Merge pull request #1205 from stianst/master
KEYCLOAK-1248 Fix direct grants only switch
This commit is contained in:
Stian Thorgersen
commit
fd91d46b5b
12 changed files with 44 additions and 18 deletions
|
|
@ -144,7 +144,7 @@ public class ClientRepresentation {
|
|||
this.consentRequired = consentRequired;
|
||||
}
|
||||
|
||||
public Boolean getDirectGrantsOnly() {
|
||||
public Boolean isDirectGrantsOnly() {
|
||||
return directGrantsOnly;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -792,7 +792,7 @@ module.controller('ClientDetailCtrl', function($scope, realm, client, serverInfo
|
|||
$scope.client.attributes['saml.signature.algorithm'] = $scope.signatureAlgorithm;
|
||||
$scope.client.attributes['saml_name_id_format'] = $scope.nameIdFormat;
|
||||
|
||||
if ($scope.client.protocol != 'saml' && !$scope.client.bearerOnly && (!$scope.client.redirectUris || $scope.client.redirectUris.length == 0)) {
|
||||
if ($scope.client.protocol != 'saml' && !$scope.client.bearerOnly && !$scope.client.directGrantsOnly && (!$scope.client.redirectUris || $scope.client.redirectUris.length == 0)) {
|
||||
Notifications.error("You must specify at least one redirect uri");
|
||||
} else {
|
||||
if ($scope.create) {
|
||||
|
|
|
|||
|
|
@ -871,7 +871,11 @@ module.controller('RealmIdentityProviderCtrl', function($scope, $filter, $upload
|
|||
};
|
||||
|
||||
$scope.cancel = function() {
|
||||
$route.reload();
|
||||
if ($scope.newIdentityProvider) {
|
||||
$location.url("/realms/" + realm.realm + "/identity-provider-settings");
|
||||
} else {
|
||||
$route.reload();
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -384,7 +384,7 @@ module.controller('UserFederationCtrl', function($scope, $location, realm, UserF
|
|||
|
||||
});
|
||||
|
||||
module.controller('GenericUserFederationCtrl', function($scope, $location, Notifications, Dialog, realm, instance, providerFactory, UserFederationInstances, UserFederationSync) {
|
||||
module.controller('GenericUserFederationCtrl', function($scope, $location, Notifications, $route, Dialog, realm, instance, providerFactory, UserFederationInstances, UserFederationSync) {
|
||||
console.log('GenericUserFederationCtrl');
|
||||
|
||||
$scope.create = !instance.providerName;
|
||||
|
|
@ -453,9 +453,13 @@ module.controller('GenericUserFederationCtrl', function($scope, $location, Notif
|
|||
$scope.save = function() {
|
||||
$scope.changed = false;
|
||||
if ($scope.create) {
|
||||
UserFederationInstances.save({realm: realm.realm}, $scope.instance, function () {
|
||||
UserFederationInstances.save({realm: realm.realm}, $scope.instance, function (data, headers) {
|
||||
$scope.changed = false;
|
||||
$location.url("/realms/" + realm.realm + "/user-federation");
|
||||
|
||||
var l = headers().location;
|
||||
var id = l.substring(l.lastIndexOf("/") + 1);
|
||||
|
||||
$location.url("/realms/" + realm.realm + "/user-federation/providers/" + $scope.instance.providerName + "/" + id);
|
||||
Notifications.success("The provider has been created.");
|
||||
});
|
||||
} else {
|
||||
|
|
@ -463,11 +467,9 @@ module.controller('GenericUserFederationCtrl', function($scope, $location, Notif
|
|||
instance: instance.id
|
||||
},
|
||||
$scope.instance, function () {
|
||||
$scope.changed = false;
|
||||
$location.url("/realms/" + realm.realm + "/user-federation");
