keycloak-uncached
Changes
core/src/main/java/org/keycloak/representations/idm/ClientIdentityProviderMappingRepresentation.java 43(+0 -43)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html 21(+14 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-saml.html 21(+14 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html 21(+14 -7)
testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java 1(+0 -1)
Details
diff --git a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.RC1.xml b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.RC1.xml
index f435ffc..709d50b 100755
--- a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.RC1.xml
+++ b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.RC1.xml
@@ -90,6 +90,11 @@
</column>
<column name="NAME" type="VARCHAR(255)" />
</addColumn>
+ <addColumn tableName="IDENTITY_PROVIDER">
+ <column name="ADD_TOKEN_ROLE" type="BOOLEAN" defaultValueBoolean="true">
+ <constraints nullable="false"/>
+ </column>
+ </addColumn>
<update tableName="CLIENT">
<column name="CONSENT_REQUIRED" valueBoolean="true"/>
<where>DTYPE = 'OAuthClientEntity'</where>
diff --git a/core/src/main/java/org/keycloak/representations/idm/ClientRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/ClientRepresentation.java
index 4137196..ac118e4 100755
--- a/core/src/main/java/org/keycloak/representations/idm/ClientRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/ClientRepresentation.java
@@ -30,7 +30,6 @@ public class ClientRepresentation {
protected Boolean fullScopeAllowed;
protected Integer nodeReRegistrationTimeout;
protected Map<String, Integer> registeredNodes;
- protected List<ClientIdentityProviderMappingRepresentation> identityProviders;
protected List<ProtocolMapperRepresentation> protocolMappers;
public String getId() {
@@ -209,14 +208,6 @@ public class ClientRepresentation {
this.frontchannelLogout = frontchannelLogout;
}
- public List<ClientIdentityProviderMappingRepresentation> getIdentityProviders() {
- return this.identityProviders;
- }
-
- public void setIdentityProviders(List<ClientIdentityProviderMappingRepresentation> identityProviders) {
- this.identityProviders = identityProviders;
- }
-
public List<ProtocolMapperRepresentation> getProtocolMappers() {
return protocolMappers;
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/IdentityProviderRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/IdentityProviderRepresentation.java
index 2e89c64..c456355 100755
--- a/core/src/main/java/org/keycloak/representations/idm/IdentityProviderRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/IdentityProviderRepresentation.java
@@ -31,6 +31,7 @@ public class IdentityProviderRepresentation {
protected boolean enabled = true;
protected boolean updateProfileFirstLogin = true;
protected boolean storeToken;
+ protected boolean addReadTokenRoleOnCreate;
protected boolean authenticateByDefault;
protected Map<String, String> config = new HashMap<String, String>();
@@ -97,4 +98,12 @@ public class IdentityProviderRepresentation {
public void setStoreToken(boolean storeToken) {
this.storeToken = storeToken;
}
+
+ public boolean isAddReadTokenRoleOnCreate() {
+ return addReadTokenRoleOnCreate;
+ }
+
+ public void setAddReadTokenRoleOnCreate(boolean addReadTokenRoleOnCreate) {
+ this.addReadTokenRoleOnCreate = addReadTokenRoleOnCreate;
+ }
}
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html
index 0d1d027..6ae4a81 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html
@@ -41,13 +41,20 @@
</div>
<span tooltip-placement="right" tooltip="Indicates if this provider should be tried by default for authentication even before displaying login screen" class="fa fa-info-circle"></span>
</div>
- <!--<div class="form-group">-->
- <!--<label class="col-sm-2 control-label" for="enabled">Store Tokens</label>-->
- <!--<div class="col-sm-4">-->
- <!--<input ng-model="identityProvider.storeToken" id="storeToken" onoffswitch />-->
- <!--</div>-->
- <!--<span tooltip-placement="right" tooltip="Enable/disable if tokens must be stored when authenticating users." class="fa fa-info-circle"></span>-->
- <!--</div>-->
+ <div class="form-group">
+ <label class="col-sm-2 control-label" for="enabled">Store Tokens</label>
+ <div class="col-sm-4">
+ <input ng-model="identityProvider.storeToken" id="storeToken" onoffswitch />
+ </div>
+ <span tooltip-placement="right" tooltip="Enable/disable if tokens must be stored after authenticating users." class="fa fa-info-circle"></span>
+ </div>
+ <div class="form-group">
+ <label class="col-sm-2 control-label" for="storedTokensReadable">Stored Tokens Readable</label>
+ <div class="col-sm-4">
+ <input ng-model="identityProvider.addReadTokenRoleOnCreate" id="storedTokensReadable" onoffswitch />
+ </div>
+ <span tooltip-placement="right" tooltip="Enable/disable new users can read any stored tokens. This assigns the broker.READ_TOKEN role." class="fa fa-info-circle"></span>
+ </div>
<div class="form-group">
<label class="col-sm-2 control-label" for="updateProfileFirstLogin">Update Profile on First Login</label>
<div class="col-sm-4">
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-saml.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-saml.html
index ef62c07..6746d0a 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-saml.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-saml.html
@@ -41,13 +41,20 @@
</div>
<span tooltip-placement="right" tooltip="Indicates if this provider should be tried by default for authentication even before displaying login screen" class="fa fa-info-circle"></span>
</div>
- <!--<div class="form-group">-->
- <!--<label class="col-sm-2 control-label" for="enabled">Store Tokens</label>-->
- <!--<div class="col-sm-4">-->
- <!--<input ng-model="identityProvider.storeToken" id="storeToken" onoffswitch />-->
- <!--</div>-->
- <!--<span tooltip-placement="right" tooltip="Enable/disable if tokens must be stored when authenticating users." class="fa fa-info-circle"></span>-->
- <!--</div>-->
+ <div class="form-group">
+ <label class="col-sm-2 control-label" for="enabled">Store Tokens</label>
+ <div class="col-sm-4">
+ <input ng-model="identityProvider.storeToken" id="storeToken" onoffswitch />
+ </div>
+ <span tooltip-placement="right" tooltip="Enable/disable if tokens must be stored after authenticating users." class="fa fa-info-circle"></span>
+ </div>
+ <div class="form-group">
+ <label class="col-sm-2 control-label" for="storedTokensReadable">Stored Tokens Readable</label>
+ <div class="col-sm-4">
+ <input ng-model="identityProvider.addReadTokenRoleOnCreate" id="storedTokensReadable" onoffswitch />
+ </div>
+ <span tooltip-placement="right" tooltip="Enable/disable new users can read any stored tokens. This assigns the broker.READ_TOKEN role." class="fa fa-info-circle"></span>
+ </div>
<div class="form-group">
<label class="col-sm-2 control-label" for="updateProfileFirstLogin">Update Profile on First Login</label>
<div class="col-sm-4">
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html
index dd07093..3c9260a 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html
@@ -45,13 +45,20 @@
</div>
<span tooltip-placement="right" tooltip="The scopes to be sent when asking for authorization. See documentation for possible values, separator and default value'." class="fa fa-info-circle"></span>
</div>
- <!--<div class="form-group">-->
- <!--<label class="col-sm-2 control-label" for="enabled">Store Tokens</label>-->
- <!--<div class="col-sm-4">-->
- <!--<input ng-model="identityProvider.storeToken" id="storeToken" onoffswitch />-->
- <!--</div>-->
- <!--<span tooltip-placement="right" tooltip="Enable/disable if tokens must be stored when authenticating users." class="fa fa-info-circle"></span>-->
- <!--</div>-->
+ <div class="form-group">
+ <label class="col-sm-2 control-label" for="enabled">Store Tokens</label>
+ <div class="col-sm-4">
+ <input ng-model="identityProvider.storeToken" id="storeToken" onoffswitch />
+ </div>
+ <span tooltip-placement="right" tooltip="Enable/disable if tokens must be stored after authenticating users." class="fa fa-info-circle"></span>
+ </div>
+ <div class="form-group">
+ <label class="col-sm-2 control-label" for="storedTokensReadable">Stored Tokens Readable</label>
+ <div class="col-sm-4">
+ <input ng-model="identityProvider.addReadTokenRoleOnCreate" id="storedTokensReadable" onoffswitch />
+ </div>
+ <span tooltip-placement="right" tooltip="Enable/disable new users can read any stored tokens. This assigns the broker.READ_TOKEN role." class="fa fa-info-circle"></span>
+ </div>
<div class="form-group">
<label class="col-sm-2 control-label" for="enabled">Enabled</label>
<div class="col-sm-4">
diff --git a/model/api/src/main/java/org/keycloak/models/entities/IdentityProviderEntity.java b/model/api/src/main/java/org/keycloak/models/entities/IdentityProviderEntity.java
index 4effc07..04dd0bc 100755
--- a/model/api/src/main/java/org/keycloak/models/entities/IdentityProviderEntity.java
+++ b/model/api/src/main/java/org/keycloak/models/entities/IdentityProviderEntity.java
@@ -32,6 +32,7 @@ public class IdentityProviderEntity {
private boolean enabled;
private boolean updateProfileFirstLogin;
private boolean storeToken;
+ protected boolean addReadTokenRoleOnCreate;
private boolean authenticateByDefault;
private Map<String, String> config = new HashMap<String, String>();
@@ -107,4 +108,12 @@ public class IdentityProviderEntity {
public void setConfig(Map<String, String> config) {
this.config = config;
}
+
+ public boolean isAddReadTokenRoleOnCreate() {
+ return addReadTokenRoleOnCreate;
+ }
+
+ public void setAddReadTokenRoleOnCreate(boolean addReadTokenRoleOnCreate) {
+ this.addReadTokenRoleOnCreate = addReadTokenRoleOnCreate;
+ }
}
diff --git a/model/api/src/main/java/org/keycloak/models/IdentityProviderModel.java b/model/api/src/main/java/org/keycloak/models/IdentityProviderModel.java
index 0328087..c7cb4a7 100755
--- a/model/api/src/main/java/org/keycloak/models/IdentityProviderModel.java
+++ b/model/api/src/main/java/org/keycloak/models/IdentityProviderModel.java
@@ -47,6 +47,7 @@ public class IdentityProviderModel {
private boolean storeToken;
+ protected boolean addReadTokenRoleOnCreate;
/**
* Specifies if particular provider should be used by default for authentication even before displaying login screen
*/
@@ -70,6 +71,7 @@ public class IdentityProviderModel {
this.updateProfileFirstLogin = model.isUpdateProfileFirstLogin();
this.storeToken = model.isStoreToken();
this.authenticateByDefault = model.isAuthenticateByDefault();
+ this.addReadTokenRoleOnCreate = model.addReadTokenRoleOnCreate;
}
public String getInternalId() {
@@ -135,4 +137,12 @@ public class IdentityProviderModel {
public void setConfig(Map<String, String> config) {
this.config = config;
}
+
+ public boolean isAddReadTokenRoleOnCreate() {
+ return addReadTokenRoleOnCreate;
+ }
+
+ public void setAddReadTokenRoleOnCreate(boolean addReadTokenRoleOnCreate) {
+ this.addReadTokenRoleOnCreate = addReadTokenRoleOnCreate;
+ }
}
diff --git a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
index e10cbed..a66d327 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -294,6 +294,7 @@ public class ModelToRepresentation {
providerRep.setUpdateProfileFirstLogin(identityProviderModel.isUpdateProfileFirstLogin());
providerRep.setAuthenticateByDefault(identityProviderModel.isAuthenticateByDefault());
providerRep.setConfig(identityProviderModel.getConfig());
+ providerRep.setAddReadTokenRoleOnCreate(identityProviderModel.isAddReadTokenRoleOnCreate());
return providerRep;
}
diff --git a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
index d5983cd..c53328d 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
@@ -889,6 +889,7 @@ public class RepresentationToModel {
identityProviderModel.setUpdateProfileFirstLogin(representation.isUpdateProfileFirstLogin());
