search and ai stabilization work, localization stablized.

2026-02-24 23:29:36 +02:00
parent 4f947a8b61
commit b07d27772e
766 changed files with 55299 additions and 3221 deletions
--- a/devops/compose/fixtures/keycloak/stellaops-realm.json
+++ b/devops/compose/fixtures/keycloak/stellaops-realm.json
@@ -0,0 +1,179 @@
+{
+  "realm": "stellaops",
+  "enabled": true,
+  "displayName": "StellaOps Test Realm",
+  "sslRequired": "none",
+  "registrationAllowed": false,
+  "loginWithEmailAllowed": true,
+  "duplicateEmailsAllowed": false,
+  "roles": {
+    "realm": [
+      { "name": "admin", "description": "StellaOps administrator role" },
+      { "name": "operator", "description": "StellaOps operator role" },
+      { "name": "viewer", "description": "StellaOps viewer role" }
+    ]
+  },
+  "users": [
+    {
+      "username": "saml-admin",
+      "email": "saml-admin@stellaops.test",
+      "firstName": "SAML",
+      "lastName": "Admin",
+      "enabled": true,
+      "emailVerified": true,
+      "credentials": [
+        { "type": "password", "value": "saml-admin-password", "temporary": false }
+      ],
+      "realmRoles": ["admin"]
+    },
+    {
+      "username": "saml-operator",
+      "email": "saml-operator@stellaops.test",
+      "firstName": "SAML",
+      "lastName": "Operator",
+      "enabled": true,
+      "emailVerified": true,
+      "credentials": [
+        { "type": "password", "value": "saml-operator-password", "temporary": false }
+      ],
+      "realmRoles": ["operator"]
+    },
+    {
+      "username": "oidc-admin",
+      "email": "oidc-admin@stellaops.test",
+      "firstName": "OIDC",
+      "lastName": "Admin",
+      "enabled": true,
+      "emailVerified": true,
+      "credentials": [
+        { "type": "password", "value": "oidc-admin-password", "temporary": false }
+      ],
+      "realmRoles": ["admin"]
+    },
+    {
+      "username": "oidc-operator",
+      "email": "oidc-operator@stellaops.test",
+      "firstName": "OIDC",
+      "lastName": "Operator",
+      "enabled": true,
+      "emailVerified": true,
+      "credentials": [
+        { "type": "password", "value": "oidc-operator-password", "temporary": false }
+      ],
+      "realmRoles": ["operator"]
+    }
+  ],
+  "clients": [
+    {
+      "clientId": "stellaops-saml-sp",
+      "name": "StellaOps SAML Service Provider",
+      "protocol": "saml",
+      "enabled": true,
+      "frontchannelLogout": true,
+      "attributes": {
+        "saml.assertion.signature": "true",
+        "saml.server.signature": "true",
+        "saml.client.signature": "false",
+        "saml.authnstatement": "true",
+        "saml.force.post.binding": "true",
+        "saml_name_id_format": "username",
+        "saml_assertion_consumer_url_post": "https://localhost:5001/saml/acs",
+        "saml_single_logout_service_url_post": "https://localhost:5001/saml/slo"
+      },
+      "redirectUris": [
+        "https://localhost:5001/*"
+      ],
+      "protocolMappers": [
+        {
+          "name": "role-mapper",
+          "protocol": "saml",
+          "protocolMapper": "saml-role-list-mapper",
+          "consentRequired": false,
+          "config": {
+            "single": "true",
+            "attribute.nameformat": "Basic",
+            "attribute.name": "Role"
+          }
+        },
+        {
+          "name": "email-mapper",
+          "protocol": "saml",
+          "protocolMapper": "saml-user-attribute-mapper",
+          "consentRequired": false,
+          "config": {
+            "attribute.nameformat": "Basic",
+            "user.attribute": "email",
+            "friendly.name": "email",
+            "attribute.name": "email"
+          }
+        }
+      ]
+    },
+    {
+      "clientId": "stellaops-oidc-client",
+      "name": "StellaOps OIDC Client",
+      "protocol": "openid-connect",
+      "enabled": true,
+      "publicClient": false,
+      "secret": "stellaops-oidc-test-secret",
+      "directAccessGrantsEnabled": true,
+      "standardFlowEnabled": true,
+      "serviceAccountsEnabled": true,
+      "redirectUris": [
+        "https://localhost:5001/*",
+        "http://localhost:4200/*"
+      ],
+      "webOrigins": [
+        "https://localhost:5001",
+        "http://localhost:4200"
+      ],
+      "defaultClientScopes": [
+        "openid",
+        "profile",
+        "email",
+        "roles"
+      ],
+      "protocolMappers": [
+        {
+          "name": "realm-role-mapper",
+          "protocol": "openid-connect",
+          "protocolMapper": "oidc-usermodel-realm-role-mapper",
+          "consentRequired": false,
+          "config": {
+            "multivalued": "true",
+            "claim.name": "roles",
+            "jsonType.label": "String",
+            "id.token.claim": "true",
+            "access.token.claim": "true",
+            "userinfo.token.claim": "true"
+          }
+        }
+      ]
+    }
+  ],
+  "clientScopes": [
+    {
+      "name": "roles",
+      "protocol": "openid-connect",
+      "attributes": {
+        "include.in.token.scope": "true"
+      },
+      "protocolMappers": [
+        {
+          "name": "realm-roles",
+          "protocol": "openid-connect",
+          "protocolMapper": "oidc-usermodel-realm-role-mapper",
+          "consentRequired": false,
+          "config": {
+            "multivalued": "true",
+            "claim.name": "realm_roles",
+            "jsonType.label": "String",
+            "id.token.claim": "true",
+            "access.token.claim": "true",
+            "userinfo.token.claim": "true"
+          }
+        }
+      ]
+    }
+  ]
+}