├── .gitignore ├── .travis.yml ├── CHANGELOG.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── authhub ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ ├── auth │ │ │ ├── Authenticator.java │ │ │ ├── AuthenticatorBase.java │ │ │ ├── DefaultAuth.java │ │ │ ├── DefaultAuthenticator.java │ │ │ ├── LightPortalAuth.java │ │ │ ├── LightPortalAuthenticator.java │ │ │ ├── MarketPlaceAuth.java │ │ │ └── MarketPlaceAuthenticator.java │ │ │ ├── github │ │ │ ├── GithubConfig.java │ │ │ ├── GithubMetadata.java │ │ │ └── GithubUtil.java │ │ │ ├── security │ │ │ ├── LightBasicAuthenticationMechanism.java │ │ │ ├── LightFormAuthenticationMechanism.java │ │ │ ├── LightGSSAPIAuthenticationMechanism.java │ │ │ ├── LightGSSContextCredential.java │ │ │ ├── LightIdentityManager.java │ │ │ └── LightPasswordCredential.java │ │ │ └── spnego │ │ │ ├── KerberosKDCUtil.java │ │ │ ├── LdapAccessControl.java │ │ │ ├── SpnegoConfig.java │ │ │ ├── UserAccessControl.java │ │ │ └── UserInfo.java │ └── resources │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ ├── auth │ │ ├── DefaultAuthenticatorTest.java │ │ └── LightPortalAuthenticatorTest.java │ │ └── github │ │ └── GithubUtilTest.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── consul.yml │ ├── github.yml │ ├── server.keystore │ ├── server.truststore │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── authorize ├── .gitignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── authorize │ │ │ ├── PathHandlerProvider.java │ │ │ ├── auth │ │ │ ├── Authentication.java │ │ │ └── FormAuthentication.java │ │ │ └── handler │ │ │ ├── MapIdentityManager.java │ │ │ ├── Oauth2AuthorizeGetHandler.java │ │ │ ├── Oauth2AuthorizePostHandler.java │ │ │ └── OauthAuthConfig.java │ └── resources │ │ ├── config │ │ └── oauth_authorize.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── authorize │ │ └── handler │ │ ├── Oauth2AuthorizeGetHandlerTest.java │ │ ├── Oauth2AuthorizePostHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── jwt.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── cache ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── cache │ │ │ ├── AuditInfoHandler.java │ │ │ ├── CacheShutdownHookProvider.java │ │ │ ├── CacheStartupHookProvider.java │ │ │ ├── ClientMapStore.java │ │ │ ├── OAuth2Constants.java │ │ │ ├── ProviderMapStore.java │ │ │ ├── RefreshTokenMapStore.java │ │ │ ├── ServiceEndpointMapStore.java │ │ │ ├── ServiceMapStore.java │ │ │ ├── UserMapStore.java │ │ │ └── model │ │ │ ├── AuditInfo.java │ │ │ ├── Client.java │ │ │ ├── ClientDataSerializableFactory.java │ │ │ ├── Oauth2Service.java │ │ │ ├── Provider.java │ │ │ ├── ProviderDataSerializableFactory.java │ │ │ ├── RefreshToken.java │ │ │ ├── RefreshTokenDataSerializableFactory.java │ │ │ ├── Service.java │ │ │ ├── ServiceDataSerializableFactory.java │ │ │ ├── ServiceEndpoint.java │ │ │ ├── ServiceEndpointDataSerializableFactory.java │ │ │ ├── User.java │ │ │ └── UserDataSerializableFactory.java │ └── resources │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── cache │ │ ├── AuditHandlerTest.java │ │ └── CacheStartupHookProviderTest.java │ └── resources │ ├── config │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── cleanup.sh ├── client ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── client │ │ │ └── handler │ │ │ ├── ClientAuditHandler.java │ │ │ ├── Oauth2ClientClientIdDeleteHandler.java │ │ │ ├── Oauth2ClientClientIdGetHandler.java │ │ │ ├── Oauth2ClientClientIdServiceDeleteHandler.java │ │ │ ├── Oauth2ClientClientIdServiceGetHandler.java │ │ │ ├── Oauth2ClientClientIdServiceServiceIdDeleteHandler.java │ │ │ ├── Oauth2ClientClientIdServiceServiceIdGetHandler.java │ │ │ ├── Oauth2ClientClientIdServiceServiceIdPostHandler.java │ │ │ ├── Oauth2ClientGetHandler.java │ │ │ ├── Oauth2ClientPostHandler.java │ │ │ ├── Oauth2ClientPutHandler.java │ │ │ └── OauthClientConfig.java │ └── resources │ │ ├── config │ │ └── oauth_client.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── client │ │ └── handler │ │ ├── HealthGetHandlerTest.java │ │ ├── Oauth2ClientClientIdDeleteHandlerTest.java │ │ ├── Oauth2ClientClientIdGetHandlerTest.java │ │ ├── Oauth2ClientClientIdServiceDeleteHandlerTest.java │ │ ├── Oauth2ClientClientIdServiceGetHandlerTest.java │ │ ├── Oauth2ClientClientIdServiceServiceIdDeleteHandlerTest.java │ │ ├── Oauth2ClientClientIdServiceServiceIdGetHandlerTest.java │ │ ├── Oauth2ClientClientIdServiceServiceIdPostHandlerTest.java │ │ ├── Oauth2ClientGetHandlerTest.java │ │ ├── Oauth2ClientPostHandlerTest.java │ │ ├── Oauth2ClientPutHandlerTest.java │ │ ├── ServerInfoGetHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── handler.yml │ ├── oauth_client.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── code ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ ├── Dockerfile-Debug │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── code │ │ │ ├── PathHandlerProvider.java │ │ │ └── handler │ │ │ ├── BaseWrapper.java │ │ │ ├── CodeAuditHandler.java │ │ │ ├── CodeGetHandlerWrapper.java │ │ │ ├── CodePostHandlerWrapper.java │ │ │ ├── Oauth2CodeGetHandler.java │ │ │ ├── Oauth2CodePostHandler.java │ │ │ └── OauthCodeConfig.java │ └── resources │ │ ├── config │ │ └── oauth_code.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── code │ │ └── handler │ │ ├── ApacheDirectoryServer.java │ │ ├── HealthTest.java │ │ ├── Oauth2CodeGetHandlerTest.java │ │ ├── Oauth2CodePostHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── github.yml │ ├── handler.yml │ ├── jwt.yml │ ├── oauth_code.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── path-resource.yml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── security.yml │ ├── server.keystore │ ├── server.truststore │ ├── service.yml │ ├── spnego.yml │ └── values.yml │ ├── create_h2.sql │ ├── krb5.conf │ ├── ldif │ ├── krbtgt.ldif │ ├── partition.ldif │ ├── server.ldif │ └── user.ldif │ └── logback-test.xml ├── db ├── mariadb │ ├── config │ │ ├── oauth2-client │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_client.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-code │ │ │ ├── client.keystore │ │ │ ├── client.truststore │ │ │ ├── cors.yml │ │ │ ├── github.yml │ │ │ ├── jwt.yml │ │ │ ├── ldap.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_code.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ ├── service.yml │ │ │ └── spnego.yml │ │ ├── oauth2-key │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_key.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-provider │ │ │ ├── cors.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_provider.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.json │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-refresh-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_refreshtoken.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-service │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_service.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── jwt.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_token.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── primary.jks │ │ │ ├── secondary.crt │ │ │ ├── secondary.jks │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ └── oauth2-user │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_user.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ └── create_mysql.sql ├── mysql │ ├── config │ │ ├── oauth2-client │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_client.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-code │ │ │ ├── client.keystore │ │ │ ├── client.truststore │ │ │ ├── cors.yml │ │ │ ├── github.yml │ │ │ ├── jwt.yml │ │ │ ├── ldap.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_code.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ ├── service.yml │ │ │ └── spnego.yml │ │ ├── oauth2-key │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_key.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-provider │ │ │ ├── cors.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_provider.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-refresh-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_refreshtoken.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-service │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_service.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── jwt.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_token.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── primary.jks │ │ │ ├── secondary.crt │ │ │ ├── secondary.jks │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ └── oauth2-user │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_user.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ └── create_mysql.sql ├── oracle │ ├── config │ │ ├── oauth2-client │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_client.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-code │ │ │ ├── client.keystore │ │ │ ├── client.truststore │ │ │ ├── cors.yml │ │ │ ├── github.yml │ │ │ ├── jwt.yml │ │ │ ├── ldap.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_code.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ ├── service.yml │ │ │ └── spnego.yml │ │ ├── oauth2-key │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_key.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-provider │ │ │ ├── cors.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_provider.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.json │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-refresh-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_refreshtoken.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-service │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_service.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── jwt.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_token.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── primary.jks │ │ │ ├── secondary.crt │ │ │ ├── secondary.jks │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ └── oauth2-user │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_user.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ └── create_oracle.sql ├── postgres │ ├── config │ │ ├── oauth2-client │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_client.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-code │ │ │ ├── client.keystore │ │ │ ├── client.truststore │ │ │ ├── cors.yml │ │ │ ├── github.yml │ │ │ ├── jwt.yml │ │ │ ├── ldap.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_code.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ ├── service.yml │ │ │ └── spnego.yml │ │ ├── oauth2-key │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_key.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-provider │ │ │ ├── cors.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_provider.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.json │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-refresh-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_refreshtoken.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-service │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_service.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ ├── oauth2-token │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── jwt.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_token.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── primary.jks │ │ │ ├── secondary.crt │ │ │ ├── secondary.jks │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ │ └── oauth2-user │ │ │ ├── cors.yml │ │ │ ├── handler.yml │ │ │ ├── logback.xml │ │ │ ├── oauth_user.yml │ │ │ ├── openapi-security.yml │ │ │ ├── openapi-validator.yml │ │ │ ├── openapi.yaml │ │ │ ├── primary.crt │ │ │ ├── secondary.crt │ │ │ ├── secret.yml │ │ │ ├── security.yml │ │ │ ├── server.keystore │ │ │ ├── server.truststore │ │ │ ├── server.yml │ │ │ └── service.yml │ └── create_postgres.sql └── sqlserver │ ├── config │ ├── oauth2-client │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── logback.xml │ │ ├── oauth_client.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ ├── oauth2-code │ │ ├── client.keystore │ │ ├── client.truststore │ │ ├── cors.yml │ │ ├── github.yml │ │ ├── jwt.yml │ │ ├── ldap.yml │ │ ├── logback.xml │ │ ├── oauth_code.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ ├── service.yml │ │ └── spnego.yml │ ├── oauth2-key │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── logback.xml │ │ ├── oauth_key.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ ├── oauth2-provider │ │ ├── cors.yml │ │ ├── logback.xml │ │ ├── oauth_provider.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.json │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ ├── oauth2-refresh-token │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── logback.xml │ │ ├── oauth_refreshtoken.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ ├── oauth2-service │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── logback.xml │ │ ├── oauth_service.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ ├── oauth2-token │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── jwt.yml │ │ ├── logback.xml │ │ ├── oauth_token.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── primary.jks │ │ ├── secondary.crt │ │ ├── secondary.jks │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ └── oauth2-user │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── logback.xml │ │ ├── oauth_user.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── secondary.crt │ │ ├── secret.yml │ │ ├── security.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ ├── create_sqlserver.sql │ └── entrypoint.sh ├── docker-compose-mariadb.yml ├── docker-compose-mysql.yml ├── docker-compose-oracle.yml ├── docker-compose-postgres.yml ├── docker-compose-sqlserver.yml ├── key ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── key │ │ │ └── handler │ │ │ ├── Oauth2KeyKeyIdGetHandler.java │ │ │ ├── Oauth2KeysGetHandler.java │ │ │ └── OauthKeyConfig.java │ └── resources │ │ ├── config │ │ └── oauth_key.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── key │ │ └── handler │ │ ├── Oauth2KeyKeyIdGetHandlerTest.java │ │ ├── Oauth2KeysGetHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── handler.yml │ ├── oauth_key.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── pom.xml ├── provider ├── .gitignore ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── provider │ │ │ ├── OauthProviderConfig.java │ │ │ ├── PathHandlerProvider.java │ │ │ ├── ProviderAuditHandler.java │ │ │ └── handler │ │ │ ├── Oauth2ProviderGetHandler.java │ │ │ ├── Oauth2ProviderPostHandler.java │ │ │ ├── Oauth2ProviderProviderIdDeleteHandler.java │ │ │ └── Oauth2ProviderPutHandler.java │ └── resources │ │ ├── config │ │ └── oauth_provider.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── provider │ │ └── handler │ │ ├── HealthGetHandlerTest.java │ │ ├── Oauth2ProviderGetHandlerTest.java │ │ ├── Oauth2ProviderPostHandlerTest.java │ │ ├── Oauth2ProviderProviderIdDeleteHandlerTest.java │ │ ├── Oauth2ProviderPutHandlerTest.java │ │ ├── ServerInfoGetHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── handler.yml │ ├── oauth_provider.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ └── create_h2.sql ├── refresh-token ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── token │ │ │ ├── PathHandlerProvider.java │ │ │ └── handler │ │ │ ├── Oauth2RefreshTokenGetHandler.java │ │ │ ├── Oauth2RefreshTokenRefreshTokenDeleteHandler.java │ │ │ ├── Oauth2RefreshTokenRefreshTokenGetHandler.java │ │ │ ├── OauthRefeshTokenConfig.java │ │ │ └── RefreshTokenAuditHandler.java │ └── resources │ │ ├── config │ │ └── oauth_refreshtoken.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── token │ │ └── handler │ │ ├── Oauth2RefreshTokenGetHandlerTest.java │ │ ├── Oauth2RefreshTokenRefreshTokenDeleteHandlerTest.java │ │ ├── Oauth2RefreshTokenRefreshTokenGetHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── handler.yml │ ├── oauth_refreshtoken.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── service ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── service │ │ │ └── handler │ │ │ ├── Oauth2ServiceGetHandler.java │ │ │ ├── Oauth2ServicePostHandler.java │ │ │ ├── Oauth2ServicePutHandler.java │ │ │ ├── Oauth2ServiceServiceIdDeleteHandler.java │ │ │ ├── Oauth2ServiceServiceIdEndpointDeleteHandler.java │ │ │ ├── Oauth2ServiceServiceIdEndpointGetHandler.java │ │ │ ├── Oauth2ServiceServiceIdEndpointPostHandler.java │ │ │ ├── Oauth2ServiceServiceIdGetHandler.java │ │ │ ├── OauthServiceConfig.java │ │ │ └── ServiceAuditHandler.java │ └── resources │ │ ├── config │ │ └── oauth_service.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── service │ │ └── handler │ │ ├── HealthGetHandlerTest.java │ │ ├── Oauth2ServiceGetHandlerTest.java │ │ ├── Oauth2ServicePostHandlerTest.java │ │ ├── Oauth2ServicePutHandlerTest.java │ │ ├── Oauth2ServiceServiceIdDeleteHandlerTest.java │ │ ├── Oauth2ServiceServiceIdEndpointDeleteHandlerTest.java │ │ ├── Oauth2ServiceServiceIdEndpointGetHandlerTest.java │ │ ├── Oauth2ServiceServiceIdEndpointPostHandlerTest.java │ │ ├── Oauth2ServiceServiceIdGetHandlerTest.java │ │ ├── ServerInfoGetHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── handler.yml │ ├── oauth_service.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── secondary.crt │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml ├── token ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker │ ├── Dockerfile │ └── Dockerfile-Slim ├── pom.xml └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── networknt │ │ │ └── oauth │ │ │ └── token │ │ │ ├── handler │ │ │ ├── Oauth2DerefGetHandler.java │ │ │ ├── Oauth2SigningPostHandler.java │ │ │ ├── Oauth2TokenPostHandler.java │ │ │ ├── OauthTokenConfig.java │ │ │ └── TokenAuditHandler.java │ │ │ └── helper │ │ │ └── HttpAuth.java │ └── resources │ │ ├── config │ │ ├── client.keystore │ │ ├── client.truststore │ │ ├── client.yml │ │ ├── cors.yml │ │ ├── handler.yml │ │ ├── jwt.yml │ │ ├── oauth-token.yml │ │ ├── openapi-security.yml │ │ ├── openapi-validator.yml │ │ ├── openapi.yaml │ │ ├── primary.crt │ │ ├── primary.jks │ │ ├── secondary.crt │ │ ├── secondary.jks │ │ ├── secret.yml │ │ ├── server.keystore │ │ ├── server.truststore │ │ ├── server.yml │ │ └── service.yml │ │ └── logback.xml │ └── test │ ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── token │ │ └── handler │ │ ├── JwtGeneratorTest.java │ │ ├── Oauth2BootstrapTokenTest.java │ │ ├── Oauth2DerefGetHandlerTest.java │ │ ├── Oauth2SigningPostHandlerTest.java │ │ ├── Oauth2TokenPostHandlerTest.java │ │ └── TestServer.java │ └── resources │ ├── config │ ├── client.keystore │ ├── client.truststore │ ├── cors.yml │ ├── handler.yml │ ├── jwt.yml │ ├── oauth.yml │ ├── openapi-security.yml │ ├── openapi-validator.yml │ ├── openapi.yaml │ ├── primary.crt │ ├── primary.jks │ ├── secondary.crt │ ├── secondary.jks │ ├── secret.yml │ ├── server.keystore │ ├── server.truststore │ ├── server.yml │ └── service.yml │ ├── create_h2.sql │ └── logback-test.xml └── user ├── .gitignore ├── .swagger-codegen-ignore ├── LICENSE ├── README.md ├── build.sh ├── docker ├── Dockerfile └── Dockerfile-Slim ├── pom.xml └── src ├── main ├── java │ └── com │ │ └── networknt │ │ └── oauth │ │ └── user │ │ ├── PathHandlerProvider.java │ │ └── handler │ │ ├── Oauth2PasswordUserIdPostHandler.java │ │ ├── Oauth2UserGetHandler.java │ │ ├── Oauth2UserPostHandler.java │ │ ├── Oauth2UserPutHandler.java │ │ ├── Oauth2UserUserIdDeleteHandler.java │ │ ├── Oauth2UserUserIdGetHandler.java │ │ ├── OauthUserConfig.java │ │ └── UserAuditHandler.java └── resources │ ├── config │ └── oauth_user.yml │ └── logback.xml └── test ├── java └── com │ └── networknt │ └── oauth │ └── user │ └── handler │ ├── Oauth2PasswordUserIdPostHandlerTest.java │ ├── Oauth2UserGetHandlerTest.java │ ├── Oauth2UserPostHandlerTest.java │ ├── Oauth2UserPutHandlerTest.java │ ├── Oauth2UserUserIdDeleteHandlerTest.java │ ├── Oauth2UserUserIdGetHandlerTest.java │ └── TestServer.java └── resources ├── config ├── client.keystore ├── client.truststore ├── cors.yml ├── handler.yml ├── oauth_user.yml ├── openapi-security.yml ├── openapi-validator.yml ├── openapi.yaml ├── primary.crt ├── secondary.crt ├── secret.yml ├── server.keystore ├── server.truststore ├── server.yml └── service.yml ├── create_h2.sql └── logback-test.xml /.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | *.versionsBackup 17 | dependency-reduced-pom.xml 18 | 19 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 20 | hs_err_pid* 21 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: java 2 | cache: 3 | directories: 4 | - $HOME/.m2 5 | jdk: 6 | - openjdk11 7 | 8 | branches: 9 | only: 10 | - master 11 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/auth/Authenticator.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.auth; 2 | 3 | import io.undertow.security.idm.Account; 4 | import io.undertow.security.idm.Credential; 5 | 6 | public interface Authenticator { 7 | /** 8 | * Authenticate user with the credential and userType. Return null if failed to authenticate. 9 | * Otherwise, return an account object that represent the user profile. 10 | * @param id String 11 | * @param credential Credential 12 | * @return Account account 13 | * 14 | */ 15 | Account authenticate(String id, Credential credential); 16 | } 17 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/auth/AuthenticatorBase.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.auth; 2 | 3 | public abstract class AuthenticatorBase implements Authenticator { 4 | 5 | } 6 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/auth/DefaultAuth.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.auth; 2 | 3 | public interface DefaultAuth { 4 | } 5 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/auth/LightPortalAuth.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.auth; 2 | 3 | public interface LightPortalAuth { 4 | } 5 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/auth/MarketPlaceAuth.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.auth; 2 | 3 | public interface MarketPlaceAuth { 4 | } 5 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/github/GithubConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.github; 2 | 3 | public class GithubConfig { 4 | String protocol; 5 | String host; 6 | String pathPrefix; 7 | String owner; 8 | String repo; 9 | String path; 10 | 11 | public String getProtocol() { return protocol; } 12 | public void setProtocol(String protocol) { this.protocol = protocol; } 13 | 14 | public String getHost() { return host; } 15 | public void setHost(String host) { this.host = host; } 16 | 17 | public String getPathPrefix() { return pathPrefix; } 18 | public void setPathPrefix(String pathPrefix) { this.pathPrefix = pathPrefix; } 19 | 20 | public String getOwner() { return owner; } 21 | public void setOwner(String owner) { this.owner = owner; } 22 | 23 | public String getRepo() { return repo; } 24 | public void setRepo(String repo) { this.repo = repo; } 25 | 26 | public String getPath() { return path; } 27 | public void setPath(String path) { this.path = path; } 28 | 29 | } 30 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/spnego/SpnegoConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.spnego; 2 | 3 | public class SpnegoConfig { 4 | String debug; 5 | String useKeyTab; 6 | String keyTab; 7 | String principal; 8 | 9 | public String getDebug() { 10 | return debug; 11 | } 12 | 13 | public void setDebug(String debug) { 14 | this.debug = debug; 15 | } 16 | 17 | public String getUseKeyTab() { 18 | return useKeyTab; 19 | } 20 | 21 | public void setUseKeyTab(String useKeyTab) { 22 | this.useKeyTab = useKeyTab; 23 | } 24 | 25 | public String getKeyTab() { 26 | return keyTab; 27 | } 28 | 29 | public void setKeyTab(String keyTab) { 30 | this.keyTab = keyTab; 31 | } 32 | 33 | public String getPrincipal() { 34 | return principal; 35 | } 36 | 37 | public void setPrincipal(String principal) { 38 | this.principal = principal; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /authhub/src/main/java/com/networknt/oauth/spnego/UserInfo.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.spnego; 2 | 3 | import java.util.List; 4 | 5 | /** 6 | * User information from the user-store. 7 | * 8 | * @author Darwin V. Felix 9 | * 10 | */ 11 | public interface UserInfo { 12 | 13 | /** 14 | * Returns a list of info associated with the label. 15 | * 16 | * @param label e.g. name, proxyAddresses, whenCreated 17 | * @return a list of info associated with the label 18 | */ 19 | List getInfo(final String label); 20 | 21 | /** 22 | * Return a list of labels. 23 | * 24 | * @return a list of labels 25 | */ 26 | List getLabels(); 27 | 28 | /** 29 | * Returns true if there is info with the passed-in label. 30 | * 31 | * @param label e.g. mail, memberOf, displayName 32 | * @return true true if there is info with the passed-in label 33 | */ 34 | boolean hasInfo(final String label); 35 | } -------------------------------------------------------------------------------- /authhub/src/test/java/com/networknt/oauth/github/GithubUtilTest.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.github; 2 | 3 | import java.util.Set; 4 | 5 | import org.junit.Assert; 6 | import org.junit.Test; 7 | import org.slf4j.Logger; 8 | import org.slf4j.LoggerFactory; 9 | 10 | public class GithubUtilTest { 11 | static final Logger logger = LoggerFactory.getLogger(GithubUtilTest.class); 12 | 13 | //@Test 14 | public void testAuthorization() throws Exception { 15 | String user = "ahmed1"; 16 | 17 | Set tmp = GithubUtil.authorize(user); 18 | //System.out.println("OUTPUT: " + tmp.toString()); 19 | //Assert.assertEquals(17, String.join(",", GithubUtil.authorize(user))); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /authhub/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authhub/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /authhub/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authhub/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /authhub/src/test/resources/config/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /authhub/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authhub/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /authhub/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authhub/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /authorize/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /authorize/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-authorize.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -Djava.security.krb5.conf=/config/krb5.conf -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /authorize/src/main/java/com/networknt/oauth/authorize/auth/Authentication.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.authorize.auth; 2 | 3 | import com.networknt.exception.ApiException; 4 | import io.undertow.server.HttpServerExchange; 5 | 6 | /** 7 | * Created by stevehu on 2016-12-18. 8 | */ 9 | public interface Authentication { 10 | String authenticate(HttpServerExchange exchange) throws ApiException; 11 | } 12 | -------------------------------------------------------------------------------- /authorize/src/main/java/com/networknt/oauth/authorize/auth/FormAuthentication.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.authorize.auth; 2 | 3 | import com.networknt.exception.ApiException; 4 | import io.undertow.server.HttpServerExchange; 5 | 6 | /** 7 | * Created by stevehu on 2016-12-19. 8 | */ 9 | public class FormAuthentication implements Authentication { 10 | @Override 11 | public String authenticate(HttpServerExchange exchange) throws ApiException { 12 | String result = null; 13 | 14 | 15 | return result; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /authorize/src/main/java/com/networknt/oauth/authorize/handler/OauthAuthConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.authorize.handler; 2 | 3 | public class OauthAuthConfig { 4 | boolean enableAudit; 5 | 6 | public boolean isEnableAudit() { 7 | return enableAudit; 8 | } 9 | 10 | public void setEnableAudit(boolean enableAudit) { 11 | this.enableAudit = enableAudit; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /authorize/src/main/resources/config/oauth_authorize.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /authorize/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authorize/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /authorize/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authorize/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /authorize/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /authorize/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /authorize/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authorize/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /authorize/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/authorize/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/CacheShutdownHookProvider.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache; 2 | 3 | import com.networknt.server.ShutdownHookProvider; 4 | 5 | /** 6 | * Created by stevehu on 2016-12-27. 7 | */ 8 | public class CacheShutdownHookProvider implements ShutdownHookProvider { 9 | @Override 10 | public void onShutdown() { 11 | CacheStartupHookProvider.hz.shutdown(); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/OAuth2Constants.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache; 2 | 3 | /** 4 | * Created by steve on 23/06/17. 5 | */ 6 | public class OAuth2Constants { 7 | public static final String CODE_CHALLENGE = "code_challenge"; 8 | public static final String CODE_CHALLENGE_METHOD = "code_challenge_method"; 9 | public static final String CODE_VERIFIER = "code_verifier"; 10 | 11 | } 12 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/ClientDataSerializableFactory.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache.model; 2 | 3 | import com.hazelcast.nio.serialization.DataSerializableFactory; 4 | import com.hazelcast.nio.serialization.IdentifiedDataSerializable; 5 | 6 | /** 7 | * Created by stevehu on 2017-01-02. 8 | */ 9 | public class ClientDataSerializableFactory implements DataSerializableFactory { 10 | 11 | static final int ID = 2; 12 | static final int CLIENT_TYPE = 2; 13 | 14 | @Override 15 | public IdentifiedDataSerializable create(int typeId) { 16 | if (typeId == CLIENT_TYPE) { 17 | return new Client(); 18 | } else { 19 | return null; 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/Oauth2Service.java: -------------------------------------------------------------------------------- 1 | 2 | package com.networknt.oauth.cache.model; 3 | 4 | /** 5 | * This enum represents lignt-oauth2 provided sevices 6 | * 7 | */ 8 | public enum Oauth2Service { 9 | 10 | /** 11 | * Client. 12 | */ 13 | CLIENT, 14 | 15 | /** 16 | * User. 17 | */ 18 | USER, 19 | 20 | /** 21 | * CODE. 22 | */ 23 | CODE, 24 | 25 | /** 26 | * SERVICE. 27 | */ 28 | SERVICE, 29 | 30 | /** 31 | * Authorize. 32 | */ 33 | AUTHORIZE, 34 | 35 | /** 36 | * TOKEN. 37 | */ 38 | TOKEN, 39 | 40 | /** 41 | * Key. 42 | */ 43 | KEY, 44 | 45 | /** 46 | * Refesh_token. 47 | */ 48 | REFRESHTOKEN; 49 | 50 | } 51 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/ProviderDataSerializableFactory.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache.model; 2 | 3 | import com.hazelcast.nio.serialization.DataSerializableFactory; 4 | import com.hazelcast.nio.serialization.IdentifiedDataSerializable; 5 | 6 | public class ProviderDataSerializableFactory implements DataSerializableFactory { 7 | 8 | static final int ID = 6; 9 | static final int PROVIDER_TYPE = 6; 10 | 11 | @Override 12 | public IdentifiedDataSerializable create(int typeId) { 13 | if (typeId == PROVIDER_TYPE) { 14 | return new Provider(); 15 | } else { 16 | return null; 17 | } 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/RefreshTokenDataSerializableFactory.