Authentification

Le projet Authentification otp publie un service d'authentification qui se base sur un envoi d'otp par email et par Tchap, la messagerie de l'Etat

Monitoring

Realm uptime can be found here : https://updown.io/fta9

POSTGRES_PASSWORD=password
KEYCLOAK_ADMIN_PASSWORD=password
KC_DB_PASSWORD=password
TCHAP_BOT_ACCOUNT_EMAIL=service account for Tchap Identity created on Tchap Server side
TCHAP_BOT_PASSWORD=password for the service account
TCHAP_HOME_SERVER_LIST=list of home servers that tchap-identity can connect to
TCHAP_SKIP_CERTIFICATE_VALIDATION=false
TCHAP_UNAUTHORIZED_HOME_SERVER_LIST=list of unauthorized home servers -- use to check if a user is valid
TCHAP_OTP_MAIL_DELAY_IN_MINUTES= (optionnal) delay to wait to send another otp to users. default 0
TCHAP_CODE_TIMEOUT_IN_MINUTES= (optionnal) validity of a otp code. default 60
TCHAP_LOG_SENSITIVE_DATA = (optionnal) log sensitive data like username. default false
TCHAP_HOME_REDIRECT_URL=url to redirect the user when it hits the welcome page (/admin by default)

build extension with maven goal. A jar is produced with the custom providers and the custom view.

mvn clean package

to specify a version run : mvn clean install -Drevision=X.Y.Z For local development, the jar is copied to /dev/providers

docker compose up

keycloak admin http://localhost:8080 with admin/password
in realm Tchap-identite, go to Clients>tchap-identite-client-sample>credentials> "Regenerate Secret"
copy this secret in your open id client (see -4-)
email client : http://localhost:1080

After a modification in the java adapters, you need to compile the jar and restart keycloak. Indeed quarkus docker image does not support hot reload as of Keycloak 18 mvn clean package && docker compose restart keycloak