From 1b4fed3762398ad2405fcf1873077785f460805b Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 30 Nov 2022 10:11:35 -0700 Subject: [PATCH] SHIBUI-2393 removing extra application.yml file --- .../src/integration/resources/application.yml | 448 ------------------ 1 file changed, 448 deletions(-) delete mode 100644 backend/src/integration/resources/application.yml diff --git a/backend/src/integration/resources/application.yml b/backend/src/integration/resources/application.yml deleted file mode 100644 index 08fdfb387..000000000 --- a/backend/src/integration/resources/application.yml +++ /dev/null @@ -1,448 +0,0 @@ -#spring: -# jpa: -# show-sql: false -# properties: -# hibernate: -# format_sql: true -# dialect: org.hibernate.dialect.PostgreSQL95Dialect -# OR SEE: https://access.redhat.com/webassets/avalon/d/red-hat-jboss-enterprise-application-platform/7.2/javadocs/org/hibernate/dialect/package-summary.html - -#shibui: -## Default password must be set for the default user to be configured and setup -# default-rootuser:root -## need to include the encoding for the password - be sure to quote the entire value as shown -# default-password: "{noop}foopassword" -# pac4j-enabled: true -# pac4j: -# keystorePath: "/etc/shibui/samlKeystore.jks" -# keystorePassword: "changeit" -# privateKeyPassword: "changeit" -# serviceProviderEntityId: "https://idp.example.com/shibui" -# serviceProviderMetadataPath: "/etc/shibui/sp-metadata.xml" -# identityProviderMetadataPath: "/etc/shibui/idp-metadata.xml" -# forceServiceProviderMetadataGeneration: false -# callbackUrl: "https://localhost:8443/callback" -# postLogoutURL: "https://idp.example.com/idp/profile/Logout" # Must set this to get IDP logout -# maximumAuthenticationLifetime: 3600000 -# requireAssertedRoleForNewUsers: false -# saml2ProfileMapping: -# username: urn:oid:0.9.2342.19200300.100.1.1 -# firstname: urn:oid:2.5.4.42 -# lastname: urn:oid:2.5.4.4 -# email: urn:oid:0.9.2342.19200300.100.1.3 -# groups: urn:oid:1.3.6.1.4.1.5923.1.5.1.1 # attributeId - isMemberOf -# roles: --define name of the attribute containing the incoming user roles-- - -custom: - attributes: - # Default attributes - - name: eduPersonPrincipalName - displayName: label.attribute-eduPersonPrincipalName - - name: uid - displayName: label.attribute-uid - - name: mail - displayName: label.attribute-mail - - name: surname - displayName: label.attribute-surname - - name: givenName - displayName: label.attribute-givenName - - name: eduPersonAffiliation - displayName: label.attribute-eduPersonAffiliation - - name: eduPersonScopedAffiliation - displayName: label.attribute-eduPersonScopedAffiliation - - name: eduPersonPrimaryAffiliation - displayName: label.attribute-eduPersonPrimaryAffiliation - - name: eduPersonEntitlement - displayName: label.attribute-eduPersonEntitlement - - name: eduPersonAssurance - displayName: label.attribute-eduPersonAssurance - - name: eduPersonUniqueId - displayName: label.attribute-eduPersonUniqueId - - name: employeeNumber - displayName: label.attribute-employeeNumber - # Custom attributes - - # The following contains a map of "relying party overrides". - # The structure of an entry is as follows: - # - name: The name of the entry. used to uniquely identify this entry. - # displayName: This will normally be the label used when displaying this override in the UI - # displayType: The type to use when displaying this option - # helpText: This is the help-icon hover-over text - # defaultValues: One or more values to be displayed as default options in the UI - # persistType: Optional. If it is necessary to persist something different than the override's display type, - # set that type here. For example, display a boolean, but persist a string. - # persistValue: Required only when persistType is used. Defines the value to be persisted. - # attributeName: This is the name of the attribute to be used in the xml. This is assumed to be a URI. - # attributeFriendlyName: This is the friendly name associated with the above attributeName. - # - # It is imperative when defining these that the "displayType" and "persistType" are known types. - # Typos or unsupported values here will result in that override being skipped! - # Supported types are as follows: boolean, integer, string, set, list - # Note that "persistType" doesn't have to match "displayType". However, the only unmatching combination currently - # supported is a "displayType" of "boolean" and "persistType" of "string". - overrides: - # Default overrides - - name: signAssertion - displayName: label.sign-the-assertion - displayType: boolean - helpText: tooltip.sign-assertion - attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions - attributeFriendlyName: signAssertions - - name: dontSignResponse - displayName: label.dont-sign-the-response - displayType: boolean - helpText: tooltip.dont-sign-response - attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses - attributeFriendlyName: signResponses - invert: true - - name: turnOffEncryption - displayName: label.turn-off-encryption-of-response - displayType: boolean - helpText: tooltip.turn-off-encryption - attributeName: http://shibboleth.net/ns/profiles/encryptAssertions - attributeFriendlyName: encryptAssertions - invert: true - - name: useSha - displayName: label.use-sha1-signing-algorithm - displayType: boolean - helpText: tooltip.usa-sha-algorithm - persistType: string - persistValue: shibboleth.SecurityConfiguration.SHA1 - attributeName: http://shibboleth.net/ns/profiles/securityConfiguration - attributeFriendlyName: securityConfiguration - protocol: saml,oidc - - name: ignoreAuthenticationMethod - displayName: label.ignore-any-sp-requested-authentication-method - displayType: boolean - helpText: tooltip.ignore-auth-method - persistType: string - persistValue: 0x1 - attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures - attributeFriendlyName: disallowedFeatures - protocol: saml,oidc - - name: omitNotBefore - displayName: label.omit-not-before-condition - displayType: boolean - helpText: tooltip.omit-not-before-condition - attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore - attributeFriendlyName: includeConditionsNotBefore - invert: true - - name: responderId - displayName: label.responder-id - displayType: string - helpText: tooltip.responder-id - attributeName: http://shibboleth.net/ns/profiles/responderId - attributeFriendlyName: responderId - - name: nameIdFormats - displayName: label.nameid-format-to-send - displayType: set - helpText: tooltip.nameid-format - defaultValues: - - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified - - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - - urn:oasis:names:tc:SAML:2.0:nameid-format:transient - attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence - attributeFriendlyName: nameIDFormatPrecedence - - name: authenticationMethods - displayName: label.authentication-methods-to-use - displayType: set - helpText: tooltip.authentication-methods-to-use - defaultValues: - - https://refeds.org/profile/mfa - - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken - - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport - attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods - attributeFriendlyName: defaultAuthenticationMethods - protocol: saml,oidc - - name: forceAuthn - displayName: label.force-authn - displayType: boolean - helpText: tooltip.force-authn - attributeName: http://shibboleth.net/ns/profiles/forceAuthn - attributeFriendlyName: forceAuthn - - name: ignoreRequestSignatures - displayName: label.ignore-request-signatures - displayType: boolean - helpText: tooltip.ignore-request-signatures - attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures - attributeFriendlyName: ignoreRequestSignatures - - name: inboundInterceptorFlows - attributeFriendlyName: inboundInterceptorFlows - displayName: label.inboundInterceptorFlows - helpText: tooltip.inboundInterceptorFlows - displayType: string - attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows - protocol: oidc - - name: outboundInterceptorFlows - attributeFriendlyName: outboundInterceptorFlows - displayName: label.outboundInterceptorFlows - helpText: tooltip.outboundInterceptorFlows - displayType: string - attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows - protocol: oidc - - name: tokenEndpointAuthMethods - attributeFriendlyName: tokenEndpointAuthMethods - displayName: label.tokenEndpointAuthMethods - helpText: tooltip.tokenEndpointAuthMethods - displayType: string - defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt - attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods - protocol: oidc - - name: postAuthenticationFlows - attributeFriendlyName: postAuthenticationFlows - displayName: label.postAuthenticationFlows - helpText: tooltip.postAuthenticationFlows - displayType: string - attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows - protocol: oidc - - name: proxyCount - attributeFriendlyName: proxyCount - displayName: label.proxyCount - helpText: tooltip.proxyCount - displayType: integer - attributeName: http://shibboleth.net/ns/profiles/proxyCount - protocol: oidc - - name: revocationLifetime - attributeFriendlyName: revocationLifetime - displayName: label.revocationLifetime - helpText: tooltip.revocationLifetime - displayType: string - defaultValue: PT6H - attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime - protocol: oidc - - name: revocationMethod - attributeFriendlyName: revocationMethod - displayName: label.revocationMethod - helpText: tooltip.revocationMethod - displayType: selection_list - defaultValues: - - CHAIN - - TOKEN - defaultValue: CHAIN - attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod - protocol: oidc - - name: accessTokenLifetimeOauth - attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime.oauth - helpText: tooltip.accessTokenLifetime.oauth - displayType: string - defaultValue: PT10M - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime - protocol: oidc - - name: accessTokenTypeOauth - attributeFriendlyName: accessTokenType - displayName: label.accessTokenType.oauth - helpText: tooltip.accessTokenType.oauth - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType - protocol: oidc - - name: allowPKCEPlainOauth - attributeFriendlyName: allowPKCEPlainOauth - displayName: label.allowPKCEPlain.oauth - helpText: tooltip.allowPKCEPlain.oauth - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain - protocol: oidc - - name: enforceRefreshTokenRotation - attributeFriendlyName: enforceRefreshTokenRotation - displayName: label.enforceRefreshTokenRotation - helpText: tooltip.enforceRefreshTokenRotation - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation - protocol: oidc - - name: forcePKCEOauth - attributeFriendlyName: forcePKCEOauth - displayName: label.forcePKCE.oauth - helpText: tooltip.forcePKCE.oauth - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE - protocol: oidc - - name: grantTypes - attributeFriendlyName: grantTypes - displayName: label.grantTypes - helpText: tooltip.grantTypes - displayType: string - defaultValue: authorization_code, refresh_token - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes - protocol: oidc - - name: refreshTokenLifetimeOauth - attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime.oauth - helpText: tooltip.refreshTokenLifetime.oauth - displayType: string - defaultValue: PT2H - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime - protocol: oidc - - name: resolveAttributesOauth - attributeFriendlyName: resolveAttributesOauth - displayName: label.resolveAttributes.oauth - helpText: tooltip.resolveAttributes.oauth - displayType: boolean - defaultValue: true - attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes - protocol: oidc - - name: authorizationCodeFlowEnabled - attributeFriendlyName: authorizationCodeFlowEnabled - displayName: label.authorizationCodeFlowEnabled - helpText: tooltip.authorizationCodeFlowEnabled - displayType: boolean - defaultValue: true - attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled - protocol: oidc - - name: hybridFlowEnabled - attributeFriendlyName: hybridFlowEnabled - displayName: label.hybridFlowEnabled - helpText: tooltip.hybridFlowEnabled - displayType: boolean - defaultValue: true - attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled - protocol: oidc - - name: implicitFlowEnabled - attributeFriendlyName: implicitFlowEnabled - displayName: label.implicitFlowEnabled - helpText: tooltip.implicitFlowEnabled - displayType: boolean - defaultValue: true - attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled - protocol: oidc - - name: refreshTokensEnabled - attributeFriendlyName: refreshTokensEnabled - displayName: label.refreshTokensEnabled - helpText: tooltip.refreshTokensEnabled - displayType: boolean - defaultValue: true - attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled - protocol: oidc - - name: accessTokenLifetimeOidc - attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime.oidc - helpText: tooltip.accessTokenLifetime.oidc - displayType: string - defaultValue: PT10M - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime - protocol: oidc - - name: accessTokenTypeOidc - attributeFriendlyName: accessTokenType - displayName: label.accessTokenType.oidc - helpText: tooltip.accessTokenType.oidc - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType - protocol: oidc - - name: acrRequestAlwaysEssential - attributeFriendlyName: acrRequestAlwaysEssential - displayName: label.acrRequestAlwaysEssential - helpText: tooltip.acrRequestAlwaysEssential - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential - protocol: oidc - - name: allowPKCEPlainOidc - attributeFriendlyName: allowPKCEPlainOidc - displayName: label.allowPKCEPlain.oidc - helpText: tooltip.allowPKCEPlain.oidc - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain - protocol: oidc - - name: alwaysIncludedAttributesBrowser - attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes.browser - helpText: tooltip.alwaysIncludedAttributes.browser - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes - protocol: oidc - - name: authorizeCodeLifetime - attributeFriendlyName: authorizeCodeLifetime - displayName: label.authorizeCodeLifetime - helpText: tooltip.authorizeCodeLifetime - displayType: string - defaultValue: PT5M - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime - protocol: oidc - - name: deniedUserInfoAttributesBrowser - attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes.browser - helpText: tooltip.deniedUserInfoAttributes.browser - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes - protocol: oidc - - name: encodeConsentInTokens - attributeFriendlyName: encodeConsentInTokens - displayName: label.encodeConsentInTokens - helpText: tooltip.encodeConsentInTokens - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens - protocol: oidc - - name: encodedAttributes - attributeFriendlyName: encodedAttributes - displayName: label.encodedAttributes - helpText: tooltip.encodedAttributes - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes - protocol: oidc - - name: forcePKCEOidc - attributeFriendlyName: forcePKCEOidc - displayName: label.forcePKCE.oidc - helpText: tooltip.forcePKCE.oidc - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE - protocol: oidc - - name: IDTokenLifetimeBrowser - attributeFriendlyName: IDTokenLifetimeBrowser - displayName: label.IDTokenLifetime.browser - helpText: tooltip.IDTokenLifetime.browser - displayType: string - defaultValue: PT1H - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime - protocol: oidc - - name: includeIssuerInResponse - attributeFriendlyName: includeIssuerInResponse - displayName: label.includeIssuerInResponse - helpText: tooltip.includeIssuerInResponse - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse - protocol: oidc - - name: refreshTokenLifetimeOidc - attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime.oidc - helpText: tooltip.refreshTokenLifetime.oidc - displayType: string - defaultValue: PT2H - attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime - protocol: oidc - - name: alwaysIncludedAttributesToken - attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes.token - helpText: tooltip.alwaysIncludedAttributes.token - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes - protocol: oidc - - name: encryptionOptional - attributeFriendlyName: encryptionOptional - displayName: label.encryptionOptional - helpText: tooltip.encryptionOptional - displayType: boolean - defaultValue: true - attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional - protocol: oidc - - name: IDTokenLifetime - attributeFriendlyName: IDTokenLifetime - displayName: label.IDTokenLifetime - helpText: tooltip.IDTokenLifetime - displayType: string - defaultValue: PT1H - attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime - protocol: oidc - - name: deniedUserInfoAttributes - attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes - displayType: string - attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes - protocol: oidc - - name: resolveAttributesOIDC - attributeFriendlyName: resolveAttributesOIDC - displayName: label.resolveAttributes.oidc - helpText: tooltip.resolveAttributes.oidc - displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes - protocol: oidc \ No newline at end of file