libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #1406 from patriot1burke/master

Browse source 
refactor registration and console pages
This commit is contained in:
Bill Burke 2015-06-19 18:06:12 -04:00
commit 114b687c5c
17 changed files with 1813 additions and 1858 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.4.0.xml
View file

@ -9,7 +9,7 @@
<delete tableName="USER_SESSION"/>
<addColumn tableName="CLIENT_SESSION">
<column name="CURRENT_ACTION" type="VARCHAR(36)">
<constraints nullable="false"/>
<constraints nullable="true"/>
</column>
</addColumn>
<!-- OAUTH_GRANT,

18
forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
View file

@ -273,15 +273,6 @@ module.config([ '$routeProvider', function($routeProvider) {
},
controller : 'RealmDefaultRolesCtrl'
})
.when('/realms/:realm/required-credentials', {
templateUrl : resourceUrl + '/partials/realm-credentials.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
}
},
controller : 'RealmRequiredCredentialsCtrl'
})
.when('/realms/:realm/smtp-settings', {
templateUrl : resourceUrl + '/partials/realm-smtp.html',
resolve : {
@ -1063,6 +1054,15 @@ module.config([ '$routeProvider', function($routeProvider) {
},
controller : 'RequiredActionsCtrl'
})
.when('/realms/:realm/authentication/password-policy', {
templateUrl : resourceUrl + '/partials/password-policy.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
}
},
controller : 'RealmPasswordPolicyCtrl'
})
.when('/server-info', {
templateUrl : resourceUrl + '/partials/server-info.html'
})

12
forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
View file

@ -371,8 +371,8 @@ module.controller('RealmCacheCtrl', function($scope, Current, Realm, realm, serv
genericRealmUpdate($scope, Current, Realm, realm, serverInfo, $http, $location, Dialog, Notifications, "/realms/" + realm.realm + "/cache-settings");
});
module.controller('RealmRequiredCredentialsCtrl', function($scope, Realm, realm, $http, $location, Dialog, Notifications, PasswordPolicy) {
console.log('RealmRequiredCredentialsCtrl');
module.controller('RealmPasswordPolicyCtrl', function($scope, Realm, realm, $http, $location, Dialog, Notifications, PasswordPolicy) {
console.log('RealmPasswordPolicyCtrl');
$scope.realm = realm;
@ -395,12 +395,6 @@ module.controller('RealmRequiredCredentialsCtrl', function($scope, Realm, realm,
$scope.policy.splice(index, 1);
}
$scope.userCredentialOptions = {
'multiple' : true,
'simple_tags' : true,
'tags' : ['password', 'totp', 'cert', 'kerberos']
};
$scope.changed = false;
$scope.$watch('realm', function() {
@ -420,7 +414,7 @@ module.controller('RealmRequiredCredentialsCtrl', function($scope, Realm, realm,
$scope.changed = false;
Realm.update($scope.realm, function () {
$location.url("/realms/" + realm.realm + "/required-credentials");
$location.url("/realms/" + realm.realm + "/authentication/password-policy");
Notifications.success("Your changes have been saved to the realm.");
oldCopy = angular.copy($scope.realm);
oldPolicy = angular.copy($scope.policy);

14
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-credentials.html → forms/common-themes/src/main/resources/theme/base/admin/resources/partials/password-policy.html
View file

@ -1,19 +1,9 @@
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
<h1>Settings</h1>
<h1>Authentication</h1>
<kc-tabs-realm></kc-tabs-realm>
<kc-tabs-authentication></kc-tabs-authentication>
<form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">
<fieldset class="border-top">
<legend><span class="text">Realm Credentials Settings</span> <kc-tooltip>Credential types required for every user. Changing this value may require the user to configure any new credentials the next time they log in.</kc-tooltip></legend>
<div class="form-group">
<label class="col-md-2 control-label" for="user" class="control-label two-lines">Required User Credentials</label>
<div class="col-md-6">
<input id="user" type="text" ui-select2="userCredentialOptions" ng-model="realm.requiredCredentials" placeholder="Type a role and enter">
</div>
</div>
</fieldset>
<fieldset class="border-top">
<legend><span class="text">Realm Password Policy</span> <kc-tooltip>Specify required password format. You can also set how many times a password is hashed before it is stored in database. Multiple Regex patterns, separated by comma, can be added.</kc-tooltip></legend>
<table class="table table-striped table-bordered">

1
forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-authentication.html
View file