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache.model; 2 | 3 | import com.hazelcast.nio.serialization.DataSerializableFactory; 4 | import com.hazelcast.nio.serialization.IdentifiedDataSerializable; 5 | 6 | /** 7 | * Created by stevehu on 2017-01-14. 8 | */ 9 | public class RefreshTokenDataSerializableFactory implements DataSerializableFactory { 10 | static final int ID = 4; 11 | static final int REFRESH_TOKEN_TYPE = 4; 12 | 13 | @Override 14 | public IdentifiedDataSerializable create(int typeId) { 15 | if (typeId == REFRESH_TOKEN_TYPE) { 16 | return new RefreshToken(); 17 | } else { 18 | return null; 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/ServiceDataSerializableFactory.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache.model; 2 | 3 | import com.hazelcast.nio.serialization.DataSerializableFactory; 4 | import com.hazelcast.nio.serialization.IdentifiedDataSerializable; 5 | 6 | /** 7 | * Created by stevehu on 2017-01-02. 8 | */ 9 | public class ServiceDataSerializableFactory implements DataSerializableFactory { 10 | 11 | static final int ID = 3; 12 | static final int SERVICE_TYPE = 3; 13 | 14 | @Override 15 | public IdentifiedDataSerializable create(int typeId) { 16 | if (typeId == SERVICE_TYPE) { 17 | return new Service(); 18 | } else { 19 | return null; 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/ServiceEndpointDataSerializableFactory.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache.model; 2 | 3 | import com.hazelcast.nio.serialization.DataSerializableFactory; 4 | import com.hazelcast.nio.serialization.IdentifiedDataSerializable; 5 | 6 | public class ServiceEndpointDataSerializableFactory implements DataSerializableFactory { 7 | 8 | static final int ID = 5; 9 | static final int SERVICE_ENDPOINT_TYPE = 5; 10 | 11 | @Override 12 | public IdentifiedDataSerializable create(int typeId) { 13 | if (typeId == SERVICE_ENDPOINT_TYPE) { 14 | return new ServiceEndpoint(); 15 | } else { 16 | return null; 17 | } 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /cache/src/main/java/com/networknt/oauth/cache/model/UserDataSerializableFactory.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.cache.model; 2 | 3 | import com.hazelcast.nio.serialization.DataSerializableFactory; 4 | import com.hazelcast.nio.serialization.IdentifiedDataSerializable; 5 | 6 | /** 7 | * Created by stevehu on 2017-01-02. 8 | */ 9 | public class UserDataSerializableFactory implements DataSerializableFactory { 10 | 11 | static final int ID = 1; 12 | static final int USER_TYPE = 1; 13 | 14 | @Override 15 | public IdentifiedDataSerializable create(int typeId) { 16 | if (typeId == USER_TYPE) { 17 | return new User(); 18 | } else { 19 | return null; 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /cache/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | --- 2 | singletons: 3 | - javax.sql.DataSource: 4 | - com.zaxxer.hikari.HikariDataSource: 5 | DriverClassName: org.h2.jdbcx.JdbcDataSource 6 | jdbcUrl: jdbc:h2:mem:test 7 | username: sa 8 | password: sa 9 | -------------------------------------------------------------------------------- /cleanup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # The following commands remove all oauth2 containers and images in order to start a brand new build. 4 | # It should be called if you have changed any code in one of services. 5 | 6 | docker ps -a | awk '{ print }' | grep lightoauth2_oauth2 | awk '{print $1}' | xargs -I {} docker rm {} 7 | docker images | awk '{ print }' | grep lightoauth2_oauth2 | awk '{print $3}' | xargs -I {} docker rmi {} 8 | 9 | docker ps -a | awk '{ print }' | grep oauth2- | awk '{print $1}' | xargs -I {} docker rm {} 10 | docker images | awk '{ print }' | grep oauth2- | awk '{print $3}' | xargs -I {} docker rmi -f {} 11 | -------------------------------------------------------------------------------- /client/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | dependency-reduced-pom.xml 17 | 18 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 19 | hs_err_pid* 20 | -------------------------------------------------------------------------------- /client/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-client.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /client/src/main/java/com/networknt/oauth/client/handler/OauthClientConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.client.handler; 2 | 3 | public class OauthClientConfig { 4 | boolean enableAudit; 5 | 6 | public boolean isEnableAudit() { 7 | return enableAudit; 8 | } 9 | 10 | public void setEnableAudit(boolean enableAudit) { 11 | this.enableAudit = enableAudit; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /client/src/main/resources/config/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /client/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/client/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /client/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/client/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /client/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /client/src/test/resources/config/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /client/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /client/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/client/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /client/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/client/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /client/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: org.h2.jdbcx.JdbcDataSource 13 | jdbcUrl: jdbc:h2:mem:test 14 | username: sa 15 | password: sa 16 | -------------------------------------------------------------------------------- /code/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /code/docker/Dockerfile-Debug: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | EXPOSE 5005 3 | ADD /target/oauth2-code.jar server.jar 4 | CMD ["/bin/sh","-c","java -agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=5005 -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -Djava.security.krb5.conf=/config/krb5.conf -jar /server.jar"] 5 | -------------------------------------------------------------------------------- /code/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-code.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -Djava.security.krb5.conf=/config/krb5.conf -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /code/src/main/java/com/networknt/oauth/code/handler/CodeGetHandlerWrapper.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.code.handler; 2 | 3 | import com.networknt.handler.LightHttpHandler; 4 | import io.undertow.server.HttpHandler; 5 | import io.undertow.server.HttpServerExchange; 6 | 7 | public class CodeGetHandlerWrapper extends BaseWrapper implements LightHttpHandler { 8 | 9 | HttpHandler handler; 10 | 11 | public CodeGetHandlerWrapper() { 12 | handler = addGetSecurity(new Oauth2CodeGetHandler(), basicIdentityManager); 13 | } 14 | 15 | @Override 16 | public void handleRequest(HttpServerExchange httpServerExchange) throws Exception { 17 | handler.handleRequest(httpServerExchange); 18 | } 19 | 20 | 21 | } 22 | -------------------------------------------------------------------------------- /code/src/main/java/com/networknt/oauth/code/handler/CodePostHandlerWrapper.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.code.handler; 2 | 3 | import com.networknt.handler.LightHttpHandler; 4 | import io.undertow.server.HttpHandler; 5 | import io.undertow.server.HttpServerExchange; 6 | 7 | public class CodePostHandlerWrapper extends BaseWrapper implements LightHttpHandler { 8 | HttpHandler handler; 9 | 10 | public CodePostHandlerWrapper() { 11 | handler = addFormSecurity(new Oauth2CodePostHandler(), basicIdentityManager); 12 | } 13 | 14 | @Override 15 | public void handleRequest(HttpServerExchange httpServerExchange) throws Exception { 16 | handler.handleRequest(httpServerExchange); 17 | } 18 | 19 | } 20 | -------------------------------------------------------------------------------- /code/src/main/java/com/networknt/oauth/code/handler/OauthCodeConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.code.handler; 2 | 3 | public class OauthCodeConfig { 4 | boolean enableAudit; 5 | 6 | public boolean isEnableAudit() { 7 | return enableAudit; 8 | } 9 | 10 | public void setEnableAudit(boolean enableAudit) { 11 | this.enableAudit = enableAudit; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /code/src/main/resources/config/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /code/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/code/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /code/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/code/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /code/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /code/src/test/resources/config/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /code/src/test/resources/config/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /code/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /code/src/test/resources/config/path-resource.yml: -------------------------------------------------------------------------------- 1 | path: / 2 | # This is the base used by docker 3 | # base: /login-view/build 4 | # This is the base that is used for IDE debugging 5 | base: /home/steve/networknt/light-oauth2/login-view/build 6 | prefix: true 7 | transferMinSize: 10485760 8 | directoryListingEnabled: false 9 | -------------------------------------------------------------------------------- /code/src/test/resources/config/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /code/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/code/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /code/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/code/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /code/src/test/resources/config/spnego.yml: -------------------------------------------------------------------------------- 1 | # If SPNEGO/Kerberos debugging is enabled. Should be disabled for production. 