onecx-iam-bff
Configuration
Configuration property fixed at build time - All other configuration properties are overridable at runtime
Configuration property |
Type |
Default |
|---|---|---|
Url of the iam rest client. Environment variable: |
string |
required |
Set to true to share the HTTP client between REST clients. Environment variable: |
boolean |
|
The size of the rest client connection pool. Environment variable: |
int |
|
Default properties
src/main/resources/application.properties
quarkus.http.auth.permission.health.paths=/q/*
quarkus.http.auth.permission.health.policy=permit
quarkus.http.auth.permission.default.paths=/*
quarkus.http.auth.permission.default.policy=authenticated
onecx.permissions.application-id=${quarkus.application.name}
org.eclipse.microprofile.rest.client.propagateHeaders=apm-principal-token
%prod.quarkus.rest-client.onecx_iam_svc.url=http://onecx-iam-svc:8080
quarkus.openapi-generator.codegen.input-base-dir=target/tmp/openapi
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_yaml.config-key=onecx_iam_svc
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_yaml.base-package=gen.org.tkit.onecx.iam.client
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_yaml.enable-security-generation=false
%prod.quarkus.rest-client.onecx_iam_svc.providers=io.quarkus.oidc.client.reactive.filter.OidcClientRequestReactiveFilter
%prod.quarkus.oidc-client.client-id=${ONECX_OIDC_CLIENT_CLIENT_ID:${quarkus.application.name}}Extensions
Extensions |
Documentation |
Configuration |
Version |
|---|---|---|---|
quarkus-rest |
3.20.2.1 |
||
quarkus-smallrye-openapi |
3.20.2.1 |
||
quarkus-rest-jackson |
3.20.2.1 |
||
quarkus-smallrye-health |
3.20.2.1 |
||
quarkus-opentelemetry |
3.20.2.1 |
||
quarkus-micrometer-registry-prometheus |
3.20.2.1 |
||
quarkus-openapi-generator |
2.10.0-lts |
||
quarkus-rest-client-jackson |
3.20.2.1 |
||
tkit-quarkus-log-cdi |
3.6.0 |
||
tkit-quarkus-log-rs |
3.6.0 |
||
tkit-quarkus-log-json |
3.6.0 |
||
tkit-quarkus-rest |
3.6.0 |
||
tkit-quarkus-rest-context |
3.6.0 |
||
quarkus-cache |
3.20.2.1 |
||
quarkus-hibernate-validator |
3.20.2.1 |
||
onecx-permissions |
1.7.0 |
||
quarkus-oidc |
3.20.2.1 |
||
tkit-quarkus-security |
3.6.0 |
||
onecx-core |
1.7.0 |
||
quarkus-arc |
3.20.2.1 |
||
quarkus-container-image-docker |
3.20.2.1 |
||
quarkus-rest-client-oidc-filter |
3.20.2.1 |
| | | 2.40.0
|=== 3.15.1
=== Container === Helm Default values .src/main/helm/values.yaml [source,yaml] ---- app: name: bff template: oidc_client_id: "ONECX_OIDC_CLIENT_CLIENT_ID" image: repository: "onecx/onecx-iam-bff" operator: # Permission permission: enabled: true spec: permissions: user: admin-read: permission on all GET requests and POST search for admin operations admin-write: permission on all POST and PUT requests for admin operations role: admin-read: permission on all GET requests and POST search for admin operations admin-write: permission on all POST and PUT requests for admin operations provider: admin-read: permission on all GET requests and POST search for admin operations read: permission on all GET requests and POST search for user operations password: write: permission on PUT, POST, PATCH requests, where objects are saved or updated keycloak: client: enabled: true spec: kcConfig: defaultClientScopes: [ ocx-ia:all, ocx-pm:read ] ---- |