-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathapplication.yaml
92 lines (92 loc) · 3.19 KB
/
application.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
keycloak-moh:
admin-api-url: https://common-logon-dev.hlth.gov.bc.ca/auth/admin/realms/moh_applications
base-oauth-url: https://common-logon-dev.hlth.gov.bc.ca/auth/realms/moh_applications
organizations-api-url: https://organizations-api.cey5wq-dev.nimbus.cloud.gov.bc.ca
mspdirect-api-url: https://mspdirect-dev-api.apps.silver.devops.gov.bc.ca
keycloak-master:
admin-api-url: https://common-logon-dev.hlth.gov.bc.ca/auth/admin/realms
base-oauth-url: https://common-logon-dev.hlth.gov.bc.ca/auth/realms/master
proxy:
type: DIRECT
host: apiproxyd.hlth.gov.bc.ca
port: 80
user-management-client:
roles:
view-clients: view-clients
view-metrics: view-metrics
view-groups: view-groups
view-users: view-users
view-events: view-events
manage-user-details: manage-user-details
manage-user-roles: manage-user-roles
manage-user-groups: manage-user-groups
create-user: create-user
manage-all-groups: manage-all-groups
manage-own-groups: manage-own-groups
manage-org: manage-org
bulk-removal: bulk-removal
config:
# vanity-hostname: Sets the HTTP "Location" header for the service.
vanity-hostname: "http://localhost:${server.port}"
# CORS header, should be the User Management Console:
allowed-origins: "http://localhost:8080"
spring:
codec:
max-in-memory-size-mb: 20
datasource:
url: ${keycloak_db_url}
username: ${keycloak_db_username}
password: ${keycloak_db_password}
driver-class-name: oracle.jdbc.OracleDriver
security:
oauth2:
resourceserver:
jwt:
issuer-uri: ${keycloak-moh.base-oauth-url}
jwk-set-uri: ${keycloak-moh.base-oauth-url}/protocol/openid-connect/certs
client:
registration:
keycloak-moh:
client-id: USER-MANAGEMENT-SERVICE
client-secret: ${UMS_CLIENT_SECRET}
authorization-grant-type: client_credentials
scope:
- openid
keycloak-master:
client-id: user-management-service-admin
client-secret: ${MASTER_UMS_CLIENT_SECRET}
authorization-grant-type: client_credentials
scope:
- openid
provider:
keycloak-moh:
authorization-url: ${keycloak-moh.base-oauth-url}/protocol/openid-connect/auth
token-uri: ${keycloak-moh.base-oauth-url}/protocol/openid-connect/token
keycloak-master:
authorization-url: ${keycloak-master.base-oauth-url}/protocol/openid-connect/auth
token-uri: ${keycloak-master.base-oauth-url}/protocol/openid-connect/token
jasypt:
encryptor:
password: ${ums_encryptor_password}
springdoc:
swagger-ui:
path: /docs/swagger-ui.html
disable-swagger-default-url: true
api-docs:
path: /docs/api-docs
server:
port: 9090
# If you need to test SSL locally, use settings like this.
# The key will need to be installed in your browser truststore.
# ssl:
# key-store: classpath:localhost.p12
# key-store-password: password
# key-store-type: pkcs12
# key-alias: localhost
# key-password: password
#logging:
# level:
# KC_WEB_CLIENT: DEBUG
# LOAD_TEST: DEBUG
# org.apache.coyote.http11.Http11InputBuffer: DEBUG
# root: DEBUG