keycloak-aplcache
Changes
export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java 62(+31 -31)
export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ImportUtils.java 14(+7 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/clients.js 622(+301 -321)
forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js 102(+51 -51)
forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js 98(+49 -49)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-clustering.html 20(+10 -10)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-clustering-node.html 10(+5 -5)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-credentials.html 12(+6 -6)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html 76(+38 -38)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-identity-provider.html 14(+7 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-import.html 4(+2 -2)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-installation.html 8(+4 -4)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-keys.html 10(+5 -5)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-list.html 44(+16 -28)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-mappers.html 14(+7 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-mappers-add.html 10(+5 -5)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-revocation.html 12(+6 -6)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-role-detail.html 52(+26 -26)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-role-list.html 14(+7 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-saml-key-export.html 10(+5 -5)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-saml-key-import.html 10(+5 -5)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-saml-keys.html 12(+6 -6)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-scope-mappings.html 50(+25 -25)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/client-sessions.html 12(+6 -6)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/protocol-mapper-detail.html 14(+7 -7)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-cache-settings.html 2(+1 -1)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-default-roles.html 32(+16 -16)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html 2(+1 -1)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html 4(+2 -2)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html 4(+2 -2)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-stackoverflow-ext.html 2(+1 -1)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html 3(+1 -2)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-detail.html 32(+16 -16)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-mappings.html 38(+19 -19)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-realm.html 4(+2 -2)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-revocation.html 2(+1 -1)
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/user-sessions.html 12(+3 -9)
forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-navigation-application.html 13(+0 -13)
forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-navigation-client.html 13(+13 -0)
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java 1(+0 -1)
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java 7(+3 -4)
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java 2(+1 -1)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/ClientAdapter.java 6(+3 -3)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java 2(+1 -1)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java 7(+3 -4)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java 4(+2 -2)
saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterFactory.java 8(+4 -4)
saml/saml-protocol/src/main/resources/META-INF/services/org.keycloak.exportimport.ClientImporterFactory 0(+0 -0)
services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java 4(+2 -2)
services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedClientResource.java 51(+26 -25)
services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java 22(+11 -11)
services/src/main/java/org/keycloak/services/resources/admin/UserClientRoleMappingsResource.java 64(+29 -35)
testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java 7(+3 -4)
Details
diff --git a/broker/oidc/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java b/broker/oidc/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java
index 47847dc..ff89a89 100755
--- a/broker/oidc/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java
+++ b/broker/oidc/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java
@@ -4,14 +4,12 @@ import org.keycloak.broker.oidc.util.SimpleHttp;
import org.keycloak.constants.AdapterConstants;
import org.keycloak.events.EventBuilder;
import org.keycloak.jose.jws.JWSInput;
-import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.representations.adapters.action.AdminAction;
import org.keycloak.representations.adapters.action.LogoutAction;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.util.JsonSerialization;
-import org.keycloak.util.PemUtils;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
@@ -90,7 +88,7 @@ public class KeycloakOIDCIdentityProvider extends OIDCIdentityProvider {
@Override
public SimpleHttp generateTokenRequest(String authorizationCode) {
return super.generateTokenRequest(authorizationCode)
- .param(AdapterConstants.APPLICATION_SESSION_STATE, "n/a"); // hack to get backchannel logout to work
+ .param(AdapterConstants.CLIENT_SESSION_STATE, "n/a"); // hack to get backchannel logout to work
}
diff --git a/core/src/main/java/org/keycloak/constants/AdapterConstants.java b/core/src/main/java/org/keycloak/constants/AdapterConstants.java
index df302b2..aa22395 100755
--- a/core/src/main/java/org/keycloak/constants/AdapterConstants.java
+++ b/core/src/main/java/org/keycloak/constants/AdapterConstants.java
@@ -19,13 +19,13 @@ public interface AdapterConstants {
String AUTH_DATA_PARAM_NAME = "org.keycloak.json.adapterConfig";
// Attribute passed in codeToToken request from adapter to Keycloak and saved in ClientSession. Contains ID of HttpSession on adapter
- public static final String APPLICATION_SESSION_STATE = "application_session_state";
+ public static final String CLIENT_SESSION_STATE = "client_session_state";
// Attribute passed in codeToToken request from adapter to Keycloak and saved in ClientSession. Contains hostname of adapter where HttpSession is served
- public static final String APPLICATION_SESSION_HOST = "application_session_host";
+ public static final String CLIENT_SESSION_HOST = "client_session_host";
// Attribute passed in registerNode request for register new application cluster node once he joined cluster
- public static final String APPLICATION_CLUSTER_HOST = "application_cluster_host";
+ public static final String CLIENT_CLUSTER_HOST = "client_cluster_host";
// Cookie used on adapter side to store token info. Used only when tokenStore is 'COOKIE'
public static final String KEYCLOAK_ADAPTER_STATE_COOKIE = "KEYCLOAK_ADAPTER_STATE";
diff --git a/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java
index 8172a2a..b7e90b8 100755
--- a/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java
@@ -9,7 +9,7 @@ import java.util.Map;
*/
public class MappingsRepresentation {
protected List<RoleRepresentation> realmMappings;
- protected Map<String, ApplicationMappingsRepresentation> applicationMappings;
+ protected Map<String, ClientMappingsRepresentation> clientMappings;
public List<RoleRepresentation> getRealmMappings() {
return realmMappings;
@@ -19,11 +19,11 @@ public class MappingsRepresentation {
this.realmMappings = realmMappings;
}
- public Map<String, ApplicationMappingsRepresentation> getApplicationMappings() {
- return applicationMappings;
+ public Map<String, ClientMappingsRepresentation> getClientMappings() {
+ return clientMappings;
}
- public void setApplicationMappings(Map<String, ApplicationMappingsRepresentation> applicationMappings) {
- this.applicationMappings = applicationMappings;
+ public void setClientMappings(Map<String, ClientMappingsRepresentation> clientMappings) {
+ this.clientMappings = clientMappings;
}
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
index aad6068..cbd5a77 100755
--- a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
@@ -25,13 +25,6 @@ public class RealmRepresentation {
protected Boolean verifyEmail;
protected Boolean resetPasswordAllowed;
- @Deprecated
- protected Boolean social;
- @Deprecated
- protected Boolean updateProfileOnInitialSocialLogin;
- @Deprecated
- protected Map<String, String> socialProviders;
-
protected Boolean userCacheEnabled;
protected Boolean realmCacheEnabled;
@@ -55,12 +48,8 @@ public class RealmRepresentation {
protected String passwordPolicy;
protected List<UserRepresentation> users;
protected List<ScopeMappingRepresentation> scopeMappings;
- protected Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings;
+ protected Map<String, List<ScopeMappingRepresentation>> clientScopeMappings;
protected List<ClientRepresentation> clients;
- @Deprecated
- protected List<ApplicationRepresentation> applications;
- @Deprecated
- protected List<OAuthClientRepresentation> oauthClients;
protected Map<String, String> browserSecurityHeaders;
protected Map<String, String> smtpServer;
protected List<UserFederationProviderRepresentation> userFederationProviders;
@@ -79,6 +68,18 @@ public class RealmRepresentation {
protected Set<String> supportedLocales;
protected String defaultLocale;
+ @Deprecated
+ protected Boolean social;
+ @Deprecated
+ protected Boolean updateProfileOnInitialSocialLogin;
+ @Deprecated
+ protected Map<String, String> socialProviders;
+ @Deprecated
+ protected Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings;
+ @Deprecated
+ protected List<ApplicationRepresentation> applications;
+ @Deprecated
+ protected List<OAuthClientRepresentation> oauthClients;
public String getId() {
return id;
@@ -124,10 +125,6 @@ public class RealmRepresentation {
this.clients = clients;
}
- public void setApplications(List<ApplicationRepresentation> applications) {
- this.applications = applications;
- }
-
public Boolean isEnabled() {
return enabled;
}
@@ -324,22 +321,16 @@ public class RealmRepresentation {
this.resetPasswordAllowed = resetPassword;
}
+ @Deprecated
public Boolean isSocial() {
return social;
}
- public void setSocial(Boolean social) {
- this.social = social;
- }
-
+ @Deprecated
public Boolean isUpdateProfileOnInitialSocialLogin() {
return updateProfileOnInitialSocialLogin;
}
- public void setUpdateProfileOnInitialSocialLogin(Boolean updateProfileOnInitialSocialLogin) {
- this.updateProfileOnInitialSocialLogin = updateProfileOnInitialSocialLogin;
- }
-
public Map<String, String> getBrowserSecurityHeaders() {
return browserSecurityHeaders;
}