identityProviderModel.setAuthenticateByDefault(representation.isAuthenticateByDefault());
identityProviderModel.setStoreToken(representation.isStoreToken());
+ identityProviderModel.setAddReadTokenRoleOnCreate(representation.isAddReadTokenRoleOnCreate());
identityProviderModel.setConfig(representation.getConfig());
return identityProviderModel;
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/IdentityProviderEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/IdentityProviderEntity.java
index 00671fb..ba6de02 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/IdentityProviderEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/IdentityProviderEntity.java
@@ -47,6 +47,9 @@ public class IdentityProviderEntity {
@Column(name="STORE_TOKEN")
private boolean storeToken;
+ @Column(name="ADD_TOKEN_ROLE")
+ protected boolean addReadTokenRoleOnCreate;
+
@Column(name="AUTHENTICATE_BY_DEFAULT")
private boolean authenticateByDefault;
@@ -128,5 +131,11 @@ public class IdentityProviderEntity {
this.config = config;
}
+ public boolean isAddReadTokenRoleOnCreate() {
+ return addReadTokenRoleOnCreate;
+ }
+ public void setAddReadTokenRoleOnCreate(boolean addReadTokenRoleOnCreate) {
+ this.addReadTokenRoleOnCreate = addReadTokenRoleOnCreate;
+ }
}
\ No newline at end of file
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index 4cc5ddf..8618ddb 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -1093,6 +1093,7 @@ public class RealmAdapter implements RealmModel {
identityProviderModel.setUpdateProfileFirstLogin(entity.isUpdateProfileFirstLogin());
identityProviderModel.setAuthenticateByDefault(entity.isAuthenticateByDefault());
identityProviderModel.setStoreToken(entity.isStoreToken());
+ identityProviderModel.setAddReadTokenRoleOnCreate(entity.isAddReadTokenRoleOnCreate());
identityProviders.add(identityProviderModel);
}
@@ -1120,6 +1121,7 @@ public class RealmAdapter implements RealmModel {
entity.setProviderId(identityProvider.getProviderId());
entity.setEnabled(identityProvider.isEnabled());
entity.setStoreToken(identityProvider.isStoreToken());
+ entity.setAddReadTokenRoleOnCreate(identityProvider.isAddReadTokenRoleOnCreate());
entity.setUpdateProfileFirstLogin(identityProvider.isUpdateProfileFirstLogin());
entity.setAuthenticateByDefault(identityProvider.isAuthenticateByDefault());
entity.setConfig(identityProvider.getConfig());
@@ -1148,6 +1150,7 @@ public class RealmAdapter implements RealmModel {
entity.setEnabled(identityProvider.isEnabled());
entity.setUpdateProfileFirstLogin(identityProvider.isUpdateProfileFirstLogin());
entity.setAuthenticateByDefault(identityProvider.isAuthenticateByDefault());
+ entity.setAddReadTokenRoleOnCreate(identityProvider.isAddReadTokenRoleOnCreate());
entity.setStoreToken(identityProvider.isStoreToken());
entity.setConfig(identityProvider.getConfig());
}
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
index 27b62f6..fb08290 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@@ -763,6 +763,7 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
identityProviderModel.setUpdateProfileFirstLogin(entity.isUpdateProfileFirstLogin());
identityProviderModel.setAuthenticateByDefault(entity.isAuthenticateByDefault());
identityProviderModel.setStoreToken(entity.isStoreToken());
+ identityProviderModel.setAddReadTokenRoleOnCreate(entity.isAddReadTokenRoleOnCreate());
identityProviders.add(identityProviderModel);
}
@@ -790,6 +791,7 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
entity.setProviderId(identityProvider.getProviderId());
entity.setEnabled(identityProvider.isEnabled());
entity.setUpdateProfileFirstLogin(identityProvider.isUpdateProfileFirstLogin());
+ entity.setAddReadTokenRoleOnCreate(identityProvider.isAddReadTokenRoleOnCreate());
entity.setStoreToken(identityProvider.isStoreToken());
entity.setAuthenticateByDefault(identityProvider.isAuthenticateByDefault());
entity.setConfig(identityProvider.getConfig());
