new configuration version

2024-11-21 14:26:57 +00:00 · 2024-11-21 14:26:57 +00:00 · fed1c9900e
parent 6292f1b33e
commit fed1c9900e
2 changed files with 29 additions and 18 deletions
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml
@ -45,7 +45,7 @@ spec:
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-d75760689839b55fe11c8da18bf011e04bd139bb"
+    tag: "r-153d83d557aa1d761b3c650dc29a44e0b8690555"
    dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml
@ -191,7 +191,7 @@
            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
            <ResultCond name="failed" next="cossa_realm_Authentication_Failed"/>
            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <ResultCond name="ok" next="cossa_realm_JwtToken"/>
+            <ResultCond name="ok" next="cossa_realm_New_Transform_Variables_Step"/>
            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
            <Response value="AUTH_CONTINUE">
                <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
@ -210,23 +210,16 @@
            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
            <property name="klpURL" value="https://klp.agov-w.azure.adnovum.net/api/endpoint"/>
        </AuthState>
-        <AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+        <AuthState name="cossa_realm_New_Transform_Variables_Step" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
+            <!-- source: pattern://e98427cb822732177947c4c7 -->
            <ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <Response value="AUTH_ERROR"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="out.audience" value="https://www.adnovum.ch"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="out.issuer" value="https://my.nevis.server"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="out.time_to_live" value="86400"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="token.algorithm" value="RS256"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="keystoreref" value="JwtToken"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="keyobjectref" value="tokensigner"/>
+            <!-- source: pattern://e98427cb822732177947c4c7 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://e98427cb822732177947c4c7 -->
+                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
+            </Response>
+            <!-- source: pattern://e98427cb822732177947c4c7 -->
+            <property name="request:UserId" value="klp-client"/>
        </AuthState>
        <AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
@ -372,6 +365,24 @@
            <!-- source: pattern://635e4d617af6818edc9ae7c9 -->
            <property name="script" value="file:///var/opt/nevisauth/default/conf/new_test_login.groovy"/>
        </AuthState>
+        <AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <Response value="AUTH_ERROR"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <property name="out.audience" value="https://www.adnovum.ch"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <property name="out.issuer" value="https://my.nevis.server"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <property name="out.time_to_live" value="86400"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <property name="token.algorithm" value="RS256"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <property name="keystoreref" value="JwtToken"/>
+            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
+            <property name="keyobjectref" value="tokensigner"/>
+        </AuthState>
        <AuthState name="cossa_realm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
            <ResultCond name="nomatch" next="cossa_realm_Prepare_Done"/>