From be2d7e268ec8a3da6b9197c542fb890849776bbe Mon Sep 17 00:00:00 2001
From: Erik Jan de Wit <erikjan.dewit@gmail.com>
Date: Wed, 30 Mar 2022 11:23:04 +0200
Subject: [PATCH] Added missing field (#2369)

---
 src/clients/credentials/X509.tsx | 85 ++++++++++++++++++++++----------
 src/clients/help.ts              |  2 +
 src/clients/messages.ts          |  1 +
 3 files changed, 62 insertions(+), 26 deletions(-)

diff --git a/src/clients/credentials/X509.tsx b/src/clients/credentials/X509.tsx
index 0340d49963..270852c04c 100644
--- a/src/clients/credentials/X509.tsx
+++ b/src/clients/credentials/X509.tsx
@@ -1,41 +1,74 @@
 import React from "react";
 import { useTranslation } from "react-i18next";
-import { useFormContext } from "react-hook-form";
-import { FormGroup, TextInput, ValidatedOptions } from "@patternfly/react-core";
+import { Controller, useFormContext } from "react-hook-form";
+import {
+  FormGroup,
+  Switch,
+  TextInput,
+  ValidatedOptions,
+} from "@patternfly/react-core";
 import { HelpItem } from "../../components/help-enabler/HelpItem";
 
 export const X509 = () => {
   const { t } = useTranslation("clients");
-  const { register, errors } = useFormContext();
+  const { register, control, errors } = useFormContext();
   return (
-    <FormGroup
-      label={t("subject")}
-      fieldId="kc-subject"
-      labelIcon={
-        <HelpItem
-          helpText="clients-help:subject"
-          fieldLabelId="clients:subject"
+    <>
+      <FormGroup
+        label={t("allowRegexComparison")}
+        labelIcon={
+          <HelpItem
+            helpText="clients-help:allowRegexComparison"
+            fieldLabelId="clients:allowRegexComparison"
+          />
+        }
+        fieldId="allowRegexComparison"
+        hasNoPaddingTop
+      >
+        <Controller
+          name="attributes.x509.allow.regex.pattern.comparison"
+          defaultValue="false"
+          control={control}
+          render={({ onChange, value }) => (
+            <Switch
+              id="allowRegexComparison"
+              label={t("common:on")}
+              labelOff={t("common:off")}
+              isChecked={value === "true"}
+              onChange={(value) => onChange(value.toString())}
+            />
+          )}
         />
-      }
-      helperTextInvalid={t("common:required")}
-      validated={
-        errors.attributes?.["x509.subjectdn"]
-          ? ValidatedOptions.error
-          : ValidatedOptions.default
-      }
-      isRequired
-    >
-      <TextInput
-        ref={register({ required: true })}
-        type="text"
-        id="kc-subject"
-        name="attributes.x509.subjectdn"
+      </FormGroup>
+      <FormGroup
+        label={t("subject")}
+        fieldId="kc-subject"
+        labelIcon={
+          <HelpItem
+            helpText="clients-help:subject"
+            fieldLabelId="clients:subject"
+          />
+        }
+        helperTextInvalid={t("common:required")}
         validated={
           errors.attributes?.["x509.subjectdn"]
             ? ValidatedOptions.error
             : ValidatedOptions.default
         }
-      />
-    </FormGroup>
+        isRequired
+      >
+        <TextInput
+          ref={register({ required: true })}
+          type="text"
+          id="kc-subject"
+          name="attributes.x509.subjectdn"
+          validated={
+            errors.attributes?.["x509.subjectdn"]
+              ? ValidatedOptions.error
+              : ValidatedOptions.default
+          }
+        />
+      </FormGroup>
+    </>
   );
 };
diff --git a/src/clients/help.ts b/src/clients/help.ts
index 46df4730c9..7348058242 100644
--- a/src/clients/help.ts
+++ b/src/clients/help.ts
@@ -92,6 +92,8 @@ export default {
       "The registration access token provides access for clients to the client registration service.",
     "signature-algorithm":
       "JWA algorithm, which the client needs to use when signing a JWT for authentication. If left blank, the client is allowed to use any algorithm.",
+    allowRegexComparison:
+      "If OFF, then the Subject DN from given client certificate must exactly match the given DN from the 'Subject DN' property as described in the RFC8705 specification. The Subject DN can be in the RFC2553 or RFC1779 format. If ON, then the Subject DN from given client certificate should match regex specified by 'Subject DN' property.",
     subject:
       'A regular expression for validating Subject DN in the Client Certificate. Use "(.*?)(?:$)" to match all kind of expressions.',
     evaluateExplain:
diff --git a/src/clients/messages.ts b/src/clients/messages.ts
index b0608e8796..e0071219ae 100644
--- a/src/clients/messages.ts
+++ b/src/clients/messages.ts
@@ -442,6 +442,7 @@ export default {
     accessTokenSuccess: "Access token regenerated",
     accessTokenError: "Could not regenerate access token due to: {{error}}",
     signatureAlgorithm: "Signature algorithm",
+    allowRegexComparison: "Allow regex pattern comparison",
     subject: "Subject DN",
     searchForClient: "Search for client",
     advanced: "Advanced",