1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
#!/usr/bin/env sh
# use admin context to add user and client
uaac token client get admin -s adminsecret
uaac user add rabbit_user -p rabbit_password --email rabbit_user@example.com
# these groups will end up in the scope of the users
uaac group add "rabbitmq.read:*/*"
uaac group add "rabbitmq.write:*/*"
uaac group add "rabbitmq.configure:*/*"
uaac group add "rabbitmq.tag:management"
uaac group add "rabbitmq.tag:administrator"
uaac member add "rabbitmq.read:*/*" rabbit_user
uaac member add "rabbitmq.write:*/*" rabbit_user
uaac member add "rabbitmq.configure:*/*" rabbit_user
uaac member add "rabbitmq.tag:management" rabbit_user
uaac member add "rabbitmq.tag:administrator" rabbit_user
# add the client for the management plugin. It has the implicit grant type.
# add e.g. --access_token_validity 60 --refresh_token_validity 3600 to experiment with token validity
uaac client add rabbit_user_client \
--name rabbit_user_client \
--secret '' \
--scope 'rabbitmq.* openid' \
--authorized_grant_types implicit \
--autoapprove true \
--redirect_uri 'http://localhost:15672/**'
|