@@ -818,6 +820,7 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
entity.setEnabled(identityProvider.isEnabled());
entity.setUpdateProfileFirstLogin(identityProvider.isUpdateProfileFirstLogin());
entity.setAuthenticateByDefault(identityProvider.isAuthenticateByDefault());
+ entity.setAddReadTokenRoleOnCreate(identityProvider.isAddReadTokenRoleOnCreate());
entity.setStoreToken(identityProvider.isStoreToken());
entity.setConfig(identityProvider.getConfig());
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
index f1f1f97..114aa06 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
@@ -7,7 +7,6 @@ import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.IdentityProviderFactory;
import org.keycloak.broker.provider.IdentityProviderMapper;
import org.keycloak.models.ClientModel;
-import org.keycloak.models.ClientIdentityProviderMappingModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
index b2f5a53..e51c209 100755
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
@@ -534,7 +534,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
federatedUser.setLastName(updatedIdentity.getLastName());
- if (updatedIdentity.getIdpConfig().isStoreToken()) {
+ if (updatedIdentity.getIdpConfig().isAddReadTokenRoleOnCreate()) {
RoleModel readTokenRole = realmModel.getClientByClientId(Constants.BROKER_SERVICE_CLIENT_ID).getRole(READ_TOKEN_ROLE);
federatedUser.grantRole(readTokenRole);
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java
index 5a783ff..6b294e2 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java
@@ -30,7 +30,6 @@ import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
-import org.keycloak.models.ClientIdentityProviderMappingModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
import org.keycloak.models.FederatedIdentityModel;
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java
index 4c10d4c..9b1f643 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java
@@ -31,7 +31,6 @@ import org.keycloak.broker.saml.SAMLIdentityProvider;
import org.keycloak.broker.saml.SAMLIdentityProviderConfig;
import org.keycloak.broker.saml.SAMLIdentityProviderFactory;
import org.keycloak.models.ClientModel;
-import org.keycloak.models.ClientIdentityProviderMappingModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.RealmRepresentation;
diff --git a/testsuite/integration/src/test/resources/broker-test/test-realm-with-broker.json b/testsuite/integration/src/test/resources/broker-test/test-realm-with-broker.json
index 1ac47ba..50e45b9 100755
--- a/testsuite/integration/src/test/resources/broker-test/test-realm-with-broker.json
+++ b/testsuite/integration/src/test/resources/broker-test/test-realm-with-broker.json
@@ -109,7 +109,8 @@
"alias" : "kc-saml-signed-idp",
"providerId" : "saml",
"enabled": true,
- "updateProfileFirstLogin" : "true",
+ "updateProfileFirstLogin" : true,
+ "addReadTokenRoleOnCreate": true,
"config": {
"singleSignOnServiceUrl": "http://localhost:8082/auth/realms/realm-with-saml-signed-idp/protocol/saml",
"singleLogoutServiceUrl": "http://localhost:8082/auth/realms/realm-with-saml-signed-idp/protocol/saml",
@@ -126,7 +127,8 @@
"alias" : "kc-saml-idp-basic",
"providerId" : "saml",
"enabled": true,
- "updateProfileFirstLogin" : "true",
+ "updateProfileFirstLogin" : true,
+ "addReadTokenRoleOnCreate": true,
"config": {
"singleSignOnServiceUrl": "http://localhost:8082/auth/realms/realm-with-saml-idp-basic/protocol/saml",
"singleLogoutServiceUrl": "http://localhost:8082/auth/realms/realm-with-saml-idp-basic/protocol/saml",
@@ -157,7 +159,8 @@
"providerId" : "keycloak-oidc",
"enabled": true,
"updateProfileFirstLogin" : "false",
- "storeToken" : "true",
+ "storeToken" : true,
+ "addReadTokenRoleOnCreate": true,
"config": {
"clientId": "broker-app",
"clientSecret": "secret",
@@ -268,13 +271,7 @@
"redirectUris": [
"/test-app/*"
],
- "webOrigins": [],
- "identityProviders": [
- {
- "id": "kc-oidc-idp",
- "retrieveToken": false
- }
- ]
+ "webOrigins": []
}
],
"oauthClients" : [