enable and update hydra deployment

Author: yatharthranjan

etc/base.yaml

@@ -221,7 +221,7 @@ kratos_ui:
   _extra_timeout: 0
 
 hydra:
-  _install: false
+  _install: true
   _chart_version: 0.41.0
   _extra_timeout: 0
 

etc/hydra/values.yaml

@@ -44,4 +44,36 @@ hydra:
       leak_sensitive_values: false
 
     strategies:
-      access_token: jwt
+      access_token: jwt
+
+    oauth2:
+      allowed_top_level_claims: scope,roles,authorities,sources,user_name
+      mirror_top_level_claims: false
+    
+    serve:
+      public:
+        base_url: https://localhost/hydra/
+        cors:
+          enabled: true
+          allowed_origins:
+            - "*"
+          allowed_methods:
+            - POST
+            - GET
+            - PUT
+            - PATCH
+            - DELETE
+          allowed_headers:
+            - Authorization
+            - Cookie
+            - Content-Type
+            - Accept
+          exposed_headers:
+            - Content-Type
+            - Set-Cookie
+            - Accept
+          allow_credentials: true
+      admin:
+        base_url: https://localhost/admin/hydra/
+        cors:
+          enabled: true

etc/kratos/values.yaml

@@ -196,6 +196,14 @@ kratos:
           use: link
           after:
             default_browser_return_url: https://localhost/kratos-ui
+            hooks:
+              -   hook: web_hook
+                  config:
+                    method: POST
+                    url: http://management-portal:8080/managementportal/api/kratos/subjects/activate
+                    body: /etc/config/kratos/webhook_body.jsonnet
+                    response:
+                      ignore: true
 
         logout:
           after:
@@ -209,7 +217,14 @@ kratos:
           after:
             password:
               hooks:
-                -   hook: session
+                -   hook: web_hook
+                    config:
+                      method: POST
+                      url: http://management-portal:8080/managementportal/api/kratos/subjects
+                      body: /etc/config/kratos/webhook_body.jsonnet
+                      response:
+                        ignore: true
+                -  hook: session
             oidc:
               hooks:
                 -   hook: session

helmfile.d/10-services.yaml

@@ -342,7 +342,12 @@ releases:
         values:
           - {{ .Values.server_name }}
       - name: kratos.config.oauth2_provider.url
-        value: http://hydra-admin
+        value: http://{{ .Values.server_name }}/admin/hydra
+      - name: kratos.config.selfservice.flows.registration.after.password.hooks[0].config.url
+        value: https://{{ .Values.server_name }}/managementportal/api/kratos/subjects
+      - name: kratos.config.selfservice.flows.verification.after.hooks[0].config.url
+        value: https://{{ .Values.server_name }}/managementportal/api/kratos/subjects/activate
+
 
   - name: kratos-selfservice-ui-node
     chart: radar/kratos-selfservice-ui-node
@@ -378,7 +383,11 @@ releases:
       - name: serverName
         value: {{ .Values.server_name }}
       - name: hydra.config.dsn
-        value: postgres://{{ .Values.management_portal.postgres.user }}:{{ .Values.management_portal.postgres.password }}@{{ .Values.management_portal.postgres.host }}:{{ .Values.management_portal.postgres.port }}/{{ .Values | get "hydra.jdbc.database" "hydra" }}
+        value: postgres://{{ .Values.management_portal.postgres.user }}:{{ .Values.management_portal.postgres.password }}@{{ .Values.management_portal.postgres.host }}:{{ .Values.management_portal.postgres.port }}/{{ .Values | get "hydra.jdbc.database" "hydra" }}      - name: kratos.config.serve.public.base_url
+      - name: hydra.config.serve.public.base_url
+        value: https://{{ .Values.server_name }}/hydra/
+      - name: hydra.config.serve.admin.base_url
+        value: https://{{ .Values.server_name }}/admin/hydra/
       - name: hydra.config.urls.self.issuer
         value: https://{{ .Values.server_name }}/hydra/
       - name: hydra.config.urls.login