|
||||
$route.reload();
|
||||
Notifications.success("The provider has been updated.");
|
||||
});
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -158,7 +158,7 @@
|
|||
<kc-tooltip>The name ID format to use for the subject.</kc-tooltip>
|
||||
</div>
|
||||
|
||||
<div class="form-group clearfix block" data-ng-show="!client.bearerOnly">
|
||||
<div class="form-group clearfix block" data-ng-hide="client.bearerOnly || client.directGrantsOnly">
|
||||
<label class="col-md-2 control-label" for="newRedirectUri"><span class="required" data-ng-show="protocol != 'saml'">*</span> Valid Redirect URIs</label>
|
||||
|
||||
<div class="col-sm-6">
|
||||
|
|
@ -204,7 +204,7 @@
|
|||
<kc-tooltip>If configured, this URL will be used for every binding to both the SP's Assertion Consumer and Single Logout Services. This can be individually overiden for each binding and service in the Fine Grain SAML Endpoint Configuration.</kc-tooltip>
|
||||
</div>
|
||||
<div class="form-group" data-ng-show="!client.bearerOnly && !create && protocol == 'openid-connect'">
|
||||
<label class="col-md-2 control-label" for="newWebOrigin">Web Origin</label>
|
||||
<label class="col-md-2 control-label" for="newWebOrigin">Web Origins</label>
|
||||
|
||||
<div class="col-sm-6">
|
||||
<div class="input-group" ng-repeat="(i, webOrigin) in client.webOrigins track by $index">
|
||||
|
|
|
|||
|
|
@ -19,8 +19,8 @@
|
|||
</div>
|
||||
|
||||
<div class="pull-right" data-ng-show="access.manageRealm">
|
||||
<a class="btn btn-primary" href="#/import/client/{{realm.realm}}" data-ng-show="importButton">Import</a>
|
||||
<a class="btn btn-primary" href="#/create/client/{{realm.realm}}">Create</a>
|
||||
<a class="btn btn-primary" href="#/import/client/{{realm.realm}}" data-ng-show="importButton">Import</a>
|
||||
</div>
|
||||
</div>
|
||||
</th>
|
||||
|
|
|
|||
|
|
@ -92,9 +92,12 @@
|
|||
</div>
|
||||
</fieldset>
|
||||
|
||||
<div class="pull-right form-actions">
|
||||
<button kc-save>Save</button>
|
||||
<button kc-delete data-ng-click="remove()" data-ng-show="!newIdentityProvider">Delete</button>
|
||||
<div class="form-group">
|
||||
<div class="col-md-10 col-md-offset-2">
|
||||
<button kc-save data-ng-show="changed">Save</button>
|
||||
<button kc-cancel data-ng-click="cancel()" data-ng-show="changed">Cancel</button>
|
||||
<button kc-delete data-ng-click="remove()" data-ng-show="!newIdentityProvider">Delete</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@
|
|||
<li ng-class="{active: path[4] == 'role-mappings'}" ><a href="#/realms/{{realm.realm}}/users/{{user.username}}/role-mappings">Role Mappings</a></li>
|
||||
<li ng-class="{active: path[4] == 'consents'}"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/consents">Consents</a></li>
|
||||
<li ng-class="{active: path[4] == 'sessions'}" ><a href="#/realms/{{realm.realm}}/users/{{user.username}}/sessions">Sessions</a></li>
|
||||
<li ng-class="{active: path[4] == 'federated-identity'}" data-ng-show="realm.identityFederationEnabled"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/federated-identity">Federated Identities</a></li>
|
||||
<li ng-class="{active: path[4] == 'federated-identity'}" data-ng-show="user.federatedIdentities && user.federatedIdentities.length > 0"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/federated-identity">Identity Provider Links</a></li>
