Added and removed saml fields (#2168)

This commit is contained in:
Erik Jan de Wit 2022-03-07 18:08:14 +01:00 committed by GitHub
parent a6cdb489b2
commit 01ab5b12e0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 120 additions and 39 deletions

View file

@ -25,6 +25,8 @@ import { SaveReset } from "./advanced/SaveReset";
import { SamlConfig } from "./add/SamlConfig"; import { SamlConfig } from "./add/SamlConfig";
import { SamlSignature } from "./add/SamlSignature"; import { SamlSignature } from "./add/SamlSignature";
import type { ClientForm } from "./ClientDetails"; import type { ClientForm } from "./ClientDetails";
import environment from "../environment";
import { useRealm } from "../context/realm-context/RealmContext";
type ClientSettingsProps = { type ClientSettingsProps = {
client: ClientRepresentation; client: ClientRepresentation;
@ -39,6 +41,7 @@ export const ClientSettings = ({
}: ClientSettingsProps) => { }: ClientSettingsProps) => {
const { register, control, watch, errors } = useFormContext<ClientForm>(); const { register, control, watch, errors } = useFormContext<ClientForm>();
const { t } = useTranslation("clients"); const { t } = useTranslation("clients");
const { realm } = useRealm();
const [loginThemeOpen, setLoginThemeOpen] = useState(false); const [loginThemeOpen, setLoginThemeOpen] = useState(false);
const loginThemes = useServerInfo().themes!["login"]; const loginThemes = useServerInfo().themes!["login"];
@ -48,6 +51,9 @@ export const ClientSettings = ({
); );
const protocol = watch("protocol"); const protocol = watch("protocol");
const frontchannelLogout = watch("frontchannelLogout"); const frontchannelLogout = watch("frontchannelLogout");
const idpInitiatedSsoUrlName: string = watch(
"attributes.saml_idp_initiated_sso_url_name"
);
const sections = useMemo(() => { const sections = useMemo(() => {
let result = ["generalSettings"]; let result = ["generalSettings"];
@ -97,22 +103,6 @@ export const ClientSettings = ({
ref={register} ref={register}
/> />
</FormGroup> </FormGroup>
<FormGroup
label={t("validRedirectUri")}
fieldId="kc-redirect"
labelIcon={
<HelpItem
helpText="clients-help:validRedirectURIs"
fieldLabelId="clients:validRedirectUri"
/>
}
>
<MultiLineInput
name="redirectUris"
aria-label={t("validRedirectUri")}
addButtonLabel="clients:addRedirectUri"
/>
</FormGroup>
<FormGroup <FormGroup
label={t("homeURL")} label={t("homeURL")}
fieldId="kc-home-url" fieldId="kc-home-url"
@ -131,40 +121,121 @@ export const ClientSettings = ({
/> />
</FormGroup> </FormGroup>
<FormGroup <FormGroup
label={t("webOrigins")} label={t("validRedirectUri")}
fieldId="kc-web-origins" fieldId="kc-redirect"
labelIcon={ labelIcon={
<HelpItem <HelpItem
helpText="clients-help:webOrigins" helpText="clients-help:validRedirectURIs"
fieldLabelId="clients:webOrigins" fieldLabelId="clients:validRedirectUri"
/> />
} }
> >
<MultiLineInput <MultiLineInput
name="webOrigins" name="redirectUris"
aria-label={t("webOrigins")} aria-label={t("validRedirectUri")}
addButtonLabel="clients:addWebOrigins" addButtonLabel="clients:addRedirectUri"
/> />
</FormGroup> </FormGroup>
{protocol === "saml" && (
<>
<FormGroup
label={t("idpInitiatedSsoUrlName")}
fieldId="idpInitiatedSsoUrlName"
labelIcon={
<HelpItem
helpText="clients-help:idpInitiatedSsoUrlName"
fieldLabelId="clients:idpInitiatedSsoUrlName"
/>
}
helperText={
idpInitiatedSsoUrlName !== "" &&
t("idpInitiatedSsoUrlNameHelp", {
url: `${environment.authServerUrl}/realms/${realm}/protocol/saml/clients/${idpInitiatedSsoUrlName}`,
})
}
>
<TextInput
type="text"
id="idpInitiatedSsoUrlName"
name="attributes.saml_idp_initiated_sso_url_name"
ref={register}
/>
</FormGroup>
<FormGroup
label={t("idpInitiatedSsoRelayState")}
fieldId="idpInitiatedSsoRelayState"
labelIcon={
<HelpItem
helpText="clients-help:idpInitiatedSsoRelayState"
fieldLabelId="clients:idpInitiatedSsoRelayState"
/>
}
>
<TextInput
type="text"
id="idpInitiatedSsoRelayState"
name="attributes.saml_idp_initiated_sso_relay_state"
ref={register}
/>
</FormGroup>
<FormGroup
label={t("masterSamlProcessingUrl")}
fieldId="masterSamlProcessingUrl"
labelIcon={
<HelpItem
helpText="clients-help:masterSamlProcessingUrl"
fieldLabelId="clients:masterSamlProcessingUrl"
/>
}
>
<TextInput
type="text"
id="masterSamlProcessingUrl"
name="adminUrl"
ref={register}
/>
</FormGroup>
</>
)}
{protocol !== "saml" && (
<FormGroup
label={t("webOrigins")}
fieldId="kc-web-origins"
labelIcon={
<HelpItem
helpText="clients-help:webOrigins"
fieldLabelId="clients:webOrigins"
/>
}
>
<MultiLineInput
name="webOrigins"
aria-label={t("webOrigins")}
addButtonLabel="clients:addWebOrigins"
/>
</FormGroup>
)}
</> </>
)} )}
<FormGroup {protocol !== "saml" && (
label={t("adminURL")} <FormGroup
fieldId="kc-admin-url" label={t("adminURL")}
labelIcon={ fieldId="kc-admin-url"
<HelpItem labelIcon={
helpText="clients-help:adminURL" <HelpItem
fieldLabelId="clients:adminURL" helpText="clients-help:adminURL"
fieldLabelId="clients:adminURL"
/>
}
>
<TextInput
type="text"
id="kc-admin-url"
name="adminUrl"
ref={register}
/> />
} </FormGroup>
> )}
<TextInput
type="text"
id="kc-admin-url"
name="adminUrl"
ref={register}
/>
</FormGroup>
{client.bearerOnly && ( {client.bearerOnly && (
<SaveReset <SaveReset
className="keycloak__form_actions" className="keycloak__form_actions"

