libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Merge pull request #626 from patriot1burke/master

Browse source 
more tooltips, change password
This commit is contained in:
Bill Burke 2014-08-13 12:17:48 -04:00
commit 29691a3167
24 changed files with 124 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
core/src/main/java/org/keycloak/representations/idm/CredentialRepresentation.java
View file

@ -20,6 +20,8 @@ public class CredentialRepresentation {
protected String hashedSaltedValue;
protected String salt;
protected Integer hashIterations;
// only used when updating a credential. Might set required action
protected boolean temporary;
public String getType() {
return type;
@ -68,4 +70,12 @@ public class CredentialRepresentation {
public void setHashIterations(Integer hashIterations) {
this.hashIterations = hashIterations;
}
public boolean isTemporary() {
return temporary;
}
public void setTemporary(boolean temporary) {
this.temporary = temporary;
}
}

13
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
View file

@ -267,7 +267,7 @@ module.controller('UserCredentialsCtrl', function($scope, realm, user, User, Use
$scope.isTotp = user.totp;
}
$scope.resetPassword = function() {
$scope.resetPassword = function(temporary) {
if ($scope.pwdChange) {
if ($scope.password != $scope.confirmPassword) {
Notifications.error("Password and confirmation does not match.");
@ -275,8 +275,15 @@ module.controller('UserCredentialsCtrl', function($scope, realm, user, User, Use
}
}
Dialog.confirm('Reset password', 'Are you sure you want to reset the users password?', function() {
UserCredentials.resetPassword({ realm: realm.realm, userId: user.username }, { type : "password", value : $scope.password }, function() {
var msgTitle = 'Change password';
var msg = 'Are you sure you want to change the users password?';
if (temporary) {
msgTitle = 'Reset password';
msg = 'Are you sure you want to reset the users password?';
}
Dialog.confirm(msgTitle, msg, function() {
UserCredentials.resetPassword({ realm: realm.realm, userId: user.username }, { type : "password", value : $scope.password, temporary: temporary }, function() {
Notifications.success("The password has been reset");
$scope.password = null;
$scope.confirmPassword = null;

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-claims.html
View file

@ -12,7 +12,7 @@
</ul>
<h2></h2>
<div id="content">
<h2 data-ng-hide="create"><span>{{application.name}}</span> Allowed Claims</h2>
<h2 data-ng-hide="create"><span>{{application.name}}</span> Allowed Claims <span tooltip-placement="right" tooltip="Allows you to restrict which claim information is stored in the access token generated for the application." class="pficon pficon-help"></span></h2>
<form class="form-horizontal" name="claimForm">
<div data-ng-include data-src="'partials/claims.html'"></div>
<div class="pull-right form-actions" data-ng-show="access.manageApplications">

10
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-detail.html
View file

@ -32,13 +32,14 @@
</div>
<div class="form-group clearfix block">
<label class="col-sm-2 control-label" for="enabled">Enabled</label>
<div class="col-sm-4">
<div class="col-sm-6">
<input ng-model="application.enabled" name="enabled" id="enabled" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="Disabled applications cannot initiate a login or have obtain access tokens." class="pficon pficon-help"></span>
</div>
<div class="form-group">
<label class="col-sm-2 control-label" for="accessType">Access Type</label>
<div class="col-sm-4">
<div class="col-sm-6">
<div class="select-kc">
<select id="accessType"
ng-change="changeAccessType()"
@ -47,6 +48,7 @@
</select>
</div>
</div>
<span tooltip-placement="right" tooltip="'Confidential' applications require a secret to initiate login protocol. 'Public' clients do not require a secret. 'Bearer-only' applications are web services that never initiate a login." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-show="!application.bearerOnly">
<label class="col-sm-2 control-label" for="newRedirectUri">Redirect URI <span class="required" data-ng-show="create">*</span></label>
@ -70,6 +72,7 @@
</span>
</div>
</div>
<span tooltip-placement="right" tooltip="Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths will generate a redirect URI using the request's host and port." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-show="!application.bearerOnly && !create">
<label class="col-sm-2 control-label" for="baseUrl">Base URL</label>
@ -77,6 +80,7 @@
<input class="form-control" type="text" name="baseUrl" id="baseUrl"
data-ng-model="application.baseUrl">
</div>
<span tooltip-placement="right" tooltip="Optional URL to use when linking to this application. i.e. the welcome page." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-hide="create">
<label class="col-sm-2 control-label" for="adminUrl">Admin URL</label>
@ -84,6 +88,7 @@
<input class="form-control" type="text" name="adminUrl" id="adminUrl"
data-ng-model="application.adminUrl">
</div>
<span tooltip-placement="right" tooltip="URL to the admin interface of the application. Set this if the application supports the adapter REST API. This REST API allows the auth server to push revocation policies and other adminstrative tasks. Usually this is set to the base URL of the application." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-show="!application.bearerOnly && !create">
<label class="col-sm-2 control-label" for="newWebOrigin">Web Origin</label>
@ -107,6 +112,7 @@
</span>
</div>
</div>
<span tooltip-placement="right" tooltip="Allowed CORS origins. Only useful if the client adapter has CORS processing enabled." class="pficon pficon-help"></span>
</div>
</fieldset>

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-installation.html
View file

@ -14,7 +14,7 @@
<h2></h2>
<div id="content">
<h2><span>{{application.name}}</span> Installation</h2>
<h2><span>{{application.name}}</span> Installation <span tooltip-placement="right" tooltip="Helper utility for generating various client adapter configuration formats which you can download or cut and paste to configure your client applications." class="pficon pficon-help"></span></h2>
<form class="form-horizontal" name="realmForm" novalidate>
<fieldset class="border-top">
<div class="form-group input-select">

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-list.html
View file

@ -5,7 +5,7 @@
</ul>
<h2></h2>
<div id="content">
<h2><span>{{realm.realm}}</span> Applications</h2>
<h2><span>{{realm.realm}}</span> Applications <span tooltip-placement="right" tooltip="Applications are trusted browser apps and web services in a realm. These applications can request a login. You can also define application specific roles." class="pficon pficon-help"></span></h2>
<table class="table table-striped table-bordered">
<thead>
<tr>

3
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-revocation.html
View file

@ -20,6 +20,7 @@
<div class="col-sm-4">
<input ng-disabled="true" class="form-control" type="text" id="notBefore" name="notBefore" data-ng-model="notBefore" autofocus>
</div>
<span tooltip-placement="right" tooltip="Revoke any tokens issued before this date for this application." class="pficon pficon-help"></span>
</div>
</fieldset>
<div class="pull-right form-actions" data-ng-show="access.manageApplications">
@ -27,7 +28,7 @@
</button>
<button type="submit" data-ng-click="setNotBeforeNow()" class="btn btn-primary btn-lg">Set To Now
</button>
<button type="submit" data-ng-click="pushRevocation()" class="btn btn-primary btn-lg">Push
<button type="submit" data-ng-click="pushRevocation()" class="btn btn-primary btn-lg" tooltip="If admin URL is configured for this application, push this policy to that application." tooltip-placement="bottom">Push
</button>
</div>
</form>

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-role-list.html
View file

@ -13,7 +13,7 @@
</ul>
<h2></h2>
<div id="content">
<h2><span>{{application.name}}</span> Roles</h2>
<h2><span>{{application.name}}</span> Application Roles</h2>
<table class="table table-striped table-bordered">
<thead>
<tr>

