fix pass subject and add 2 missing fields (#1554)
This commit is contained in:
mfrances17
GitHub
parent
4959c3f0ca
commit
b071724329
3 changed files with 53 additions and 3 deletions
|
|
@ -414,7 +414,7 @@ const Fields = ({ readOnly }: DescriptorSettingsProps) => {
|
||||||
isReadOnly={readOnly}
|
isReadOnly={readOnly}
|
||||||
/>
|
/>
|
||||||
<SwitchField
|
<SwitchField
|
||||||
field="config.passSubject"
|
field="config.loginHint"
|
||||||
label="passSubject"
|
label="passSubject"
|
||||||
isReadOnly={readOnly}
|
isReadOnly={readOnly}
|
||||||
/>
|
/>
|
||||||
|
|
@ -441,6 +441,50 @@ const Fields = ({ readOnly }: DescriptorSettingsProps) => {
|
||||||
isReadOnly={readOnly}
|
isReadOnly={readOnly}
|
||||||
/>
|
/>
|
||||||
</FormGroup>
|
</FormGroup>
|
||||||
|
|
||||||
|
<FormGroup
|
||||||
|
label={t("attributeConsumingServiceIndex")}
|
||||||
|
labelIcon={
|
||||||
|
<HelpItem
|
||||||
|
helpText={th("attributeConsumingServiceIndex")}
|
||||||
|
forLabel={t("attributeConsumingServiceIndex")}
|
||||||
|
forID="attributeConsumingServiceIndex"
|
||||||
|
/>
|
||||||
|
}
|
||||||
|
fieldId="attributeConsumingServiceIndex"
|
||||||
|
helperTextInvalid={t("common:required")}
|
||||||
|
>
|
||||||
|
<TextInput
|
||||||
|
type="number"
|
||||||
|
min="0"
|
||||||
|
max="65535"
|
||||||
|
id="attributeConsumingServiceIndex"
|
||||||
|
name="config.attributeConsumingServiceIndex"
|
||||||
|
ref={register}
|
||||||
|
isReadOnly={readOnly}
|
||||||
|
/>
|
||||||
|
</FormGroup>
|
||||||
|
|
||||||
|
<FormGroup
|
||||||
|
label={t("attributeConsumingServiceName")}
|
||||||
|
labelIcon={
|
||||||
|
<HelpItem
|
||||||
|
helpText={th("attributeConsumingServiceName")}
|
||||||
|
forLabel={t("attributeConsumingServiceName")}
|
||||||
|
forID="attributeConsumingServiceName"
|
||||||
|
/>
|
||||||
|
}
|
||||||
|
fieldId="attributeConsumingServiceName"
|
||||||
|
helperTextInvalid={t("common:required")}
|
||||||
|
>
|
||||||
|
<TextInput
|
||||||
|
type="text"
|
||||||
|
id="attributeConsumingServiceName"
|
||||||
|
name="config.attributeConsumingServiceName"
|
||||||
|
ref={register}
|
||||||
|
isReadOnly={readOnly}
|
||||||
|
/>
|
||||||
|
</FormGroup>
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ export default {
|
||||||
scopes:
|
scopes:
|
||||||
"The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'.",
|
"The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'.",
|
||||||
prompt:
|
prompt:
|
||||||
"Specifies whether the Authorization Server prompts the End-User for reauthentication and consent.",
|
"Specifies whether the Authorization Server prompts the End-User for re-authentication and consent.",
|
||||||
acceptsPromptNone:
|
acceptsPromptNone:
|
||||||
"This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In case that client sends a request with prompt=none and user is not yet authenticated, the error will not be directly returned to client, but the request with prompt=none will be forwarded to this identity provider.",
|
"This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In case that client sends a request with prompt=none and user is not yet authenticated, the error will not be directly returned to client, but the request with prompt=none will be forwarded to this identity provider.",
|
||||||
validateSignature:
|
validateSignature:
|
||||||
|
|
@ -39,6 +39,10 @@ export default {
|
||||||
"URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, you can use URL like 'http://broker-keycloak:8180/auth/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http://broker-keycloak:8180' and its realm is 'test' .",
|
"URL where identity provider keys in JWK format are stored. See JWK specification for more details. If you use external Keycloak identity provider, you can use URL like 'http://broker-keycloak:8180/auth/realms/test/protocol/openid-connect/certs' assuming your brokered Keycloak is running on 'http://broker-keycloak:8180' and its realm is 'test' .",
|
||||||
allowedClockSkew:
|
allowedClockSkew:
|
||||||
"Clock skew in seconds that is tolerated when validating identity provider tokens. Default value is zero.",
|
"Clock skew in seconds that is tolerated when validating identity provider tokens. Default value is zero.",
|
||||||
|
attributeConsumingServiceIndex:
|
||||||
|
"Index of the Attribute Consuming Service profile to request during authentication.",
|
||||||
|
attributeConsumingServiceName:
|
||||||
|
"Name of the Attribute Consuming Service profile to advertise in the SP metadata.",
|
||||||
forwardParameters:
|
forwardParameters:
|
||||||
"Non OpenID Connect/OAuth standard query parameters to be forwarded to external IDP from the initial application request to Authorization Endpoint. Multiple parameters can be entered, separated by comma (,).",
|
"Non OpenID Connect/OAuth standard query parameters to be forwarded to external IDP from the initial application request to Authorization Endpoint. Multiple parameters can be entered, separated by comma (,).",
|
||||||
clientAuthentication:
|
clientAuthentication:
|
||||||
|
|
@ -87,7 +91,7 @@ export default {
|
||||||
"Indicates whether the identity provider expects a signed AuthnRequest.",
|
"Indicates whether the identity provider expects a signed AuthnRequest.",
|
||||||
signatureAlgorithm: "The signature algorithm to use to sign documents.",
|
signatureAlgorithm: "The signature algorithm to use to sign documents.",
|
||||||
samlSignatureKeyName:
|
samlSignatureKeyName:
|
||||||
"Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.",
|
"Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.",
|
||||||
wantAssertionsSigned:
|
wantAssertionsSigned:
|
||||||
"Indicates whether this service provider expects a signed Assertion.",
|
"Indicates whether this service provider expects a signed Assertion.",
|
||||||
wantAssertionsEncrypted:
|
wantAssertionsEncrypted:
|
||||||
|
|
|
||||||
|
|
@ -129,6 +129,8 @@ export default {
|
||||||
useJwksUrl: "Use JWKS URL",
|
useJwksUrl: "Use JWKS URL",
|
||||||
jwksUrl: "JWKS URL",
|
jwksUrl: "JWKS URL",
|
||||||
allowedClockSkew: "Allowed clock skew",
|
allowedClockSkew: "Allowed clock skew",
|
||||||
|
attributeConsumingServiceIndex: "Attribute Consuming Service Index",
|
||||||
|
attributeConsumingServiceName: "Attribute Consuming Service Name",
|
||||||
forwardParameters: "Forwarded query parameters",
|
forwardParameters: "Forwarded query parameters",
|
||||||
generalSettings: "General settings",
|
generalSettings: "General settings",
|
||||||
oidcSettings: "OpenID Connect settings",
|
oidcSettings: "OpenID Connect settings",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue