-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathapplication.properties
120 lines (99 loc) · 6.07 KB
/
application.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# Application server port and context path
server.port=${SERVER_PORT:8090}
server.servlet.context-path=/auth
spring.datasource.url=${DATASOURCE_URL:jdbc:mysql://picsure-db:3306/auth?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&autoReconnectForPools=true&serverTimezone=UTC}
spring.datasource.username=${DATASOURCE_USERNAME:root}
spring.datasource.password=${DATASOURCE_PASSWORD:password}
# MySQL 8 driver
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
# MySQL 5 driver
#spring.datasource.driver-class-name=com.mysql.jdbc.Driver
# JPA/Hibernate properties
#spring.jpa.show-sql=true
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL8Dialect
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
#spring.jpa.hibernate.ddl-auto=create
# By default, hibernate will convert camelCase to snake_case for table and column names. This property disables that behavior.
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
# Logging
logging.level.org.springframework.security=${LOGGING_LEVEL_SECURITY:INFO}
logging.level.root=${LOGGING_LEVEL_ROOT:INFO}
logging.level.org.springframework.web=${LOGGING_LEVEL_SLF4J:INFO}
logging.level.edu.harvard.hms.dbmi.avillach.auth.service.impl.authentication.RASAuthenticationService=${LOGGING_LEVEL_RAS_AUTHENTICATION:INFO}
logging.level.edu.harvard.hms.dbmi.avillach.auth.service.impl.authentication.FENCEAuthenticationService=${LOGGING_LEVEL_FENCE_AUTHENTICATION:INFO}
logging.level.edu.harvard.hms.dbmi.avillach.auth.service.impl.AccessRuleService=${LOGGING_LEVEL_ACCESS_RULE_SERVICE:INFO}
logging.level.org.springframework.cache=${LOGGING_LEVEL_CACHE:INFO}
# Logging File Output https://docs.spring.io/spring-boot/reference/features/logging.html#features.logging.file-output
# If you are adding additional log files please add them to /var/log/ directory.
logging.file.name=/var/log/psama.log
# Cache Controller Configuration. This is used to gain insight into the cache.
# This should never be enabled in production.
app.cache.inspect.enabled=${CACHE_INSPECT_ENABLED:false}
# Mail session configuration (Assuming Gmail SMTP for example)
spring.mail.host=smtp.gmail.com
spring.mail.port=587
spring.mail.username=${EMAIL_ADDRESS:your_email@gmail.com}
spring.mail.password=${EMAIL_PASSWORD:your_email_password}
spring.mail.properties.mail.smtp.auth=true
spring.mail.properties.mail.smtp.starttls.enable=true
# Custom application properties
application.tos.enabled=${TOS_ENABLED:true}
application.default.uuid=${STACK_SPECIFIC_APPLICATION_ID:default_uuid}
application.system.name=${SYSTEM_NAME:PIC-SURE All-in-one}
application.template.path=${TEMPLATE_PATH:/config/}
application.access.grant.email.subject=${GRANT_EMAIL_SUBJECT:email_subject}
application.user.activation.reply.to=${USER_ACTIVATION_REPLY_TO:reply_to_email}
application.admin.users=${ADMIN_USERS:__ADMIN_USERS__}
# Fence Configurations. These are used to configure the access rules for the application.
# If you intend to use a fence_mapping.json file you will need to set the following properties.
fence.consent.group.concept.path=\\DCC Harmonized data set\\
fence.standard.access.rules=AR_ONLY_INFO,AR_ONLY_SEARCH,AR_INFO_COLUMN_LISTING,AR_DICTIONARY_REQUESTS
fence.allowed.query.types=${FENCE_ALLOWED_QUERY_TYPES:COUNT,CROSS_COUNT,CATEGORICAL_CROSS_COUNT,CONTINUOUS_CROSS_COUNT,DATAFRAME,DATAFRAME_PFB}
#COUNT,CROSS_COUNT,CATEGORICAL_CROSS_COUNT,CONTINUOUS_CROSS_COUNT,DATAFRAME,DATAFRAME_PFB
fence.harmonized.consent.group.concept.path=\\_harmonized_consent\\
fence.parent.consent.group.concept.path=\\_consents\\
fence.topmed.consent.group.concept.path=\\_topmed_consents\\
fence.variant.annotation.columns=Variant_consequence_calculated,Variant_class,Gene_with_variant,Variant_severity,Variant_frequency_in_gnomAD,Variant_frequency_as_text
# We have two different authorization flows. One is strict and the other is not strict.
# Strict requires both access rules and privilege rules to be present for the user.
strict.authorization.applications.connections=${STRICT_AUTHORIZATION_APPLICATIONS:OKTA,FENCE,OPEN,RAS}
# Application Token configurations.
# This configuration is used to generate a token for the application to access the PIC-SURE API.
application.client.secret=${APPLICATION_CLIENT_SECRET}
application.client.secret.base64=${APPLICATION_CLIENT_SECRET_IS_BASE_64:false}
application.user.id.claim=${USER_ID_CLAIM:sub}
# IDLE Timeout 15 minutes by default
application.token.expiration.time=${TOKEN_EXPIRATION_TIME:900000}
# Max session length 8 hours by default
application.max.session.length=${MAX_SESSION_TIME:28800000}
# 30 days in milliseconds
application.long.term.token.expiration.time=${LONG_TERM_TOKEN_EXPIRATION_TIME:2592000000}
# Open IDP configurations
open.idp.provider.is.enabled=${OPEN_IDP_PROVIDER_IS_ENABLED:false}
# OKTA configurations
a4.okta.idp.provider.is.enabled=${A4_OKTA_IDP_PROVIDER_IS_ENABLED:false}
a4.okta.client.id=${A4_OKTA_CLIENT_ID:false}
a4.okta.client.secret=${A4_OKTA_CLIENT_SECRET:false}
a4.okta.connection.id=${A4_OKTA_CONNECTION_ID:false}
a4.okta.idp.provider.uri=${A4_OKTA_IDP_PROVIDER_URI:false}
# Fence IDP configurations
fence.idp.provider.is.enabled=${FENCE_IDP_PROVIDER_IS_ENABLED:false}
fence.idp.provider.uri=${FENCE_IDP_PROVIDER_URI:false}
fence.client.id=${FENCE_CLIENT_ID:false}
fence.client.secret=${FENCE_CLIENT_SECRET:false}
# IDP Provider configurations
auth0.idp.provider.is.enabled=${AUTH0_IDP_PROVIDER_IS_ENABLED:false}
auth0.host=${AUTH0_HOST:false}
auth0.denied.email.enabled=${AUTH0_DENIED_EMAIL_ENABLED:false}
# RAS Provider configurations
ras.okta.idp.provider.is.enabled=${RAS_OKTA_IDP_PROVIDER_IS_ENABLED:false}
ras.okta.idp.provider.uri=${RAS_OKTA_IDP_PROVIDER_URI:false}
ras.okta.connection.id=${RAS_OKTA_CONNECTION_ID:false}
ras.okta.client.id=${RAS_OKTA_CLIENT_ID:false}
ras.okta.client.secret=${RAS_OKTA_CLIENT_SECRET:false}
ras.idp.uri=${RAS_IDP_URI:false}
ras.passport.issuer=${RAS_PASSPORT_ISSUER:false}
server.servlet.session.cookie.http-only=true
server.servlet.session.cookie.secure=true
spring.devtools.remote.secret=${DEVTOOLS_SECRET:false}
spring.devtools.remote.context-path=/remote