libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Merge pull request #2211 from stianst/KEYCLOAK-2475

Browse source 
KEYCLOAK-2475
This commit is contained in:
Stian Thorgersen 2016-02-10 14:52:22 +01:00
commit 066d6bb230
5 changed files with 17 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
docbook/auth-server-docs/reference/en/en-US/modules/MigrationFromOlderVersions.xml
View file

@ -107,6 +107,12 @@
(via the subsystem, or auth-method in web.xml (via the subsystem, or auth-method in web.xml
</para> </para>
</simplesect> </simplesect>
<simplesect>
<title>Client Registration service endpoints moved</title>
<para>
The Client Registration service endpoints have been moved from <literal>{realm}/clients</literal> to <literal>{realm}/clients-registrations</literal>.
</para>
</simplesect>
<simplesect> <simplesect>
<title>Deprecated OpenID Connect endpoints</title> <title>Deprecated OpenID Connect endpoints</title>
<para> <para>

16
docbook/auth-server-docs/reference/en/en-US/modules/client-registration.xml
View file

@ -27,7 +27,7 @@
<para> <para>
The Client Registration Service provides built-in support for Keycloak Client Representations, OpenID Connect The Client Registration Service provides built-in support for Keycloak Client Representations, OpenID Connect
Client Meta Data and SAML Entity Descriptors. It's also possible to plugin custom client registration providers Client Meta Data and SAML Entity Descriptors. It's also possible to plugin custom client registration providers
if required. The Client Registration Service endpoint is <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/&lt;provider&gt;</literal>. if required. The Client Registration Service endpoint is <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/&lt;provider&gt;</literal>.
</para> </para>
<para> <para>
The built-in supported <literal>providers</literal> are: The built-in supported <literal>providers</literal> are:
@ -123,23 +123,23 @@ Authorization: bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJmMjJmNzQyYy04ZjNlLTQ2M....
</para> </para>
<para> <para>
To create a client create a Client Representation (JSON) then do a HTTP POST to: To create a client create a Client Representation (JSON) then do a HTTP POST to:
<literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/default</literal>. It will return a Client Representation <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/default</literal>. It will return a Client Representation
that also includes the registration access token. You should save the registration access token somewhere that also includes the registration access token. You should save the registration access token somewhere
if you want to retrieve the config, update or delete the client later. if you want to retrieve the config, update or delete the client later.
</para> </para>
<para> <para>
To retrieve the Client Representation then do a HTTP GET to: To retrieve the Client Representation then do a HTTP GET to:
<literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/default/&lt;client id&gt;</literal>. It will also <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/default/&lt;client id&gt;</literal>. It will also
return a new registration access token. return a new registration access token.
</para> </para>
<para> <para>
To update the Client Representation then do a HTTP PUT to with the updated Client Representation to: To update the Client Representation then do a HTTP PUT to with the updated Client Representation to:
<literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/default/&lt;client id&gt;</literal>. It will also <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/default/&lt;client id&gt;</literal>. It will also
return a new registration access token. return a new registration access token.
</para> </para>
<para> <para>
To delete the Client Representation then do a HTTP DELETE to: To delete the Client Representation then do a HTTP DELETE to:
<literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/default/&lt;client id&gt;</literal> <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/default/&lt;client id&gt;</literal>
</para> </para>
</section> </section>
@ -155,7 +155,7 @@ Authorization: basic BASE64(client-id + ':' + client-secret)
</para> </para>
<para> <para>
To retrieve the Adapter Configuration then do a HTTP GET to: To retrieve the Adapter Configuration then do a HTTP GET to:
<literal>&lt;KEYCLOAK URL&gt;//realms/&lt;realm&gt;/clients/installation/&lt;client id&gt;</literal> <literal>&lt;KEYCLOAK URL&gt;//realms/&lt;realm&gt;/clients-registrations/installation/&lt;client id&gt;</literal>
</para> </para>
<para> <para>
No authentication is required for public clients. This means that for the JavaScript adapter you can No authentication is required for public clients. This means that for the JavaScript adapter you can
@ -172,7 +172,7 @@ Authorization: basic BASE64(client-id + ':' + client-secret)
</para> </para>
<para> <para>
The endpoint to use these specifications to register clients in Keycloak is: The endpoint to use these specifications to register clients in Keycloak is:
<literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/oidc[/&lt;client id&gt;]</literal>. <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/oidc[/&lt;client id&gt;]</literal>.
</para> </para>
<para> <para>
This endpoints can also be found in the OpenID Connect Discovery endpoint for the realm: This endpoints can also be found in the OpenID Connect Discovery endpoint for the realm:
@ -190,7 +190,7 @@ Authorization: basic BASE64(client-id + ':' + client-secret)
</para> </para>
<para> <para>
To create a client do a HTTP POST with the SAML Entity Descriptor to: To create a client do a HTTP POST with the SAML Entity Descriptor to:
<literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients/saml2-entity-descriptor</literal>. <literal>&lt;KEYCLOAK URL&gt;/realms/&lt;realm&gt;/clients-registrations/saml2-entity-descriptor</literal>.
</para> </para>
</section> </section>

2
integration/client-registration/src/main/java/org/keycloak/client/registration/ClientRegistration.java
View file

@ -177,7 +177,7 @@ public class ClientRegistration {
} }
public ClientRegistrationBuilder url(String authUrl, String realm) { public ClientRegistrationBuilder url(String authUrl, String realm) {
url = HttpUtil.getUrl(authUrl, "realms", realm, "clients"); url = HttpUtil.getUrl(authUrl, "realms", realm, "clients-registrations");
return this; return this;
} }

2
services/src/main/java/org/keycloak/services/clientregistration/ClientRegistrationService.java
View file

@ -17,11 +17,11 @@
package org.keycloak.services.clientregistration; package org.keycloak.services.clientregistration;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.events.EventBuilder; import org.keycloak.events.EventBuilder;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.services.ErrorResponseException; import org.keycloak.services.ErrorResponseException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
import javax.ws.rs.core.Context; import javax.ws.rs.core.Context;

2
services/src/main/java/org/keycloak/services/resources/RealmsResource.java
View file

@ -107,7 +107,7 @@ public class RealmsResource {
return service; return service;
} }
@Path("{realm}/clients") @Path("{realm}/clients-registrations")
public ClientRegistrationService getClientsService(final @PathParam("realm") String name) { public ClientRegistrationService getClientsService(final @PathParam("realm") String name) {
RealmModel realm = init(name); RealmModel realm = init(name);
EventBuilder event = new EventBuilder(realm, session, clientConnection); EventBuilder event = new EventBuilder(realm, session, clientConnection);