diff --git a/.secrets.baseline b/.secrets.baseline index b8cbf53247..5f705782d3 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": null, "lines": null }, - "generated_at": "2023-04-21T18:54:27Z", + "generated_at": "2023-05-09T15:13:27Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -89,7 +89,7 @@ ], "backend/data_tools/Pipfile.lock": [ { - "hashed_secret": "623ed3eee32ee75624c8bae57a810e70cb20bfec", + "hashed_secret": "f930856702ab3f1644ca9534a6b0ddb5e1d3a0de", "is_secret": false, "is_verified": false, "line_number": 4, @@ -99,14 +99,16 @@ ], "backend/ops_api/.secrets.baseline": [ { - "hashed_secret": "422802c4680dc943c8a5dcd6e9b919dd9c713b4f", + "hashed_secret": "7dad2b86f75c01a448296a9b65378a044968cb24", + "is_secret": false, "is_verified": false, "line_number": 82, "type": "Hex High Entropy String", "verified_result": null }, { - "hashed_secret": "422802c4680dc943c8a5dcd6e9b919dd9c713b4f", + "hashed_secret": "7dad2b86f75c01a448296a9b65378a044968cb24", + "is_secret": false, "is_verified": false, "line_number": 82, "type": "Secret Keyword", @@ -131,7 +133,7 @@ ], "backend/ops_api/Pipfile.lock": [ { - "hashed_secret": "d5af014cd9290561e5e8b07a5d80e52735a2d739", + "hashed_secret": "5defba270013df8c61969709123850c33dbc4492", "is_secret": false, "is_verified": false, "line_number": 4, @@ -152,7 +154,7 @@ "backend/ops_api/ops/environment/default_settings.py": [ { "hashed_secret": "60ca8b161ee50e40662c3664e2701456e7eae82b", - "is_secret": false, + "is_secret": true, "is_verified": false, "line_number": 6, "type": "Basic Auth Credentials", @@ -162,7 +164,7 @@ "docker-compose.e2e.yml": [ { "hashed_secret": "60ca8b161ee50e40662c3664e2701456e7eae82b", - "is_secret": false, + "is_secret": true, "is_verified": false, "line_number": 12, "type": "Secret Keyword", @@ -172,7 +174,7 @@ "docker-compose.yml": [ { "hashed_secret": "60ca8b161ee50e40662c3664e2701456e7eae82b", - "is_secret": false, + "is_secret": true, "is_verified": false, "line_number": 12, "type": "Secret Keyword", @@ -189,6 +191,16 @@ "verified_result": null } ], + "docs/hhs-ams.json": [ + { + "hashed_secret": "87b3c620c1596bf09b00fe195a2e9a332c9db193", + "is_secret": false, + "is_verified": false, + "line_number": 18, + "type": "Secret Keyword", + "verified_result": null + } + ], "frontend/cypress.config.js": [ { "hashed_secret": "d31a51d0c476d055d9ba7c2559fa92185975e49a", diff --git a/docs/hhs-ams.json b/docs/hhs-ams.json new file mode 100644 index 0000000000..62a46cb087 --- /dev/null +++ b/docs/hhs-ams.json @@ -0,0 +1,290 @@ +{ + "issuer": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO", + "authorization_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/auth", + "token_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/token", + "introspection_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/token/introspect", + "userinfo_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/userinfo", + "end_session_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/logout", + "frontchannel_logout_session_supported": true, + "frontchannel_logout_supported": true, + "jwks_uri": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/certs", + "check_session_iframe": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/login-status-iframe.html", + "grant_types_supported": [ + "authorization_code", + "implicit", + "refresh_token", + "password", + "client_credentials", + "urn:ietf:params:oauth:grant-type:device_code", + "urn:openid:params:grant-type:ciba" + ], + "acr_values_supported": [ + "0", + "1" + ], + "response_types_supported": [ + "code", + "none", + "id_token", + "token", + "id_token token", + "code id_token", + "code token", + "code id_token token" + ], + "subject_types_supported": [ + "public", + "pairwise" + ], + "id_token_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512" + ], + "id_token_encryption_alg_values_supported": [ + "RSA-OAEP", + "RSA-OAEP-256", + "RSA1_5" + ], + "id_token_encryption_enc_values_supported": [ + "A256GCM", + "A192GCM", + "A128GCM", + "A128CBC-HS256", + "A192CBC-HS384", + "A256CBC-HS512" + ], + "userinfo_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512", + "none" + ], + "userinfo_encryption_alg_values_supported": [ + "RSA-OAEP", + "RSA-OAEP-256", + "RSA1_5" + ], + "userinfo_encryption_enc_values_supported": [ + "A256GCM", + "A192GCM", + "A128GCM", + "A128CBC-HS256", + "A192CBC-HS384", + "A256CBC-HS512" + ], + "request_object_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512", + "none" + ], + "request_object_encryption_alg_values_supported": [ + "RSA-OAEP", + "RSA-OAEP-256", + "RSA1_5" + ], + "request_object_encryption_enc_values_supported": [ + "A256GCM", + "A192GCM", + "A128GCM", + "A128CBC-HS256", + "A192CBC-HS384", + "A256CBC-HS512" + ], + "response_modes_supported": [ + "query", + "fragment", + "form_post", + "query.jwt", + "fragment.jwt", + "form_post.jwt", + "jwt" + ], + "registration_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/clients-registrations/openid-connect", + "token_endpoint_auth_methods_supported": [ + "private_key_jwt", + "client_secret_basic", + "client_secret_post", + "tls_client_auth", + "client_secret_jwt" + ], + "token_endpoint_auth_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512" + ], + "introspection_endpoint_auth_methods_supported": [ + "private_key_jwt", + "client_secret_basic", + "client_secret_post", + "tls_client_auth", + "client_secret_jwt" + ], + "introspection_endpoint_auth_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512" + ], + "authorization_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512" + ], + "authorization_encryption_alg_values_supported": [ + "RSA-OAEP", + "RSA-OAEP-256", + "RSA1_5" + ], + "authorization_encryption_enc_values_supported": [ + "A256GCM", + "A192GCM", + "A128GCM", + "A128CBC-HS256", + "A192CBC-HS384", + "A256CBC-HS512" + ], + "claims_supported": [ + "aud", + "sub", + "iss", + "auth_time", + "name", + "given_name", + "family_name", + "preferred_username", + "email", + "acr" + ], + "claim_types_supported": [ + "normal" + ], + "claims_parameter_supported": true, + "scopes_supported": [ + "openid", + "phone", + "address", + "roles", + "web-origins", + "offline_access", + "profile", + "acr", + "email", + "microprofile-jwt" + ], + "request_parameter_supported": true, + "request_uri_parameter_supported": true, + "require_request_uri_registration": true, + "code_challenge_methods_supported": [ + "plain", + "S256" + ], + "tls_client_certificate_bound_access_tokens": true, + "revocation_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/revoke", + "revocation_endpoint_auth_methods_supported": [ + "private_key_jwt", + "client_secret_basic", + "client_secret_post", + "tls_client_auth", + "client_secret_jwt" + ], + "revocation_endpoint_auth_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "HS256", + "HS512", + "ES256", + "RS256", + "HS384", + "ES512", + "PS256", + "PS512", + "RS512" + ], + "backchannel_logout_supported": true, + "backchannel_logout_session_supported": true, + "device_authorization_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/auth/device", + "backchannel_token_delivery_modes_supported": [ + "poll", + "ping" + ], + "backchannel_authentication_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/ext/ciba/auth", + "backchannel_authentication_request_signing_alg_values_supported": [ + "PS384", + "ES384", + "RS384", + "ES256", + "RS256", + "ES512", + "PS256", + "PS512", + "RS512" + ], + "require_pushed_authorization_requests": false, + "pushed_authorization_request_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/ext/par/request", + "mtls_endpoint_aliases": { + "token_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/token", + "revocation_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/revoke", + "introspection_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/token/introspect", + "device_authorization_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/auth/device", + "registration_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/clients-registrations/openid-connect", + "userinfo_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/userinfo", + "pushed_authorization_request_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/ext/par/request", + "backchannel_authentication_endpoint": "https://sso-stage.acf.hhs.gov/auth/realms/ACF-SSO/protocol/openid-connect/ext/ciba/auth" + } +}