From 3d1e8e060821da780a02bd17e5097775af755802 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Tue, 29 Jun 2021 17:49:45 +0300 Subject: [PATCH 01/13] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 1045c89..22359b7 100644 --- a/README.md +++ b/README.md @@ -21,11 +21,11 @@ After your request to KE.D is approved you will be given a clientId and a client ## Install -**Quick**: Download latest jar from Releases page. Then deploy it into $KEYCLOAK_HOME/standalone/deployments/ directory. +**Quick**: Download latest release jar from Releases page. Then deploy it into $KEYCLOAK_HOME/standalone/deployments/ directory. You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator. -After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documnetation for more info. You can also easily deploy the extension wthrough Keycloak Manifest if you are using Keycloak Operator on Kubernetes. +After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documnetation for more info. You can also easily deploy the extension wthrough Keycloak Manifest if you are using Keycloak Operator on Kubernetes. After succesfully installing the extension the following options will be available through Identity Providers -> Add Provider Keycloak administration console menu: From 59110e562048fced1e1ff551727b3ab62a94a4e4 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Tue, 29 Jun 2021 17:50:13 +0300 Subject: [PATCH 02/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 22359b7..9ea9b1b 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ After your request to KE.D is approved you will be given a clientId and a client ## Install -**Quick**: Download latest release jar from Releases page. Then deploy it into $KEYCLOAK_HOME/standalone/deployments/ directory. +**Quick**: Download latest release jar from Releases page. Then deploy it into ```$KEYCLOAK_HOME/standalone/deployments/``` directory. You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator. From 6629debc135d154f5da3a6e016e8d12182a19705 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Tue, 29 Jun 2021 17:50:50 +0300 Subject: [PATCH 03/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9ea9b1b..71f4b3d 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ See the Keycloak plugin adds an production and testing identity providers allowing to use Greek Public Administration OAuth 2 Services. +This Keycloak plugin adds production and testing identity providers for brokering Greek Public Administration OAuth 2 Services. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. From 0e43e427c90af8a0889978dc8b2790632f04f490 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Tue, 29 Jun 2021 18:03:59 +0300 Subject: [PATCH 05/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f7d55c8..c7b4110 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Keycloak Gsis Providers -This Keycloak plugin adds production and testing identity providers for brokering Greek Public Administration OAuth 2 Services. +This Keycloak plugin adds production and testing identity providers for using Greek Public Administration OAuth 2 Services. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. From 852e992ac76593be4f025cf080f870f2c032a2f7 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Tue, 29 Jun 2021 18:10:47 +0300 Subject: [PATCH 06/13] Update README.md --- README.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index c7b4110..4a83cea 100644 --- a/README.md +++ b/README.md @@ -8,10 +8,10 @@ This Keycloak plugin add ## Implemented identity providers -- TAXISnet OAuth2.0 authentication service testing environmet (gsis-taxis-test) -- TAXISnet OAuth2.0 authentication service production environmet (gsis-taxis) -- Employees OAuth2.0 authentication service testing environmet (gsis-govuser-test) -- Employees OAuth2.0 authentication service production environmet (gsis-govuser) +- TAXISnet OAuth2.0 authentication service testing environment (gsis-taxis-test) +- TAXISnet OAuth2.0 authentication service production environment (gsis-taxis) +- Employees OAuth2.0 authentication service testing environment (gsis-govuser-test) +- Employees OAuth2.0 authentication service production environment (gsis-govuser) ## How to get permissions for using Gsis OAuth 2.0 authentication services for your application @@ -23,11 +23,11 @@ After your request to KE.D is approved you will be given a clientId and a client **Quick**: Download latest release jar from Releases page. Then deploy it into ```$KEYCLOAK_HOME/standalone/deployments/``` directory. -You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator. +You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a Keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator. -After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documnetation for more info. You can also easily deploy the extension wthrough Keycloak Manifest if you are using Keycloak Operator on Kubernetes. +After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documentation for more info. You can also easily deploy the extension wthrough Keycloak Manifest if you are using Keycloak Operator on Kubernetes. -After succesfully installing the extension the following options will be available through Identity Providers -> Add Provider Keycloak administration console menu: +After successfully installing the extension the following options will be available through Identity Providers -> Add Provider Keycloak administration console menu: - GsisTaxisTest (TAXISnet testing) - GsisTaxis (TAXISnet production) @@ -55,4 +55,3 @@ Apache License, Version 2.0 Built for the needs of [Greek School Network and Networking Technologies Directorate](http://nts.cti.gr/). Based on [this sample extension](https://github.com/xgp/keycloak-moneybird-idp) by [xgp](https://github.com/xgp). - From b7c4006526c942a305f35dbc0f4428ef5e9a3806 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Tue, 29 Jun 2021 18:16:16 +0300 Subject: [PATCH 07/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4a83cea..06e2b43 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Keycloak Gsis Providers -This Keycloak plugin adds production and testing identity providers for using Greek Public Administration OAuth 2 Services. +This Keycloak plugin adds production and testing identity providers for using Greek General Secretariat of Information Systems for Public Administration (GSIS) OAuth 2 Services. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. From 1afb05d9d0326adb20deb3c2bf2206a7c9d1db93 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Wed, 30 Jun 2021 10:19:53 +0300 Subject: [PATCH 08/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 06e2b43..8924686 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ After your request to KE.D is approved you will be given a clientId and a client You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a Keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator. -After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documentation for more info. You can also easily deploy the extension wthrough Keycloak Manifest if you are using Keycloak Operator on Kubernetes. +After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documentation for more info. You can also easily deploy the extension through Operator Keycloak Manifest if you are using Keycloak Operator on Kubernetes. After successfully installing the extension the following options will be available through Identity Providers -> Add Provider Keycloak administration console menu: From d85147813487d56889c7396fac09b527bd063e24 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Wed, 30 Jun 2021 11:00:27 +0300 Subject: [PATCH 09/13] Update README.md --- README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/README.md b/README.md index 8924686..4532fc4 100644 --- a/README.md +++ b/README.md @@ -39,9 +39,23 @@ After successfully installing the extension the following options will be availa - Add the Gsis Identity Provider you want to use in the realm which you want to configure. - In the Gsis identity provider page, set Client Id and Client Secret. - (Optional) Set the alias for the provider and other options if you want. +- (Optional) Set up provider mappers (See profile fields) See the Identity Brokering section of Keycloak Server Admin for more info. +### Profile Fields + +Gsis OAuth 2.0 service provides the following profile fields for **individuals**: +- userid +- taxid +- lastname +- firstname +- fathername +- mothername +- birthyear + +Select ```Attribute Importer``` as ```Mapper Type``. + ## Source Build Clone this repository and run ```mvn package```. You can see ```keycloak-gsis-providers-{vesrion}.jar``` under target directory. From 6245cf44106bc09d3eb5838770d53cf22b3a2a58 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Wed, 30 Jun 2021 11:00:50 +0300 Subject: [PATCH 10/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4532fc4..7353370 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,7 @@ Gsis OAuth 2.0 service provides the following profile fields for **individuals** - mothername - birthyear -Select ```Attribute Importer``` as ```Mapper Type``. +Select ```Attribute Importer``` as ```Mapper Type```. ## Source Build From 6c9cd28bc18d094aaa10f885b561213cafd7bad8 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Wed, 30 Jun 2021 11:02:58 +0300 Subject: [PATCH 11/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7353370..5decfdc 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,7 @@ Gsis OAuth 2.0 service provides the following profile fields for **individuals** - mothername - birthyear -Select ```Attribute Importer``` as ```Mapper Type```. +In Identity Provider Mapper page Select ```Attribute Importer``` as ```Mapper Type``` to import a profile field as user attribute. ## Source Build From 5be2f0724ef4c78b2ae492b15b5da8139f352581 Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Wed, 30 Jun 2021 12:48:51 +0300 Subject: [PATCH 12/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5decfdc..93363b0 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ This Keycloak plugin add ## How to get permissions for using Gsis OAuth 2.0 authentication services for your application -In order to be able to use Gsis OAuth 2.0 authentication services you need to request permission from Greek Public Administration. Instructions can be found at Interoperability Center of the Ministry of Digital Governance (KE.D) web site. +In order to be able to use Gsis OAuth 2.0 authentication services you need to request permission from GSIS. Instructions can be found at Interoperability Center of the Ministry of Digital Governance (KE.D) web site. After your request to KE.D is approved you will be given a clientId and a clientSecret for connectiong your application with Gsis OAuth2.0 providers. From ed482fc79e8726b56604ec1b2644e7ab91386ffa Mon Sep 17 00:00:00 2001 From: Konstantinos Togias Date: Wed, 30 Jun 2021 15:24:32 +0300 Subject: [PATCH 13/13] Update README.md Updated readme with notice for ggps service licence --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 93363b0..b451498 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,9 @@ # Keycloak Gsis Providers +**IMPORTANT NOTICE:** + +**GSIS does NOT ALLOW using its authentication services for connecting or implemneting SSO with third applications OTHER THAN THE ONE you have requested and granded the access for. Using this plugin for providing identification and authorization data to applications other than the one you requested is against the service licence provided by GSIS and WILL RESULT TO REVOKE YOUR ACCESS TO THE SERVICE.** + This Keycloak plugin adds production and testing identity providers for using Greek General Secretariat of Information Systems for Public Administration (GSIS) OAuth 2 Services. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.