keycloak_1_1.xsd

Home / adapters / oidc / as7-eap6 / as7-subsystem / src / main / resources / schema / keycloak_1_1.xsd
125 lines | 7.764 kB Blame History Raw Download
<?xml version="1.0" encoding="UTF-8"?>

<!--
  ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
  ~ and other contributors as indicated by the @author tags.
  ~
  ~ Licensed under the Apache License, Version 2.0 (the "License");
  ~ you may not use this file except in compliance with the License.
  ~ You may obtain a copy of the License at
  ~
  ~ http://www.apache.org/licenses/LICENSE-2.0
  ~
  ~ Unless required by applicable law or agreed to in writing, software
  ~ distributed under the License is distributed on an "AS IS" BASIS,
  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  ~ See the License for the specific language governing permissions and
  ~ limitations under the License.
  -->

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
           targetNamespace="urn:jboss:domain:keycloak:1.1"
           xmlns="urn:jboss:domain:keycloak:1.1"
           elementFormDefault="qualified"
           attributeFormDefault="unqualified"
           version="1.0">

    <!-- The subsystem root element -->
    <xs:element name="subsystem" type="subsystem-type"/>

    <xs:complexType name="subsystem-type">
        <xs:annotation>
            <xs:documentation>
                <![CDATA[
                    The Keycloak adapter subsystem, used to register deployments managed by Keycloak
                ]]>
            </xs:documentation>
        </xs:annotation>
        <xs:choice minOccurs="0" maxOccurs="unbounded">
            <xs:element name="realm" maxOccurs="unbounded" minOccurs="0" type="realm-type"/>
            <xs:element name="secure-deployment" maxOccurs="unbounded" minOccurs="0" type="secure-deployment-type"/>
        </xs:choice>
    </xs:complexType>

    <xs:complexType name="realm-type">
        <xs:all>
            <xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
            <xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
            <xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
            <xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
                <xs:documentation>The name of the realm.</xs:documentation>
            </xs:annotation>
        </xs:attribute>
    </xs:complexType>
    
    <xs:complexType name="secure-deployment-type">
        <xs:all>
            <xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="use-resource-role-mappings" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
            <xs:element name="realm" type="xs:string" minOccurs="1" maxOccurs="1"/>
            <xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="resource" type="xs:string" minOccurs="0" maxOccurs="1" />
            <xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="public-client" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
            <xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
            <xs:element name="credential" type="credential-type" minOccurs="1" maxOccurs="1"/>
            <xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
            <xs:element name="enable-basic-auth" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
            <xs:element name="turn-off-change-session-id-on-login" type="xs:boolean" minOccurs="0" maxOccurs="1" />
            <xs:element name="token-minimum-time-to-live" type="xs:integer" minOccurs="0" maxOccurs="1"/>
            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
        </xs:all>
        <xs:attribute name="name" type="xs:string" use="required">
            <xs:annotation>
                <xs:documentation>The name of the realm.</xs:documentation>
            </xs:annotation>
        </xs:attribute>
    </xs:complexType>

    <xs:complexType name="credential-type" mixed="true">
        <xs:sequence maxOccurs="unbounded" minOccurs="0">
            <xs:any processContents="lax"></xs:any>
        </xs:sequence>
        <xs:attribute name="name" type="xs:string" use="required" />
    </xs:complexType>
</xs:schema>