Include Account Console version 3 as a theme (#19641)
This commit is contained in:
Jon Koops
GitHub
parent
ca9c6dddc1
commit
a2eb619e0e
27 changed files with 460 additions and 239 deletions
|
|
@ -44,7 +44,8 @@ public class Profile {
|
|||
AUTHORIZATION("Authorization Service", Type.DEFAULT),
|
||||
|
||||
ACCOUNT_API("Account Management REST API", Type.DEFAULT),
|
||||
ACCOUNT2("New Account Management Console", Type.DEFAULT, Feature.ACCOUNT_API),
|
||||
ACCOUNT2("Account Management Console", Type.DEFAULT, Feature.ACCOUNT_API),
|
||||
ACCOUNT3("New Account Management Console", Type.EXPERIMENTAL, Feature.ACCOUNT_API),
|
||||
|
||||
ADMIN_FINE_GRAINED_AUTHZ("Fine-Grained Admin Permissions", Type.PREVIEW),
|
||||
|
||||
|
|
|
|||
|
|
@ -70,12 +70,27 @@ public class ProfileTest {
|
|||
}
|
||||
|
||||
Assert.assertEquals(Profile.ProfileName.DEFAULT, profile.getName());
|
||||
Set<Profile.Feature> disabledFeatutes = new HashSet<>(Arrays.asList(Profile.Feature.FIPS, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.DYNAMIC_SCOPES, Profile.Feature.DOCKER, Profile.Feature.RECOVERY_CODES, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.OPENSHIFT_INTEGRATION, Profile.Feature.MAP_STORAGE, Profile.Feature.DECLARATIVE_USER_PROFILE, Profile.Feature.CLIENT_SECRET_ROTATION, Profile.Feature.UPDATE_EMAIL));
|
||||
Set<Profile.Feature> disabledFeatures = new HashSet<>(Arrays.asList(
|
||||
Profile.Feature.FIPS,
|
||||
Profile.Feature.ACCOUNT3,
|
||||
Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ,
|
||||
Profile.Feature.DYNAMIC_SCOPES,
|
||||
Profile.Feature.DOCKER,
|
||||
Profile.Feature.RECOVERY_CODES,
|
||||
Profile.Feature.SCRIPTS,
|
||||
Profile.Feature.TOKEN_EXCHANGE,
|
||||
Profile.Feature.OPENSHIFT_INTEGRATION,
|
||||
Profile.Feature.MAP_STORAGE,
|
||||
Profile.Feature.DECLARATIVE_USER_PROFILE,
|
||||
Profile.Feature.CLIENT_SECRET_ROTATION,
|
||||
Profile.Feature.UPDATE_EMAIL
|
||||
));
|
||||
|
||||
// KERBEROS can be disabled (i.e. FIPS mode disables SunJGSS provider)
|
||||
if (Profile.Feature.KERBEROS.getType() == Profile.Feature.Type.DISABLED_BY_DEFAULT) {
|
||||
disabledFeatutes.add(Profile.Feature.KERBEROS);
|
||||
disabledFeatures.add(Profile.Feature.KERBEROS);
|
||||
}
|
||||
assertEquals(profile.getDisabledFeatures(), disabledFeatutes);
|
||||
assertEquals(profile.getDisabledFeatures(), disabledFeatures);
|
||||
assertEquals(profile.getPreviewFeatures(), Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.RECOVERY_CODES, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.OPENSHIFT_INTEGRATION, Profile.Feature.DECLARATIVE_USER_PROFILE, Profile.Feature.CLIENT_SECRET_ROTATION, Profile.Feature.UPDATE_EMAIL);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,11 @@
|
|||
= FIPS 140-2 support
|
||||
|
||||
FIPS 140-2 support in Keycloak, which was preview in the previous release, is now promoted to be officially supported.
