From 26ec117b5e1f99517075f656558dacc9b0c3b22a Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Tue, 26 Jan 2016 11:08:55 +0100 Subject: [PATCH] KEYCLOAK-1341 Admins can change sso timeout to 1 second and then not able to login --- .../admin/resources/js/controllers/realm.js | 87 ++++--------------- .../theme/base/admin/resources/js/services.js | 45 ++++++++++ .../resources/partials/realm-tokens.html | 40 ++++----- 3 files changed, 79 insertions(+), 93 deletions(-) diff --git a/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js b/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js index f300616aa4..d05e01a9eb 100755 --- a/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js +++ b/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js @@ -947,58 +947,17 @@ module.controller('RealmIdentityProviderExportCtrl', function(realm, identityPro } }); -module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http, $location, $route, Dialog, Notifications, TimeUnit) { - console.log('RealmTokenDetailCtrl'); - +module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http, $location, $route, Dialog, Notifications, TimeUnit, TimeUnit2) { $scope.realm = realm; - $scope.realm.accessTokenLifespanUnit = TimeUnit.autoUnit(realm.accessTokenLifespan); - $scope.realm.accessTokenLifespan = TimeUnit.toUnit(realm.accessTokenLifespan, $scope.realm.accessTokenLifespanUnit); - $scope.$watch('realm.accessTokenLifespanUnit', function(to, from) { - $scope.realm.accessTokenLifespan = TimeUnit.convert($scope.realm.accessTokenLifespan, from, to); - }); - - $scope.realm.accessTokenLifespanForImplicitFlowUnit = TimeUnit.autoUnit(realm.accessTokenLifespanForImplicitFlow); - $scope.realm.accessTokenLifespanForImplicitFlow = TimeUnit.toUnit(realm.accessTokenLifespanForImplicitFlow, $scope.realm.accessTokenLifespanForImplicitFlowUnit); - $scope.$watch('realm.accessTokenLifespanForImplicitFlowUnit', function(to, from) { - $scope.realm.accessTokenLifespanForImplicitFlow = TimeUnit.convert($scope.realm.accessTokenLifespanForImplicitFlow, from, to); - }); - - $scope.realm.ssoSessionIdleTimeoutUnit = TimeUnit.autoUnit(realm.ssoSessionIdleTimeout); - $scope.realm.ssoSessionIdleTimeout = TimeUnit.toUnit(realm.ssoSessionIdleTimeout, $scope.realm.ssoSessionIdleTimeoutUnit); - $scope.$watch('realm.ssoSessionIdleTimeoutUnit', function(to, from) { - $scope.realm.ssoSessionIdleTimeout = TimeUnit.convert($scope.realm.ssoSessionIdleTimeout, from, to); - }); - - $scope.realm.ssoSessionMaxLifespanUnit = TimeUnit.autoUnit(realm.ssoSessionMaxLifespan); - $scope.realm.ssoSessionMaxLifespan = TimeUnit.toUnit(realm.ssoSessionMaxLifespan, $scope.realm.ssoSessionMaxLifespanUnit); - $scope.$watch('realm.ssoSessionMaxLifespanUnit', function(to, from) { - $scope.realm.ssoSessionMaxLifespan = TimeUnit.convert($scope.realm.ssoSessionMaxLifespan, from, to); - }); - - $scope.realm.offlineSessionIdleTimeoutUnit = TimeUnit.autoUnit(realm.offlineSessionIdleTimeout); - $scope.realm.offlineSessionIdleTimeout = TimeUnit.toUnit(realm.offlineSessionIdleTimeout, $scope.realm.offlineSessionIdleTimeoutUnit); - $scope.