Erik Jan de Wit
GitHub
parent
78bdf2d2ec
commit
6857d62545
4 changed files with 59 additions and 0 deletions
|
|
@ -68,6 +68,7 @@ import {
|
||||||
} from "./routes/AuthenticationTab";
|
} from "./routes/AuthenticationTab";
|
||||||
import { toClientScopesTab } from "./routes/ClientScopeTab";
|
import { toClientScopesTab } from "./routes/ClientScopeTab";
|
||||||
import { AuthorizationExport } from "./authorization/AuthorizationExport";
|
import { AuthorizationExport } from "./authorization/AuthorizationExport";
|
||||||
|
import { arrayToAttributes } from "../components/attribute-form/attribute-convert";
|
||||||
|
|
||||||
type ClientDetailHeaderProps = {
|
type ClientDetailHeaderProps = {
|
||||||
onChange: (value: boolean) => void;
|
onChange: (value: boolean) => void;
|
||||||
|
|
@ -222,6 +223,14 @@ export default function ClientDetails() {
|
||||||
"attributes.request.uris",
|
"attributes.request.uris",
|
||||||
stringToMultiline(client.attributes?.["request.uris"])
|
stringToMultiline(client.attributes?.["request.uris"])
|
||||||
);
|
);
|
||||||
|
if (client.attributes?.["acr.loa.map"]) {
|
||||||
|
form.setValue(
|
||||||
|
"attributes.acr.loa.map",
|
||||||
|
Object.entries(JSON.parse(client.attributes["acr.loa.map"])).flatMap(
|
||||||
|
([key, value]) => ({ key, value })
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
useFetch(
|
useFetch(
|
||||||
|
|
@ -263,6 +272,12 @@ export default function ClientDetails() {
|
||||||
const submittedClient =
|
const submittedClient =
|
||||||
convertFormValuesToObject<ClientRepresentation>(values);
|
convertFormValuesToObject<ClientRepresentation>(values);
|
||||||
|
|
||||||
|
if (submittedClient.attributes?.["acr.loa.map"]) {
|
||||||
|
submittedClient.attributes["acr.loa.map"] = JSON.stringify(
|
||||||
|
arrayToAttributes(submittedClient.attributes["acr.loa.map"])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const newClient: ClientRepresentation = {
|
const newClient: ClientRepresentation = {
|
||||||
...client,
|
...client,
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@ import { FormAccess } from "../../components/form-access/FormAccess";
|
||||||
import { HelpItem } from "../../components/help-enabler/HelpItem";
|
import { HelpItem } from "../../components/help-enabler/HelpItem";
|
||||||
import { TimeSelector } from "../../components/time-selector/TimeSelector";
|
import { TimeSelector } from "../../components/time-selector/TimeSelector";
|
||||||
import { TokenLifespan } from "./TokenLifespan";
|
import { TokenLifespan } from "./TokenLifespan";
|
||||||
|
import { AttributeInput } from "../../components/attribute-input/AttributeInput";
|
||||||
|
|
||||||
type AdvancedSettingsProps = {
|
type AdvancedSettingsProps = {
|
||||||
control: Control<Record<string, any>>;
|
control: Control<Record<string, any>>;
|
||||||
|
|
@ -130,6 +131,43 @@ export const AdvancedSettings = ({
|
||||||
)}
|
)}
|
||||||
/>
|
/>
|
||||||
</FormGroup>
|
</FormGroup>
|
||||||
|
<FormGroup
|
||||||
|
label={t("pushedAuthorizationRequestRequired")}
|
||||||
|
fieldId="pushedAuthorizationRequestRequired"
|
||||||
|
labelIcon={
|
||||||
|
<HelpItem
|
||||||
|
helpText="clients-help:pushedAuthorizationRequestRequired"
|
||||||
|
fieldLabelId="clients:pushedAuthorizationRequestRequired"
|
||||||
|
/>
|
||||||
|
}
|
||||||
|
>
|
||||||
|
<Controller
|
||||||
|
name="attributes.require.pushed.authorization.requests"
|
||||||
|
defaultValue="false"
|
||||||
|
control={control}
|
||||||
|
render={({ onChange, value }) => (
|
||||||
|
<Switch
|
||||||
|
id="pushedAuthorizationRequestRequired"
|
||||||
|
label={t("common:on")}
|
||||||
|
labelOff={t("common:off")}
|
||||||
|
isChecked={value === "true"}
|
||||||
|
onChange={(value) => onChange(value.toString())}
|
||||||
|
/>
|
||||||
|
)}
|
||||||
|
/>
|
||||||
|
</FormGroup>
|
||||||
|
<FormGroup
|
||||||
|
label={t("acrToLoAMapping")}
|
||||||
|
fieldId="acrToLoAMapping"
|
||||||
|
labelIcon={
|
||||||
|
<HelpItem
|
||||||
|
helpText="clients-help:acrToLoAMapping"
|
||||||
|
fieldLabelId="clients:acrToLoAMapping"
|
||||||
|
/>
|
||||||
|
}
|
||||||
|
>
|
||||||
|
<AttributeInput name="attributes.acr.loa.map" />
|
||||||
|
</FormGroup>
|
||||||
</>
|
</>
|
||||||
)}
|
)}
|
||||||
<ActionGroup>
|
<ActionGroup>
|
||||||
|
|
|
||||||
|
|
@ -176,6 +176,10 @@ export default {
|
||||||
"This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.",
|
"This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.",
|
||||||
keyForCodeExchange:
|
keyForCodeExchange:
|
||||||
"Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.",
|
"Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.",
|
||||||
|
pushedAuthorizationRequestRequired:
|
||||||
|
"Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method.",
|
||||||
|
acrToLoAMapping:
|
||||||
|
"Define which ACR (Authentication Context Class Reference) value is mapped to which LoA (Level of Authentication). The ACR can be any value, whereas the LoA must be numeric.",
|
||||||
assertionConsumerServicePostBindingURL:
|
assertionConsumerServicePostBindingURL:
|
||||||
"SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.",
|
"SAML POST Binding URL for the client's assertion consumer service (login responses). You can leave this blank if you do not have a URL for this binding.",
|
||||||
assertionConsumerServiceRedirectBindingURL:
|
assertionConsumerServiceRedirectBindingURL:
|
||||||
|
|
|
||||||
|
|
@ -529,6 +529,8 @@ export default {
|
||||||
accessTokenLifespan: "Access Token Lifespan",
|
accessTokenLifespan: "Access Token Lifespan",
|
||||||
oAuthMutual: "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled",
|
oAuthMutual: "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled",
|
||||||
keyForCodeExchange: "Proof Key for Code Exchange Code Challenge Method",
|
keyForCodeExchange: "Proof Key for Code Exchange Code Challenge Method",
|
||||||
|
pushedAuthorizationRequestRequired: "Pushed authorization request required",
|
||||||
|
acrToLoAMapping: "ACR to LoA Mapping",
|
||||||
authenticationOverrides: "Authentication flow overrides",
|
authenticationOverrides: "Authentication flow overrides",
|
||||||
browserFlow: "Browser Flow",
|
browserFlow: "Browser Flow",
|
||||||
directGrant: "Direct Grant Flow",
|
directGrant: "Direct Grant Flow",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue