remove service accounts, formalize j, add madhurya

This commit is contained in:
burnettk 2023-02-03 13:02:50 -05:00
parent 18070c5be3
commit b782c3faa7
3 changed files with 50 additions and 61 deletions

View File

@ -21,6 +21,9 @@ docker exec keycloak /opt/keycloak/bin/kc.sh export --dir "${docker_container_pa
docker cp "keycloak:${docker_container_path}" "$local_tmp_dir"
for realm in $realms ; do
if ! grep -Eq '\-realm$' <<< "$realm"; then
realm="${realm}-realm"
fi
cp "${local_tmp_dir}/hey/${realm}.json" "${script_dir}/../realm_exports/"
done

View File

@ -903,7 +903,7 @@
"emailVerified" : false,
"firstName" : "",
"lastName" : "",
"email" : "j@status.im",
"email" : "j@sartography.com",
"credentials" : [ {
"id" : "e71ec785-9133-4b7d-8015-1978379af0bb",
"type" : "password",
@ -1163,6 +1163,26 @@
"realmRoles" : [ "default-roles-spiffworkflow" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"id" : "99ce8a54-2941-4767-8ddf-52320b3708bd",
"createdTimestamp" : 1675447085191,
"username" : "madhurya",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"email" : "madhurya@sartography.com",
"credentials" : [ {
"id" : "4fa2bf1f-188e-42e3-9633-01d436864206",
"type" : "password",
"createdDate" : 1675447085252,
"secretData" : "{\"value\":\"6ZApQ7kx4YDc5ojW9eyFiSKMz5l3/Zl5PIScHEW1gtP3lrnnWqWgwcP+8cWkKdm3im+XrZwDQHjuGjGN5Rbjyw==\",\"salt\":\"HT3fCh245v8etRFIprXsyw==\",\"additionalParameters\":{}}",
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
} ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-spiffworkflow" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"id" : "6f5bfa09-7494-4a2f-b871-cf327048cac7",
"createdTimestamp" : 1665517010600,
@ -1405,42 +1425,6 @@
"realmRoles" : [ "default-roles-spiffworkflow" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"id" : "487d3a85-89dd-4839-957a-c3f6d70551f6",
"createdTimestamp" : 1657115173081,
"username" : "service-account-spiffworkflow-backend",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"email" : "service-account@status.im",
"serviceAccountClientId" : "spiffworkflow-backend",
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-spiffworkflow" ],
"clientRoles" : {
"spiffworkflow-backend" : [ "uma_protection" ]
},
"notBefore" : 0,
"groups" : [ ]
}, {
"id" : "22de68b1-4b06-4bc2-8da6-0c577e7e62ad",
"createdTimestamp" : 1657055472800,
"username" : "service-account-withauth",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"email" : "service-account-withauth@status.im",
"serviceAccountClientId" : "withAuth",
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-spiffworkflow" ],
"clientRoles" : {
"withAuth" : [ "uma_protection" ]
},
"notBefore" : 0,
"groups" : [ ]
}, {
"id" : "3d45bb85-0a2d-4b15-8a19-d26a5619d359",
"createdTimestamp" : 1674148694810,
@ -2674,7 +2658,7 @@
"subType" : "authenticated",
"subComponents" : { },
"config" : {
"allowed-protocol-mapper-types" : [ "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper" ]
"allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper" ]
}
}, {
"id" : "d68e938d-dde6-47d9-bdc8-8e8523eb08cd",
@ -2692,7 +2676,7 @@
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper" ]
"allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-user-attribute-mapper" ]
}
}, {
"id" : "3854361d-3fe5-47fb-9417-a99592e3dc5c",
@ -2782,7 +2766,7 @@
"internationalizationEnabled" : false,
"supportedLocales" : [ ],
"authenticationFlows" : [ {
"id" : "feafc299-fede-4880-9e23-eb81aca22808",
"id" : "8facbab5-bca2-42c6-8608-ed94dacefe92",
"alias" : "Account verification options",
"description" : "Method with which to verity the existing account",
"providerId" : "basic-flow",
@ -2804,7 +2788,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "ce7904d0-9182-49a2-aa71-a7b43e21f3ac",
"id" : "be52bd38-2def-41e7-a021-69bae78e92b7",
"alias" : "Authentication Options",
"description" : "Authentication options.",
"providerId" : "basic-flow",
@ -2833,7 +2817,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "d9c6909a-5cc1-4ddf-b297-dbfcf6e609a6",
"id" : "ee18f6d1-9ca3-4535-a7a0-9759f3841513",
"alias" : "Browser - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
@ -2855,7 +2839,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "083a589e-a486-42b6-ae73-1ec983967ff5",
"id" : "c76481eb-7997-4231-abac-632afd97631f",
"alias" : "Direct Grant - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
@ -2877,7 +2861,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "7f0248b0-2d51-4175-9fd2-52b606a39e26",
"id" : "14fe94d2-f3ef-4349-9cbe-79921c013108",
"alias" : "First broker login - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
@ -2899,7 +2883,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "44465f1f-c700-4ec0-a234-d95c994c9e25",