@ -1,4 +1,5 @@
<ul class="nav nav-tabs">
<li ng-class="{active: path[3] == 'flows'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/authentication/flows">Authenticators</a></li>
<li ng-class="{active: path[3] == 'required-actions'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/authentication/required-actions">Required Actions</a></li>
<li ng-class="{active: path[3] == 'password-policy'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/authentication/password-policy">Password Policy</a></li>
</ul>

1
forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-realm.html Normal file → Executable file
View file

@ -1,7 +1,6 @@
<ul class="nav nav-tabs">
<li ng-class="{active: !path[2]}"><a href="#/realms/{{realm.realm}}">General</a></li>
<li ng-class="{active: path[2] == 'login-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/login-settings">Login</a></li>
<li ng-class="{active: path[2] == 'required-credentials'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/required-credentials">Credentials</a></li>
<li ng-class="{active: path[2] == 'keys-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/keys-settings">Keys</a></li>
<li ng-class="{active: path[2] == 'smtp-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/smtp-settings">Email</a></li>
<li ng-class="{active: path[2] == 'theme-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/theme-settings">Themes</a></li>

9
services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordForm.java
View file

@ -41,15 +41,16 @@ public class UsernamePasswordForm extends AbstractFormAuthenticator implements A
context.forceChallenge(response);
return;
}
if (!validateUser(context, formData)) {
return;
}
if (!validatePassword(context, formData)) {
if (!validateForm(context, formData)) {
return;
}
context.success();
}
protected boolean validateForm(AuthenticatorContext context, MultivaluedMap<String, String> formData) {
return validateUser(context, formData) && validatePassword(context, formData);
}
@Override
public void authenticate(AuthenticatorContext context) {
if (REGISTRATION_FORM_ACTION.equals(context.getAction()) && context.getUser() != null) {

42
services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
View file

@ -358,37 +358,24 @@ public class LoginActionsService {
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response processRegister(@QueryParam("code") String code) {
MultivaluedMap<String, String> formData = request.getDecodedFormParameters();
event.event(EventType.REGISTER);
if (!checkSsl()) {
event.error(Errors.SSL_REQUIRED);
return ErrorPage.error(session, Messages.HTTPS_REQUIRED);
Checks checks = new Checks();
if (!checks.check(code, ClientSessionModel.Action.AUTHENTICATE.name())) {
return checks.response;
}
if (!realm.isEnabled()) {
event.error(Errors.REALM_DISABLED);
return ErrorPage.error(session, Messages.REALM_NOT_ENABLED);
}
if (!realm.isRegistrationAllowed()) {
if (!realm.isRegistrationAllowed()) {
event.error(Errors.REGISTRATION_DISABLED);
return ErrorPage.error(session, Messages.REGISTRATION_NOT_ALLOWED);
}
ClientSessionCode clientCode = ClientSessionCode.parse(code, session, realm);
if (clientCode == null) {
event.error(Errors.INVALID_CODE);
return ErrorPage.error(session, Messages.INVALID_CODE);
}
if (!clientCode.isValid(ClientSessionModel.Action.AUTHENTICATE.name())) {
event.error(Errors.INVALID_CODE);
return ErrorPage.error(session, Messages.INVALID_CODE);
}
MultivaluedMap<String, String> formData = request.getDecodedFormParameters();
String username = formData.getFirst(Validation.FIELD_USERNAME);
String email = formData.getFirst(Validation.FIELD_EMAIL);
if (realm.isRegistrationEmailAsUsername()) {
username = email;
formData.putSingle(AuthenticationManager.FORM_USERNAME, username);
}
ClientSessionCode clientCode = checks.clientCode;
ClientSessionModel clientSession = clientCode.getClientSession();
event.client(clientSession.getClient())
.detail(Details.REDIRECT_URI, clientSession.getRedirectUri())
@ -397,23 +384,6 @@ public class LoginActionsService {
.detail(Details.EMAIL, email)
.detail(Details.REGISTER_METHOD, "form");
if (!realm.isEnabled()) {
event.error(Errors.REALM_DISABLED);
return ErrorPage.error(session, Messages.REALM_NOT_ENABLED);
}
ClientModel client = clientSession.getClient();
if (client == null) {
event.error(Errors.CLIENT_NOT_FOUND);
return ErrorPage.error(session, Messages.UNKNOWN_LOGIN_REQUESTER);
}
if (!client.isEnabled()) {
event.error(Errors.CLIENT_DISABLED);
return ErrorPage.error(session, Messages.LOGIN_REQUESTER_NOT_ENABLED);
}
session.getContext().setClient(client);
List<String> requiredCredentialTypes = new LinkedList<>();
boolean passwordRequired = isPasswordRequired();
if (passwordRequired) {