diff --git a/pkg/keycloak/client.go b/pkg/keycloak/client.go index c41381e710..59ce126b8e 100644 --- a/pkg/keycloak/client.go +++ b/pkg/keycloak/client.go @@ -13,8 +13,8 @@ import ( // Some attribute constants. // TODO: Make these configurable in the future. const ( - _idAttr = "OWNCLOUD_ID" - _userTypeAttr = "OWNCLOUD_USER_TYPE" + _idAttr = "OPENCLOUD_ID" + _userTypeAttr = "OPENCLOUD_USER_TYPE" ) // ConcreteClient represents a concrete implementation of a keycloak client diff --git a/services/invitations/README.md b/services/invitations/README.md index ae8bd1fdc3..a68b7f3e38 100644 --- a/services/invitations/README.md +++ b/services/invitations/README.md @@ -19,7 +19,7 @@ The default and currently only available backend used to handle invitations is [ -See the [example configuration json file](https://github.com/owncloud/ocis/blob/master/services/invitations/md-sources/example-realm.json) of a Keycloak realm the backend will work with. This file includes the `invitations` client, which is relevant for this service. +See the [example configuration json file](https://github.com/opencloud-eu/opencloud/blob/master/services/invitations/md-sources/example-realm.json) of a Keycloak realm the backend will work with. This file includes the `invitations` client, which is relevant for this service. To use the example json, set the `INVITATIONS_KEYCLOAK_CLIENT_ID` setting to `invitations`, though any other client ID can be configured. @@ -27,7 +27,7 @@ Importing this example into Keycloak will give you a realm that federates with a clients configured and all mappers correctly set. Be sure to set all the credentials after the import, as they will be disabled. -The most relevant bits are the mappers for the `OWNCLOUD_ID` and `OWNCLOUD_USER_TYPE` user properties. +The most relevant bits are the mappers for the `OPENCLOUD_ID` and `OPENCLOUD_USER_TYPE` user properties. ## Backend Configuration @@ -36,8 +36,8 @@ After Keycloak has been configured, the invitation service needs to be configure * `INVITATIONS_KEYCLOAK_BASE_PATH`: The URL to access Keycloak. * `INVITATIONS_KEYCLOAK_CLIENT_ID`: The client ID of the client to use. In the above example, `invitations` is used. * `INVITATIONS_KEYCLOAK_CLIENT_SECRET`: The client secret used to authenticate. This can be found in the Keycloak UI. -* `INVITATIONS_KEYCLOAK_CLIENT_REALM`: The realm where the client was added. In the example above, `ocis` is used. -* `INVITATIONS_KEYCLOAK_USER_REALM`: The realm where to add the users. In the example above, `ocis` is used. +* `INVITATIONS_KEYCLOAK_CLIENT_REALM`: The realm where the client was added. In the example above, `opencloud` is used. +* `INVITATIONS_KEYCLOAK_USER_REALM`: The realm where to add the users. In the example above, `opencloud` is used. * `INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY`: If set to true, the verification of the Keycloak HTTPS certificate is skipped. This is not recommended in production environments. ## Bridging Provisioning Delay diff --git a/services/invitations/md-sources/example-realm.json b/services/invitations/md-sources/example-realm.json index 614d800540..45983308c6 100644 --- a/services/invitations/md-sources/example-realm.json +++ b/services/invitations/md-sources/example-realm.json @@ -1,6 +1,6 @@ { "id": "c59e5222-f0b8-4169-a7a2-0cb6bfed8d33", - "realm": "ocis", + "realm": "opencloud", "notBefore": 0, "defaultSignatureAlgorithm": "RS256", "revokeRefreshToken": false, @@ -45,7 +45,7 @@ "failureFactor": 30, "defaultRole": { "id": "66d42d82-e003-4dca-931d-ac25fe27fcdc", - "name": "default-roles-ocis", + "name": "default-roles-opencloud", "description": "${role_default-roles}", "composite": true, "clientRole": false, @@ -129,13 +129,13 @@ "clientId": "account", "name": "${client_account}", "rootUrl": "${authBaseUrl}", - "baseUrl": "/realms/ocis/account/", + "baseUrl": "/realms/opencloud/account/", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ - "/realms/ocis/account/*" + "/realms/opencloud/account/*" ], "webOrigins": [], "notBefore": 0, @@ -173,13 +173,13 @@ "clientId": "account-console", "name": "${client_account-console}", "rootUrl": "${authBaseUrl}", - "baseUrl": "/realms/ocis/account/", + "baseUrl": "/realms/opencloud/account/", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ - "/realms/ocis/account/*" + "/realms/opencloud/account/*" ], "webOrigins": [], "notBefore": 0, @@ -656,13 +656,13 @@ "clientId": "security-admin-console", "name": "${client_security-admin-console}", "rootUrl": "${authAdminUrl}", - "baseUrl": "/admin/ocis/console/", + "baseUrl": "/admin/opencloud/console/", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ - "/admin/ocis/console/*" + "/admin/opencloud/console/*" ], "webOrigins": [ "+" @@ -718,17 +718,17 @@ { "id": "06dc1405-3631-4714-b4b1-19580e7c0465", "clientId": "web", - "name": "ownCloud Web", + "name": "OpenCloud Web", "description": "", - "rootUrl": "https://ocis.schule.owncloud.works", - "adminUrl": "https://ocis.schule.owncloud.works", - "baseUrl": "https://ocis.schule.owncloud.works", + "rootUrl": "https://cloud.schule.opencloud.eu", + "adminUrl": "https://cloud.schule.opencloud.eu", + "baseUrl": "https://cloud.schule.opencloud.eu", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ - "https://ocis.schule.owncloud.works/*" + "https://cloud.schule.opencloud.eu/*" ], "webOrigins": [ "+" @@ -745,7 +745,7 @@ "protocol": "openid-connect", "attributes": { "oidc.ciba.grant.enabled": "false", - "post.logout.redirect.uris": "https://ocis.schule.owncloud.works/*", + "post.logout.redirect.uris": "https://cloud.schule.opencloud.eu/*", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.session.required": "true", "backchannel.logout.revoke.offline.tokens": "false" @@ -934,7 +934,7 @@ "protocolMappers": [ { "id": "596f067b-ae2f-4771-96c5-d0c3942b04da", - "name": "owncloud-uuid", + "name": "opencloud-uuid", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, @@ -945,7 +945,7 @@ "user.attribute": "LDAP_ID", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "ocis\\.user\\.uuid" + "claim.name": "opencloud\\.user\\.uuid" } } ] @@ -1699,7 +1699,7 @@ "uid" ], "groups.dn": [ - "ou=groups,dc=owncloud,dc=com" + "ou=groups,dc=opencloud,dc=eu" ], "mode": [ "LDAP_ONLY" @@ -1821,7 +1821,7 @@ }, { "id": "92aa0407-daed-4780-89b5-72b23f4ddbca", - "name": "owncloud-uuid", + "name": "opencloud-uuid", "providerId": "user-attribute-ldap-mapper", "subComponents": {}, "config": { @@ -1844,13 +1844,13 @@ "false" ], "user.model.attribute": [ - "OWNCLOUD_ID" + "OPENCLOUD_ID" ] } }, { "id": "b5d0c6e6-2b2c-4403-ba2f-7e7ea711cbdc", - "name": "owncloud-usertype", + "name": "opencloud-usertype", "providerId": "user-attribute-ldap-mapper", "subComponents": {}, "config": { @@ -1876,7 +1876,7 @@ "true" ], "user.model.attribute": [ - "OWNCLOUD_USER_TYPE" + "OPENCLOUD_USER_TYPE" ] } } @@ -1896,7 +1896,7 @@ "false" ], "usersDn": [ - "ou=users,dc=owncloud,dc=com" + "ou=users,dc=opencloud,dc=eu" ], "cachePolicy": [ "EVICT_DAILY" @@ -1923,7 +1923,7 @@ "-1" ], "bindDn": [ - "cn=admin,dc=owncloud,dc=com" + "cn=admin,dc=opencloud,dc=eu" ], "lastSync": [ "1679575179" diff --git a/services/invitations/pkg/command/root.go b/services/invitations/pkg/command/root.go index d57a532c74..f9df7c9e56 100644 --- a/services/invitations/pkg/command/root.go +++ b/services/invitations/pkg/command/root.go @@ -22,11 +22,11 @@ func GetCommands(cfg *config.Config) cli.Commands { } } -// Execute is the entry point for the ocis invitations command. +// Execute is the entry point for the opencloud invitations command. func Execute(cfg *config.Config) error { app := clihelper.DefaultApp(&cli.App{ Name: "invitations", - Usage: "Serve invitations API for oCIS", + Usage: "Serve invitations API for OpenCloud", Commands: GetCommands(cfg), })