"id" : "533c45e3-10d9-480b-9c9b-c2f746fb6f66",
"alias" : "Handle Existing Account",
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId" : "basic-flow",
@ -2921,7 +2905,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "8cf09055-5b98-4fc8-b867-3dffacdec21b",
"id" : "1161d043-26ba-420c-baed-b220bcef40f1",
"alias" : "Reset - Conditional OTP",
"description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
"providerId" : "basic-flow",
@ -2943,7 +2927,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "16b50b3e-4240-4f49-a85e-1bfd40def300",
"id" : "cbba8afb-920f-4ae0-85f3-6bc520485dc2",
"alias" : "User creation or linking",
"description" : "Flow for the existing/non-existing user alternatives",
"providerId" : "basic-flow",
@ -2966,7 +2950,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "2aa981ae-d67e-49fb-95a4-91de1e5ab724",
"id" : "7b349cd1-fb1c-4d04-b5b5-885352277562",
"alias" : "Verify Existing Account by Re-authentication",
"description" : "Reauthentication of existing account",
"providerId" : "basic-flow",
@ -2988,7 +2972,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "cf8406f7-09c3-4614-a898-99c9d66746f6",
"id" : "de10b07d-98b5-483c-b193-b1b93229478f",
"alias" : "browser",
"description" : "browser based authentication",
"providerId" : "basic-flow",
@ -3024,7 +3008,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "e1ec7d6e-7612-4c5b-afce-c7f4fddbf6ec",
"id" : "4504d37b-3a2d-4cc9-b300-29482d86c72e",
"alias" : "clients",
"description" : "Base authentication for clients",
"providerId" : "client-flow",
@ -3060,7 +3044,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "f5862b09-6e01-4c88-b44e-26dc59d71b80",
"id" : "9d86bdff-ba8e-433a-8536-a49c0af5faf2",
"alias" : "direct grant",
"description" : "OpenID Connect Resource Owner Grant",
"providerId" : "basic-flow",
@ -3089,7 +3073,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "7caa8611-8b13-437e-83b2-556899b5444f",
"id" : "546d31fc-a885-46eb-94bd-171d04f16a7c",
"alias" : "docker auth",
"description" : "Used by Docker clients to authenticate against the IDP",
"providerId" : "basic-flow",
@ -3104,7 +3088,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "91d40deb-344f-4e0b-a845-98b2fc4a633a",
"id" : "70e5d629-4338-4aec-8671-fc7cf4c450b1",
"alias" : "first broker login",
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId" : "basic-flow",
@ -3127,7 +3111,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "f221b5e6-1bcc-4b37-ba61-4d3bc6a30a8b",
"id" : "7213dc19-6e0b-4241-bef6-2409346a2745",
"alias" : "forms",
"description" : "Username, password, otp and other auth forms.",
"providerId" : "basic-flow",
@ -3149,7 +3133,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "3ed8e597-19af-4ec8-b532-a97311f52de3",
"id" : "f91a8499-8cf5-408c-b85d-40e85a3f6ee3",
"alias" : "http challenge",
"description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
"providerId" : "basic-flow",
@ -3171,7 +3155,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "3970fd16-3786-4eb3-9efe-453d0984b18b",
"id" : "9ec3751c-619e-4edc-a14f-4ac9c60b056f",
"alias" : "registration",
"description" : "registration flow",
"providerId" : "basic-flow",
@ -3187,7 +3171,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "e26b27b4-c957-491c-bb6d-9d226b22399c",
"id" : "8048e711-8e77-4b85-8b26-243948a7c2f4",
"alias" : "registration form",
"description" : "registration form",
"providerId" : "form-flow",
@ -3223,7 +3207,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "3ae37429-a623-42e3-a4a1-f9586b96b730",
"id" : "5a08de49-dd24-4e53-a656-9fac52fc6d2b",
"alias" : "reset credentials",
"description" : "Reset credentials for a user if they forgot their password or something",
"providerId" : "basic-flow",
@ -3259,7 +3243,7 @@
"userSetupAllowed" : false
} ]
}, {
"id" : "7606ecd5-eb13-4aee-bd9f-3ec4ce77c59c",
"id" : "42bc970f-3ee5-429c-a543-e8078808d371",
"alias" : "saml ecp",
"description" : "SAML ECP Profile Authentication Flow",
"providerId" : "basic-flow",
@ -3275,13 +3259,13 @@
} ]
} ],
"authenticatorConfig" : [ {
"id" : "058b3c89-4ea4-43fa-b337-e523b1d93ec3",
"id" : "23f4f930-3290-4a63-ac96-f7ddc04fbce2",
"alias" : "create unique user config",
"config" : {
"require.password.update.after.registration" : "false"
}
}, {
"id" : "21410ac7-4b82-4f19-aae2-43ac33ba3f8f",
"id" : "4cfa7fa4-1a9b-4464-9510-460208e345eb",
"alias" : "review profile config",
"config" : {
"update.profile.on.first.login" : "missing"

View File

@ -3,9 +3,11 @@ alex@sartography.com
dan@sartography.com
daniel@sartography.com
elizabeth@sartography.com
j@sartography.com
jason@sartography.com
jon@sartography.com
kb@sartography.com
kevin@sartography.com
madhurya@sartography.com
mike@sartography.com
natalia@sartography.com