added missing fields: (#2049)

* `User Refresh Tokens` * `Use Refresh Tokens for Client Credentials Grant` as stateted in #1385
2022-02-17 22:40:09 +01:00 · 2022-02-17 22:40:09 +01:00 · d56f805a4e
commit d56f805a4e
parent fa0e162c0b
3 changed files with 63 additions and 2 deletions
--- a/src/clients/advanced/OpenIdConnectCompatibilityModes.tsx
+++ b/src/clients/advanced/OpenIdConnectCompatibilityModes.tsx
@ -23,6 +23,7 @@ export const OpenIdConnectCompatibilityModes = ({
      <FormGroup
        label={t("excludeSessionStateFromAuthenticationResponse")}
        fieldId="excludeSessionStateFromAuthenticationResponse"
+        hasNoPaddingTop
        labelIcon={
          <HelpItem
            helpText="clients-help:excludeSessionStateFromAuthenticationResponse"
@ -31,7 +32,7 @@ export const OpenIdConnectCompatibilityModes = ({
        }
      >
        <Controller
-          name="attributes.exclude-session-state-from-auth-response"
+          name="attributes.exclude.session.state.from.auth.response"
          defaultValue=""
          control={control}
          render={({ onChange, value }) => (
@ -40,11 +41,64 @@ export const OpenIdConnectCompatibilityModes = ({
              label={t("common:on")}
              labelOff={t("common:off")}
              isChecked={value === "true"}
-              onChange={(value) => onChange("" + value)}
+              onChange={(value) => onChange(value.toString())}
            />
          )}
        />
      </FormGroup>
+      <FormGroup
+        label={t("useRefreshTokens")}
+        fieldId="useRefreshTokens"
+        hasNoPaddingTop
+        labelIcon={
+          <HelpItem
+            helpText="clients-help:useRefreshTokens"
+            fieldLabelId="clients:useRefreshTokens"
+          />
+        }
+      >
+        <Controller
+          name="attributes.use.refresh.tokens"
+          defaultValue="true"
+          control={control}
+          render={({ onChange, value }) => (
+            <Switch
+              id="useRefreshTokens"
+              label={t("common:on")}
+              labelOff={t("common:off")}
+              isChecked={value === "true"}
+              onChange={(value) => onChange(value.toString())}
+            />
+          )}
+        />
+      </FormGroup>
+      <FormGroup
+        label={t("useRefreshTokenForClientCredentialsGrant")}
+        fieldId="useRefreshTokenForClientCredentialsGrant"
+        hasNoPaddingTop
+        labelIcon={
+          <HelpItem
+            helpText="clients-help:useRefreshTokenForClientCredentialsGrant"
+            fieldLabelId="clients:useRefreshTokenForClientCredentialsGrant"
+          />
+        }
+      >
+        <Controller
+          name="attributes.client_credentials.use_refresh_token"
+          defaultValue="false"
+          control={control}
+          render={({ onChange, value }) => (
+            <Switch
+              id="useRefreshTokenForClientCredentialsGrant"
+              label={t("common:on")}
+              labelOff={t("common:off")}
+              isChecked={value === "true"}
+              onChange={(value) => onChange(value.toString())}
+            />
+          )}
+        />
+      </FormGroup>
+
      <ActionGroup>
        <Button variant="secondary" onClick={save}>
          {t("common:save")}
--- a/src/clients/help.ts
+++ b/src/clients/help.ts
@ -124,6 +124,10 @@ export default {
      "This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter.",
    excludeSessionStateFromAuthenticationResponse:
      "If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.",
+    useRefreshTokens:
+      "If this is on, a refresh_token will be created and added to the token response. If this is off then no refresh_token will be generated.",
+    useRefreshTokenForClientCredentialsGrant:
+      "If this is on, a refresh_token will be created and added to the token response if the client_credentials grant is used. The OAuth 2.0 RFC6749 Section 4.4.3 states that a refresh_token should not be generated when client_credentials grant is used. If this is off then no refresh_token will be generated and the associated user session will be removed.",
    "advancedSettingsOpenid-connect":
      "This section is used to configure advanced settings of this client related to OpenID Connect protocol",
    advancedSettingsSaml:
--- a/src/clients/messages.ts
+++ b/src/clients/messages.ts
@ -464,6 +464,9 @@ export default {
    openIdConnectCompatibilityModes: "Open ID Connect Compatibly Modes",
    excludeSessionStateFromAuthenticationResponse:
      "Exclude Session State From Authentication Response",
+    useRefreshTokens: "Use refresh tokens",
+    useRefreshTokenForClientCredentialsGrant:
+      "Use refresh tokens for client credentials grant",
    assertionConsumerServicePostBindingURL:
      "Assertion Consumer Service POST Binding URL",
    assertionConsumerServiceRedirectBindingURL: