keycloak-aplcache
Changes
forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js 65(+25 -40)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-credentials-generic.html 22(+12 -10)
services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java 5(+0 -5)
services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java 5(+0 -5)
Details
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
index 7819f8b..903131d 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
@@ -638,6 +638,9 @@ module.config([ '$routeProvider', function($routeProvider) {
},
clientAuthenticatorProviders : function(ClientAuthenticatorProvidersLoader) {
return ClientAuthenticatorProvidersLoader();
+ },
+ clientConfigProperties: function(PerClientAuthenticationConfigDescriptionLoader) {
+ return PerClientAuthenticationConfigDescriptionLoader();
}
},
controller : 'ClientCredentialsCtrl'
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js
index 46f6c9a..ae334e7 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js
@@ -30,25 +30,31 @@ module.controller('ClientRoleListCtrl', function($scope, $location, realm, clien
});
});
-module.controller('ClientCredentialsCtrl', function($scope, $location, realm, client, clientAuthenticatorProviders, Client) {
+module.controller('ClientCredentialsCtrl', function($scope, $location, realm, client, clientAuthenticatorProviders, clientConfigProperties, Client) {
$scope.realm = realm;
$scope.client = angular.copy(client);
$scope.clientAuthenticatorProviders = clientAuthenticatorProviders;
- var updateConfigButtonVisibility = function() {
- for (var i=0 ; i<clientAuthenticatorProviders.length ; i++) {
- var authenticator = clientAuthenticatorProviders[i];
- if ($scope.client.clientAuthenticatorType === authenticator.id) {
- $scope.configButtonVisible = authenticator.configurablePerClient;
- }
+ var updateCurrentPartial = function(val) {
+ $scope.clientAuthenticatorConfigPartial;
+ switch(val) {
+ case 'client-secret':
+ $scope.clientAuthenticatorConfigPartial = 'client-credentials-secret.html';
+ break;
+ case 'client-jwt':
+ $scope.clientAuthenticatorConfigPartial = 'client-credentials-jwt.html';
+ break;
+ default:
+ $scope.currentAuthenticatorConfigProperties = clientConfigProperties[val];
+ $scope.clientAuthenticatorConfigPartial = 'client-credentials-generic.html';
+ break;
}
};
- updateConfigButtonVisibility();
- $scope.$watch('client', function() {
- if (!angular.equals($scope.client, client)) {
+ updateCurrentPartial(client.clientAuthenticatorType);
- console.log("Update client credentials!");
+ $scope.$watch('client.clientAuthenticatorType', function() {
+ if (!angular.equals($scope.client.clientAuthenticatorType, client.clientAuthenticatorType)) {
Client.update({
realm : realm.realm,
@@ -56,31 +62,12 @@ module.controller('ClientCredentialsCtrl', function($scope, $location, realm, cl
}, $scope.client, function() {
$scope.changed = false;
client = angular.copy($scope.client);
- updateConfigButtonVisibility();
+ updateCurrentPartial(client.clientAuthenticatorType)
});
}
}, true);
- $scope.$watch('client.clientAuthenticatorType', function(val) {
- $scope.clientAuthenticatorConfigPartial;
- switch(val) {
- case 'client-secret':
- $scope.clientAuthenticatorConfigPartial = 'client-credentials-secret.html';
- break;
- case 'client-jwt':
- $scope.clientAuthenticatorConfigPartial = 'client-credentials-jwt.html';
- break;
- default:
- $scope.clientAuthenticatorConfigPartial = 'client-credentials-generic.html';
- break;
- }
- });
-
- $scope.configureAuthenticator = function() {
- $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/credentials/" + client.clientAuthenticatorType);
- }
-
});
module.controller('ClientSecretCtrl', function($scope, $location, ClientSecret, Notifications) {
@@ -134,17 +121,15 @@ module.controller('ClientSignedJWTCtrl', function($scope, $location, ClientCerti
};
});
-module.controller('ClientGenericCredentialsCtrl', function($scope, $location, realm, client, clientConfigProperties, Client, Notifications) {
+module.controller('ClientGenericCredentialsCtrl', function($scope, $location, Client, Notifications) {
console.log('ClientGenericCredentialsCtrl invoked');
- $scope.realm = realm;
- $scope.client = angular.copy(client);
- $scope.clientConfigProperties = clientConfigProperties;
+ $scope.clientCopy = angular.copy($scope.client);
$scope.changed = false;
$scope.$watch('client', function() {
- if (!angular.equals($scope.client, client)) {
+ if (!angular.equals($scope.client, $scope.clientCopy)) {
$scope.changed = true;
}
}, true);
@@ -152,17 +137,17 @@ module.controller('ClientGenericCredentialsCtrl', function($scope, $location, re
$scope.save = function() {
Client.update({
- realm : realm.realm,
- client : client.id
+ realm : $scope.realm.realm,
+ client : $scope.client.id
}, $scope.client, function() {
$scope.changed = false;
- client = angular.copy($scope.client);
+ $scope.clientCopy = angular.copy($scope.client);
Notifications.success("Client authentication configuration has been saved to the client.");
});
};
$scope.reset = function() {
- $scope.client = angular.copy(client);
+ $scope.client = angular.copy($scope.clientCopy);
$scope.changed = false;
};
});
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js
index 3053df5..6b09bc1 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js
@@ -419,10 +419,9 @@ module.factory('AuthenticationConfigDescriptionLoader', function(Loader, Authent
});
module.factory('PerClientAuthenticationConfigDescriptionLoader', function(Loader, PerClientAuthenticationConfigDescription, $route, $q) {
- return Loader.query(PerClientAuthenticationConfigDescription, function () {
+ return Loader.get(PerClientAuthenticationConfigDescription, function () {
return {
- realm: $route.current.params.realm,
- provider: $route.current.params.provider
+ realm: $route.current.params.realm
}
});
});
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js
index 5a08582..e8c93d6 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js
@@ -1258,9 +1258,8 @@ module.factory('AuthenticationConfigDescription', function($resource) {
});
});
module.factory('PerClientAuthenticationConfigDescription', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/authentication/per-client-config-description/:provider', {
- realm : '@realm',
- provider: '@provider'
+ return $resource(authUrl + '/admin/realms/:realm/authentication/per-client-config-description', {
+ realm : '@realm'
});
});
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-credentials-generic.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-credentials-generic.html
index c7595dd..e249914 100644
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-credentials-generic.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-credentials-generic.html
@@ -1,12 +1,14 @@
-<form class="form-horizontal" name="credentialForm" novalidate kc-read-only="!access.manageClients" data-ng-show="client.attributes.length > 0">
- <fieldset>
- <kc-provider-config realm="realm" config="client.attributes" properties="clientConfigProperties"></kc-provider-config>
- </fieldset>
+<div>
+ <form class="form-horizontal" name="credentialForm" novalidate kc-read-only="!access.manageClients" data-ng-show="currentAuthenticatorConfigProperties.length > 0" data-ng-controller="ClientGenericCredentialsCtrl">
+ <fieldset>
+ <kc-provider-config realm="realm" config="client.attributes" properties="currentAuthenticatorConfigProperties"></kc-provider-config>
+ </fieldset>
- <div class="form-group">
- <div class="col-md-10 col-md-offset-2" data-ng-show="access.manageClients">
- <button kc-save data-ng-disabled="!changed">Save</button>
- <button kc-reset data-ng-disabled="!changed">Cancel</button>
+ <div class="form-group">
+ <div class="col-md-10 col-md-offset-2" data-ng-show="access.manageClients">
+ <button kc-save data-ng-disabled="!changed">Save</button>
+ <button kc-reset data-ng-disabled="!changed">Cancel</button>
+ </div>
</div>
- </div>
-</form>
\ No newline at end of file
+ </form>
+</div>
\ No newline at end of file
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java
index b4917ec..a30ecbd 100644
--- a/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java
@@ -128,11 +128,6 @@ public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator
}
@Override
- public boolean isConfigurablePerClient() {
- return true;
- }
-
- @Override
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
return REQUIREMENT_CHOICES;
}
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
index 48336a9..4bb2f4f 100644
--- a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
@@ -145,11 +145,6 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
}
@Override
- public boolean isConfigurablePerClient() {
- return true;
- }
-
- @Override
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
return REQUIREMENT_CHOICES;
}
diff --git a/services/src/main/java/org/keycloak/authentication/ClientAuthenticatorFactory.java b/services/src/main/java/org/keycloak/authentication/ClientAuthenticatorFactory.java
index 338f980..08321ea 100644
--- a/services/src/main/java/org/keycloak/authentication/ClientAuthenticatorFactory.java
+++ b/services/src/main/java/org/keycloak/authentication/ClientAuthenticatorFactory.java
@@ -26,13 +26,6 @@ public interface ClientAuthenticatorFactory extends ProviderFactory<ClientAuthen
boolean isConfigurable();
/**
- * Is this authenticator configurable per client? The configuration will be in "Clients" / "Credentials" tab in admin console
- *
- * @return
- */
- boolean isConfigurablePerClient();
-
- /**
* List of config properties for this client implementation. Those will be shown in admin console in clients credentials tab and can be configured per client.
* Applicable only if "isConfigurablePerClient" is true
*
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
index 84ccb7d..0bb2e11 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
@@ -211,11 +211,6 @@ public class AuthenticationManagementResource {
data.put("description", configured.getHelpText());
data.put("displayName", configured.getDisplayType());
- if (configured instanceof ClientAuthenticatorFactory) {
- ClientAuthenticatorFactory configuredClient = (ClientAuthenticatorFactory) configured;
- data.put("configurablePerClient", configuredClient.isConfigurablePerClient());
- }
-
providers.add(data);
}
return providers;
@@ -894,21 +889,30 @@ public class AuthenticationManagementResource {
}
- @Path("per-client-config-description/{providerId}")
+ @Path("per-client-config-description")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
- public List<ConfigPropertyRepresentation> getPerClientConfigDescription(@PathParam("providerId") String providerId) {
+ public Map<String, List<ConfigPropertyRepresentation>> getPerClientConfigDescription() {
this.auth.requireView();
- ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
- ClientAuthenticatorFactory clientAuthFactory = (ClientAuthenticatorFactory) factory;
- List<ProviderConfigProperty> perClientConfigProps = clientAuthFactory.getConfigPropertiesPerClient();
- List<ConfigPropertyRepresentation> result = new LinkedList<>();
- for (ProviderConfigProperty prop : perClientConfigProps) {
- ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
- result.add(propRep);
+ List<ProviderFactory> factories = session.getKeycloakSessionFactory().getProviderFactories(ClientAuthenticator.class);
+
+ Map<String, List<ConfigPropertyRepresentation>> toReturn = new HashMap<>();
+ for (ProviderFactory clientAuthenticatorFactory : factories) {
+ String providerId = clientAuthenticatorFactory.getId();
+ ConfigurableAuthenticatorFactory factory = CredentialHelper.getConfigurableAuthenticatorFactory(session, providerId);
+ ClientAuthenticatorFactory clientAuthFactory = (ClientAuthenticatorFactory) factory;
+ List<ProviderConfigProperty> perClientConfigProps = clientAuthFactory.getConfigPropertiesPerClient();
+ List<ConfigPropertyRepresentation> result = new LinkedList<>();
+ for (ProviderConfigProperty prop : perClientConfigProps) {
+ ConfigPropertyRepresentation propRep = getConfigPropertyRep(prop);
+ result.add(propRep);
+ }
+
+ toReturn.put(providerId, result);
}
- return result;
+
+ return toReturn;
}
@Path("config")
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/PassThroughClientAuthenticator.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/PassThroughClientAuthenticator.java
index 0c35b75..f457920 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/PassThroughClientAuthenticator.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/PassThroughClientAuthenticator.java
@@ -69,11 +69,6 @@ public class PassThroughClientAuthenticator extends AbstractClientAuthenticator
}
@Override
- public boolean isConfigurablePerClient() {
- return true;
- }
-
- @Override
public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
return REQUIREMENT_CHOICES;
}