26
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
View file

@ -13,7 +13,7 @@
</ul>
<h2></h2>
<div id="content">
<h2><span>{{application.name}}</span> Scope Mappings</h2>
<h2><span>{{application.name}}</span> Scope Mappings <span tooltip-placement="right" tooltip="Scope mappings allow you to restrict which user role mappings are included within the access token requested by the application." class="pficon pficon-help"></span></h2>
<p class="subtitle"></p>
<form class="form-horizontal" name="allowScope" novalidate kc-read-only="!access.manageApplications">
<fieldset class="border-top">
@ -22,17 +22,18 @@
<div class="col-sm-4">
<input ng-model="application.fullScopeAllowed" ng-click="changeFullScopeAllowed()" name="fullScopeAllowed" id="fullScopeAllowed" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="Allows you to disable all restrictions." class="pficon pficon-help"></span>
</div>
</fieldset>
</form>
<form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageApplications" data-ng-show="!application.fullScopeAllowed">
<fieldset>
<legend><span class="text">Realm Roles</span></legend>
<legend><span class="text">Realm Roles</span> <span tooltip-placement="right" tooltip="Realm level roles assigned to scope." class="pficon pficon-help"></span></legend>
<div class="form-group col-sm-10">
<div class="controls changing-selectors">
<div class="select-title">
<label class="control-label" for="available">Available Roles</label>
<label class="control-label" for="available">Available Roles <span tooltip-placement="right" tooltip="Realm level roles that can be assigned to scope." class="pficon pficon-help"></span></label>
<select id="available" class="form-control" multiple size="5"
ng-multiple="true"
ng-model="selectedRealmRoles"
@ -41,14 +42,14 @@
</div>
<div class="middle-buttons kc-vertical">
<button class="btn btn-default" type="submit" ng-click="addRealmRole()" tooltip="Move right" tooltip-placement="right">
<span class="kc-icon-arrow-right">Move right</span>
<span class="kc-icon-arrow-right">Assign role</span>
</button>
<button class="btn btn-default" type="submit" ng-click="deleteRealmRole()" tooltip="Move left" tooltip-placement="left">
<span class="kc-icon-arrow-left">Move left</span>
<span class="kc-icon-arrow-left">Unassign role</span>
</button>
</div>
<div class="select-title">
<label class="control-label" for="assigned">Assigned Roles</label>
<label class="control-label" for="assigned">Assigned Roles <span tooltip-placement="right" tooltip="Realm level roles assigned to scope." class="pficon pficon-help"></span></label>
<select id="assigned" class="form-control" multiple size=5
ng-multiple="true"
ng-model="selectedRealmMappings"
@ -59,7 +60,7 @@
-
</div>
<div class="select-title">
<label class="control-label" for="realm-composite">Effective Roles</label>
<label class="control-label" for="realm-composite">Effective Roles <span tooltip-placement="right" tooltip="Assigned realm level roles that may have been inherited from a composite role." class="pficon pficon-help"></span></label>
<select id="realm-composite" class="form-control" multiple size=5
ng-disabled="true"
ng-model="dummymodel"
@ -83,11 +84,12 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Select an application to view or modify additional roles to assign." class="pficon pficon-help"></span>
</div>
<div class="form-group" ng-show="targetApp">
<div class="controls changing-selectors col-sm-10">
<div class="select-title">
<label class="control-label" for="app-available">Available Roles</label>
<label class="control-label" for="app-available">Available Roles <span tooltip-placement="right" tooltip="Application roles available to be assigned." class="pficon pficon-help"></span></label>
<select id="app-available" class="form-control" multiple size="5"
ng-multiple="true"
ng-model="selectedApplicationRoles"
@ -95,15 +97,15 @@
</select>
</div>
<div class="middle-buttons kc-vertical">
<button class="btn btn-default" type="submit" ng-click="addApplicationRole()" tooltip="Move right" tooltip-placement="right">
<button class="btn btn-default" type="submit" ng-click="addApplicationRole()" tooltip="Assign role" tooltip-placement="right">
<span class="kc-icon-arrow-right">Move right</span>
</button>
<button class="btn btn-default" type="submit" ng-click="deleteApplicationRole()" tooltip="Move left" tooltip-placement="left">
<button class="btn btn-default" type="submit" ng-click="deleteApplicationRole()" tooltip="Unassign role" tooltip-placement="left">
<span class="kc-icon-arrow-left">Move left</span>
</button>
</div>
<div class="select-title">
<label class="control-label" for="app-assigned">Assigned Roles</label>
<label class="control-label" for="app-assigned">Assigned Roles <span tooltip-placement="right" tooltip="Assigned application roles." class="pficon pficon-help"></span></label>
<select id="app-assigned" class="form-control" multiple size=5
ng-multiple="true"
ng-model="selectedApplicationMappings"
@ -114,7 +116,7 @@
-
</div>
<div class="select-title">
<label class="control-label" for="app-composite">Effective Roles</label>
<label class="control-label" for="app-composite">Effective Roles <span tooltip-placement="right" tooltip="Assigned application roles that may have been inherited from a composite role." class="pficon pficon-help"></span></label>
<select id="app-composite" class="form-control" multiple size=5
ng-disabled="true"
ng-model="dummymodel"

9
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-sessions.html
View file

@ -12,7 +12,7 @@
</ul>
<h2></h2>
<div id="content">
<h2><span>{{application.name}}</span> Sessions</h2>
<h2><span>{{application.name}}</span> Sessions <span tooltip-placement="right" tooltip="View active sessions for this application. Allows you to see which users are active and when they logged in." class="pficon pficon-help"></span></h2>
<form class="form-horizontal" name="sessionStats">
<fieldset class="border-top">
<div class="form-group">
@ -20,15 +20,16 @@
<div class="col-sm-4">
<input class="form-control" type="text" id="activeSessions" name="activeSessions" data-ng-model="count" ng-disabled="true">
</div>
<span tooltip-placement="right" tooltip="Total number of active user sessions for this application." class="pficon pficon-help"></span>
</div>
</fieldset>
</form>
<table class="table table-striped table-bordered" data-ng-show="count > 0">
<thead>
<tr data-ng-hide="sessions">
<tr>
<th class="kc-table-actions" colspan="3">
<div class="pull-right">
<a class="btn btn-primary" ng-click="loadUsers()">Show Sessions</a>
<a class="btn btn-primary" ng-click="loadUsers()" tooltip-placement="left" tooltip="Warning, this is a potentially expensive operation depending on number of active sessions.">Show Sessions</a>
</div>
</th>
</tr>
@ -38,7 +39,7 @@
<th>Session Start</th>
</tr>
</thead>
<tfoot data-ng-show="sessions">
<tfoot data-ng-show="sessions && sessions.length > 5">
<tr>
<td colspan="7">
<div class="table-nav">

