libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

added missing fields: (#2049)

Browse source 
* `User Refresh Tokens`
* `Use Refresh Tokens for Client Credentials Grant`

as stateted in #1385
This commit is contained in:
Erik Jan de Wit 2022-02-17 22:40:09 +01:00 committed by GitHub
parent fa0e162c0b
commit d56f805a4e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 63 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
src/clients/advanced/OpenIdConnectCompatibilityModes.tsx
View file

@ -23,6 +23,7 @@ export const OpenIdConnectCompatibilityModes = ({
<FormGroup <FormGroup
label={t("excludeSessionStateFromAuthenticationResponse")} label={t("excludeSessionStateFromAuthenticationResponse")}
fieldId="excludeSessionStateFromAuthenticationResponse" fieldId="excludeSessionStateFromAuthenticationResponse"
hasNoPaddingTop
labelIcon={ labelIcon={
<HelpItem <HelpItem
helpText="clients-help:excludeSessionStateFromAuthenticationResponse" helpText="clients-help:excludeSessionStateFromAuthenticationResponse"
@ -31,7 +32,7 @@ export const OpenIdConnectCompatibilityModes = ({
} }
> >
<Controller <Controller
name="attributes.exclude-session-state-from-auth-response" name="attributes.exclude.session.state.from.auth.response"
defaultValue="" defaultValue=""
control={control} control={control}
render={({ onChange, value }) => ( render={({ onChange, value }) => (
@ -40,11 +41,64 @@ export const OpenIdConnectCompatibilityModes = ({
label={t("common:on")} label={t("common:on")}
labelOff={t("common:off")} labelOff={t("common:off")}
isChecked={value === "true"} isChecked={value === "true"}
onChange={(value) => onChange("" + value)} onChange={(value) => onChange(value.toString())}
/> />
)} )}
/> />
</FormGroup> </FormGroup>
<FormGroup
label={t("useRefreshTokens")}
fieldId="useRefreshTokens"
hasNoPaddingTop
labelIcon={
<HelpItem
helpText="clients-help:useRefreshTokens"
fieldLabelId="clients:useRefreshTokens"
/>
}
>
<Controller
name="attributes.use.refresh.tokens"
defaultValue="true"
control={control}
render={({ onChange, value }) => (
<Switch
id="useRefreshTokens"
label={t("common:on")}
labelOff={t("common:off")}
isChecked={value === "true"}
onChange={(value) => onChange(value.toString())}
/>
)}
/>
</FormGroup>
<FormGroup
label={t("useRefreshTokenForClientCredentialsGrant")}
fieldId="useRefreshTokenForClientCredentialsGrant"
hasNoPaddingTop
labelIcon={
<HelpItem
helpText="clients-help:useRefreshTokenForClientCredentialsGrant"
fieldLabelId="clients:useRefreshTokenForClientCredentialsGrant"
/>
}
>
<Controller
name="attributes.client_credentials.use_refresh_token"
defaultValue="false"
control={control}
render={({ onChange, value }) => (
<Switch
id="useRefreshTokenForClientCredentialsGrant"
label={t("common:on")}
labelOff={t("common:off")}
isChecked={value === "true"}
onChange={(value) => onChange(value.toString())}
/>
)}
/>
</FormGroup>
<ActionGroup> <ActionGroup>
<Button variant="secondary" onClick={save}> <Button variant="secondary" onClick={save}>
{t("common:save")} {t("common:save")}

4
src/clients/help.ts
View file

@ -124,6 +124,10 @@ export default {
"This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter.", "This section is used to configure settings for backward compatibility with older OpenID Connect / OAuth 2 adaptors. It's useful especially if your client uses older version of Keycloak / RH-SSO adapter.",
excludeSessionStateFromAuthenticationResponse: excludeSessionStateFromAuthenticationResponse:
"If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.", "If this is on, the parameter 'session_state' will not be included in OpenID Connect Authentication Response. It is useful if your client uses older OIDC / OAuth2 adapter, which does not support 'session_state' parameter.",
useRefreshTokens:
"If this is on, a refresh_token will be created and added to the token response. If this is off then no refresh_token will be generated.",
useRefreshTokenForClientCredentialsGrant:
"If this is on, a refresh_token will be created and added to the token response if the client_credentials grant is used. The OAuth 2.0 RFC6749 Section 4.4.3 states that a refresh_token should not be generated when client_credentials grant is used. If this is off then no refresh_token will be generated and the associated user session will be removed.",
"advancedSettingsOpenid-connect": "advancedSettingsOpenid-connect":
"This section is used to configure advanced settings of this client related to OpenID Connect protocol", "This section is used to configure advanced settings of this client related to OpenID Connect protocol",
advancedSettingsSaml: advancedSettingsSaml:

3
src/clients/messages.ts
View file

@ -464,6 +464,9 @@ export default {
openIdConnectCompatibilityModes: "Open ID Connect Compatibly Modes", openIdConnectCompatibilityModes: "Open ID Connect Compatibly Modes",
excludeSessionStateFromAuthenticationResponse: excludeSessionStateFromAuthenticationResponse:
"Exclude Session State From Authentication Response", "Exclude Session State From Authentication Response",
useRefreshTokens: "Use refresh tokens",
useRefreshTokenForClientCredentialsGrant:
"Use refresh tokens for client credentials grant",
assertionConsumerServicePostBindingURL: assertionConsumerServicePostBindingURL:
"Assertion Consumer Service POST Binding URL", "Assertion Consumer Service POST Binding URL",
assertionConsumerServiceRedirectBindingURL: assertionConsumerServiceRedirectBindingURL: