libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Default SAML client type (#29493)

Browse source 
closes #29492 

Signed-off-by: Vickey Brown <vibrown@redhat.com>
This commit is contained in:
vickeybrown 2024-06-07 04:43:43 -05:00 committed by GitHub
parent b59c9d8431
commit c96c6c4feb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 145 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
services/src/main/java/org/keycloak/services/clienttype/client/TypeAwareClientModelDelegate.java
View file

@ -252,8 +252,8 @@ public class TypeAwareClientModelDelegate extends ClientModelLazyDelegate {
// Get extended client type attributes and values from the client type configuration.
Set<String> extendedClientTypeAttributes =
clientType.getOptionNames().stream()
.filter(optionName -> TypedClientExtendedAttribute.getAttributesByName().containsKey(optionName))
.collect(Collectors.toSet());
.filter(optionName -> TypedClientExtendedAttribute.getAttributesByName().containsKey(optionName))
.collect(Collectors.toSet());
// Augment client type attributes on top of attributes on the delegate.
for (String entry : extendedClientTypeAttributes) {
@ -262,4 +262,4 @@ public class TypeAwareClientModelDelegate extends ClientModelLazyDelegate {
return attributes;
}
}
}

34
services/src/main/java/org/keycloak/services/clienttype/client/TypedClientAttribute.java
View file

@ -53,7 +53,39 @@ enum TypedClientExtendedAttribute implements TypedClientAttribute {
CIBA_GRANT_ENABLED("oidc.ciba.grant.enabled", "false"),
LOGIN_THEME("login_theme", null),
LOGO_URI("logoUri", null),
POLICY_URI("policyUri", null);
POLICY_URI("policyUri", null),
SAML_ALLOW_ECP_FLOW("saml.allow.ecp.flow", "false"),
SAML_ARTIFACT_BINDING("saml.artifact.binding", "false"),
SAML_ARTIFACT_BINDING_IDENTIFIER("saml.artifact.binding.identifier", null),
SAML_ARTIFACT_BINDING_URL("saml_artifact_binding_url", null),
SAML_ARTIFACT_RESOLUTION_SERVICE_URL("saml_artifact_resolution_service_url", null),
SAML_ASSERTION_CONSUMER_URL_POST("saml_assertion_consumer_url_post", null),
SAML_ASSERTION_CONSUMER_URL_REDIRECT("saml_assertion_consumer_url_redirect", null),
SAML_ASSERTION_LIFESPAN("saml.assertion.lifespan", null),
SAML_ASSERTION_SIGNATURE("saml.assertion.signature", "false"),
SAML_AUTHNSTATEMENT("saml.authnstatement", "false"),
SAML_CLIENT_SIGNATURE("saml.client.signature", "false"),
SAML_ENCRYPT("saml.encrypt", "false"),
SAML_ENCRYPTION_CERTIFICATE("saml.encryption.certificate", null),
SAML_ENCRYPTION_PRIVATE_KEY("saml.encryption.private.key", null),
SAML_FORCE_POST_BINDING("saml.force.post.binding", "false"),
SAML_FORCE_NAME_ID_FORMAT("saml_force_name_id_format", "false"),
SAML_IDP_INITIATED_SSO_RELAY_STATE("saml_idp_initiated_sso_relay_state", null),
SAML_IDP_INITIATED_SSO_URL_NAME("saml_idp_initiated_sso_url_name", null),
SAML_ONETIMEUSE_CONDITION("saml.onetimeuse.condition", "false"),
SAML_SERVER_SIGNATURE("saml.server.signature", "false"),
SAML_SERVER_SIGNATURE_KEYINFO_EXT("saml.server.signature.keyinfo.ext", "false"),
SAML_SERVER_SIGNATURE_KEYINFO_XMLSIGKEYINFOKEYNAMETRANSFORMER("saml.server.signature.keyinfo.xmlSigKeyInfoKeyNameTransformer", null),
SAML_SIGNATURE_ALGORITHM("saml.signature.algorithm", null),
SAML_SIGNATURE_CANONICALIZATION_METHOD("saml_signature_canonicalization_method", null),
SAML_SIGNING_CERTIFICATE("saml.signing.certificate", null),
SAML_SIGNING_PRIVATE_KEY("saml.signing.private.key", null),
SAML_SINGLE_LOGOUT_SERVICE_URL_ARTIFACT("saml_single_logout_service_url_artifact", null),
SAML_SINGLE_LOGOUT_SERVICE_URL_POST("saml_single_logout_service_url_post", null),
SAML_SINGLE_LOGOUT_SERVICE_URL_REDIRECT("saml_single_logout_service_url_redirect", null),
SAML_SINGLE_LOGOUT_SERVICE_URL_SOAP("saml_single_logout_service_url_soap", null);
private static final Map<String, TypedClientExtendedAttribute> attributesByName = new HashMap<>();

109
services/src/main/resources/keycloak-default-client-types.json
View file

@ -122,6 +122,115 @@
"applicable": false
}
}
},
{
"name": "saml",
"provider": "default",
"config": {
"consentRequired": {
"applicable": true
},
"fullScopeAllowed": {
"applicable": true
},
"frontchannelLogout": {
"applicable": true
},
"protocol": {
"applicable": true,
"value": "saml"
},
"saml.allow.ecp.flow": {
"applicable": true
},
"saml.artifact.binding": {
"applicable": true
},
"saml.artifact.binding.identifier": {
"applicable": true
},
"saml_artifact_binding_url": {
"applicable": true
},
"saml_artifact_resolution_service_url": {
"applicable": true
},
"saml_assertion_consumer_url_post": {
"applicable": true
},
"saml_assertion_consumer_url_redirect": {
"applicable": true
},
"saml.assertion.lifespan": {
"applicable": true
},
"saml.assertion.signature": {
"applicable": true
},
"saml.authnstatement": {
"applicable": true
},
"saml.client.signature": {
"applicable": true
},
"saml.encrypt": {
"applicable": true
},
"saml.encryption.certificate": {
"applicable": true
},
"saml.encryption.private.key": {
"applicable": true
},
"saml.force.post.binding": {
"applicable": true
},
"saml_force_name_id_format": {
"applicable": true
},
"saml_idp_initiated_sso_relay_state": {
"applicable": true
},
"saml_idp_initiated_sso_url_name": {
"applicable": true
},
"saml.onetimeuse.condition": {
"applicable": true
},
"saml.server.signature": {
"applicable": true
},
"saml.server.signature.keyinfo.ext": {
"applicable": true
},
"saml.server.signature.keyinfo.xmlSigKeyInfoKeyNameTransformer": {
"applicable": true
},
"saml.signature.algorithm": {
"applicable": true
},
"saml_signature_canonicalization_method": {
"applicable": true
},
"saml.signing.certificate": {
"applicable": true
},
"saml.signing.private.key": {
"applicable": true
},
"saml_single_logout_service_url_artifact": {
"applicable": true
},
"saml_single_logout_service_url_post": {
"applicable": true
},
"saml_single_logout_service_url_redirect": {
"applicable": true
},
"saml_single_logout_service_url_soap": {
"applicable": true
}
}
}
]
}