sharang
e3a62c8113
Adds dev/docker-compose.yml + breakpilot-dev Keycloak realm + make dev-up/down/reset/logs targets so a developer can boot the full dependency stack from this repo.
200 lines
5.7 KiB
JSON
200 lines
5.7 KiB
JSON
{
|
|
"realm": "breakpilot-dev",
|
|
"enabled": true,
|
|
"displayName": "Breakpilot (dev)",
|
|
"registrationAllowed": false,
|
|
"loginWithEmailAllowed": true,
|
|
"duplicateEmailsAllowed": false,
|
|
"resetPasswordAllowed": true,
|
|
"editUsernameAllowed": false,
|
|
"bruteForceProtected": true,
|
|
"accessTokenLifespan": 900,
|
|
"ssoSessionIdleTimeout": 3600,
|
|
"ssoSessionMaxLifespan": 36000,
|
|
"internationalizationEnabled": false,
|
|
"defaultSignatureAlgorithm": "RS256",
|
|
"organizationsEnabled": true,
|
|
|
|
"roles": {
|
|
"realm": [
|
|
{ "name": "BREAKPILOT_ADMIN", "description": "Platform staff: full backstage access" },
|
|
{ "name": "SUPPORT_ENGINEER", "description": "Platform staff: tenant impersonation + read" },
|
|
{ "name": "SALES_REP", "description": "Platform staff: demo-tenant access only" }
|
|
]
|
|
},
|
|
|
|
"groups": [
|
|
{
|
|
"name": "IT_ADMIN",
|
|
"path": "/IT_ADMIN",
|
|
"attributes": { "org_role": ["IT_ADMIN"] }
|
|
},
|
|
{
|
|
"name": "CXO",
|
|
"path": "/CXO",
|
|
"attributes": { "org_role": ["CXO"] }
|
|
},
|
|
{
|
|
"name": "USER",
|
|
"path": "/USER",
|
|
"attributes": { "org_role": ["USER"] }
|
|
}
|
|
],
|
|
|
|
"users": [
|
|
{
|
|
"username": "test@breakpilot.dev",
|
|
"email": "test@breakpilot.dev",
|
|
"emailVerified": true,
|
|
"firstName": "Test",
|
|
"lastName": "Acme",
|
|
"enabled": true,
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "test",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"attributes": {
|
|
"tenant_id": ["00000000-0000-0000-0000-000000000001"],
|
|
"tenant_slug": ["acme"],
|
|
"org_roles": ["IT_ADMIN"],
|
|
"products": ["certifai", "compliance"],
|
|
"plan": ["professional"],
|
|
"tenant_status": ["active"]
|
|
},
|
|
"groups": ["/IT_ADMIN"]
|
|
},
|
|
{
|
|
"username": "admin@breakpilot.dev",
|
|
"email": "admin@breakpilot.dev",
|
|
"emailVerified": true,
|
|
"firstName": "Platform",
|
|
"lastName": "Admin",
|
|
"enabled": true,
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "admin",
|
|
"temporary": false
|
|
}
|
|
],
|
|
"realmRoles": ["BREAKPILOT_ADMIN"]
|
|
}
|
|
],
|
|
|
|
"clients": [
|
|
{
|
|
"clientId": "dev-portal",
|
|
"name": "Customer Portal (dev)",
|
|
"enabled": true,
|
|
"publicClient": true,
|
|
"standardFlowEnabled": true,
|
|
"directAccessGrantsEnabled": false,
|
|
"implicitFlowEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"rootUrl": "http://localhost:3000",
|
|
"baseUrl": "http://localhost:3000",
|
|
"redirectUris": [
|
|
"http://localhost:3000/*",
|
|
"http://acme.localhost:3000/*",
|
|
"http://demo.localhost:3000/*"
|
|
],
|
|
"webOrigins": ["+"],
|
|
"attributes": {
|
|
"pkce.code.challenge.method": "S256",
|
|
"post.logout.redirect.uris": "http://localhost:3000/*##http://*.localhost:3000/*"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"name": "tenant_id-mapper",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"config": {
|
|
"user.attribute": "tenant_id",
|
|
"claim.name": "tenant_id",
|
|
"jsonType.label": "String",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"userinfo.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"name": "tenant_slug-mapper",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"config": {
|
|
"user.attribute": "tenant_slug",
|
|
"claim.name": "tenant_slug",
|
|
"jsonType.label": "String",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"userinfo.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"name": "org_roles-mapper",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"config": {
|
|
"user.attribute": "org_roles",
|
|
"claim.name": "org_roles",
|
|
"jsonType.label": "String",
|
|
"multivalued": "true",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"name": "products-mapper",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"config": {
|
|
"user.attribute": "products",
|
|
"claim.name": "products",
|
|
"jsonType.label": "String",
|
|
"multivalued": "true",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"name": "plan-mapper",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"config": {
|
|
"user.attribute": "plan",
|
|
"claim.name": "plan",
|
|
"jsonType.label": "String",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"name": "tenant_status-mapper",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"config": {
|
|
"user.attribute": "tenant_status",
|
|
"claim.name": "tenant_status",
|
|
"jsonType.label": "String",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"clientId": "dev-tenant-registry",
|
|
"name": "Tenant Registry (dev)",
|
|
"enabled": true,
|
|
"bearerOnly": true,
|
|
"publicClient": false,
|
|
"standardFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false
|
|
}
|
|
]
|
|
}
|