HowTo Config New Peig Workspace

— CONFIG PARAMS FOR PEIG WORKSPACE

— Peig @ 8a2d442da309.peig-workspace-aws.io

— martin.kotas@peig.io. / Jan.2023 /

Adresa URL jednotného přihlášení (SSO)
https://accounts.google.com/o/saml2/idp?idpid=C01ri67r2

ID entity
https://accounts.google.com/o/saml2?idpid=C01ri67r2

Certifikát
Google_2028-1-23-44733_SAML2_0Platnost vyprší 23. 1. 2028
-----BEGIN CERTIFICATE----- MIIDdDCCAlygAwIBAgIGAYXj0ci7MA0GCSqGSIb3DQEBCwUAMHsxFDASBgNVBAoTC0dvb2dsZSBJ bmMuMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MQ8wDQYDVQQDEwZHb29nbGUxGDAWBgNVBAsTD0dv b2dsZSBGb3IgV29yazELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEwHhcNMjMwMTI0 MTI0NzMzWhcNMjgwMTIzMTI0NzMzWjB7MRQwEgYDVQQKEwtHb29nbGUgSW5jLjEWMBQGA1UEBxMN TW91bnRhaW4gVmlldzEPMA0GA1UEAxMGR29vZ2xlMRgwFgYDVQQLEw9Hb29nbGUgRm9yIFdvcmsx CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAz+wqxKefXYUaWcsJh0Qp9aRfsTNNFuE02ylZxTtyT8+ldKFqAjK58MYQU3PZfb7T QSYPfP++4JlYZCI1z++1PZFHCjs0JVyx4jquKCht7ONku1i4TU6nKeOA+nloc5B0W8WrwA/xhRnQ K53hpN2pODhr2DmSKlkc2v82tqURWiGnZ4866l2uZjtU9Sn4KwZS+nB8ZWw8DD+IL7PbL6T/HGTR LPYF/mB1QIFKrhfZ/ArSjo2nKhyoKOFVqPwNdBmhVcIytuy0EldwRK0Tl23sOwzpPnhG4KrCeDBl vIE2314FqaJ3wv3U1kLI7r78LJ5qrv6nFJyPWqfOqTKR0jAypQIDAQABMA0GCSqGSIb3DQEBCwUA A4IBAQBZm/+xYocHyS5cwfiPVZErYvxNMz+5WcbJ+5n8srYs0iTgwId5d+gBpR6byZi/sqZrRcW5 ICjoTe/83o42d4CqGdpoa/mNGIwFLUfyzavduhNDch1TkeWCp0r0J4brEhjdRuZzp7IqHTxkMEXQ 5h4gUGQUeNItTSJreAxMbWmhZUDCV/hdzCVj2X2QjItWtOS3+s+Tc1kkRheSAIMj/Wkc2CGX3VcY Mav3j/EYS8vDKOk4hXvW7Mdz6qDSy2+xlnd3/dfRTTZoi18ogyaRvzcNBZIh5FGCvdYcZuRjyFfc 9Ky7vGe3tdSxXh2kiMQf4nUrJ+4qIBp4DkN6ANo6nE5s -----END CERTIFICATE-----
?? co bude potom??

Otisk SHA-256
3C:FC:79:A6:F2:A9:56:AF:CF:CE:A1:BD:7C:19:1E:85:9D:E7:6D:76:E3:34:2C:17:84:E9:04:75:D2:A5:C3:61

PE PEIG SAML App.
https://accounts.google.com/o/saml2/initsso?idpid=C01ri67r2&spid=87208180326&forceauthn=false

HowTo change Registration contact from phone to email

On PAP server run curl command
#curl 'http://8a2d442da309.peig-workspace-aws.io:8080/aducid-manage-resource/set?peigUsernameType=EMAIL'

GoogleWkspace connector params. in PAP server

config.file = /opt/tomcat-aim/webapps/aducid-manage-resource/WEB-INF/classes/profile/peig_io_sso_profile.json

{
"peigUsernameType" : "EMAIL",
"peigMigrationMode" : "GOOGLE",
"data" : {
"domain" : "peig.io",
"entityID" : null,
"acsURL" : null,
"nameIDFormat" : null,
"clientId" : "945761526887-es249vi21kooop2ohf3ql1lajeh7vlmq.apps.googleusercontent.com",
"clientSecret" : "GOCSPX-Ij7x...Ly9e",
"refreshToken" : "1//0dz...P48",
"appURL" : "https://accounts.google.com/o/saml2/initsso?idpid=C01ri67r2&spid=87208180326&forceauthn=false",
"idpSSOURL" : "https://accounts.google.com/o/saml2/idp?idpid=C01ri67r2",
"idpEntityID" : "https://accounts.google.com/o/saml2?idpid=C01ri67r2",
"idpCertificate" : "MIIDdD...6nE5s",
"groupKey" : "peig@peig.io"
}
}

HowTo Generate refreshToken
from Peig Client open URL
https://8a2d442da309.peig-workspace-aws.io/aducid-manage-resource/authGoogle?clientId=945761526887-es249vi21kooop2ohf3ql1lajeh7vlmq.apps.googleusercontent.com&clientSecret=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

HowTo Display refreshToken

On PAP server grep tomcat log.

#cat /opt/tomcat-aim/logs/catalina.out | grep refreshToken

refreshToken = 1//0dz4...P48

HowTo Configure gWorkspace from JSON file + Enable Provisioning + CreateConfigName

Open URL from Peig Client
https://8a2d442da309.peig-workspace-aws.io/aducid-manage-resource/configureWorkspaceFromFile?file=peig_io_sso_profile.json

Open URL from Peig Client

https://8a2d442da309.peig-workspace-aws.io/aducid-manage-resource/enableProvisioning?name=google

Open URL from Peig Client

https://8a2d442da309.peig-workspace-aws.io/aducid-manage-resource/createConfiguration?name=google

Restart Tomcat Services on PAP server

#service tomcat-* restart

—and thats all, you can try to test It! 🙂