Admin client for the Oauth2 server for the OpenConext platform.
Connect to your local mysql database: mysql -uroot
Execute the following:
CREATE DATABASE authzserver DEFAULT CHARACTER SET latin1;
create user 'root'@'localhost';
grant all on authzserver.* to 'root'@'localhost';In any other environment other then local we connect to the database controlled by OpenConext-authorization-server as described in the README.
In the application.properties we enable Flyway and override this behaviour with ansible for other environments.
To run locally:
mvn spring-boot:run -Drun.jvmArguments="-Dspring.profiles.active=dev"
Or use the shortcut:
./start.sh
We use sass to ease the pain of CSS development:
npm install
Then run
npm run watch-scss
Since only users with any of the roles defined in the property allowed_roles are allowed to connect to this app
we need to query the voot service. The vootservice is registered with resource_id groups in the OpenConext-authorization-server
This admin app needs to be registered out-of-band in the OpenConext-authorization-server using the following SQL:
INSERT INTO oauth_client_details (client_id, resource_ids, client_secret, scope, authorized_grant_types, web_server_redirect_uri)
VALUES ('authz-admin', 'groups', '$2a$10$MUw.vpbP4PMUBXHcZagPBe292hwzPI4qjXi1u8e6ON8PJmCnQ8U0S', 'read','authorization_code', 'http://localhost:8081');