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/oauth-client-claims.html
View file

@ -10,7 +10,7 @@
</ul>
<h2></h2>
<div id="content">
<h2 data-ng-hide="create"><span>{{oauth.name}}</span> Allowed Claims</h2>
<h2 data-ng-hide="create"><span>{{oauth.name}}</span> Allowed Claims <span tooltip-placement="right" tooltip="Allows you to restrict which claim information is stored in the access token generated for the application." class="pficon pficon-help"></span></h2>
<form class="form-horizontal" name="claimForm">
<div data-ng-include data-src="'partials/claims.html'"></div>
<div class="pull-right form-actions" data-ng-show="access.manageClients">

5
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/oauth-client-detail.html
View file

@ -35,6 +35,7 @@
<div class="col-sm-4">
<input ng-model="oauth.enabled" name="enabled" id="enabled" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="Disabled oauth clients cannot obtain access tokens." class="pficon pficon-help"></span>
</div>
<div class="form-group">
<label class="col-sm-2 control-label" for="accessType">Access Type</label>
@ -47,12 +48,14 @@
</select>
</div>
</div>
<span tooltip-placement="right" tooltip="'Confidential' oauth clients require a secret to initiate login protocol. 'Public' clients do not require a secret." class="pficon pficon-help"></span>
</div>
<div class="form-group clearfix block">
<label class="col-sm-2 control-label" for="directGrantsOnly">Direct Grants Only</label>
<div class="col-sm-4">
<input ng-model="oauth.directGrantsOnly" name="directGrantsOnly" id="directGrantsOnly" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="When enabled, client can only obtain grants from grant REST API." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-hide="oauth.directGrantsOnly">
<label class="col-sm-2 control-label" for="newRedirectUri">Redirect URI <span class="required" data-ng-show="create">*</span></label>
@ -76,6 +79,7 @@
</span>
</div>
</div>
<span tooltip-placement="right" tooltip="Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed i.e. 'http://example.com/*'. Relative path can be specified too i.e. /my/relative/path/*. Relative paths will generate a redirect URI using the request's host and port." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-hide="create">
<label class="col-sm-2 control-label" for="newWebOrigin">Web Origin</label>
@ -99,6 +103,7 @@
</span>
</div>
</div>
<span tooltip-placement="right" tooltip="Allowed CORS origins. Only useful if the client adapter has CORS processing enabled." class="pficon pficon-help"></span>
</div>
</fieldset>

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/oauth-client-installation.html
View file

@ -10,7 +10,7 @@
</ul>
<h2></h2>
<div id="content">
<h2>OAuth Client Installation</h2>
<h2>OAuth Client Installation <span tooltip-placement="right" tooltip="Helper utility for generating various client adapter configuration formats which you can download or cut and paste to configure your client applications." class="pficon pficon-help"></span></h2>
<form class="form-horizontal" name="realmForm" novalidate>
<fieldset>
<div class="form-group">

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/oauth-client-list.html
View file

@ -5,7 +5,7 @@
</ul>
<h2></h2>
<div id="content">
<h2><span>{{realm.realm}}</span> OAuth Clients</h2>
<h2><span>{{realm.realm}}</span> OAuth Clients <span tooltip-placement="right" tooltip="OAuth clients are like applicatoins, but are only granted temporary access. In browser apps, users will be queried to explicitly grant access." class="pficon pficon-help"></span></h2>
<table class="table table-striped table-bordered">
<thead>
<tr>

1
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/oauth-client-revocation.html
View file

@ -18,6 +18,7 @@
<div class="col-sm-4">
<input ng-disabled="true" class="form-control" type="text" id="notBefore" name="notBefore" data-ng-model="notBefore" autofocus>
</div>
<span tooltip-placement="right" tooltip="Revoke any tokens issued before this date for this client." class="pficon pficon-help"></span>
</div>
</fieldset>
<div class="pull-right form-actions" data-ng-show="access.manageApplications">

30
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/oauth-client-scope-mappings.html
View file

