Merge pull request #1598 from mposolda/master
KEYCLOAK-1801 Additional fix and cleanup
This commit is contained in:
commit
2550d16127
10 changed files with 65 additions and 95 deletions
|
@ -638,6 +638,9 @@ module.config([ '$routeProvider', function($routeProvider) {
|
||||||
},
|
},
|
||||||
clientAuthenticatorProviders : function(ClientAuthenticatorProvidersLoader) {
|
clientAuthenticatorProviders : function(ClientAuthenticatorProvidersLoader) {
|
||||||
return ClientAuthenticatorProvidersLoader();
|
return ClientAuthenticatorProvidersLoader();
|
||||||
|
},
|
||||||
|
clientConfigProperties: function(PerClientAuthenticationConfigDescriptionLoader) {
|
||||||
|
return PerClientAuthenticationConfigDescriptionLoader();
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
controller : 'ClientCredentialsCtrl'
|
controller : 'ClientCredentialsCtrl'
|
||||||
|
|
|
@ -30,39 +30,12 @@ module.controller('ClientRoleListCtrl', function($scope, $location, realm, clien
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
module.controller('ClientCredentialsCtrl', function($scope, $location, realm, client, clientAuthenticatorProviders, Client) {
|
module.controller('ClientCredentialsCtrl', function($scope, $location, realm, client, clientAuthenticatorProviders, clientConfigProperties, Client) {
|
||||||
$scope.realm = realm;
|
$scope.realm = realm;
|
||||||
$scope.client = angular.copy(client);
|
$scope.client = angular.copy(client);
|
||||||
$scope.clientAuthenticatorProviders = clientAuthenticatorProviders;
|
$scope.clientAuthenticatorProviders = clientAuthenticatorProviders;
|
||||||
|
|
||||||
var updateConfigButtonVisibility = function() {
|
var updateCurrentPartial = function(val) {
|
||||||
for (var i=0 ; i<clientAuthenticatorProviders.length ; i++) {
|
|
||||||
var authenticator = clientAuthenticatorProviders[i];
|
|
||||||
if ($scope.client.clientAuthenticatorType === authenticator.id) {
|
|
||||||
$scope.configButtonVisible = authenticator.configurablePerClient;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
updateConfigButtonVisibility();
|
|
||||||
|
|
||||||
$scope.$watch('client', function() {
|
|
||||||
if (!angular.equals($scope.client, client)) {
|
|
||||||
|
|
||||||
console.log("Update client credentials!");
|
|
||||||
|
|
||||||
Client.update({
|
|
||||||
realm : realm.realm,
|
|
||||||
client : client.id
|
|
||||||
}, $scope.client, function() {
|
|
||||||
$scope.changed = false;
|
|
||||||
client = angular.copy($scope.client);
|
|
||||||
updateConfigButtonVisibility();
|
|
||||||
});
|
|
||||||
|
|
||||||
}
|
|
||||||
}, true);
|
|
||||||
|
|
||||||
$scope.$watch('client.clientAuthenticatorType', function(val) {
|
|
||||||
$scope.clientAuthenticatorConfigPartial;
|
$scope.clientAuthenticatorConfigPartial;
|
||||||
switch(val) {
|
switch(val) {
|
||||||
case 'client-secret':
|
case 'client-secret':
|
||||||
|
@ -72,14 +45,28 @@ module.controller('ClientCredentialsCtrl', function($scope, $location, realm, cl
|
||||||
$scope.clientAuthenticatorConfigPartial = 'client-credentials-jwt.html';
|
$scope.clientAuthenticatorConfigPartial = 'client-credentials-jwt.html';
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
$scope.currentAuthenticatorConfigProperties = clientConfigProperties[val];
|
||||||
$scope.clientAuthenticatorConfigPartial = 'client-credentials-generic.html';
|
$scope.clientAuthenticatorConfigPartial = 'client-credentials-generic.html';
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
});
|
};
|
||||||
|
|
||||||
$scope.configureAuthenticator = function() {
|
updateCurrentPartial(client.clientAuthenticatorType);
|
||||||
$location.url("/realms/" + realm.realm + "/clients/" + client.id + "/credentials/" + client.clientAuthenticatorType);
|
|
||||||
}
|
$scope.$watch('client.clientAuthenticatorType', function() {
|
||||||
|
if (!angular.equals($scope.client.clientAuthenticatorType, client.clientAuthenticatorType)) {
|
||||||
|
|
||||||
|
Client.update({
|
||||||
|
realm : realm.realm,
|
||||||
|
client : client.id
|
||||||
|
}, $scope.client, function() {
|
||||||
|
$scope.changed = false;
|
||||||
|
client = angular.copy($scope.client);
|
||||||
|
updateCurrentPartial(client.clientAuthenticatorType)
|
||||||
|
});
|
||||||
|
|
||||||
|
}
|
||||||
|
}, true);
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -134,17 +121,15 @@ module.controller('ClientSignedJWTCtrl', function($scope, $location, ClientCerti
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
module.controller('ClientGenericCredentialsCtrl', function($scope, $location, realm, client, clientConfigProperties, Client, Notifications) {
|
module.controller('ClientGenericCredentialsCtrl', function($scope, $location, Client, Notifications) {
|
||||||
|
|
||||||
console.log('ClientGenericCredentialsCtrl invoked');
|
console.log('ClientGenericCredentialsCtrl invoked');
|
||||||
|
|
||||||
$scope.realm = realm;
|
$scope.clientCopy = angular.copy($scope.client);
|
