-
Notifications
You must be signed in to change notification settings - Fork 12
Authentication
Gamification-engine provides two mechanism of authentication:
- Basic Auth
- OAuth2
To activate the Basic authentication run the gamification-engine with the sec profile
java -jar game-engine.web.jar --spring.profiles.active=sec
Authentication users can be configured into the internal file game-engine.web/src/main/resources/users.yml
or you can provide an external file (following the users.yml format) configuring the file path in game-engine.web/src/main/resources/application.yml
...
...
usersFile: ${USERS_FILE:}
Currently gamification engine doesn't support the Client Credentials Flow.
To activate the OAuth2 authentication run the gamification-engine with the platform profile
java -jar game-engine.web.jar --spring.profiles.active=platform
OAuth2 configurations are in game-engine.web/src/main/resources/application.yml
In details you have to configure these configuration blocks
security:
oauth2:
resource:
preferTokenInfo: false
userInfoUri: ${AAC_URL:}/basicprofile/me
client:
clientId: ${AAC_CLIENTID:}
clientSecret: ${AAC_CLIENTSECRET:}
userAuthorizationUri: ${AAC_URL:}/eauth/authorize
authenticationScheme: header
tokenName: oauth_token
scope: profile.basicprofile.me, user.roles.me
accessTokenUri: ${AAC_URL:}/oauth/token
clientAuthenticationScheme: form
preEstablishedRedirectUri: ${GAMIFICATION_REVERSEPROXY:}/gamification/login/aac
useCurrentUri: false
...
...
oauth:
serverUrl: ${AAC_URL:}
context: COMPONENTS/GAMIFICATION
role: ROLE_PROVIDER
...
...
#
# Platform security
#
#Parent Space
aac:
roles:
context: ${AAC_ROLES_CONTEXT:COMPONENTS/GAMIFICATION}
role: ${AAC_ROLES_ROLE:ROLE_PROVIDER}
url: ${AAC_URL:http://localhost:8080/aac}
clientId: ${AAC_CLIENTID:}
clientSecret: ${AAC_CLIENTSECRET:}