2 | debug: true 3 | # If keytab file is used. If Microsoft AD is used, then set it to true 4 | useKeyTab: false 5 | # The keytab file location. It should be in the /config folder for Kubernetes 6 | keyTab: /Users/stevehu/networknt/light-oauth2/code/src/test/resources/config/krb_oauth2code_poc-allenc.keytab 7 | # The SPN principal name, normally it will be HTTP/{hostname}@domain 8 | principal: HTTP/localhost 9 | -------------------------------------------------------------------------------- /code/src/test/resources/config/values.yml: -------------------------------------------------------------------------------- 1 | # server.yml 2 | server.serviceId: com.networknt.oauth2-code-1.0.0 3 | server.httpsPort: 6881 4 | 5 | # ldap.yml 6 | ldap.uri: ldaps://localhost:10636/ou=users,dc=undertow,dc=io 7 | ldap.domain: undertow.io 8 | ldap.principal: uid=oauth,ou=users,dc=undertow,dc=io 9 | ldap.credential: theoauth 10 | ldap.searchFilter: (&(uid=%s)(objectClass=person)) 11 | ldap.searchBase: '' 12 | -------------------------------------------------------------------------------- /code/src/test/resources/krb5.conf: -------------------------------------------------------------------------------- 1 | [libdefaults] 2 | default_realm = UNDERTOW.IO 3 | default_tgs_enctypes = aes128-cts-hmac-sha1-96,des-cbc-md5,des3-cbc-sha1-kd 4 | default_tkt_enctypes = aes128-cts-hmac-sha1-96,des-cbc-md5,des3-cbc-sha1-kd 5 | kdc_timeout = 5000 6 | dns_lookup_realm = false 7 | dns_lookup_kdc = false 8 | allow_weak_crypto = yes 9 | forwardable = true 10 | 11 | [realms] 12 | UNDERTOW.IO = { 13 | kdc = localhost:6088 14 | } 15 | 16 | [login] 17 | krb4_convert = true 18 | krb4_get_tickets = false 19 | -------------------------------------------------------------------------------- /code/src/test/resources/ldif/krbtgt.ldif: -------------------------------------------------------------------------------- 1 | dn: uid=krbtgt,ou=users,dc=undertow,dc=io 2 | objectClass: top 3 | objectClass: person 4 | objectClass: inetOrgPerson 5 | objectClass: krb5principal 6 | objectClass: krb5kdcentry 7 | cn: KDC Service 8 | sn: Service 9 | uid: krbtgt 10 | userPassword: secret 11 | krb5PrincipalName: krbtgt/UNDERTOW.IO@UNDERTOW.IO 12 | krb5KeyVersionNumber: 0 -------------------------------------------------------------------------------- /code/src/test/resources/ldif/partition.ldif: -------------------------------------------------------------------------------- 1 | dn: ou=users,dc=undertow,dc=io 2 | objectClass: organizationalUnit 3 | objectClass: top 4 | ou: users -------------------------------------------------------------------------------- /code/src/test/resources/ldif/server.ldif: -------------------------------------------------------------------------------- 1 | dn: uid=Server,ou=users,dc=undertow,dc=io 2 | objectClass: top 3 | objectClass: person 4 | objectClass: inetOrgPerson 5 | objectClass: krb5principal 6 | objectClass: krb5kdcentry 7 | cn: Server 8 | sn: Service 9 | uid: Server 10 | userPassword: servicepwd 11 | krb5PrincipalName: HTTP/${hostname}@UNDERTOW.IO 12 | krb5KeyVersionNumber: 0 -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-client/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-client/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-client/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mariadb://mariadb:3306/oauth2?useSSL=false 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-code/client.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-code/client.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/ldap.yml: -------------------------------------------------------------------------------- 1 | uri: ldaps://localhost:10636/ou=users,dc=undertow,dc=io 2 | domain: undertow.io 3 | ldapPrincipal: uid=oauth,ou=users,dc=undertow,dc=io 4 | searchFilter: (&(uid=%s)(objectClass=person)) 5 | searchBase: '' -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-code/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-code/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-code/spnego.yml: -------------------------------------------------------------------------------- 1 | # If SPNEGO/Kerberos debugging is enabled. Should be disabled for production. 2 | debug: true 3 | # If keytab file is used. If Microsoft AD is used, then set it to true 4 | useKeyTab: false 5 | # The keytab file location. It should be in the /config folder for Kubernetes 6 | keyTab: /Users/stevehu/networknt/light-oauth2/code/src/test/resources/config/krb_oauth2code_poc-allenc.keytab 7 | # The SPN principal name, normally it will be HTTP/{hostname}@domain 8 | principal: HTTP/localhost 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-key/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-key/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-key/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mariadb://mariadb:3306/oauth2?useSSL=false 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-provider/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-provider/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-provider/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-provider/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-provider/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-provider/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-provider/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-refresh-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-refresh-token/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-refresh-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-refresh-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-refresh-token/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-refresh-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-refresh-token/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-refresh-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mariadb://mariadb:3306/oauth2?useSSL=false 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-service/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-service/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-service/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mariadb://mariadb:3306/oauth2?useSSL=false 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/oauth_token.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-token/primary.jks -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-token/secondary.jks -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-token/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-token/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mariadb://mariadb:3306/oauth2?useSSL=false 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-user/server.keystore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mariadb/config/oauth2-user/server.truststore -------------------------------------------------------------------------------- /db/mariadb/config/oauth2-user/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mariadb://mariadb:3306/oauth2?useSSL=false 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-client/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-client/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-client/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-client/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-client/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-client/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-client/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-client/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mysql://mysqldb:3306/oauth2?useSSL=false&disableMariaDbDriver 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-code/client.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-code/client.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/ldap.yml: -------------------------------------------------------------------------------- 1 | uri: ldaps://localhost:10636/ou=users,dc=undertow,dc=io 2 | domain: undertow.io 3 | ldapPrincipal: uid=oauth,ou=users,dc=undertow,dc=io 4 | searchFilter: (&(uid=%s)(objectClass=person)) 5 | searchBase: '' -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-code/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-code/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-code/spnego.yml: -------------------------------------------------------------------------------- 1 | # If SPNEGO/Kerberos debugging is enabled. Should be disabled for production. 2 | debug: true 3 | # If keytab file is used. If Microsoft AD is used, then set it to true 4 | useKeyTab: false 5 | # The keytab file location. It should be in the /config folder for Kubernetes 6 | keyTab: /Users/stevehu/networknt/light-oauth2/code/src/test/resources/config/krb_oauth2code_poc-allenc.keytab 7 | # The SPN principal name, normally it will be HTTP/{hostname}@domain 8 | principal: HTTP/localhost 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-key/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-key/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-key/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-key/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-key/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-key/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-key/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-key/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mysql://mysqldb:3306/oauth2?useSSL=false&disableMariaDbDriver 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-provider/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-provider/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-provider/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-provider/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-provider/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-provider/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-provider/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-refresh-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-refresh-token/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-refresh-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-refresh-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-refresh-token/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-refresh-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-refresh-token/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-refresh-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | # 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mysql://mysqldb:3306/oauth2?useSSL=false&disableMariaDbDriver 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-service/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-service/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-service/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-service/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-service/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-service/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-service/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-service/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mysql://mysqldb:3306/oauth2?useSSL=false&disableMariaDbDriver 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/oauth_token.