||||||
$scope.client = angular.copy(client);
|
|
||||||
$scope.clientConfigProperties = clientConfigProperties;
|
|
||||||
$scope.changed = false;
|
$scope.changed = false;
|
||||||
|
|
||||||
$scope.$watch('client', function() {
|
$scope.$watch('client', function() {
|
||||||
if (!angular.equals($scope.client, client)) {
|
if (!angular.equals($scope.client, $scope.clientCopy)) {
|
||||||
$scope.changed = true;
|
$scope.changed = true;
|
||||||
}
|
}
|
||||||
}, true);
|
}, true);
|
||||||
|
@ -152,17 +137,17 @@ module.controller('ClientGenericCredentialsCtrl', function($scope, $location, re
|
||||||
$scope.save = function() {
|
$scope.save = function() {
|
||||||
|
|
||||||
Client.update({
|
Client.update({
|
||||||
realm : realm.realm,
|
realm : $scope.realm.realm,
|
||||||
client : client.id
|
client : $scope.client.id
|
||||||
}, $scope.client, function() {
|
}, $scope.client, function() {
|
||||||
$scope.changed = false;
|
$scope.changed = false;
|
||||||
client = angular.copy($scope.client);
|
$scope.clientCopy = angular.copy($scope.client);
|
||||||
Notifications.success("Client authentication configuration has been saved to the client.");
|
Notifications.success("Client authentication configuration has been saved to the client.");
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
$scope.reset = function() {
|
$scope.reset = function() {
|
||||||
$scope.client = angular.copy(client);
|
$scope.client = angular.copy($scope.clientCopy);
|
||||||
$scope.changed = false;
|
$scope.changed = false;
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
|
@ -419,10 +419,9 @@ module.factory('AuthenticationConfigDescriptionLoader', function(Loader, Authent
|
||||||
});
|
});
|
||||||
|
|
||||||
module.factory('PerClientAuthenticationConfigDescriptionLoader', function(Loader, PerClientAuthenticationConfigDescription, $route, $q) {
|
module.factory('PerClientAuthenticationConfigDescriptionLoader', function(Loader, PerClientAuthenticationConfigDescription, $route, $q) {
|
||||||
return Loader.query(PerClientAuthenticationConfigDescription, function () {
|
return Loader.get(PerClientAuthenticationConfigDescription, function () {
|
||||||
return {
|
return {
|
||||||
realm: $route.current.params.realm,
|
realm: $route.current.params.realm
|
||||||
provider: $route.current.params.provider
|
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
@ -1258,9 +1258,8 @@ module.factory('AuthenticationConfigDescription', function($resource) {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
module.factory('PerClientAuthenticationConfigDescription', function($resource) {
|
module.factory('PerClientAuthenticationConfigDescription', function($resource) {
|
||||||
return $resource(authUrl + '/admin/realms/:realm/authentication/per-client-config-description/:provider', {
|
return $resource(authUrl + '/admin/realms/:realm/authentication/per-client-config-description', {
|
||||||
realm : '@realm',
|
realm : '@realm'
|
||||||
provider: '@provider'
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -1,12 +1,14 @@
|
||||||
<form class="form-horizontal" name="credentialForm" novalidate kc-read-only="!access.manageClients" data-ng-show="client.attributes.length > 0">
|
<div>
|
||||||
<fieldset>
|
<form class="form-horizontal" name="credentialForm" novalidate kc-read-only="!access.manageClients" data-ng-show="currentAuthenticatorConfigProperties.length > 0" data-ng-controller="ClientGenericCredentialsCtrl">
|
||||||
<kc-provider-config realm="realm" config="client.attributes" properties="clientConfigProperties"></kc-provider-config>
|
<fieldset>
|
||||||
</fieldset>
|
<kc-provider-config realm="realm" config="client.attributes" properties="currentAuthenticatorConfigProperties"></kc-provider-config>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="col-md-10 col-md-offset-2" data-ng-show="access.manageClients">
|
<div class="col-md-10 col-md-offset-2" data-ng-show="access.manageClients">
|
||||||
<button kc-save data-ng-disabled="!changed">Save</button>
|
<button kc-save data-ng-disabled="!changed">Save</button>
|
||||||
<button kc-reset data-ng-disabled="!changed">Cancel</button>
|
<button kc-reset data-ng-disabled="!changed">Cancel</button>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</form>
|
||||||
</form>
|
</div>
|
|
@ -25,13 +25,6 @@ public interface ClientAuthenticatorFactory extends ProviderFactory<ClientAuthen
|
||||||
@Override
|
@Override
|
||||||
boolean isConfigurable();
|
boolean isConfigurable();
|
||||||
|
|
||||||
/**
|
|
||||||
* Is this authenticator configurable per client? The configuration will be in "Clients" / "Credentials" tab in admin console
|
|
||||||
*
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
boolean isConfigurablePerClient();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of config properties for this client implementation. Those will be shown in admin console in clients credentials tab and can be configured per client.