|
||||
</ul>
|
||||
|
|
@ -238,6 +238,7 @@ public class ModelToRepresentation {
|
|||
rep.setFullScopeAllowed(clientModel.isFullScopeAllowed());
|
||||
rep.setBearerOnly(clientModel.isBearerOnly());
|
||||
rep.setConsentRequired(clientModel.isConsentRequired());
|
||||
rep.setDirectGrantsOnly(clientModel.isDirectGrantsOnly());
|
||||
rep.setSurrogateAuthRequired(clientModel.isSurrogateAuthRequired());
|
||||
rep.setBaseUrl(clientModel.getBaseUrl());
|
||||
rep.setNotBefore(clientModel.getNotBefore());
|
||||
|
|
|
|||
|
|
@ -531,6 +531,7 @@ public class RepresentationToModel {
|
|||
if (resourceRep.getBaseUrl() != null) client.setBaseUrl(resourceRep.getBaseUrl());
|
||||
if (resourceRep.isBearerOnly() != null) client.setBearerOnly(resourceRep.isBearerOnly());
|
||||
if (resourceRep.isConsentRequired() != null) client.setConsentRequired(resourceRep.isConsentRequired());
|
||||
if (resourceRep.isDirectGrantsOnly() != null) client.setDirectGrantsOnly(resourceRep.isDirectGrantsOnly());
|
||||
if (resourceRep.isPublicClient() != null) client.setPublicClient(resourceRep.isPublicClient());
|
||||
if (resourceRep.isFrontchannelLogout() != null) client.setFrontchannelLogout(resourceRep.isFrontchannelLogout());
|
||||
if (resourceRep.getProtocol() != null) client.setProtocol(resourceRep.getProtocol());
|
||||
|
|
@ -619,6 +620,7 @@ public class RepresentationToModel {
|
|||
if (rep.isEnabled() != null) resource.setEnabled(rep.isEnabled());
|
||||
if (rep.isBearerOnly() != null) resource.setBearerOnly(rep.isBearerOnly());
|
||||
if (rep.isConsentRequired() != null) resource.setConsentRequired(rep.isConsentRequired());
|
||||
if (rep.isDirectGrantsOnly() != null) resource.setDirectGrantsOnly(rep.isDirectGrantsOnly());
|
||||
if (rep.isPublicClient() != null) resource.setPublicClient(rep.isPublicClient());
|
||||
if (rep.isFullScopeAllowed() != null) resource.setFullScopeAllowed(rep.isFullScopeAllowed());
|
||||
if (rep.isFrontchannelLogout() != null) resource.setFrontchannelLogout(rep.isFrontchannelLogout());
|
||||
|
|
|
|||
|
|
@ -59,6 +59,7 @@ import javax.ws.rs.core.UriInfo;
|
|||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
|
@ -217,7 +218,20 @@ public class UsersResource {
|
|||
throw new NotFoundException("User not found");
|
||||
}
|
||||
|
||||
return ModelToRepresentation.toRepresentation(user);
|
||||
UserRepresentation rep = ModelToRepresentation.toRepresentation(user);
|
||||
|
||||
if (realm.isIdentityFederationEnabled()) {
|
||||
Set<FederatedIdentityModel> identities = session.users().getFederatedIdentities(user, realm);
|
||||
if (!identities.isEmpty()) {
|
||||
List<FederatedIdentityRepresentation> reps = new LinkedList<>();
|
||||
for (FederatedIdentityModel m : identities) {
|
||||
reps.add(ModelToRepresentation.toRepresentation(m));
|
||||
}
|
||||
rep.setFederatedIdentities(reps);
|
||||
}
|
||||
}
|
||||
|
||||
return rep;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@
|
|||
|
||||
"theme": {
|
||||
"default": "keycloak",
|
||||
"staticMaxAge": 2592000,
|
||||
"staticMaxAge": "${keycloak.theme.staticMaxAge:2592000}",
|
||||
"cacheTemplates": "${keycloak.theme.cacheTemplates:true}",
|
||||
"cacheThemes": "${keycloak.theme.cacheThemes:true}",
|
||||
"folder": {
|
||||
|
|
|
|||
Loading…
Reference in a new issue