@ -11,7 +11,7 @@
</ul>
<h2></h2>
<div id="content">
<h2><span>{{oauth.name}}</span> Scope Mappings</h2>
<h2><span>{{oauth.name}}</span> Scope Mappings <span tooltip-placement="right" tooltip="Scope mappings allow you to restrict which user role mappings are included within the access token requested by the client." class="pficon pficon-help"></span></h2>
<p class="subtitle"></p>
<form class="form-horizontal" name="allowScope" novalidate kc-read-only="!access.manageClients">
<fieldset class="border-top">
@ -20,16 +20,17 @@
<div class="col-sm-4">
<input ng-model="oauth.fullScopeAllowed" ng-click="changeFullScopeAllowed()" name="fullScopeAllowed" id="fullScopeAllowed" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="Allows you to disable all restrictions." class="pficon pficon-help"></span>
</div>
</fieldset>
</form>
<form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageClients" data-ng-show="!oauth.fullScopeAllowed">
<fieldset>
<legend><span class="text">Realm Roles</span></legend>
<legend><span class="text">Realm Roles</span> <span tooltip-placement="right" tooltip="Realm level roles assigned to scope." class="pficon pficon-help"></span></legend>
<div class="form-group col-sm-10">
<div class="controls changing-selectors">
<div class="select-title">
<label class="control-label" for="available">Available Roles</label>
<label class="control-label" for="available">Available Roles <span tooltip-placement="right" tooltip="Realm level roles that can be assigned to scope." class="pficon pficon-help"></span></label>
<select id="available" class="form-control" multiple size="5"
ng-multiple="true"
ng-model="selectedRealmRoles"
@ -37,15 +38,15 @@
</select>
</div>
<div class="middle-buttons kc-vertical">
<button class="btn btn-default" type="submit" ng-click="addRealmRole()" tooltip="Move right" tooltip-placement="right">
<span class="kc-icon-arrow-right">Move right</span>
<button class="btn btn-default" type="submit" ng-click="addRealmRole()" tooltip="Assign role" tooltip-placement="right">
<span class="kc-icon-arrow-right">Assign role</span>
</button>
<button class="btn btn-default" type="submit" ng-click="deleteRealmRole()" tooltip="Move left" tooltip-placement="left">
<span class="kc-icon-arrow-left">Move left</span>
<button class="btn btn-default" type="submit" ng-click="deleteRealmRole()" tooltip="Unassign role" tooltip-placement="left">
<span class="kc-icon-arrow-left">Unassign role</span>
</button>
</div>
<div class="select-title">
<label class="control-label" for="assigned">Assigned Roles</label>
<label class="control-label" for="assigned">Assigned Roles <span tooltip-placement="right" tooltip="Realm level roles assigned to scope." class="pficon pficon-help"></span></label>
<select id="assigned" class="form-control" multiple size=5
ng-multiple="true"
ng-model="selectedRealmMappings"
@ -56,7 +57,7 @@
-
</div>
<div class="select-title">
<label class="control-label" for="realm-composite">Effective Roles</label>
<label class="control-label" for="realm-composite">Effective Roles <span tooltip-placement="right" tooltip="Assigned realm level roles that may have been inherited from a composite role." class="pficon pficon-help"></span></label>
<select id="realm-composite" class="form-control" multiple size=5
ng-disabled="true"
ng-model="dummymodel"
@ -80,11 +81,12 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Select an application to view or modify additional roles to assign." class="pficon pficon-help"></span>
</div>
<div class="form-group" data-ng-show="targetApp">
<div class="controls changing-selectors col-sm-10">
<div class="select-title">
<label class="control-label" for="app-available">Available Roles</label>
<label class="control-label" for="app-available">Available Roles <span tooltip-placement="right" tooltip="Application roles available to be assigned." class="pficon pficon-help"></span></label>
<select id="app-available" class="form-control" multiple size="5"
ng-multiple="true"
ng-model="selectedApplicationRoles"
@ -92,15 +94,15 @@
</select>
</div>
<div class="middle-buttons kc-vertical">
<button class="btn btn-default" type="submit" ng-click="addApplicationRole()" tooltip="Move right" tooltip-placement="right">
<button class="btn btn-default" type="submit" ng-click="addApplicationRole()" tooltip="Assign role" tooltip-placement="right">
<span class="kc-icon-arrow-right">Move right</span>
</button>
<button class="btn btn-default" type="submit" ng-click="deleteApplicationRole()" tooltip="Move left" tooltip-placement="left">
<button class="btn btn-default" type="submit" ng-click="deleteApplicationRole()" tooltip="Unassign role" tooltip-placement="left">
<span class="kc-icon-arrow-left">Move left</span>
</button>
</div>
<div class="select-title">
<label class="control-label" for="app-assigned">Assigned Roles</label>
<label class="control-label" for="app-assigned">Assigned Roles <span tooltip-placement="right" tooltip="Assigned application roles." class="pficon pficon-help"></span></label>
<select id="app-assigned" class="form-control" multiple size=5
ng-multiple="true"
ng-model="selectedApplicationMappings"
@ -111,7 +113,7 @@
-
</div>
<div class="select-title">
<label class="control-label" for="app-composite">Effective Roles</label>
<label class="control-label" for="app-composite">Effective Roles <span tooltip-placement="right" tooltip="Assigned application roles that may have been inherited from a composite role." class="pficon pficon-help"></span></label>
<select id="app-composite" class="form-control" multiple size=5
ng-disabled="true"
ng-model="dummymodel"