|
* List of config properties for this client implementation. Those will be shown in admin console in clients credentials tab and can be configured per client.
|
||||||
* Applicable only if "isConfigurablePerClient" is true
|
* Applicable only if "isConfigurablePerClient" is true
|
||||||
|
|
|
@ -127,11 +127,6 @@ public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean isConfigurablePerClient() {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
|
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
|
||||||
return REQUIREMENT_CHOICES;
|
return REQUIREMENT_CHOICES;
|
||||||
|
|
|
@ -144,11 +144,6 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean isConfigurablePerClient() {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
|
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
|
||||||
return REQUIREMENT_CHOICES;
|
return REQUIREMENT_CHOICES;
|
||||||
|
|
|
@ -211,11 +211,6 @@ public class AuthenticationManagementResource {
|
||||||
data.put("description", configured.getHelpText());
|
data.put("description", configured.getHelpText());
|
||||||
data.put("displayName", configured.getDisplayType());
|
data.put("displayName", configured.getDisplayType());
|
||||||
|
|
||||||
if (configured instanceof ClientAuthenticatorFactory) {
|
|
||||||
ClientAuthenticatorFactory configuredClient = (ClientAuthenticatorFactory) configured;
|
|
||||||
data.put("configurablePerClient", configuredClient.isConfigurablePerClient());
|
|
||||||
}
|
|
||||||
|
|
||||||
providers.add(data);
|
providers.add(data);
|
||||||
}
|
}
|
||||||
return providers;
|
return providers;
|
||||||
|
@ -894,21 +889,30 @@ public class AuthenticationManagementResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Path("per-client-config-description/{providerId}")
|
@Path("per-client-config-description")
|
||||||
@GET
|
@GET
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
@NoCache
|
@NoCache
|
||||||
public List<ConfigPropertyRepresentation> getPerClientConfigDescription(@PathParam("providerId") String providerId) {
|
public Map<String, List<ConfigPropertyRepresentation>> getPerClientConfigDescription() {
|
||||||
this.auth.requireView();
|
this.auth.requireView();
|
||||||
ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
|
List<ProviderFactory> factories = session.getKeycloakSessionFactory().getProviderFactories(ClientAuthenticator.class);
|
||||||
ClientAuthenticatorFactory clientAuthFactory = (ClientAuthenticatorFactory) factory;
|
|
||||||
List<ProviderConfigProperty> perClientConfigProps = clientAuthFactory.getConfigPropertiesPerClient();
|
Map<String, List<ConfigPropertyRepresentation>> toReturn = new HashMap<>();
|
||||||
List<ConfigPropertyRepresentation> result = new LinkedList<>();
|
for (ProviderFactory clientAuthenticatorFactory : factories) {
|
||||||
for (ProviderConfigProperty prop : perClientConfigProps) {
|
String providerId = clientAuthenticatorFactory.getId();
|
||||||
ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
|
ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
|
||||||
result.add(propRep);
|
ClientAuthenticatorFactory clientAuthFactory = (ClientAuthenticatorFactory) factory;
|
||||||
|
List<ProviderConfigProperty> perClientConfigProps = clientAuthFactory.getConfigPropertiesPerClient();
|
||||||
|
List<ConfigPropertyRepresentation> result = new LinkedList<>();
|
||||||
|
for (ProviderConfigProperty prop : perClientConfigProps) {
|
||||||
|
ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
|
||||||
|
result.add(propRep);
|
||||||
|
}
|
||||||
|
|
||||||
|
toReturn.put(providerId, result);
|
||||||
}
|
}
|
||||||
return result;
|
|
||||||
|
return toReturn;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Path("config")
|
@Path("config")
|
||||||
|
|
|
@ -68,11 +68,6 @@ public class PassThroughClientAuthenticator extends AbstractClientAuthenticator
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean isConfigurablePerClient() {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
|
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
|
||||||
return REQUIREMENT_CHOICES;
|
return REQUIREMENT_CHOICES;
|
||||||
|
|
Loading…
Reference in a new issue