + "id" : "c719418c-b203-4056-9e19-43c5e87d1d43", + "type" : "password", + "createdDate" : 1680538439300, + "secretData" : "{\"value\":\"pzmtPn2OllnAYKIIS2M38n0UFrtbkX5zN44DpI/PrzmnxRgT2TvlJmjCtxp5HRUi3lngT6Jdr3IvqpO5o93Y5g==\",\"salt\":\"1WKPI8ktFMZoLCAv2ir5+A==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-spiffworkflow" ], + "notBefore" : 0, + "groups" : [ ] }, { "id" : "b57086d7-f301-4e11-ab02-60b02c79163a", "createdTimestamp" : 1680210955550, @@ -2467,6 +2536,29 @@ "realmRoles" : [ "default-roles-spiffworkflow" ], "notBefore" : 0, "groups" : [ ] + }, { + "id" : "62862d90-e996-48ac-a8ee-5af43356dca4", + "createdTimestamp" : 1680538439355, + "username" : "ppg.ba6.sme", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "ppg.ba6.sme@status.im", + "attributes" : { + "spiffworkflow-employeeid" : [ "236" ] + }, + "credentials" : [ { + "id" : "b242e740-4d6f-412a-9719-84da41c8d1ed", + "type" : "password", + "createdDate" : 1680538439405, + "secretData" : "{\"value\":\"oveDoHPfm0m+SkrY3rLyFfIOK1tH+Fc8y5KC+CGMccNIPqLN5p7ytXcMjjcIhRdxAW9CzCGFUKhVnGAXa/PGIQ==\",\"salt\":\"kQZeYzICjjs6DO2hEgEbDw==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-spiffworkflow" ], + "notBefore" : 0, + "groups" : [ ] }, { "id" : "f56fe387-d153-42c2-880a-6726bd624bae", "createdTimestamp" : 1676302144802, @@ -2674,6 +2766,29 @@ "realmRoles" : [ "default-roles-spiffworkflow" ], "notBefore" : 0, "groups" : [ ] + }, { + "id" : "3ac1954a-713a-47c7-bd41-d618063a1053", + "createdTimestamp" : 1680538438655, + "username" : "security6.sme", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "security6.sme@status.im", + "attributes" : { + "spiffworkflow-employeeid" : [ "211" ] + }, + "credentials" : [ { + "id" : "e3ceb7b3-617d-4e52-980c-e5edd9ba48fb", + "type" : "password", + "createdDate" : 1680538438713, + "secretData" : "{\"value\":\"iD1TfnQecNf0giE/5Ji0JQL/z91X4QmeqtiJKp/Dsfc55vPVh7llJlVygL7x2Ctcl4/+X10XgtSUkdAvdi3Tvw==\",\"salt\":\"6c0hHyISU/BOwh8vntCIfg==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-spiffworkflow" ], + "notBefore" : 0, + "groups" : [ ] }, { "id" : "b768e3ef-f905-4493-976c-bc3408c04bec", "createdTimestamp" : 1675447832524, @@ -2800,6 +2915,29 @@ "realmRoles" : [ "default-roles-spiffworkflow" ], "notBefore" : 0, "groups" : [ ] + }, { + "id" : "654d55c5-2380-456f-a99b-936aa8cce4ee", + "createdTimestamp" : 1680538439445, + "username" : "web.project-lead", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "email" : "web.project-lead@status.im", + "attributes" : { + "spiffworkflow-employeeid" : [ "235" ] + }, + "credentials" : [ { + "id" : "c28af9d4-37bb-445a-a8cc-12a87bd8dd2c", + "type" : "password", + "createdDate" : 1680538439501, + "secretData" : "{\"value\":\"1ug7sJNXy9qUby6hABKyLJ8R0xa1pVldXFltuO6Xtqe7qIt9+eUbhN2o9dZ8vk5/aPIFaaIcQPOFZdaKOE/XWw==\",\"salt\":\"F3utYf4viApmPmC6FSZ0vA==\",\"additionalParameters\":{}}", + "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" + } ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "realmRoles" : [ "default-roles-spiffworkflow" ], + "notBefore" : 0, + "groups" : [ ] } ], "scopeMappings" : [ { "clientScope" : "offline_access", @@ -4032,7 +4170,7 @@ "subType" : "authenticated", "subComponents" : { }, "config" : { - "allowed-protocol-mapper-types" : [ "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper" ] + "allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper" ] } }, { "id" : "d68e938d-dde6-47d9-bdc8-8e8523eb08cd", @@ -4050,7 +4188,7 @@ "subType" : "anonymous", "subComponents" : { }, "config" : { - "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "saml-user-property-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper" ] + "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper" ] } }, { "id" : "3854361d-3fe5-47fb-9417-a99592e3dc5c", @@ -4140,7 +4278,7 @@ "internationalizationEnabled" : false, "supportedLocales" : [ ], "authenticationFlows" : [ { - "id" : "52a2585e-d5f1-418b-aaf8-0cb6b8151ac1", + "id" : "62d7bb2a-5919-48b2-a9f9-511ecf5474c7", "alias" : "Account verification options", "description" : "Method with which to verity the existing account", "providerId" : "basic-flow", @@ -4162,7 +4300,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "0f86958e-5010-413c-aabc-bc77e0973d29", + "id" : "7675760b-666a-4b8c-a9b8-da1e01c207fe", "alias" : "Authentication Options", "description" : "Authentication options.", "providerId" : "basic-flow", @@ -4191,7 +4329,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "f17c6e82-f120-4581-83bf-1b9252f26314", + "id" : "34e18ea8-f515-46dc-9dbf-5b79f8154564", "alias" : "Browser - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", @@ -4213,7 +4351,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "b6cef746-aa54-4474-b3fb-cddad60cedee", + "id" : "933e581c-56d8-4614-b2a3-d2db10397ea0", "alias" : "Direct Grant - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", @@ -4235,7 +4373,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "18aab899-fd48-4c40-b862-21ca89783c8c", + "id" : "0986dc8c-4bcf-477f-8ba2-3cac02ea656f", "alias" : "First broker login - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", @@ -4257,7 +4395,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "edf8650a-1745-4c0f-9bd9-7ee84d7bb85a", + "id" : "534381e4-b0b9-43b2-9ac5-9f1e006b5920", "alias" : "Handle Existing Account", "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", "providerId" : "basic-flow", @@ -4279,7 +4417,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "7df66a51-caa6-4b3a-8dd9-7d9e1dbe97a9", + "id" : "922e84ab-85db-494a-8a8c-84d3b0c675f4", "alias" : "Reset - Conditional OTP", "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", "providerId" : "basic-flow", @@ -4301,7 +4439,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "13a8650b-00d1-49d4-ba19-945908dbaf40", + "id" : "24b1b409-b6fc-44dc-9a97-93b2f4a78c89", "alias" : "User creation or linking", "description" : "Flow for the existing/non-existing user alternatives", "providerId" : "basic-flow", @@ -4324,7 +4462,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "8e8ca30f-39b7-460a-9986-72483ed987b0", + "id" : "c015a916-a45b-4797-a466-2399164da6fe", "alias" : "Verify Existing Account by Re-authentication", "description" : "Reauthentication of existing account", "providerId" : "basic-flow", @@ -4346,7 +4484,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "91635e4a-d004-4529-b03f-5af754af2547", + "id" : "fc7aec31-855b-4993-b770-57660ff0524f", "alias" : "browser", "description" : "browser based authentication", "providerId" : "basic-flow", @@ -4382,7 +4520,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "4c6e7a05-f2d7-4a95-b0ea-be4979449827", + "id" : "9769d765-42c8-4391-a7ec-aa24f0e84040", "alias" : "clients", "description" : "Base authentication for clients", "providerId" : "client-flow", @@ -4418,7 +4556,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "75d2ec8a-49bb-4790-a2da-af4dd150b9bb", + "id" : "49a937cc-9d51-43d0-a379-67aaae38c51a", "alias" : "direct grant", "description" : "OpenID Connect Resource Owner Grant", "providerId" : "basic-flow", @@ -4447,7 +4585,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "a27a47d4-97bd-473f-9837-5d211c2a1f5d", + "id" : "1a766b69-7ead-442a-84a4-083cd84949cd", "alias" : "docker auth", "description" : "Used by Docker clients to authenticate against the IDP", "providerId" : "basic-flow", @@ -4462,7 +4600,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "d1c3cf02-f04b-48fc-a4b7-ffa0e5fd5b7f", + "id" : "e4ac0543-cfb6-4232-947d-52b8615e0629", "alias" : "first broker login", "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", "providerId" : "basic-flow", @@ -4485,7 +4623,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "69abc281-22aa-4cd9-8a17-27c41840146e", + "id" : "86247ee8-b507-406b-9d32-3c68c80084a5", "alias" : "forms", "description" : "Username, password, otp and other auth forms.", "providerId" : "basic-flow", @@ -4507,7 +4645,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "f47e8bfd-4f6c-44ee-b95e-2d5ae5b8fca3", + "id" : "70ef5a26-e3bb-4ba7-a05a-d205b0a3836c", "alias" : "http challenge", "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes", "providerId" : "basic-flow", @@ -4529,7 +4667,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "e7f58101-c7a7-43b2-847f-ad03930d6a64", + "id" : "89abf09a-bfb4-4dea-b164-ca7c563b4009", "alias" : "registration", "description" : "registration flow", "providerId" : "basic-flow", @@ -4545,7 +4683,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "b9a709c3-1f1b-4c69-baca-4287e792f0e4", + "id" : "52d31bf0-dcb6-4b01-a252-b2ba705df036", "alias" : "registration form", "description" : "registration form", "providerId" : "form-flow", @@ -4581,7 +4719,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "5824833e-704d-4b25-8b48-44f7a5ff0584", + "id" : "22041b6b-6d9e-43eb-8d2a-94a3052c49aa", "alias" : "reset credentials", "description" : "Reset credentials for a user if they forgot their password or something", "providerId" : "basic-flow", @@ -4617,7 +4755,7 @@ "userSetupAllowed" : false } ] }, { - "id" : "c9d37f8a-b04b-40d2-a1a3-bd0c78f4c1a8", + "id" : "153aaf25-b6d9-42b4-9740-f63c94c16626", "alias" : "saml ecp", "description" : "SAML ECP Profile Authentication Flow", "providerId" : "basic-flow", @@ -4633,13 +4771,13 @@ } ] } ], "authenticatorConfig" : [ { - "id" : "e7bb6227-7b03-4c6b-ae97-b72e69967be4", + "id" : "e0075b39-a2ad-47de-9ee6-e61073387e71", "alias" : "create unique user config", "config" : { "require.password.update.after.registration" : "false" } }, { - "id" : "5a856c63-1341-42c2-aa5b-24246324816b", + "id" : "aa24bff3-bd25-4b2a-973f-63fea5c21dd1", "alias" : "review profile config", "config" : { "update.profile.on.first.login" : "missing" diff --git a/spiffworkflow-backend/keycloak/test_user_lists/status b/spiffworkflow-backend/keycloak/test_user_lists/status index 6eb987b1d..eb866ed77 100644 --- a/spiffworkflow-backend/keycloak/test_user_lists/status +++ b/spiffworkflow-backend/keycloak/test_user_lists/status @@ -17,6 +17,7 @@ core2.contributor@status.im,,156 core3.contributor@status.im,,157 core4.contributor@status.im,,158 core5.contributor@status.im,,159 +core6.contributor@status.im,core6.contributorx,199 core@status.im,,113 dao.project.lead@status.im desktop-a1.sme@status.im,,210 @@ -41,6 +42,7 @@ infra2.sme@status.im,,132 infra3.sme@status.im,,167 infra4.sme@status.im,,175 infra5.sme@status.im,,176 +infra6.sme@status.im,infra6.smex,212 jakub@status.im jamescheung@status.im,,234 jarrad@status.im @@ -53,6 +55,7 @@ legal2.sme@status.im,,165 legal3.sme@status.im,,166 legal4.sme@status.im,,177 legal5.sme@status.im,,178 +legal6.sme@status.im,legal6.smex,213 logos.program-lead@status.im,,160 manuchehr@status.im,,110 nimbus.program-lead@status.im,,161 @@ -63,6 +66,7 @@ peopleops.partner2.sme@status.im,,173 peopleops.partner3.sme@status.im,,174 peopleops.partner4.sme@status.im,,181 peopleops.partner5.sme@status.im,,182 +peopleops.partner6.sme@status.im,peopleops.partner6.smex,216 peopleops.partner@status.im,,150 peopleops.project-lead@status.im,peopleops.project-leadx,147 peopleops.talent.sme@status.im,,143 @@ -76,6 +80,7 @@ ppg.ba2.sme@status.im,,171 ppg.ba3.sme@status.im,,172 ppg.ba4.sme@status.im,,200 ppg.ba5.sme@status.im,,201 +ppg.ba6.sme@status.im,ppg.ba6.smex,236 ppg.ba@status.im,,127 sasha@status.im,,112 security-a1.sme@status.im,,206 @@ -86,5 +91,7 @@ security2.sme@status.im,,168 security3.sme@status.im,,169 security4.sme@status.im,,179 security5.sme@status.im,,180 +security6.sme@status.im,security6.smex,211 services.lead@status.im,,122 vac.program-lead@status.im,,163 +web.project-lead@status.im,web.project-leadx,235