apiVersion: v1 kind: ConfigMap metadata: name: realm-export data: realm-export.json: | { "realm": "yonote", "enabled": true, "notBefore": 1647809856, "defaultSignatureAlgorithm": "RS256", "revokeRefreshToken": false, "refreshTokenMaxReuse": 0, "accessTokenLifespan": 300, "accessTokenLifespanForImplicitFlow": 900, "ssoSessionIdleTimeout": 1800, "ssoSessionMaxLifespan": 36000, "ssoSessionIdleTimeoutRememberMe": 0, "ssoSessionMaxLifespanRememberMe": 0, "offlineSessionIdleTimeout": 2592000, "offlineSessionMaxLifespanEnabled": false, "offlineSessionMaxLifespan": 5184000, "clientSessionIdleTimeout": 0, "clientSessionMaxLifespan": 0, "clientOfflineSessionIdleTimeout": 0, "clientOfflineSessionMaxLifespan": 0, "accessCodeLifespan": 60, "accessCodeLifespanUserAction": 300, "accessCodeLifespanLogin": 1800, "actionTokenGeneratedByAdminLifespan": 43200, "actionTokenGeneratedByUserLifespan": 300, "oauth2DeviceCodeLifespan": 600, "oauth2DevicePollingInterval": 5, "sslRequired": "external", "registrationAllowed": true, "registrationEmailAsUsername": true, "rememberMe": true, "verifyEmail": false, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": true, "editUsernameAllowed": false, "bruteForceProtected": false, "permanentLockout": false, "maxFailureWaitSeconds": 900, "minimumQuickLoginWaitSeconds": 60, "waitIncrementSeconds": 60, "quickLoginCheckMilliSeconds": 1000, "maxDeltaTimeSeconds": 43200, "failureFactor": 30, "clients": [ { "clientId": "{{ .Values.global.yonote.config.plain.data.OIDC_CLIENT_ID }}", "secret": "{{ .Values.global.yonote.config.secret.stringData.OIDC_CLIENT_SECRET }}", "redirectUris": [ "https://*.{{ .Values.global.yonote.baseListenAddress }}/*", "http://*.{{ .Values.global.yonote.baseListenAddress }}/*", "http://app.{{ .Values.global.yonote.baseListenAddress }}/*", "https://app.{{ .Values.global.yonote.baseListenAddress }}/*", "https://app.{{ .Values.global.yonote.baseListenAddress }}/auth/oidc.callback/*" ], "baseUrl": "https://app.{{ .Values.global.yonote.baseListenAddress }}", "enabled": true, "publicClient": false, "protocol": "openid-connect", "attributes": { "client.secret": "{{ .Values.global.yonote.config.secret.stringData.OIDC_CLIENT_SECRET }}", "display.on.consent.screen": "true" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "protocolMappers": [ { "name": "oidc-display-name", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "{{ .Values.global.yonote.config.plain.data.OIDC_DISPLAY_NAME }}", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "{{ .Values.global.yonote.config.plain.data.OIDC_DISPLAY_NAME }}", "jsonType.label": "String" } } ], "defaultClientScopes": ["openid", "email"] } ], "identityProviders": [], "internationalizationEnabled": true, "clientScopes": [ { "name": "openid", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "display.on.consent.screen": "true", "consent.screen.text": "{{ .Values.global.yonote.config.plain.data.OIDC_DISPLAY_NAME }}" }, "protocolMappers": [] }, { "name": "email", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "56fe6d23-690a-465c-bc36-99bff8fef6eb", "name": "email verified", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "emailVerified", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email_verified", "jsonType.label": "boolean" } }, { "id": "2c6acd0e-b776-48f5-9c3b-7bfdbbe712dc", "name": "email", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "email", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email", "jsonType.label": "String" } } ] } ], "browserSecurityHeaders": { "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';" }, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": ["ES256"], "webAuthnPolicyRpId": "", "webAuthnPolicyAttestationConveyancePreference": "not specified", "webAuthnPolicyAuthenticatorAttachment": "not specified", "webAuthnPolicyRequireResidentKey": "not specified", "webAuthnPolicyUserVerificationRequirement": "not specified", "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": ["ES256"], "webAuthnPolicyPasswordlessRpId": "", "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], "smtpServer": {} }