import type ClientRepresentation from "@keycloak/keycloak-admin-client/lib/defs/clientRepresentation"; import { AlertVariant, ButtonVariant, Divider, DropdownItem, Label, PageSection, Tab, TabTitleText, Tooltip, } from "@patternfly/react-core"; import { InfoCircleIcon } from "@patternfly/react-icons"; import { cloneDeep, sortBy } from "lodash-es"; import { useMemo, useState } from "react"; import { Controller, FormProvider, useForm, useWatch, } from "react-hook-form-v7"; import { useTranslation } from "react-i18next"; import { useHistory } from "react-router-dom"; import { useNavigate } from "react-router-dom-v5-compat"; import { useAlerts } from "../components/alert/Alerts"; import { ConfirmDialogModal, useConfirmDialog, } from "../components/confirm-dialog/ConfirmDialog"; import { DownloadDialog } from "../components/download-dialog/DownloadDialog"; import type { KeyValueType } from "../components/key-value-form/key-value-convert"; import { KeycloakSpinner } from "../components/keycloak-spinner/KeycloakSpinner"; import { PermissionsTab } from "../components/permission-tab/PermissionTab"; import { routableTab, RoutableTabs, } from "../components/routable-tabs/RoutableTabs"; import { ViewHeader, ViewHeaderBadge, } from "../components/view-header/ViewHeader"; import { useAccess } from "../context/access/Access"; import { useAdminClient, useFetch } from "../context/auth/AdminClient"; import { useRealm } from "../context/realm-context/RealmContext"; import { useServerInfo } from "../context/server-info/ServerInfoProvider"; import { RolesList } from "../realm-roles/RolesList"; import { convertAttributeNameToForm, convertFormValuesToObject, convertToFormValues, exportClient, } from "../util"; import { useParams } from "../utils/useParams"; import useToggle from "../utils/useToggle"; import { AdvancedTab } from "./AdvancedTab"; import { AuthorizationEvaluate } from "./authorization/AuthorizationEvaluate"; import { AuthorizationExport } from "./authorization/AuthorizationExport"; import { AuthorizationPermissions } from "./authorization/Permissions"; import { AuthorizationPolicies } from "./authorization/Policies"; import { AuthorizationResources } from "./authorization/Resources"; import { AuthorizationScopes } from "./authorization/Scopes"; import { AuthorizationSettings } from "./authorization/Settings"; import { ClientSessions } from "./ClientSessions"; import { ClientSettings } from "./ClientSettings"; import { Credentials } from "./credentials/Credentials"; import { Keys } from "./keys/Keys"; import { SamlKeys } from "./keys/SamlKeys"; import { AuthorizationTab, toAuthorizationTab, } from "./routes/AuthenticationTab"; import { ClientParams, ClientTab, toClient } from "./routes/Client"; import { toClients } from "./routes/Clients"; import { toClientScopesTab } from "./routes/ClientScopeTab"; import { ClientScopes } from "./scopes/ClientScopes"; import { EvaluateScopes } from "./scopes/EvaluateScopes"; import { ServiceAccount } from "./service-account/ServiceAccount"; import { getProtocolName, isRealmClient } from "./utils"; type ClientDetailHeaderProps = { onChange: (value: boolean) => void; value: boolean | undefined; save: () => void; client: ClientRepresentation; toggleDownloadDialog: () => void; toggleDeleteDialog: () => void; }; const ClientDetailHeader = ({ onChange, value, save, client, toggleDownloadDialog, toggleDeleteDialog, }: ClientDetailHeaderProps) => { const { t } = useTranslation("clients"); const [toggleDisableDialog, DisableConfirm] = useConfirmDialog({ titleKey: "clients:disableConfirmTitle", messageKey: "clients:disableConfirm", continueButtonLabel: "common:disable", onConfirm: () => { onChange(!value); save(); }, }); const badges = useMemo(() => { const protocolName = getProtocolName( t, client.protocol ?? "openid-connect" ); const text = client.bearerOnly ? ( ) : ( ); return [{ text }]; }, [client, t]); const { hasAccess } = useAccess(); const isManager = hasAccess("manage-clients") || client.access?.configure; const dropdownItems = [ {t("downloadAdapterConfig")} , exportClient(client)}> {t("common:export")} , ...(!isRealmClient(client) && isManager ? [ , {t("common:delete")} , ] : []), ]; return ( <> { if (!value) { toggleDisableDialog(); } else { onChange(value); save(); } }} /> ); }; export type SaveOptions = { confirmed?: boolean; messageKey?: string; }; export type FormFields = Omit< ClientRepresentation, "authorizationSettings" | "resources" >; export default function ClientDetails() { const { t } = useTranslation("clients"); const { adminClient } = useAdminClient(); const { addAlert, addError } = useAlerts(); const { realm } = useRealm(); const { profileInfo } = useServerInfo(); const { hasAccess } = useAccess(); const permissionsEnabled = !profileInfo?.disabledFeatures?.includes("ADMIN_FINE_GRAINED_AUTHZ") && hasAccess("manage-authorization"); const hasManageClients = hasAccess("manage-clients"); const hasViewUsers = hasAccess("view-users"); const history = useHistory(); const navigate = useNavigate(); const [downloadDialogOpen, toggleDownloadDialogOpen] = useToggle(); const [changeAuthenticatorOpen, toggleChangeAuthenticatorOpen] = useToggle(); const form = useForm({ shouldUnregister: false }); const { clientId } = useParams(); const [key, setKey] = useState(0); const clientAuthenticatorType = useWatch({ control: form.control, name: "clientAuthenticatorType", defaultValue: "client-secret", }); const [client, setClient] = useState(); const loader = async () => { const roles = await adminClient.clients.listRoles({ id: clientId }); return sortBy(roles, (role) => role.name?.toUpperCase()); }; const [toggleDeleteDialog, DeleteConfirm] = useConfirmDialog({ titleKey: "clients:clientDeleteConfirmTitle", messageKey: "clients:clientDeleteConfirm", continueButtonLabel: "common:delete", continueButtonVariant: ButtonVariant.danger, onConfirm: async () => { try { await adminClient.clients.del({ id: clientId }); addAlert(t("clientDeletedSuccess"), AlertVariant.success); navigate(toClients({ realm })); } catch (error) { addError("clients:clientDeleteError", error); } }, }); const setupForm = (client: ClientRepresentation) => { form.reset({ ...client }); convertToFormValues(client, form.setValue); if (client.attributes?.["acr.loa.map"]) { form.setValue( convertAttributeNameToForm("attributes.acr.loa.map"), // @ts-ignore Object.entries(JSON.parse(client.attributes["acr.loa.map"])).flatMap( ([key, value]) => ({ key, value }) ) ); } }; useFetch( () => adminClient.clients.findOne({ id: clientId }), (fetchedClient) => { if (!fetchedClient) { throw new Error(t("common:notFound")); } setClient(cloneDeep(fetchedClient)); setupForm(fetchedClient); }, [clientId, key] ); const save = async ( { confirmed = false, messageKey = "clientSaveSuccess" }: SaveOptions = { confirmed: false, messageKey: "clientSaveSuccess", } ) => { if (!(await form.trigger())) { return; } if ( !client?.publicClient && client?.clientAuthenticatorType !== clientAuthenticatorType && !confirmed ) { toggleChangeAuthenticatorOpen(); return; } const values = convertFormValuesToObject(form.getValues()); const submittedClient = convertFormValuesToObject(values); if (submittedClient.attributes?.["acr.loa.map"]) { submittedClient.attributes["acr.loa.map"] = JSON.stringify( Object.fromEntries( (submittedClient.attributes["acr.loa.map"] as KeyValueType[]) .filter(({ key }) => key !== "") .map(({ key, value }) => [key, value]) ) ); } try { const newClient: ClientRepresentation = { ...client, ...submittedClient, }; newClient.clientId = newClient.clientId?.trim(); await adminClient.clients.update({ id: clientId }, newClient); setupForm(newClient); setClient(newClient); addAlert(t(messageKey), AlertVariant.success); } catch (error) { addError("clients:clientSaveError", error); } }; if (!client) { return ; } const route = (tab: ClientTab) => routableTab({ to: toClient({ realm, clientId, tab, }), history, }); const authenticationRoute = (tab: AuthorizationTab) => routableTab({ to: toAuthorizationTab({ realm, clientId, tab, }), history, }); return ( <> save({ confirmed: true })} > <> {t("changeAuthenticatorConfirm", { clientAuthenticatorType: clientAuthenticatorType, })} {downloadDialogOpen && ( )} ( )} /> {t("common:settings")}} {...route("settings")} > save()} reset={() => setupForm(client)} /> {((!client.publicClient && !isRealmClient(client)) || client.protocol === "saml") && ( {t("keys")}} {...route("keys")} > {client.protocol === "openid-connect" && ( )} {client.protocol === "saml" && ( )} )} {!client.publicClient && !isRealmClient(client) && (hasManageClients || client.access?.configure) && ( {t("credentials")}} {...route("credentials")} > setKey(key + 1)} /> )} {t("roles")}} {...route("roles")} > {!isRealmClient(client) && !client.bearerOnly && ( {t("clientScopes")}} {...route("clientScopes")} > {t("setup")}} {...routableTab({ to: toClientScopesTab({ realm, clientId, tab: "setup", }), history, })} > {t("evaluate")}} {...routableTab({ to: toClientScopesTab({ realm, clientId, tab: "evaluate", }), history, })} > )} {client!.authorizationServicesEnabled && ( {t("authorization")}} {...route("authorization")} > {t("settings")}} {...authenticationRoute("settings")} > {t("resources")}} {...authenticationRoute("resources")} > {t("scopes")}} {...authenticationRoute("scopes")} > {t("policies")}} {...authenticationRoute("policies")} > {t("common:permissions")} } {...authenticationRoute("permissions")} > {t("evaluate")}} {...authenticationRoute("evaluate")} > {t("common:export")}} {...authenticationRoute("export")} > )} {client!.serviceAccountsEnabled && hasViewUsers && ( {t("serviceAccount")}} {...route("serviceAccount")} > )} {t("sessions")}} {...route("sessions")} > {permissionsEnabled && (hasManageClients || client.access?.manage) && ( {t("common:permissions")}} {...route("permissions")} > )} {t("advanced")}} {...route("advanced")} > ); }