|
||||
|
||||
= Experimental new Account Console
|
||||
|
||||
The Account Console Version 3 is now available as an experimental feature in Keycloak. This version supports custom fields created with User Profile. If you are looking to try it out and provide us with some early feedback you can enable it as follows:
|
||||
|
||||
```
|
||||
bin/kc.sh start-dev --features=account3
|
||||
```
|
||||
|
|
|
|||
|
|
@ -0,0 +1,10 @@
|
|||
{
|
||||
"themes": [
|
||||
{
|
||||
"name": "keycloak.v3",
|
||||
"types": [
|
||||
"account"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
parent=base
|
||||
deprecatedMode=false
|
||||
115
js/apps/account-ui/pom.xml
Normal file
115
js/apps/account-ui/pom.xml
Normal file
|
|
@ -0,0 +1,115 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<artifactId>keycloak-js-parent</artifactId>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<version>999.0.0-SNAPSHOT</version>
|
||||
<relativePath>../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>keycloak-account-ui</artifactId>
|
||||
|
||||
<name>Keycloak Account UI</name>
|
||||
<description>The user inferface to manage an account on the Keycloak server.</description>
|
||||
|
||||
<build>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>maven-resources</directory>
|
||||
</resource>
|
||||
<resource>
|
||||
<directory>dist</directory>
|
||||
<targetPath>theme/keycloak.v3/account/resources</targetPath>
|
||||
<excludes>
|
||||
<exclude>index.html</exclude>
|
||||
</excludes>
|
||||
</resource>
|
||||
</resources>
|
||||
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-deploy-plugin</artifactId>
|
||||
<configuration>
|
||||
<skip>true</skip>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>com.github.eirslett</groupId>
|
||||
<artifactId>frontend-maven-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>npm-build</id>
|
||||
<goals>
|
||||
<goal>npm</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<arguments>run build --workspace=account-ui</arguments>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
<configuration>
|
||||
<workingDirectory>../..</workingDirectory>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>com.google.code.maven-replacer-plugin</groupId>
|
||||
<artifactId>maven-replacer-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>replace</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
<configuration>
|
||||
<file>dist/index.html</file>
|
||||
<outputFile>target/classes/theme/keycloak.v3/account/index.ftl</outputFile>
|
||||
<regex>false</regex>
|
||||
<replacements>
|
||||
<replacement>
|
||||
<token>src="./</token>
|
||||
<value>src="${resourceUrl}/</value>
|
||||
</replacement>
|
||||
<replacement>
|
||||
<token>href="./</token>
|
||||
<value>href="${resourceUrl}/</value>
|
||||
</replacement>
|
||||
<replacement>
|
||||
<token><![CDATA[</body>]]></token>
|
||||
<value xml:space="preserve">
|
||||
<![CDATA[
|
||||
<script id="environment" type="application/json">
|
||||
{
|
||||
"loginRealm": "${loginRealm!"master"}",
|
||||
"authServerUrl": "${authUrl}",
|
||||
"resourceUrl": "${resourceUrl}",
|
||||
"isRunningAsTheme": true
|
||||
}
|
||||
</script>
|
||||
</body>
|
||||
]]>
|
||||
</value>
|
||||
</replacement>
|
||||
<replacement>
|
||||
<token><![CDATA[</head>]]></token>
|
||||
<value xml:space="preserve">
|
||||
<![CDATA[
|
||||
<#if properties.styles?has_content>
|
||||
<#list properties.styles?split(' ') as style>
|
||||
<link href="${resourceUrl}/${style}" rel="stylesheet"/>
|
||||
</#list>
|
||||
</#if>
|
||||
</head>
|
||||
]]>
|
||||
</value>
|
||||
</replacement>
|
||||
</replacements>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
||||
|
|
@ -17,4 +17,33 @@ const defaultEnvironment: Environment = {
|
|||
isRunningAsTheme: false,
|
||||
};
|
||||
|
||||
export { defaultEnvironment as environment };
|
||||
// Merge the default and injected environment variables together.
|
||||
const environment: Environment = {
|
||||
...defaultEnvironment,
|
||||
...getInjectedEnvironment(),
|
||||
};
|
||||
|
||||
export { environment };
|
||||
|
||||
/**
|
||||
* Extracts the environment variables that are passed if the application is running as a Keycloak theme.
|
||||
* These variables are injected by Keycloak into the `index.ftl` as a script tag, the contents of which can be parsed as JSON.
|
||||
*/
|
||||
function getInjectedEnvironment(): Record<string, string | number | boolean> {
|
||||
const element = document.getElementById("environment");
|
||||
|
||||
// If the element cannot be found, return an empty record.
|
||||
if (!element?.textContent) {
|
||||
return {};
|
||||
}
|
||||
|
||||
// Attempt to parse the contents as JSON and return its value.
|
||||
try {
|
||||
return JSON.parse(element.textContent);
|
||||
} catch (error) {
|
||||
console.error("Unable to parse environment variables.");
|
||||
}
|
||||
|
||||
// Otherwise, return an empty record.
