Add template files for openid federation services

2025-04-23 12:39:10 +02:00 · 2025-04-23 12:39:10 +02:00 · 6c5d9f962c
commit 6c5d9f962c
parent fa5684654a
2 changed files with 89 additions and 0 deletions
--- a/application-sandbox.yml.erb
+++ b/application-sandbox.yml.erb
@ -0,0 +1,79 @@
+server:
+  port: <%= @service_port %>
+  servlet:
+    context-path: /oidf
+  compression:
+    enabled: true
+
+
+credential:
+  bundles:
+    keystore:
+      sign-key-store:
+        location: file:/<%= @keystore_file %>
+        password: changeit
+        type: JKS
+    jks:
+      sign-key-1:
+        store-reference: sign-key-store
+        name: "Sign key 1"
+        key:
+          alias: 1
+          key-password: changeit
+      validation-key-1:
+        store-reference: validation-key-store
+        name: "Validation key 1"
+        key:
+          alias: 1
+          key-password: changeit
+spring:
+  application:
+    name: openid-federation-services
+  ssl:
+    bundle:
+      jks:
+        oidf-internal:
+          truststore:
+            location: file:/<%= @keystore_file %>
+            password: <%= @keystore_password %>
+            type: PKCS12
+
+openid:
+  federation:
+    modules:
+      resolvers:
+        - trusted-keys:
+            - sign-key-1
+          entity-identifier: https://<%= @server_fqdn %>/oidf/resolver
+          trust-anchor: https://<%= @server_fqdn %>/oidf/ta
+      trust-anchors:
+        - entity-identifier: https://<%= @server_fqdn %>/ta
+    storage: memory
+    sign:
+      - sign-key-1
+    registry:
+      integration:
+        enabled: false
+    entities:
+      - subject: https://<%= @server_fqdn %>/oidf/resolver
+        issuer: https://<%= @server_fqdn %>/oidf/resolver
+        hosted-record:
+          metadata:
+            json: |
+              {
+                "federation_entity": {
+                  "organization_name": "Sweden Connect"
+                }
+              }
+      - subject: https://<%= @server_fqdn %>/oidf/ta
+        issuer: https://<%= @server_fqdn %>/oidf/ta
+        hosted-record:
+          metadata:
+            json: |
+              {
+                "federation_entity": { 
+                  "organization_name": "Sweden Connect",
+                  "federation_fetch_endpoint": "https://<%= @server_fqdn %>/oidf/ta/fetch",
+                  "federation_list_endpoint": "https://<%= @server_fqdn %>/oidf/ta/subordinate_listing"
+                }
+              }
--- a/docker-compose.yml.yrb
+++ b/docker-compose.yml.yrb
@ -0,0 +1,10 @@
+services:
+  oidf:
+    image: ghcr.io/swedenconnect/openid-federation-services:<%= @version %>
+    ports:
+      - "443:<%= @service_port %>/tcp"
+    environment:
+      SPRING_CONFIG_IMPORT: <%= @config_file %>
+    volumes:
+      - <%= @service_dir %>:/opt/oidf
+      - /etc/ssl:/etc/ssl