Merge pull request #1205 from stianst/master

KEYCLOAK-1248 Fix direct grants only switch
This commit is contained in:
Stian Thorgersen 2015-04-30 14:41:55 +02:00
commit fd91d46b5b
12 changed files with 44 additions and 18 deletions

View file

@ -144,7 +144,7 @@ public class ClientRepresentation {
this.consentRequired = consentRequired;
}
public Boolean getDirectGrantsOnly() {
public Boolean isDirectGrantsOnly() {
return directGrantsOnly;
}

View file

@ -792,7 +792,7 @@ module.controller('ClientDetailCtrl', function($scope, realm, client, serverInfo
$scope.client.attributes['saml.signature.algorithm'] = $scope.signatureAlgorithm;
$scope.client.attributes['saml_name_id_format'] = $scope.nameIdFormat;
if ($scope.client.protocol != 'saml' && !$scope.client.bearerOnly && (!$scope.client.redirectUris || $scope.client.redirectUris.length == 0)) {
if ($scope.client.protocol != 'saml' && !$scope.client.bearerOnly && !$scope.client.directGrantsOnly && (!$scope.client.redirectUris || $scope.client.redirectUris.length == 0)) {
Notifications.error("You must specify at least one redirect uri");
} else {
if ($scope.create) {

View file

@ -871,7 +871,11 @@ module.controller('RealmIdentityProviderCtrl', function($scope, $filter, $upload
};
$scope.cancel = function() {
if ($scope.newIdentityProvider) {
$location.url("/realms/" + realm.realm + "/identity-provider-settings");
} else {
$route.reload();
}
};

View file

@ -384,7 +384,7 @@ module.controller('UserFederationCtrl', function($scope, $location, realm, UserF
});
module.controller('GenericUserFederationCtrl', function($scope, $location, Notifications, Dialog, realm, instance, providerFactory, UserFederationInstances, UserFederationSync) {
module.controller('GenericUserFederationCtrl', function($scope, $location, Notifications, $route, Dialog, realm, instance, providerFactory, UserFederationInstances, UserFederationSync) {
console.log('GenericUserFederationCtrl');
$scope.create = !instance.providerName;
@ -453,9 +453,13 @@ module.controller('GenericUserFederationCtrl', function($scope, $location, Notif
$scope.save = function() {
$scope.changed = false;
if ($scope.create) {
UserFederationInstances.save({realm: realm.realm}, $scope.instance, function () {
UserFederationInstances.save({realm: realm.realm}, $scope.instance, function (data, headers) {
$scope.changed = false;
$location.url("/realms/" + realm.realm + "/user-federation");
var l = headers().location;
var id = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.realm + "/user-federation/providers/" + $scope.instance.providerName + "/" + id);
Notifications.success("The provider has been created.");
});
} else {
@ -463,11 +467,9 @@ module.controller('GenericUserFederationCtrl', function($scope, $location, Notif
instance: instance.id
},
$scope.instance, function () {
$scope.changed = false;
$location.url("/realms/" + realm.realm + "/user-federation");
$route.reload();
Notifications.success("The provider has been updated.");
});
}
};

View file

@ -158,7 +158,7 @@
<kc-tooltip>The name ID format to use for the subject.</kc-tooltip>
</div>
<div class="form-group clearfix block" data-ng-show="!client.bearerOnly">
<div class="form-group clearfix block" data-ng-hide="client.bearerOnly || client.directGrantsOnly">
<label class="col-md-2 control-label" for="newRedirectUri"><span class="required" data-ng-show="protocol != 'saml'">*</span> Valid Redirect URIs</label>
<div class="col-sm-6">
@ -204,7 +204,7 @@
<kc-tooltip>If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration.</kc-tooltip>
</div>
<div class="form-group" data-ng-show="!client.bearerOnly && !create && protocol == 'openid-connect'">
<label class="col-md-2 control-label" for="newWebOrigin">Web Origin</label>
<label class="col-md-2 control-label" for="newWebOrigin">Web Origins</label>
<div class="col-sm-6">
<div class="input-group" ng-repeat="(i, webOrigin) in client.webOrigins track by $index">

View file

@ -19,8 +19,8 @@
</div>
<div class="pull-right" data-ng-show="access.manageRealm">
<a class="btn btn-primary" href="#/import/client/{{realm.realm}}" data-ng-show="importButton">Import</a>
<a class="btn btn-primary" href="#/create/client/{{realm.realm}}">Create</a>
<a class="btn btn-primary" href="#/import/client/{{realm.realm}}" data-ng-show="importButton">Import</a>
</div>
</div>
</th>

