sso

2025-08-26 19:15:37 -04:00
parent 7ca61eb712
commit 86900b0bd4
16 changed files with 2099 additions and 8 deletions
--- a/sso-config/README.md
+++ b/sso-config/README.md
@ -0,0 +1,52 @@
+# SSO Configuration for KMS Testing
+
+This directory contains configuration files for testing SSO integration with the KMS application.
+
+## Directory Structure
+
+```
+sso-config/
+├── keycloak/
+│   └── kms-realm.json          # Keycloak realm configuration
+└── README.md                   # This file
+```
+
+## Test Users
+
+The following test users are configured in both identity providers:
+
+| Email | Password | Permissions | Description |
+|-------|----------|-------------|-------------|
+| admin@example.com | admin123 | internal.* | Full administrative access |
+| test@example.com | test123 | app.read, token.read | Standard user access |
+| limited@example.com | limited123 | repo.read | Limited access user |
+
+## Keycloak Configuration
+
+- **Admin Console**: http://localhost:8090
+- **Admin Credentials**: admin / admin
+- **Realm**: kms
+- **Client ID**: kms-api
+- **Client Secret**: kms-client-secret
+
+### Key Features:
+- Pre-configured realm with test users
+- OpenID Connect protocol support
+- Custom attribute mapping for permissions
+- Proper redirect URIs for local development
+
+## SimpleSAMLphp Configuration
+
+- **Admin Console**: http://localhost:8091/simplesaml
+- **Admin Credentials**: admin / secret
+- **Test Users**: user1 / user1pass, user2 / user2pass
+
+### Key Features:
+- SAML 2.0 Identity Provider
+- Pre-configured service provider settings
+- Test certificates (DO NOT use in production)
+- Metadata endpoint available
+
+## Usage
+
+See the main CLAUDE.md file for detailed usage instructions.