/
run-console
executable file
·69 lines (55 loc) · 3.58 KB
/
run-console
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/bin/sh
################################################################################
# Copyright (c) 2017, 2021 Red Hat Inc and others
#
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
#
# SPDX-License-Identifier: EPL-2.0
#
# Contributors:
# Red Hat Inc - initial API and implementation
# Eurotech
################################################################################
# Check for Keycloak OpenID Connect integration
if [ -n "$KEYCLOAK_URL" ] && [ -n "$KAPUA_CONSOLE_URL" ]; then
echo "Activating OpenID Connect Keycloak integration..."
echo " Keycloak: $KEYCLOAK_URL"
echo " Kapua: $KAPUA_CONSOLE_URL"
: KEYCLOAK_REALM=${KEYCLOAK_REALM:=kapua}
: KEYCLOAK_CLIENT_ID=${KEYCLOAK_CLIENT_ID:=console}
JAVA_OPTS="$JAVA_OPTS -Dsso.openid.provider=keycloak"
JAVA_OPTS="$JAVA_OPTS -Dsso.openid.client.id=${KEYCLOAK_CLIENT_ID}"
test -n "$CLIENT_SECRET" && JAVA_OPTS="$JAVA_OPTS -Dsso.openid.client.secret=${CLIENT_SECRET}"
JAVA_OPTS="$JAVA_OPTS -Dsso.openid.keycloak.uri=${KEYCLOAK_URL}"
JAVA_OPTS="$JAVA_OPTS -Dsso.openid.keycloak.realm=${KEYCLOAK_REALM}"
JAVA_OPTS="$JAVA_OPTS -Dconsole.sso.openid.home.uri=${KAPUA_CONSOLE_URL}"
# Check for generic OpenID Connect provider integration
elif [ -n "${KAPUA_CONSOLE_URL}" ] && [ -n "${OPENID_JWT_ISSUER}" ]; then
echo "Activating OpenID Connect Generic integration..."
echo " OpenID Issuer: ${OPENID_JWT_ISSUER}"
echo " Console: ${KAPUA_CONSOLE_URL}"
JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.provider=generic"
JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.client.id=${OPENID_CLIENT_ID:-console}"
test -n "${CLIENT_SECRET}" && JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.client.secret=${CLIENT_SECRET}"
JAVA_OPTS="${JAVA_OPTS} -Dconsole.sso.openid.home.uri=${KAPUA_CONSOLE_URL}"
JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.generic.jwt.audience.allowed=${JWT_AUDIENCE:-console}"
JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.generic.jwt.issuer.allowed=${OPENID_JWT_ISSUER}"
test -n "${OPENID_AUTH_ENDPOINT}" && JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.generic.server.endpoint.auth=${OPENID_AUTH_ENDPOINT}"
test -n "${OPENID_LOGOUT_ENDPOINT}" && JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.generic.server.endpoint.logout=${OPENID_LOGOUT_ENDPOINT}"
test -n "${OPENID_TOKEN_ENDPOINT}" && JAVA_OPTS="${JAVA_OPTS} -Dsso.openid.generic.server.endpoint.token=${OPENID_TOKEN_ENDPOINT}"
fi
# Multi Factor Authentication configurations
test -n "${CIPHER_KEY}" && JAVA_OPTS="${JAVA_OPTS} -Dcipher.key=${CIPHER_KEY}"
test -n "${MFA_TIME_STEP_SIZE}" && JAVA_OPTS="${JAVA_OPTS} -Dauthentication.mfa.time.step.size=${MFA_TIME_STEP_SIZE}"
test -n "${MFA_WINDOW_SIZE}" && JAVA_OPTS="${JAVA_OPTS} -Dauthentication.mfa.window.size=${MFA_WINDOW_SIZE}"
test -n "${MFA_SCRATCH_CODES_NUMBER}" && JAVA_OPTS="${JAVA_OPTS} -Dauthentication.mfa.scratch.codes.number=${MFA_SCRATCH_CODES_NUMBER}"
test -n "${MFA_CODE_DIGITS_NUMBER}" && JAVA_OPTS="${JAVA_OPTS} -Dauthentication.mfa.code.digits.number=${MFA_CODE_DIGITS_NUMBER}"
test -n "${MFA_TRUST_KEY_DURATION}" && JAVA_OPTS="${JAVA_OPTS} -Dauthentication.mfa.trust.key.duration=${MFA_TRUST_KEY_DURATION}"
# Device Mannagement Configurations
: DEVICE_MANAGEMENT_RESPONSE_STACKTRACE_SHOW=${DEVICE_MANAGEMENT_RESPONSE_STACKTRACE_SHOW:=false }
test -n "${DEVICE_MANAGEMENT_RESPONSE_STACKTRACE_SHOW}" && JAVA_OPTS="${JAVA_OPTS} -Ddevice.management.response.stacktrace.show=${DEVICE_MANAGEMENT_RESPONSE_STACKTRACE_SHOW}"
export JAVA_OPTS
# Continue with startup
exec /var/opt/jetty/run-jetty "$@"