Added missing fields (#3546)

2022-10-26 11:46:44 +02:00 · 2022-10-26 11:46:44 +02:00 · 7730509796
commit 7730509796
parent c39d1fdd14
5 changed files with 70 additions and 21 deletions
--- a/apps/admin-ui/cypress/e2e/clients_test.spec.ts
+++ b/apps/admin-ui/cypress/e2e/clients_test.spec.ts
@ -763,22 +763,22 @@ describe("Clients test", () => {

      advancedTab.clickAdvancedSwitches();
      advancedTab.jumpToAdvanced();
-      advancedTab.SelectKeyForCodeExchangeInput("S256");
+      advancedTab.selectKeyForCodeExchangeInput("S256");

      advancedTab.saveAdvanced();
      advancedTab.jumpToAdvanced();
      advancedTab.checkAdvancedSwitchesOn();
-      advancedTab.CheckKeyForCodeExchangeInput("S256");
+      advancedTab.checkKeyForCodeExchangeInput("S256");

-      advancedTab.SelectKeyForCodeExchangeInput("plain");
-      advancedTab.CheckKeyForCodeExchangeInput("plain");
+      advancedTab.selectKeyForCodeExchangeInput("plain");
+      advancedTab.checkKeyForCodeExchangeInput("plain");

      advancedTab.jumpToAdvanced();
      advancedTab.clickAdvancedSwitches();

      advancedTab.revertAdvanced();
      advancedTab.jumpToAdvanced();
-      advancedTab.CheckKeyForCodeExchangeInput("S256");
+      advancedTab.checkKeyForCodeExchangeInput("S256");
      //uncomment when revert button reverts all switches
      //and ACR to LoA Mapping + Default ACR Values
      //advancedTab.checkAdvancedSwitchesOn();
@ -786,21 +786,21 @@ describe("Clients test", () => {

    it("Authentication flow override", () => {
      advancedTab.jumpToAuthFlow();
-      advancedTab.SelectBrowserFlowInput("browser");
-      advancedTab.SelectDirectGrantInput("docker auth");
-      advancedTab.CheckBrowserFlowInput("browser");
-      advancedTab.CheckDirectGrantInput("docker auth");
+      advancedTab.selectBrowserFlowInput("browser");
+      advancedTab.selectDirectGrantInput("docker auth");
+      advancedTab.checkBrowserFlowInput("browser");
+      advancedTab.checkDirectGrantInput("docker auth");

      advancedTab.revertAuthFlowOverride();
      advancedTab.jumpToAuthFlow();
-      advancedTab.CheckBrowserFlowInput("");
-      advancedTab.CheckDirectGrantInput("");
-      advancedTab.SelectBrowserFlowInput("browser");
-      advancedTab.SelectDirectGrantInput("docker auth");
+      advancedTab.checkBrowserFlowInput("");
+      advancedTab.checkDirectGrantInput("");
+      advancedTab.selectBrowserFlowInput("browser");
+      advancedTab.selectDirectGrantInput("docker auth");

      advancedTab.saveAuthFlowOverride();
-      advancedTab.SelectBrowserFlowInput("first broker login");
-      advancedTab.SelectDirectGrantInput("first broker login");
+      advancedTab.selectBrowserFlowInput("first broker login");
+      advancedTab.selectDirectGrantInput("first broker login");
      advancedTab.revertAuthFlowOverride();
      //revert doesn't work after saving.
      //advancedTab.CheckBrowserFlowInput("browser");
--- a/apps/admin-ui/cypress/support/pages/admin_console/manage/clients/client_details/tabs/AdvancedTab.ts
+++ b/apps/admin-ui/cypress/support/pages/admin_console/manage/clients/client_details/tabs/AdvancedTab.ts
@ -217,6 +217,7 @@ export default class AdvancedTab extends PageObject {
  }

  checkAdvancedSwitchesOn() {
+    cy.get(this.oAuthMutualSwitch).scrollIntoView();
    this.assertSwitchStateOn(cy.get(this.oAuthMutualSwitch));
    this.assertSwitchStateOn(
      cy.get(this.pushedAuthorizationRequestRequiredSwitch)
@ -232,7 +233,7 @@ export default class AdvancedTab extends PageObject {
    return this;
  }

-  SelectKeyForCodeExchangeInput(input: string) {
+  selectKeyForCodeExchangeInput(input: string) {
    cy.get(this.keyForCodeExchangeInput).click();
    cy.get(this.keyForCodeExchangeInput + " + ul")
      .contains(input)
@ -240,7 +241,7 @@ export default class AdvancedTab extends PageObject {
    return this;
  }

-  CheckKeyForCodeExchangeInput(input: string) {
+  checkKeyForCodeExchangeInput(input: string) {
    cy.get(this.keyForCodeExchangeInput).should("have.text", input);
    return this;
  }
@ -260,7 +261,7 @@ export default class AdvancedTab extends PageObject {
    return this;
  }

-  SelectBrowserFlowInput(input: string) {
+  selectBrowserFlowInput(input: string) {
    cy.get(this.browserFlowInput).click();
    cy.get(this.browserFlowInput + " + ul")
      .contains(input)
@ -268,7 +269,7 @@ export default class AdvancedTab extends PageObject {
    return this;
  }

-  SelectDirectGrantInput(input: string) {
+  selectDirectGrantInput(input: string) {
    cy.get(this.directGrantInput).click();
    cy.get(this.directGrantInput + " + ul")
      .contains(input)
@ -276,12 +277,12 @@ export default class AdvancedTab extends PageObject {
    return this;
  }

-  CheckBrowserFlowInput(input: string) {
+  checkBrowserFlowInput(input: string) {
    cy.get(this.browserFlowInput).should("have.text", input);
    return this;
  }

-  CheckDirectGrantInput(input: string) {
+  checkDirectGrantInput(input: string) {
    cy.get(this.directGrantInput).should("have.text", input);
    return this;
  }
--- a/apps/admin-ui/public/resources/en/clients-help.json
+++ b/apps/admin-ui/public/resources/en/clients-help.json
@ -97,6 +97,10 @@
  "advancedSettingsSaml": "This section is used to configure advanced settings of this client",
  "assertionLifespan": "Lifespan set in the SAML assertion conditions. After that time the assertion will be invalid. The \"SessionNotOnOrAfter\" attribute is not modified and continue using the \"SSO Session Max\" time defined at realm level.",
  "accessTokenLifespan": "Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout.",
+  "clientSessionIdle": "Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.",
+  "clientSessionMax": "Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.",
+  "clientOfflineSessionIdle": "Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.",
+  "clientOfflineSessionMax": "Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.",
  "oAuthMutual": "This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.",
  "keyForCodeExchange": "Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.",
  "pushedAuthorizationRequestRequired": "Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method.",
--- a/apps/admin-ui/public/resources/en/clients.json
+++ b/apps/admin-ui/public/resources/en/clients.json
@ -479,6 +479,10 @@
  "advancedSettings": "Advanced Settings",
  "assertionLifespan": "Assertion Lifespan",
  "accessTokenLifespan": "Access Token Lifespan",
+  "clientSessionIdle": "Client Session Idle",
+  "clientSessionMax": "Client Session Max",
+  "clientOfflineSessionIdle": "Client Offline Session Idle",
+  "clientOfflineSessionMax": "Client Offline Session Max",
  "oAuthMutual": "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled",
  "keyForCodeExchange": "Proof Key for Code Exchange Code Challenge Method",
  "pushedAuthorizationRequestRequired": "Pushed authorization request required",
--- a/apps/admin-ui/src/clients/advanced/AdvancedSettings.tsx
+++ b/apps/admin-ui/src/clients/advanced/AdvancedSettings.tsx
@ -81,6 +81,46 @@ export const AdvancedSettings = ({
            control={control}
          />

+          <TokenLifespan
+            id="clientSessionIdle"
+            name={convertAttributeNameToForm(
+              "attributes.client.session.idle.timeout"
+            )}
+            defaultValue=""
+            units={["minute", "day", "hour"]}
+            control={control}
+          />
+
+          <TokenLifespan
+            id="clientSessionMax"
+            name={convertAttributeNameToForm(
+              "attributes.client.session.max.lifespan"
+            )}
+            defaultValue=""
+            units={["minute", "day", "hour"]}
+            control={control}
+          />
+
+          <TokenLifespan
+            id="clientOfflineSessionIdle"
+            name={convertAttributeNameToForm(
+              "attributes.client.offline.session.idle.timeout"
+            )}
+            defaultValue=""
+            units={["minute", "day", "hour"]}
+            control={control}
+          />
+
+          <TokenLifespan
+            id="clientOfflineSessionMax"
+            name={convertAttributeNameToForm(
+              "attributes.client.offline.session.max.lifespan"
+            )}
+            defaultValue=""
+            units={["minute", "day", "hour"]}
+            control={control}
+          />
+
          <FormGroup
            label={t("oAuthMutual")}
            fieldId="oAuthMutual"