View file

@ -92,10 +92,13 @@
</div>
</fieldset>
<div class="pull-right form-actions">
<button kc-save>Save</button>
<div class="form-group">
<div class="col-md-10 col-md-offset-2">
<button kc-save data-ng-show="changed">Save</button>
<button kc-cancel data-ng-click="cancel()" data-ng-show="changed">Cancel</button>
<button kc-delete data-ng-click="remove()" data-ng-show="!newIdentityProvider">Delete</button>
</div>
</div>
</form>
</div>

View file

@ -4,5 +4,5 @@
<li ng-class="{active: path[4] == 'role-mappings'}" ><a href="#/realms/{{realm.realm}}/users/{{user.username}}/role-mappings">Role Mappings</a></li>
<li ng-class="{active: path[4] == 'consents'}"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/consents">Consents</a></li>
<li ng-class="{active: path[4] == 'sessions'}" ><a href="#/realms/{{realm.realm}}/users/{{user.username}}/sessions">Sessions</a></li>
<li ng-class="{active: path[4] == 'federated-identity'}" data-ng-show="realm.identityFederationEnabled"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/federated-identity">Federated Identities</a></li>
<li ng-class="{active: path[4] == 'federated-identity'}" data-ng-show="user.federatedIdentities && user.federatedIdentities.length > 0"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/federated-identity">Identity Provider Links</a></li>
</ul>

View file

@ -238,6 +238,7 @@ public class ModelToRepresentation {
rep.setFullScopeAllowed(clientModel.isFullScopeAllowed());
rep.setBearerOnly(clientModel.isBearerOnly());
rep.setConsentRequired(clientModel.isConsentRequired());
rep.setDirectGrantsOnly(clientModel.isDirectGrantsOnly());
rep.setSurrogateAuthRequired(clientModel.isSurrogateAuthRequired());
rep.setBaseUrl(clientModel.getBaseUrl());
rep.setNotBefore(clientModel.getNotBefore());

View file

@ -531,6 +531,7 @@ public class RepresentationToModel {
if (resourceRep.getBaseUrl() != null) client.setBaseUrl(resourceRep.getBaseUrl());
if (resourceRep.isBearerOnly() != null) client.setBearerOnly(resourceRep.isBearerOnly());
if (resourceRep.isConsentRequired() != null) client.setConsentRequired(resourceRep.isConsentRequired());
if (resourceRep.isDirectGrantsOnly() != null) client.setDirectGrantsOnly(resourceRep.isDirectGrantsOnly());
if (resourceRep.isPublicClient() != null) client.setPublicClient(resourceRep.isPublicClient());
if (resourceRep.isFrontchannelLogout() != null) client.setFrontchannelLogout(resourceRep.isFrontchannelLogout());
if (resourceRep.getProtocol() != null) client.setProtocol(resourceRep.getProtocol());
@ -619,6 +620,7 @@ public class RepresentationToModel {
if (rep.isEnabled() != null) resource.setEnabled(rep.isEnabled());
if (rep.isBearerOnly() != null) resource.setBearerOnly(rep.isBearerOnly());
if (rep.isConsentRequired() != null) resource.setConsentRequired(rep.isConsentRequired());
if (rep.isDirectGrantsOnly() != null) resource.setDirectGrantsOnly(rep.isDirectGrantsOnly());
if (rep.isPublicClient() != null) resource.setPublicClient(rep.isPublicClient());
if (rep.isFullScopeAllowed() != null) resource.setFullScopeAllowed(rep.isFullScopeAllowed());
if (rep.isFrontchannelLogout() != null) resource.setFrontchannelLogout(rep.isFrontchannelLogout());

View file

@ -59,6 +59,7 @@ import javax.ws.rs.core.UriInfo;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -217,7 +218,20 @@ public class UsersResource {
throw new NotFoundException("User not found");
}
return ModelToRepresentation.toRepresentation(user);
UserRepresentation rep = ModelToRepresentation.toRepresentation(user);
if (realm.isIdentityFederationEnabled()) {
Set<FederatedIdentityModel> identities = session.users().getFederatedIdentities(user, realm);
if (!identities.isEmpty()) {
List<FederatedIdentityRepresentation> reps = new LinkedList<>();
for (FederatedIdentityModel m : identities) {
reps.add(ModelToRepresentation.toRepresentation(m));
}
rep.setFederatedIdentities(reps);
}
}
return rep;
}
/**

View file

@ -43,7 +43,7 @@
"theme": {
"default": "keycloak",
"staticMaxAge": 2592000,
"staticMaxAge": "${keycloak.theme.staticMaxAge:2592000}",
"cacheTemplates": "${keycloak.theme.cacheTemplates:true}",
"cacheThemes": "${keycloak.theme.cacheThemes:true}",
"folder": {