4
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-credentials.html
View file

@ -7,7 +7,7 @@
<h2><span>{{realm.realm}}</span> Credentials</h2>
<form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">
<fieldset class="border-top">
<legend><span class="text">Realm Credentials Settings</span></legend>
<legend><span class="text">Realm Credentials Settings</span> <span tooltip-placement="right" tooltip="Credential types required for every user. Changing this value may require the user to configure any new credentials the next time they log in." class="pficon pficon-help"></span></legend>
<div class="form-group">
<label class="col-sm-2 control-label" for="user" class="control-label two-lines">Required User Credentials</label>
@ -17,7 +17,7 @@
</div>
</fieldset>
<fieldset class="border-top">
<legend><span class="text">Realm Password Policy</span> <span tooltip-placement="right" tooltip="Specify required password format. How many times a password is hashed before it is stored in database can be set as well." class="pficon pficon-help"></span></legend>
<legend><span class="text">Realm Password Policy</span> <span tooltip-placement="right" tooltip="Specify required password format. You can also set how many times a password is hashed before it is stored in database." class="pficon pficon-help"></span></legend>
<table class="table table-striped table-bordered">
<caption class="hidden">Table of Password Policies</caption>
<thead>

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-default-roles.html
View file

@ -51,9 +51,9 @@
<option value="" selected> Select an Application...</option>
</select>
</div>
<span tooltip-placement="right" tooltip="Select an application to view/modify assigned default roles." class="pficon pficon-help"></span>
</div>
</div>
<span tooltip-placement="right" tooltip="Select an application to view/modify assigned default roles." class="pficon pficon-help"></span>
</div>
<div class="form-group" ng-show="application">
<div class="controls changing-selectors col-sm-10">

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-keys.html
View file

@ -3,7 +3,7 @@
<data-kc-navigation data-kc-current="keys" data-kc-realm="realm.realm" data-kc-social="realm.social"></data-kc-navigation>
<h2></h2>
<div id="content">
<h2><span>{{realm.realm}}</span> Realm Public Key <span tooltip-placement="right" tooltip="Public key for verifying signed tokens and other documents." class="pficon pficon-help"></span></h2>
<h2><span>{{realm.realm}}</span> Realm Public Key <span tooltip-placement="right" tooltip="Realm's public key. This is used to verify any signed tokens or documents created by the realm." class="pficon pficon-help"></span></h2>
<form class="form-horizontal" name="realmForm" novalidate kc-read-only="!access.manageRealm">
<fieldset class="border-top">
<div class="form-group">

