---
modules:
  - name: {{appName}}-srv
    type: {{language}}
    path: {{& srvPath}}
    requires:
      - name: {{appName}}-auth

  - name: {{appName}}-mtx
    type: nodejs
    path: {{#isNodejs}}gen/{{/isNodejs}}mtx/sidecar
    requires:
      - name: {{appName}}-auth

resources:
  - name: {{appName}}-auth{{#servicePlan}}-{{servicePlan}}{{/servicePlan}}
    type: org.cloudfoundry.managed-service
    parameters:
      service: xsuaa
      service-plan: {{#servicePlan}}{{servicePlan}}{{/servicePlan}}{{^servicePlan}}application{{/servicePlan}}
      path: ./xs-security.json
      config:
        xsappname: {{appName}}-${org}-${space}
        tenant-mode: {{#hasMultitenancy}}shared{{/hasMultitenancy}}{{^hasMultitenancy}}dedicated{{/hasMultitenancy}}
        oauth2-configuration:
          credential-types:
            - "binding-secret"
            - "x509"
        {{#hasRoles}}{{^hasCustomRoleCollections}}
        role-collections:
          {{#roles}}
          - name: '{{name}} ({{appName}} ${org}-${space})'
            description: 'generated'
            role-template-references: ['$XSAPPNAME.{{name}}']
          {{/roles}}
        {{/hasCustomRoleCollections}}
        {{/hasRoles}}