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-token/primary.jks -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-token/secondary.jks -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-token/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-token/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-user/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-user/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-user/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/mysql/config/oauth2-user/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-user/server.keystore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-user/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/mysql/config/oauth2-user/server.truststore -------------------------------------------------------------------------------- /db/mysql/config/oauth2-user/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:mysql://mysqldb:3306/oauth2?useSSL=false&disableMariaDbDriver 13 | username: mysqluser 14 | password: mysqlpw 15 | maximumPoolSize: 2 16 | useServerPrepStmts: true 17 | cachePrepStmts: true 18 | cacheCallableStmts: true 19 | prepStmtCacheSize: 4096 20 | prepStmtCacheSqlLimit: 2048 21 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-client/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-client/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-client/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: oracle.jdbc.pool.OracleDataSource 13 | jdbcUrl: jdbc:oracle:thin:@oracledb:1521:XE 14 | username: SYSTEM 15 | password: oracle 16 | maximumPoolSize: 2 17 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-code/client.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-code/client.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/ldap.yml: -------------------------------------------------------------------------------- 1 | uri: ldaps://localhost:10636/ou=users,dc=undertow,dc=io 2 | domain: undertow.io 3 | ldapPrincipal: uid=oauth,ou=users,dc=undertow,dc=io 4 | searchFilter: (&(uid=%s)(objectClass=person)) 5 | searchBase: '' -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-code/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-code/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-code/spnego.yml: -------------------------------------------------------------------------------- 1 | # If SPNEGO/Kerberos debugging is enabled. Should be disabled for production. 2 | debug: true 3 | # If keytab file is used. If Microsoft AD is used, then set it to true 4 | useKeyTab: false 5 | # The keytab file location. It should be in the /config folder for Kubernetes 6 | keyTab: /Users/stevehu/networknt/light-oauth2/code/src/test/resources/config/krb_oauth2code_poc-allenc.keytab 7 | # The SPN principal name, normally it will be HTTP/{hostname}@domain 8 | principal: HTTP/localhost 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-key/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-key/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-key/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: oracle.jdbc.pool.OracleDataSource 13 | jdbcUrl: jdbc:oracle:thin:@oracledb:1521:XE 14 | username: SYSTEM 15 | password: oracle 16 | maximumPoolSize: 2 17 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-provider/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-provider/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-provider/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-provider/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-provider/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-provider/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-provider/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-refresh-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-refresh-token/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-refresh-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-refresh-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-refresh-token/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-refresh-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-refresh-token/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-refresh-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: oracle.jdbc.pool.OracleDataSource 13 | jdbcUrl: jdbc:oracle:thin:@oracledb:1521:XE 14 | username: SYSTEM 15 | password: oracle 16 | maximumPoolSize: 2 17 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-service/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-service/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-service/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: oracle.jdbc.pool.OracleDataSource 13 | jdbcUrl: jdbc:oracle:thin:@oracledb:1521:XE 14 | username: SYSTEM 15 | password: oracle 16 | maximumPoolSize: 2 17 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/oauth_token.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-token/primary.jks -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-token/secondary.jks -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-token/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-token/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: oracle.jdbc.pool.OracleDataSource 13 | jdbcUrl: jdbc:oracle:thin:@oracledb:1521:XE 14 | username: SYSTEM 15 | password: oracle 16 | maximumPoolSize: 2 17 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-user/server.keystore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/oracle/config/oauth2-user/server.truststore -------------------------------------------------------------------------------- /db/oracle/config/oauth2-user/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: oracle.jdbc.pool.OracleDataSource 13 | jdbcUrl: jdbc:oracle:thin:@oracledb:1521:XE 14 | username: SYSTEM 15 | password: oracle 16 | maximumPoolSize: 2 17 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-client/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-client/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-client/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:postgresql://postgresdb:5432/oauth2 13 | username: postgres 14 | password: my-secret-pw 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-code/client.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-code/client.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/ldap.yml: -------------------------------------------------------------------------------- 1 | uri: ldaps://localhost:10636/ou=users,dc=undertow,dc=io 2 | domain: undertow.io 3 | ldapPrincipal: uid=oauth,ou=users,dc=undertow,dc=io 4 | searchFilter: (&(uid=%s)(objectClass=person)) 5 | searchBase: '' -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-code/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-code/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-code/spnego.yml: -------------------------------------------------------------------------------- 1 | # If SPNEGO/Kerberos debugging is enabled. Should be disabled for production. 2 | debug: true 3 | # If keytab file is used. If Microsoft AD is used, then set it to true 4 | useKeyTab: false 5 | # The keytab file location. It should be in the /config folder for Kubernetes 6 | keyTab: /Users/stevehu/networknt/light-oauth2/code/src/test/resources/config/krb_oauth2code_poc-allenc.keytab 7 | # The SPN principal name, normally it will be HTTP/{hostname}@domain 8 | principal: HTTP/localhost 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-key/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-key/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-key/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:postgresql://postgresdb:5432/oauth2 13 | username: postgres 14 | password: my-secret-pw 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-provider/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-provider/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-provider/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-provider/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-provider/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-provider/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-provider/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-refresh-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-refresh-token/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-refresh-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-refresh-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-refresh-token/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-refresh-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-refresh-token/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-refresh-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:postgresql://postgresdb:5432/oauth2 13 | username: postgres 14 | password: my-secret-pw 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-service/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-service/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-service/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:postgresql://postgresdb:5432/oauth2 13 | username: postgres 14 | password: my-secret-pw 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/oauth_token.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-token/primary.jks -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-token/secondary.jks -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-token/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-token/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:postgresql://postgresdb:5432/oauth2 13 | username: postgres 14 | password: my-secret-pw 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-user/server.keystore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/postgres/config/oauth2-user/server.truststore -------------------------------------------------------------------------------- /db/postgres/config/oauth2-user/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:postgresql://postgresdb:5432/oauth2 13 | username: postgres 14 | password: my-secret-pw 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/oauth_client.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-client/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-client/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-client/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:sqlserver://sqlserver:1433;databaseName=oauth2 13 | username: sa 14 | password: StrongPassw0rd 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-code/client.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-code/client.