View file

@ -142,6 +142,12 @@ export default {
"JWE algorithm, which client needs to use when encrypting the content of the OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', any algorithm is allowed.", "JWE algorithm, which client needs to use when encrypting the content of the OIDC request object specified by 'request' or 'request_uri' parameters. If set to 'any', any algorithm is allowed.",
validRequestURIs: validRequestURIs:
"List of valid URIs, which can be used as values of 'request_uri' parameter during OpenID Connect authentication request. There is support for the same capabilities like for Valid Redirect URIs. For example wildcards or relative paths.", "List of valid URIs, which can be used as values of 'request_uri' parameter during OpenID Connect authentication request. There is support for the same capabilities like for Valid Redirect URIs. For example wildcards or relative paths.",
idpInitiatedSsoUrlName:
"URL fragment name to reference client when you want to do IDP Initiated SSO. Leaving this empty will disable IDP Initiated SSO. The URL you will reference from your browser will be: {server-root}/realms/{realm}/protocol/saml/clients/{client-url-name}",
idpInitiatedSsoRelayState:
"Relay state you want to send with SAML request when you want to do IDP Initiated SSO.",
masterSamlProcessingUrl:
"If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overridden for each binding and service in the Fine Grain SAML Endpoint Configuration.",
authorizationSignedResponseAlg: authorizationSignedResponseAlg:
"JWA algorithm used for signing authorization response tokens when the response mode is jwt.", "JWA algorithm used for signing authorization response tokens when the response mode is jwt.",
authorizationEncryptedResponseAlg: authorizationEncryptedResponseAlg:

View file

@ -374,6 +374,10 @@ export default {
accessSettings: "Access settings", accessSettings: "Access settings",
rootUrl: "Root URL", rootUrl: "Root URL",
validRedirectUri: "Valid redirect URIs", validRedirectUri: "Valid redirect URIs",
idpInitiatedSsoUrlName: "IDP-Initiated SSO URL name",
idpInitiatedSsoUrlNameHelp: "Target IDP initiated SSO URL: {{url}}",
idpInitiatedSsoRelayState: "IDP Initiated SSO Relay State",
masterSamlProcessingUrl: "Master SAML Processing URL",
samlCapabilityConfig: "SAML capabilities", samlCapabilityConfig: "SAML capabilities",
signatureAndEncryption: "Signature and Encryption", signatureAndEncryption: "Signature and Encryption",
nameIdFormat: "Name ID format", nameIdFormat: "Name ID format",