$watch('realm.offlineSessionIdleTimeoutUnit', function(to, from) { - $scope.realm.offlineSessionIdleTimeout = TimeUnit.convert($scope.realm.offlineSessionIdleTimeout, from, to); - }); - - $scope.realm.accessCodeLifespanUnit = TimeUnit.autoUnit(realm.accessCodeLifespan); - $scope.realm.accessCodeLifespan = TimeUnit.toUnit(realm.accessCodeLifespan, $scope.realm.accessCodeLifespanUnit); - $scope.$watch('realm.accessCodeLifespanUnit', function(to, from) { - $scope.realm.accessCodeLifespan = TimeUnit.convert($scope.realm.accessCodeLifespan, from, to); - }); - - $scope.realm.accessCodeLifespanLoginUnit = TimeUnit.autoUnit(realm.accessCodeLifespanLogin); - $scope.realm.accessCodeLifespanLogin = TimeUnit.toUnit(realm.accessCodeLifespanLogin, $scope.realm.accessCodeLifespanLoginUnit); - $scope.$watch('realm.accessCodeLifespanLoginUnit', function(to, from) { - $scope.realm.accessCodeLifespanLogin = TimeUnit.convert($scope.realm.accessCodeLifespanLogin, from, to); - }); - - $scope.realm.accessCodeLifespanUserActionUnit = TimeUnit.autoUnit(realm.accessCodeLifespanUserAction); - $scope.realm.accessCodeLifespanUserAction = TimeUnit.toUnit(realm.accessCodeLifespanUserAction, $scope.realm.accessCodeLifespanUserActionUnit); - $scope.$watch('realm.accessCodeLifespanUserActionUnit', function(to, from) { - $scope.realm.accessCodeLifespanUserAction = TimeUnit.convert($scope.realm.accessCodeLifespanUserAction, from, to); - }); + $scope.realm.accessTokenLifespan = TimeUnit2.asUnit(realm.accessTokenLifespan); + $scope.realm.accessTokenLifespanForImplicitFlow = TimeUnit2.asUnit(realm.accessTokenLifespanForImplicitFlow); + $scope.realm.ssoSessionIdleTimeout = TimeUnit2.asUnit(realm.ssoSessionIdleTimeout); + $scope.realm.ssoSessionMaxLifespan = TimeUnit2.asUnit(realm.ssoSessionMaxLifespan); + $scope.realm.offlineSessionIdleTimeout = TimeUnit2.asUnit(realm.offlineSessionIdleTimeout); + $scope.realm.accessCodeLifespan = TimeUnit2.asUnit(realm.accessCodeLifespan); + $scope.realm.accessCodeLifespanLogin = TimeUnit2.asUnit(realm.accessCodeLifespanLogin); + $scope.realm.accessCodeLifespanUserAction = TimeUnit2.asUnit(realm.accessCodeLifespanUserAction); var oldCopy = angular.copy($scope.realm); $scope.changed = false; @@ -1010,26 +969,16 @@ module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http, }, true); $scope.save = function() { - var realmCopy = angular.copy($scope.realm); - delete realmCopy["accessTokenLifespanUnit"]; - delete realmCopy["accessTokenLifespanForImplicitFlowUnit"]; - delete realmCopy["ssoSessionMaxLifespanUnit"]; - delete realmCopy["offlineSessionIdleTimeoutUnit"]; - delete realmCopy["accessCodeLifespanUnit"]; - delete realmCopy["ssoSessionIdleTimeoutUnit"]; - delete realmCopy["accessCodeLifespanUserActionUnit"]; - delete realmCopy["accessCodeLifespanLoginUnit"]; + $scope.realm.accessTokenLifespan = $scope.realm.accessTokenLifespan.toSeconds(); + $scope.realm.accessTokenLifespanForImplicitFlow = $scope.realm.accessTokenLifespanForImplicitFlow.toSeconds(); + $scope.realm.ssoSessionIdleTimeout = $scope.realm.ssoSessionIdleTimeout.toSeconds(); + $scope.realm.ssoSessionMaxLifespan = $scope.realm.ssoSessionMaxLifespan.toSeconds(); + $scope.realm.offlineSessionIdleTimeout = $scope.realm.offlineSessionIdleTimeout.toSeconds(); + $scope.realm.accessCodeLifespan = $scope.realm.accessCodeLifespan.toSeconds(); + $scope.realm.accessCodeLifespanUserAction = $scope.realm.accessCodeLifespanUserAction.toSeconds(); + $scope.realm.accessCodeLifespanLogin = $scope.realm.accessCodeLifespanLogin.toSeconds(); - realmCopy.accessTokenLifespan = TimeUnit.toSeconds($scope.realm.accessTokenLifespan, $scope.realm.accessTokenLifespanUnit) - realmCopy.accessTokenLifespanForImplicitFlow = TimeUnit.toSeconds($scope.realm.accessTokenLifespanForImplicitFlow, $scope.realm.accessTokenLifespanForImplicitFlowUnit) - realmCopy.ssoSessionIdleTimeout = TimeUnit.toSeconds($scope.realm.ssoSessionIdleTimeout, $scope.realm.ssoSessionIdleTimeoutUnit) - realmCopy.ssoSessionMaxLifespan = TimeUnit.toSeconds($scope.realm.ssoSessionMaxLifespan, $scope.realm.ssoSessionMaxLifespanUnit) - realmCopy.offlineSessionIdleTimeout = TimeUnit.toSeconds($scope.realm.offlineSessionIdleTimeout, $scope.realm.offlineSessionIdleTimeoutUnit) - realmCopy.accessCodeLifespan = TimeUnit.toSeconds($scope.realm.accessCodeLifespan, $scope.realm.accessCodeLifespanUnit) - realmCopy.accessCodeLifespanUserAction = TimeUnit.toSeconds($scope.realm.accessCodeLifespanUserAction, $scope.realm.accessCodeLifespanUserActionUnit) - realmCopy.accessCodeLifespanLogin = TimeUnit.toSeconds($scope.realm.accessCodeLifespanLogin, $scope.realm.accessCodeLifespanLoginUnit) - - Realm.update(realmCopy, function () { + Realm.update($scope.realm, function () { $route.reload(); Notifications.success("The changes have been saved to the realm."); }); diff --git a/themes/src/main/resources/theme/base/admin/resources/js/services.js b/themes/src/main/resources/theme/base/admin/resources/js/services.js index 7939403bcd..3c9d645186 100755 --- a/themes/src/main/resources/theme/base/admin/resources/js/services.js +++ b/themes/src/main/resources/theme/base/admin/resources/js/services.js @@ -1204,6 +1204,51 @@ module.factory('TimeUnit', function() { return t; }); +module.factory('TimeUnit2', function() { + var t = {}; + + t.asUnit = function(time) { + var unit = 'Minutes'; + if (time) { + if (time < 60) { + time = 60; + } + + if (time % 60 == 0) { + unit = 'Minutes'; + time = time / 60; + } + if (time % 60 == 0) { + unit = 'Hours'; + time = time / 60; + } + if (time % 24 == 0) { + unit = 'Days' + time = time / 24; + } + } + + var v = { + unit: unit, + time: time, + toSeconds: function() { + switch (v.unit) { + case 'Minutes': + return v.time * 60; + case 'Hours': + return v.time * 3600; + case 'Days': + return v.time * 86400; + } + } + } + + return v; + } + + return t; +}); + module.factory('PasswordPolicy', function() { var p = {}; diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html b/themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html index bdfd390897..f0f9e58fb4 100755 --- a/themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html @@ -18,10 +18,9 @@
- - @@ -36,10 +35,9 @@
- @@ -53,10 +51,9 @@
- @@ -70,10 +67,9 @@
- @@ -87,10 +83,9 @@
- @@ -103,10 +98,9 @@
- - @@ -119,10 +113,9 @@
- - @@ -135,10 +128,9 @@
- -