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/github.yml: -------------------------------------------------------------------------------- 1 | protocol: https 2 | host: api.github.com 3 | pathPrefix: '' 4 | owner: yourorg 5 | repo: marketplace-admin 6 | path: users.json -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/ldap.yml: -------------------------------------------------------------------------------- 1 | uri: ldaps://localhost:10636/ou=users,dc=undertow,dc=io 2 | domain: undertow.io 3 | ldapPrincipal: uid=oauth,ou=users,dc=undertow,dc=io 4 | searchFilter: (&(uid=%s)(objectClass=person)) 5 | searchBase: '' -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/oauth_code.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-code/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-code/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-code/spnego.yml: -------------------------------------------------------------------------------- 1 | # If SPNEGO/Kerberos debugging is enabled. Should be disabled for production. 2 | debug: true 3 | # If keytab file is used. If Microsoft AD is used, then set it to true 4 | useKeyTab: false 5 | # The keytab file location. It should be in the /config folder for Kubernetes 6 | keyTab: /Users/stevehu/networknt/light-oauth2/code/src/test/resources/config/krb_oauth2code_poc-allenc.keytab 7 | # The SPN principal name, normally it will be HTTP/{hostname}@domain 8 | principal: HTTP/localhost 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-key/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-key/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-key/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:sqlserver://sqlserver:1433;databaseName=oauth2 13 | username: sa 14 | password: StrongPassw0rd 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-provider/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-provider/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-provider/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-provider/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-provider/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-provider/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-provider/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-refresh-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-refresh-token/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-refresh-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-refresh-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-refresh-token/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-refresh-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-refresh-token/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-refresh-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:sqlserver://sqlserver:1433;databaseName=oauth2 13 | username: sa 14 | password: StrongPassw0rd 15 | maximumPoolSize: 2 16 | 17 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/security.yml: -------------------------------------------------------------------------------- 1 | # Security configuration in light framework. 2 | --- 3 | # Enable JWT verification flag. 4 | enableVerifyJwt: false 5 | 6 | # Enable JWT scope verification. Only valid when enableVerifyJwt is true. 7 | enableVerifyScope: true 8 | 9 | # User for test only. should be always be false on official environment. 10 | enableMockJwt: false 11 | 12 | # JWT signature public certificates. kid and certificate path mappings. 13 | jwt: 14 | certificate: 15 | '100': primary.crt 16 | '101': secondary.crt 17 | clockSkewInSeconds: 60 18 | 19 | # Enable or disable JWT token logging 20 | logJwtToken: true 21 | 22 | # Enable or disable client_id, user_id and scope logging. 23 | logClientUserScope: false 24 | 25 | # If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true. 26 | oauthHttp2Support: true 27 | 28 | # Enable JWT token cache to speed up verification. This will only verify expired time 29 | # and skip the signature verification as it takes more CPU power and long time. 30 | enableJwtCache: true 31 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-service/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-service/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-service/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:sqlserver://sqlserver:1433;databaseName=oauth2 13 | username: sa 14 | password: StrongPassw0rd 15 | maximumPoolSize: 2 16 | 17 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/oauth_token.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-token/primary.jks -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-token/secondary.jks -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-token/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-token/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-token/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:sqlserver://sqlserver:1433;databaseName=oauth2 13 | username: sa 14 | password: StrongPassw0rd 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-user/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-user/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-user/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-user/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-user/server.keystore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-user/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/db/sqlserver/config/oauth2-user/server.truststore -------------------------------------------------------------------------------- /db/sqlserver/config/oauth2-user/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | jdbcUrl: jdbc:sqlserver://sqlserver:1433;databaseName=oauth2 13 | username: sa 14 | password: StrongPassw0rd 15 | maximumPoolSize: 2 16 | -------------------------------------------------------------------------------- /db/sqlserver/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | database=oauth2 3 | wait_time=10s 4 | password=StrongPassw0rd 5 | 6 | # wait for SQL Server to come up 7 | echo importing data will start in $wait_time... 8 | sleep $wait_time 9 | echo importing data... 10 | 11 | # run the init script to create the DB and the tables in /table 12 | /opt/mssql-tools/bin/sqlcmd -S 0.0.0.0 -U sa -P $password -i ./create_sqlserver.sql 13 | 14 | -------------------------------------------------------------------------------- /key/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /key/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-key.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /key/src/main/resources/config/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /key/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/key/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /key/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/key/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /key/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /key/src/test/resources/config/oauth_key.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /key/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /key/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/key/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /key/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/key/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /key/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: org.h2.jdbcx.JdbcDataSource 13 | jdbcUrl: jdbc:h2:mem:test 14 | username: sa 15 | password: sa 16 | -------------------------------------------------------------------------------- /provider/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /provider/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-provider.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /provider/src/main/java/com/networknt/oauth/provider/OauthProviderConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.provider; 2 | 3 | public class OauthProviderConfig { 4 | boolean enableAudit; 5 | 6 | public boolean isEnableAudit() { 7 | return enableAudit; 8 | } 9 | 10 | public void setEnableAudit(boolean enableAudit) { 11 | this.enableAudit = enableAudit; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /provider/src/main/resources/config/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /provider/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/provider/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /provider/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/provider/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /provider/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /provider/src/test/resources/config/oauth_provider.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /provider/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /provider/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/provider/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /provider/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/provider/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /provider/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: org.h2.jdbcx.JdbcDataSource 13 | jdbcUrl: jdbc:h2:mem:test 14 | username: sa 15 | password: sa 16 | -------------------------------------------------------------------------------- /refresh-token/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /refresh-token/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-refresh-token.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /refresh-token/src/main/java/com/networknt/oauth/token/handler/OauthRefeshTokenConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.token.handler; 2 | 3 | public class OauthRefeshTokenConfig { 4 | boolean enableAudit; 5 | 6 | public boolean isEnableAudit() { 7 | return enableAudit; 8 | } 9 | 10 | public void setEnableAudit(boolean enableAudit) { 11 | this.enableAudit = enableAudit; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /refresh-token/src/main/resources/config/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/refresh-token/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/refresh-token/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/oauth_refreshtoken.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/refresh-token/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/refresh-token/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /refresh-token/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | # 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: org.h2.jdbcx.JdbcDataSource 13 | jdbcUrl: jdbc:h2:mem:test 14 | username: sa 15 | password: sa 16 | -------------------------------------------------------------------------------- /service/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | dependency-reduced-pom.xml 17 | 18 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 19 | hs_err_pid* 20 | -------------------------------------------------------------------------------- /service/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-service.