nevis
/
adn-agov-work-ob-inventory
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new configuration version

This commit is contained in:
haburger 2024-12-12 06:40:57 +00:00
parent e5eeaa3feb
commit c4972ac0fe
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth/etc/nevis/k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml
View File

@ -45,7 +45,7 @@ spec:
podDisruptionBudget:
maxUnavailable: "50%"
git:
tag: "r-de27c9925c6b44fc9e1dc51749c7832ef739e7cd"
tag: "r-89d09fa1182d6b706fb36674eda251615691d046"
dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth"
credentials: "git-credentials"
keystores:

18
DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth/var/opt/nevisauth/default/conf/esauth4.xml
View File

@ -64,7 +64,7 @@
<Entry method="authenticate" state="ob-realm_ob-realm-idm-pwd-login-IdmUserVerifyState" selector="${request:currentResource:/pwreset/start:true}"/>
<Entry method="stepup" state="ob-realm_Selector"/>
</Domain>
<AuthState name="ob-mock-me-realm_ob-mock-me-auth-processor" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
<AuthState name="ob-mock-me-realm_ob-mock-me-auth-processor" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<ResultCond name="processResponse" next="ob-mock-me-realm_ob-mock-me-auth-processor_serviceProvider"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
@ -76,6 +76,8 @@
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="lasterror" type="error" label="${notes:lasterrorinfo}" value="${notes:lasterror}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="operation" type="text" label="operation" value="${inctx|connection.actualURL|^https:\/\/[^\/]+\/mock-me\/(.+)$|$1}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="subject" type="text" label="subject" value="${notes:saml.assertion.subject}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="statusCode" type="text" label="statusCode" value="${notes:saml.response.statusCode}" optional="true"/>
@ -84,8 +86,14 @@
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="authenticatedWith" type="text" label="authenticatedWith" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/authenticatedWith}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="requestedRoleLevel" type="text" label="requestedRoleLevel" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/requestedRoleLevel}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="rpEntityId" type="text" label="rpEntityId" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/09/identity/claim/rpEntityId}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="allowedVerificationMethods" type="text" label="allowedVerificationMethods" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/09/identity/claim/allowedVerificationMethods}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="addressRequired" type="text" label="addressRequired" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/09/identity/claims/addressRequired}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="currentAgovAq" type="text" label="currentAgovAq" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/11/identity/claims/currentAgovAq}" optional="true"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<GuiElem name="dateOfVerification" type="text" label="dateOfVerification" value="${notes|saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/qa/dateOfVerification}" optional="true"/>
@ -97,8 +105,10 @@
</Response>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="script" value="file:///var/opt/nevisauth/default/conf/mock-me-processing.groovy"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="parameter.idp-sso-url" value="https://auth.agov-w.azure.adnovum.net/SAML2/SSO/"/>
</AuthState>
<AuthState name="ob-mock-me-realm_ob-mock-me-auth-processor_serviceProvider" class="ch.nevis.esauth.auth.states.saml.ServiceProviderState" final="false" resumeState="true">
<AuthState name="ob-mock-me-realm_ob-mock-me-auth-processor_serviceProvider" class="ch.nevis.esauth.auth.states.saml.ServiceProviderState" final="false" resumeState="false">
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<ResultCond name="default" next="ob-mock-me-realm_ob-mock-me-auth-processor"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
@ -121,6 +131,10 @@
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="in.internalBindingSource" value="${notes:SAMLResponse}"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="in.audienceRegex" value="https://ob.agov-w.azure.adnovum.net/mock-me/.+"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="in.audience.checkrequired" value="false"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="in.max_age" value="30"/>
<!-- source: pattern://be8f8436b2ec70e9d601fdd3 -->
<property name="in.keystoreref" value="DefaultKeyStore"/>