|
||||
return {};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ import "@patternfly/patternfly/patternfly-addons.css";
|
|||
|
||||
import { StrictMode } from "react";
|
||||
import { createRoot } from "react-dom/client";
|
||||
import { createBrowserRouter, RouterProvider } from "react-router-dom";
|
||||
import { createHashRouter, RouterProvider } from "react-router-dom";
|
||||
|
||||
import { i18n } from "./i18n";
|
||||
import { keycloak } from "./keycloak";
|
||||
|
|
@ -18,7 +18,7 @@ await Promise.all([
|
|||
i18n.init(),
|
||||
]);
|
||||
|
||||
const router = createBrowserRouter(routes);
|
||||
const router = createHashRouter(routes);
|
||||
const container = document.getElementById("app");
|
||||
const root = createRoot(container!);
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import {
|
|||
TextVariants,
|
||||
} from "@patternfly/react-core";
|
||||
import { useTranslation } from "react-i18next";
|
||||
import { useRouteError } from "react-router-dom";
|
||||
import { isRouteErrorResponse, useRouteError } from "react-router-dom";
|
||||
|
||||
export const ErrorPage = () => {
|
||||
const { t } = useTranslation();
|
||||
|
|
@ -44,11 +44,15 @@ export const ErrorPage = () => {
|
|||
);
|
||||
};
|
||||
|
||||
function getErrorMessage(error: unknown) {
|
||||
function getErrorMessage(error: unknown): string | null {
|
||||
if (typeof error === "string") {
|
||||
return error;
|
||||
}
|
||||
|
||||
if (isRouteErrorResponse(error)) {
|
||||
return error.error ? getErrorMessage(error.error) : null;
|
||||
}
|
||||
|
||||
if (error instanceof Error) {
|
||||
return error.message;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
<description>Parent of all JavaScript related code, sets up Node.js and NPM and installs dependencies for all projects in the workspace.</description>
|
||||
|
||||
<modules>
|
||||
<module>apps/account-ui</module>
|
||||
<module>apps/admin-ui</module>
|
||||
<module>libs/keycloak-admin-client</module>
|
||||
<module>libs/keycloak-js</module>
|
||||
|
|
|
|||
7
pom.xml
7
pom.xml
|
|
@ -224,7 +224,7 @@
|
|||
<server.output.dir.version>${project.version}</server.output.dir.version>
|
||||
|
||||
<!-- Frontend -->
|
||||
<node.version>v18.14.2</node.version>
|
||||
<node.version>v18.15.0</node.version>
|
||||
</properties>
|
||||
|
||||
<url>http://keycloak.org</url>
|
||||
|
|
@ -1469,6 +1469,11 @@
|
|||
<artifactId>keycloak-junit5</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-account-ui</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-ui</artifactId>
|
||||
|
|
|
|||
|
|
@ -348,6 +348,16 @@
|
|||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-account-ui</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-ui</artifactId>
|
||||
|
|
|
|||
|
|
@ -44,18 +44,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
HTTP/TLS:
|
||||
|
||||
|
|
|
|||
|
|
@ -44,18 +44,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
HTTP/TLS:
|
||||
|
||||
|
|
|
|||
|
|
@ -69,18 +69,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -32,6 +32,8 @@ Database:
|
|||
|
||||
--db <vendor> The database vendor. Possible values are: dev-file, dev-mem, mariadb, mssql,
|
||||
mysql, oracle, postgres. Default: dev-file.
|
||||
--db-driver <driver> The fully qualified class name of the JDBC driver. If not set, a default
|
||||
driver is set accordingly to the chosen database.
|
||||
--db-password <password>
|
||||
The password of the database user.
|
||||
--db-pool-initial-size <size>
|
||||
|
|
@ -67,18 +69,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -132,18 +132,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -95,6 +95,8 @@ Database:
|
|||
|
||||
--db <vendor> The database vendor. Possible values are: dev-file, dev-mem, mariadb, mssql,
|
||||
mysql, oracle, postgres. Default: dev-file.
|
||||
--db-driver <driver> The fully qualified class name of the JDBC driver. If not set, a default
|
||||
driver is set accordingly to the chosen database.
|
||||
--db-password <password>
|
||||
The password of the database user.
|
||||
--db-pool-initial-size <size>
|
||||
|
|
@ -130,18 +132,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -75,18 +75,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -38,6 +38,8 @@ Database:
|
|||
|
||||
--db <vendor> The database vendor. Possible values are: dev-file, dev-mem, mariadb, mssql,
|
||||
mysql, oracle, postgres. Default: dev-file.
|
||||
--db-driver <driver> The fully qualified class name of the JDBC driver. If not set, a default
|
||||
driver is set accordingly to the chosen database.
|
||||
--db-password <password>
|
||||
The password of the database user.
|
||||
--db-pool-initial-size <size>
|
||||
|
|
@ -73,18 +75,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -138,18 +138,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -101,6 +101,8 @@ Database:
|
|||
|
||||
--db <vendor> The database vendor. Possible values are: dev-file, dev-mem, mariadb, mssql,
|
||||
mysql, oracle, postgres. Default: dev-file.
|
||||
--db-driver <driver> The fully qualified class name of the JDBC driver. If not set, a default
|
||||
driver is set accordingly to the chosen database.
|
||||
--db-password <password>
|
||||
The password of the database user.
|
||||
--db-pool-initial-size <size>
|
||||
|
|
@ -136,18 +138,20 @@ Transaction:
|
|||
Feature:
|
||||
|
||||
--features <feature> Enables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
--features-disabled <feature>
|
||||
Disables a set of one or more features. Possible values are: account-api,
|
||||
account2, admin-api, admin-fine-grained-authz, admin2, authorization, ciba,
|
||||
client-policies, client-secret-rotation, declarative-user-profile, docker,
|
||||
dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage,
|
||||
openshift-integration, par, preview, recovery-codes, scripts,
|
||||
step-up-authentication, token-exchange, update-email, web-authn.
|
||||
account2, account3, admin-api, admin-fine-grained-authz, admin2,
|
||||
authorization, ciba, client-policies, client-secret-rotation,
|
||||
declarative-user-profile, docker, dynamic-scopes, fips, impersonation,
|
||||
js-adapter, kerberos, map-storage, openshift-integration, par, preview,
|
||||
recovery-codes, scripts, step-up-authentication, token-exchange,
|
||||
update-email, web-authn.
|
||||
|
||||
Hostname:
|
||||
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ public interface ThemeSelectorProvider extends Provider {
|
|||
|
||||
String DEFAULT = "keycloak";
|
||||
String DEFAULT_V2 = "keycloak.v2";
|
||||
String DEFAULT_V3 = "keycloak.v3";
|
||||
|
||||
/**
|
||||
* Return the theme name to use for the specified type
|
||||
|
|
@ -43,6 +44,10 @@ public interface ThemeSelectorProvider extends Provider {
|
|||
return name;
|
||||
}
|
||||
|
||||
if ((type == Theme.Type.ACCOUNT) && Profile.isFeatureEnabled(Profile.Feature.ACCOUNT3)) {
|
||||
return DEFAULT_V3;
|
||||
}
|
||||
|
||||
if ((type == Theme.Type.ACCOUNT) && Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2)) {
|
||||
return DEFAULT_V2;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -212,6 +212,13 @@ public class ServerInfoAdminResource {
|
|||
filteredNames.remove("rh-sso.v2");
|
||||
}
|
||||
|
||||
boolean filterAccountV3 = (type == Theme.Type.ACCOUNT) &&
|
||||
!Profile.isFeatureEnabled(Profile.Feature.ACCOUNT3);
|
||||
|
||||
if (filterAccountV3) {
|
||||
filteredNames.remove("keycloak.v3");
|
||||
}
|
||||
|
||||
return filteredNames;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -315,8 +315,4 @@ public class DefaultThemeManager implements ThemeManager {
|
|||
return providers;
|
||||
}
|
||||
|
||||
private static boolean isAccount2Enabled() {
|
||||
return Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -205,11 +205,6 @@
|
|||
<artifactId>undertow-embedded</artifactId>
|
||||
<version>${undertow-embedded.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-ui</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-rest-admin-ui-ext</artifactId>
|
||||
|
|
|
|||
|
|
@ -48,16 +48,6 @@
|
|||
<artifactId>keycloak-dependencies-server-all</artifactId>
|
||||
<type>pom</type>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-ui</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>*</groupId>
|
||||
<artifactId>*</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-rest-admin-ui-ext</artifactId>
|
||||
|
|
|
|||
Loading…
Reference in a new issue