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /service/src/main/resources/config/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /service/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/service/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /service/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/service/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /service/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /service/src/test/resources/config/oauth_service.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /service/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /service/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/service/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /service/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/service/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /service/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: org.h2.jdbcx.JdbcDataSource 13 | jdbcUrl: jdbc:h2:mem:test 14 | username: sa 15 | password: sa 16 | -------------------------------------------------------------------------------- /token/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /token/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-token.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /token/src/main/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/main/resources/config/client.keystore -------------------------------------------------------------------------------- /token/src/main/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/main/resources/config/client.truststore -------------------------------------------------------------------------------- /token/src/main/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - https://localhost:3000 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /token/src/main/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: ${openapi-validator.enabled:true} 7 | # Log error message if validation error occurs 8 | logError: ${openapi-validator.logError:true} 9 | -------------------------------------------------------------------------------- /token/src/main/resources/config/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/main/resources/config/primary.jks -------------------------------------------------------------------------------- /token/src/main/resources/config/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/main/resources/config/secondary.jks -------------------------------------------------------------------------------- /token/src/main/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/main/resources/config/server.keystore -------------------------------------------------------------------------------- /token/src/main/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/main/resources/config/server.truststore -------------------------------------------------------------------------------- /token/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /token/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /token/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | description: Cors Http Handler 6 | enabled: true 7 | allowedOrigins: 8 | - http://localhost:8080 9 | allowedMethods: 10 | - GET 11 | - POST 12 | - PUT 13 | - DELETE 14 | -------------------------------------------------------------------------------- /token/src/test/resources/config/oauth.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for oauth service 2 | # If the audit is enabled. 3 | enableAudit: false 4 | # Bootstrap token used by oauth-kafka to call light-portal services. This is a client credentials token without user info. And it is created with a special tool only available to customers. 5 | bootstrapToken: eyJraWQiOiIxMDAiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJ1cm46Y29tOm5ldHdvcmtudDpvYXV0aDI6djEiLCJhdWQiOiJ1cm46Y29tLm5ldHdvcmtudCIsImV4cCI6MTkxMjk0MzAzMiwianRpIjoia3NPRHl0MlFVU25CY0NublpOMmZSZyIsImlhdCI6MTU5NzU4MzAzMiwibmJmIjoxNTk3NTgyOTEyLCJ2ZXJzaW9uIjoiMS4wIiwiY2xpZW50X2lkIjoiZjdkNDIzNDgtYzY0Ny00ZWZiLWE1MmQtNGM1Nzg3NDIxZTczIiwic2NvcGUiOlsicG9ydGFsLnIiLCJwb3J0YWwudyJdfQ.uCfoIZMx5xhlHvLAnmgkyuSnTGm0pTEosZOgFdGf946XeAxzULQk6mwHz0wu0oNL_L0hT1uOsgANfNpVmS44nbedkqELgHAnJpHf4IP7EStHk3o99MPZSVLufKvKmbP6-G0Th-1a8wK5XkX1_9WIhHAmxr-D23VQpvJq_XOKH24Ik06qSVUj-B3YAHrqlNIk4b-WqUYhUkluOYvI4mvCwB-xi5-Nioqa6JqpXO9fv7bb9xQzKX_3MsuEYT-LO8vquNtKPJLbz42vP1A5calbyBNZ4pnKgJyjH9_TFMywNZ-C7y2ZlhNR5_F-MKKysVkOC25TJmV49om_kb2lnoEDKg 6 | -------------------------------------------------------------------------------- /token/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /token/src/test/resources/config/primary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/test/resources/config/primary.jks -------------------------------------------------------------------------------- /token/src/test/resources/config/secondary.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/test/resources/config/secondary.jks -------------------------------------------------------------------------------- /token/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /token/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/token/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /token/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - com.networknt.oauth.auth.Authenticator: 11 | - com.networknt.oauth.auth.DefaultAuthenticator 12 | - com.networknt.oauth.auth.Authenticator: 13 | - com.networknt.oauth.auth.MarketPlaceAuthenticator 14 | - javax.sql.DataSource: 15 | - com.zaxxer.hikari.HikariDataSource: 16 | DriverClassName: org.h2.jdbcx.JdbcDataSource 17 | jdbcUrl: jdbc:h2:mem:test 18 | username: sa 19 | password: sa 20 | -------------------------------------------------------------------------------- /user/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | bower_components/ 3 | node_modules/ 4 | dist/ 5 | .idea/ 6 | .tmp/ 7 | .project 8 | .classpath 9 | .settings 10 | .metadata/ 11 | *.iml 12 | *.log 13 | *.tmp 14 | *.zip 15 | *.bak 16 | 17 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 18 | hs_err_pid* 19 | -------------------------------------------------------------------------------- /user/docker/Dockerfile-Slim: -------------------------------------------------------------------------------- 1 | FROM openjdk:11.0.3-slim 2 | ADD target/oauth2-user.jar server.jar 3 | CMD ["/bin/sh","-c","java -Dlight-4j-config-dir=/config -Dlogback.configurationFile=/config/logback.xml -jar /server.jar"] 4 | -------------------------------------------------------------------------------- /user/src/main/java/com/networknt/oauth/user/handler/OauthUserConfig.java: -------------------------------------------------------------------------------- 1 | package com.networknt.oauth.user.handler; 2 | 3 | public class OauthUserConfig { 4 | boolean enableAudit; 5 | 6 | public boolean isEnableAudit() { 7 | return enableAudit; 8 | } 9 | 10 | public void setEnableAudit(boolean enableAudit) { 11 | this.enableAudit = enableAudit; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /user/src/main/resources/config/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /user/src/test/resources/config/client.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/user/src/test/resources/config/client.keystore -------------------------------------------------------------------------------- /user/src/test/resources/config/client.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/user/src/test/resources/config/client.truststore -------------------------------------------------------------------------------- /user/src/test/resources/config/cors.yml: -------------------------------------------------------------------------------- 1 | # Cors Http Handler Configuration. This is to support connection 2 | # from light-portal single page application which might served 3 | # from another domain/host. You may need to update allowedOrigins. 4 | --- 5 | enabled: true 6 | allowedOrigins: 7 | - http://localhost:8080 8 | allowedMethods: 9 | - GET 10 | - POST 11 | - PUT 12 | - DELETE 13 | -------------------------------------------------------------------------------- /user/src/test/resources/config/oauth_user.yml: -------------------------------------------------------------------------------- 1 | # default config yml file for authorize service 2 | --- 3 | enableAudit: false 4 | 5 | -------------------------------------------------------------------------------- /user/src/test/resources/config/openapi-validator.yml: -------------------------------------------------------------------------------- 1 | # This is specific OpenAPI validator configuration file. It is introduced to support multiple 2 | # frameworks in the same server instance and it is recommended. If this file cannot be found, 3 | # the generic validator.yml will be loaded as a fallback. 4 | --- 5 | # Enable request validation. Response validation is not done on the server but client. 6 | enabled: true 7 | # Log error message if validation error occurs 8 | logError: true 9 | -------------------------------------------------------------------------------- /user/src/test/resources/config/server.keystore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/user/src/test/resources/config/server.keystore -------------------------------------------------------------------------------- /user/src/test/resources/config/server.truststore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networknt/light-oauth2/027639442eae1771f555c8aba60c4b07dadbeccc/user/src/test/resources/config/server.truststore -------------------------------------------------------------------------------- /user/src/test/resources/config/service.yml: -------------------------------------------------------------------------------- 1 | # Singleton service factory configuration/IoC injection 2 | singletons: 3 | # StartupHookProvider implementations, there are one to many and they are called in the same sequence defined. 4 | - com.networknt.server.StartupHookProvider: 5 | - com.networknt.oauth.cache.CacheStartupHookProvider 6 | # ShutdownHookProvider implementations, there are one to many and they are called in the same sequence defined. 7 | - com.networknt.server.ShutdownHookProvider: 8 | - com.networknt.oauth.cache.CacheShutdownHookProvider 9 | 10 | - javax.sql.DataSource: 11 | - com.zaxxer.hikari.HikariDataSource: 12 | DriverClassName: org.h2.jdbcx.JdbcDataSource 13 | jdbcUrl: jdbc:h2:mem:test 14 | username: sa 15 | password: sa 16 | --------------------------------------------------------------------------------