39
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-tokens.html
View file

@ -12,14 +12,14 @@
<fieldset class="border-top">
<div class="form-group input-select">
<label class="col-sm-2 control-label" for="ssoSessionIdleTimeout">SSO Session Idle Timeout</label>
<div class="col-sm-10">
<div class="col-sm-5">
<div class="row">
<div class="col-sm-2">
<div class="col-sm-4">
<input class="form-control" type="number" required min="1"
max="31536000" data-ng-model="realm.ssoSessionIdleTimeout"
id="ssoSessionIdleTimeout" name="ssoSessionIdleTimeout"/>
</div>
<div class="col-sm-2 select-kc">
<div class="col-sm-4 select-kc">
<select name="ssoSessionIdleTimeoutUnit" data-ng-model="realm.ssoSessionIdleTimeoutUnit" >
<option data-ng-selected="!realm.ssoSessionIdleTimeoutUnit">Seconds</option>
<option>Minutes</option>
@ -29,17 +29,18 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Time a session is allowed to be idle before it expires. Tokens and browser sessions are invalidated when a session is expired." class="pficon pficon-help"></span>
</div>
<div class="form-group input-select">
<label class="col-sm-2 control-label" for="ssoSessionMaxLifespan">SSO Session Max Lifespan</label>
<div class="col-sm-10">
<div class="col-sm-5">
<div class="row">
<div class="col-sm-2">
<div class="col-sm-4">
<input class="form-control" type="number" required min="1"
max="31536000" data-ng-model="realm.ssoSessionMaxLifespan"
id="ssoSessionMaxLifespan" name="ssoSessionMaxLifespan"/>
</div>
<div class="col-sm-2 select-kc">
<div class="col-sm-4 select-kc">
<select name="ssoSessionMaxLifespanUnit" data-ng-model="realm.ssoSessionMaxLifespanUnit" >
<option data-ng-selected="!realm.ssoSessionMaxLifespanUnit">Seconds</option>
<option>Minutes</option>
@ -49,17 +50,18 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Max time before a session is expired. Tokens and browser sessions are invalidated when a session is expired." class="pficon pficon-help"></span>
</div>
<div class="form-group input-select">
<label class="col-sm-2 control-label" for="accessTokenLifespan">Access Token Lifespan</label>
<div class="col-sm-10">
<div class="col-sm-5">
<div class="row">
<div class="col-sm-2">
<div class="col-sm-4">
<input class="form-control" type="number" required min="1"
max="31536000" data-ng-model="realm.accessTokenLifespan"
id="accessTokenLifespan" name="accessTokenLifespan"/>
</div>
<div class="col-sm-2 select-kc">
<div class="col-sm-4 select-kc">
<select name="accessTokenLifespanUnit" data-ng-model="realm.accessTokenLifespanUnit" >
<option data-ng-selected="!realm.accessTokenLifespanUnit">Seconds</option>
<option>Minutes</option>
@ -69,15 +71,16 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout." class="pficon pficon-help"></span>
</div>
<div class="form-group">
<label class="col-sm-2 control-label" for="accessCodeLifespan">Access code lifespan</label>
<div class="col-sm-10">
<label class="col-sm-2 control-label" for="accessCodeLifespan">Client login timeout</label>
<div class="col-sm-5">
<div class="row">
<div class="col-sm-2">
<div class="col-sm-4">
<input class="form-control" type="number" required min="1" max="31536000" data-ng-model="realm.accessCodeLifespan" id="accessCodeLifespan" name="accessCodeLifespan">
</div>
<div class="col-sm-2 select-kc">
<div class="col-sm-4 select-kc">
<select name="accessCodeLifespanUnit" data-ng-model="realm.accessCodeLifespanUnit">
<option data-ng-selected="!realm.accessCodeLifespanUnit">Seconds</option>
<option>Minutes</option>
@ -87,15 +90,16 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Max time an application or oauth client has to finish the access token protocol. This should normally be 1 minute." class="pficon pficon-help"></span>
</div>
<div class="form-group input-select">
<label class="col-sm-2 control-label" for="accessCodeLifespanUserAction" class="two-lines">Access code user action lifespan</label>
<div class="col-sm-10">
<label class="col-sm-2 control-label" for="accessCodeLifespanUserAction" class="two-lines">Login user action lifespan</label>
<div class="col-sm-5">
<div class="row">
<div class="col-sm-2">
<div class="col-sm-4">
<input class="form-control" type="number" required min="1" max="31536000" data-ng-model="realm.accessCodeLifespanUserAction" id="accessCodeLifespanUserAction" name="accessCodeLifespanUserAction">
</div>
<div class="col-sm-2 select-kc">
<div class="col-sm-4 select-kc">
<select name="accessCodeLifespanUserActionUnit" data-ng-model="realm.accessCodeLifespanUserActionUnit">
<option data-ng-selected="!realm.accessCodeLifespanUserActionUnit">Seconds</option>
<option>Minutes</option>
@ -105,6 +109,7 @@
</div>
</div>
</div>
<span tooltip-placement="right" tooltip="Max time a user has to complete a login and perform actions like update password or configure totp. This is recommended to be relatively long. 5 minutes or more." class="pficon pficon-help"></span>
</div>
</fieldset>
<div class="pull-right form-actions" data-ng-show="access.manageRealm">

15
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/user-credentials.html
View file

@ -18,24 +18,25 @@
<legend><span class="text">Credential Management</span></legend>
<div class="form-group">
<label class="col-sm-2 control-label" for="password">Reset password</label>
<div class="col-sm-4 kc-multiline">
<input class="form-control" type="password" id="password" name="password" data-ng-model="password" placeholder="Temporary password" required>
<div class="col-sm-6 kc-multiline">
<input class="form-control" type="password" id="password" name="password" data-ng-model="password" placeholder="New password" required>
<input class="form-control" type="password" id="confirmPassword" name="confirmPassword" data-ng-model="confirmPassword" placeholder="Password confirmation" required>
<button class="btn btn-danger" type="submit" data-ng-click="resetPassword()" data-ng-show="password">Reset Password</button>
<button class="btn btn-danger" type="submit" data-ng-click="resetPassword(true)" data-ng-show="password" tooltip="Temporary reset of password. User will be asked to change it when they log in." tooltip-placement="left">Reset Password</button>
<button class="btn btn-danger" type="submit" data-ng-click="resetPassword(false)" data-ng-show="password" tooltip="Change the password of the user." tooltip-placement="right">Change Password</button>
</div>
</div>
<div class="form-group" data-ng-show="user.email">
<label class="col-sm-2 control-label" for="password">Reset password email</label>
<div class="col-sm-4">
<button class="btn btn-danger" type="submit" data-ng-click="resetPasswordEmail()" >Send Email</button>
<div class="col-sm-5">
<button class="btn btn-danger" type="submit" data-ng-click="resetPasswordEmail()" tooltip="Send an email to user with a link to reset their password" tooltip-placement="right">Send Email</button>
</div>
</div>
<div class="form-group" data-ng-show="user.totp">
<label class="col-sm-2 control-label" for="password">Remove totp</label>
<div class="col-sm-4" data-ng-show="user.totp">
<button class="btn btn-danger" type="submit" data-ng-click="removeTotp()">Remove TOTP</button>
<div class="col-sm-5" data-ng-show="user.totp">
<button class="btn btn-danger" type="submit" data-ng-click="removeTotp()" tooltip="Remove one time password generator for user." tooltip-placement="right">Remove TOTP</button>
</div>
</div>
</fieldset>

19
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/user-detail.html
View file

@ -23,14 +23,14 @@
<fieldset class="border-top">
<div class="form-group">
<label class="col-sm-2 control-label"for="id">ID</label>
<div class="col-sm-4">
<div class="col-sm-5">
<input class="form-control" type="text" id="id" name="id" data-ng-model="user.id" autofocus data-ng-readonly="true">
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label"for="username">Username <span class="required" data-ng-show="create">*</span></label>
<div class="col-sm-4">
<div class="col-sm-5">
<!-- Characters >,<,/,\ are forbidden in username -->
<input class="form-control" type="text" id="username" name="username" data-ng-model="user.username" autofocus
required ng-pattern="/^[^\<\>\\\/]*$/">
@ -40,7 +40,7 @@
<div class="form-group">
<label class="col-sm-2 control-label" for="email">Email</label>
<div class="col-sm-4">
<div class="col-sm-5">
<input class="form-control" type="email" name="email" id="email"
data-ng-model="user.email">
</div>
@ -48,7 +48,7 @@
<div class="form-group">
<label class="col-sm-2 control-label" for="firstName">First Name</label>
<div class="col-sm-4">
<div class="col-sm-5">
<input class="form-control" type="text" name="firstName" id="firstName"
data-ng-model="user.firstName">
</div>
@ -56,7 +56,7 @@
<div class="form-group">
<label class="col-sm-2 control-label" for="lastName">Last Name</label>
<div class="col-sm-4">
<div class="col-sm-5">
<input class="form-control" type="text" name="lastName" id="lastName"
data-ng-model="user.lastName">
</div>
@ -64,22 +64,23 @@
<div class="form-group clearfix block">
<label class="col-sm-2 control-label" for="userEnabled">User Enabled</label>
<div class="col-sm-4">
<div class="col-sm-5">
<input ng-model="user.enabled" name="userEnabled" id="userEnabled" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="A disabled user cannot login." class="pficon pficon-help"></span>
</div>
<div class="form-group clearfix block" data-ng-show="!create && user.federationLink">
<label class="col-sm-2 control-label" for="userEnabled">Federation Link</label>
<div class="col-sm-4">
<div class="col-sm-5">
<a href="{{federationLink}}">{{federationLinkName}}</a>
</div>
</div>
<div class="form-group clearfix block">
<label class="col-sm-2 control-label" for="emailVerified">Email verified</label>
<div class="col-sm-4">
<div class="col-sm-5">
<input ng-model="user.emailVerified" name="emailVerified" id="emailVerified" onoffswitch />
</div>
<span tooltip-placement="right" tooltip="Has the user's email been verified?" class="pficon pficon-help"></span>
</div>
<div class="form-group clearfix">
<label class="col-sm-2 control-label" for="reqActions">Required User Actions</label>
@ -89,7 +90,7 @@
<option ng-repeat="action in userReqActionList" value="{{action.id}}">{{action.text}}</option>
</select>
</div>
<span tooltip-placement="right" tooltip="Require an action when the user logs in. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator." class="pficon pficon-help"></span>
<span tooltip-placement="right" tooltip="Require an action when the user logs in. 'Verify email' sends an email to the user to verify their email address. 'Update profile' requires user to enter in new personal information. 'Update password' requires user to enter in a new password. 'Configure TOTP' requires setup of a mobile password generator." class="pficon pficon-help"></span>
</div>
</fieldset>
<div class="pull-right form-actions" data-ng-show="create && access.manageUsers">

2
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/user-list.html
View file

@ -36,7 +36,7 @@
</tr>
</tr>
</thead>
<tfoot data-ng-hide="!users || users.length == 0">
<tfoot data-ng-show="users && users.length > 5">
<tr>
<td colspan="7">
<div class="table-nav">

2
services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
View file

@ -775,7 +775,7 @@ public class UsersResource {
UserCredentialModel cred = RepresentationToModel.convertCredential(pass);
session.users().updateCredential(realm, user, cred);
user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
if (pass.isTemporary()) user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
}
/**