@@ -348,14 +339,11 @@ public class RealmRepresentation {
this.browserSecurityHeaders = browserSecurityHeaders;
}
+ @Deprecated
public Map<String, String> getSocialProviders() {
return socialProviders;
}
- public void setSocialProviders(Map<String, String> socialProviders) {
- this.socialProviders = socialProviders;
- }
-
public Map<String, String> getSmtpServer() {
return smtpServer;
}
@@ -364,20 +352,22 @@ public class RealmRepresentation {
this.smtpServer = smtpServer;
}
+ @Deprecated
public List<OAuthClientRepresentation> getOauthClients() {
return oauthClients;
}
- public void setOauthClients(List<OAuthClientRepresentation> oauthClients) {
- this.oauthClients = oauthClients;
+ public Map<String, List<ScopeMappingRepresentation>> getClientScopeMappings() {
+ return clientScopeMappings;
}
- public Map<String, List<ScopeMappingRepresentation>> getApplicationScopeMappings() {
- return applicationScopeMappings;
+ public void setClientScopeMappings(Map<String, List<ScopeMappingRepresentation>> clientScopeMappings) {
+ this.clientScopeMappings = clientScopeMappings;
}
- public void setApplicationScopeMappings(Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings) {
- this.applicationScopeMappings = applicationScopeMappings;
+ @Deprecated
+ public Map<String, List<ScopeMappingRepresentation>> getApplicationScopeMappings() {
+ return applicationScopeMappings;
}
public RolesRepresentation getRoles() {
diff --git a/core/src/main/java/org/keycloak/representations/idm/RoleRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RoleRepresentation.java
index 34ea91f..9d0909d 100755
--- a/core/src/main/java/org/keycloak/representations/idm/RoleRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/RoleRepresentation.java
@@ -17,9 +17,10 @@ public class RoleRepresentation {
public static class Composites {
protected Set<String> realm;
+ protected Map<String, List<String>> client;
+ @Deprecated
protected Map<String, List<String>> application;
-
public Set<String> getRealm() {
return realm;
}
@@ -28,12 +29,17 @@ public class RoleRepresentation {
this.realm = realm;
}
- public Map<String, List<String>> getApplication() {
- return application;
+ public Map<String, List<String>> getClient() {
+ return client;
}
- public void setApplication(Map<String, List<String>> application) {
- this.application = application;
+ public void setClient(Map<String, List<String>> client) {
+ this.client = client;
+ }
+
+ @Deprecated
+ public Map<String, List<String>> getApplication() {
+ return application;
}
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/RolesRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RolesRepresentation.java
index 496f738..afeb96a 100755
--- a/core/src/main/java/org/keycloak/representations/idm/RolesRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/RolesRepresentation.java
@@ -9,6 +9,8 @@ import java.util.Map;
*/
public class RolesRepresentation {
protected List<RoleRepresentation> realm;
+ protected Map<String, List<RoleRepresentation>> client;
+ @Deprecated
protected Map<String, List<RoleRepresentation>> application;
public List<RoleRepresentation> getRealm() {
@@ -19,11 +21,16 @@ public class RolesRepresentation {
this.realm = realm;
}
- public Map<String, List<RoleRepresentation>> getApplication() {
- return application;
+ public Map<String, List<RoleRepresentation>> getClient() {
+ return client;
+ }
+
+ public void setClient(Map<String, List<RoleRepresentation>> client) {
+ this.client = client;
}
- public void setApplication(Map<String, List<RoleRepresentation>> application) {
- this.application = application;
+ @Deprecated
+ public Map<String, List<RoleRepresentation>> getApplication() {
+ return application;
}
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
index d2907d5..94a90d9 100755
--- a/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
@@ -25,10 +25,13 @@ public class UserRepresentation {
protected List<CredentialRepresentation> credentials;
protected List<String> requiredActions;
protected List<FederatedIdentityRepresentation> federatedIdentities;
- @Deprecated
- protected List<SocialLinkRepresentation> socialLinks;
protected List<String> realmRoles;
+ protected Map<String, List<String>> clientRoles;
+
+ @Deprecated
protected Map<String, List<String>> applicationRoles;
+ @Deprecated
+ protected List<SocialLinkRepresentation> socialLinks;
public String getSelf() {
return self;
@@ -165,12 +168,17 @@ public class UserRepresentation {
this.realmRoles = realmRoles;
}
- public Map<String, List<String>> getApplicationRoles() {
- return applicationRoles;
+ public Map<String, List<String>> getClientRoles() {
+ return clientRoles;
+ }
+
+ public void setClientRoles(Map<String, List<String>> clientRoles) {
+ this.clientRoles = clientRoles;
}
- public void setApplicationRoles(Map<String, List<String>> applicationRoles) {
- this.applicationRoles = applicationRoles;
+ @Deprecated
+ public Map<String, List<String>> getApplicationRoles() {
+ return applicationRoles;
}
public String getFederationLink() {
diff --git a/core/src/main/java/org/keycloak/representations/idm/UserSessionRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/UserSessionRepresentation.java
index 3035d2d..6701f6a 100755
--- a/core/src/main/java/org/keycloak/representations/idm/UserSessionRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/UserSessionRepresentation.java
@@ -15,7 +15,6 @@ public class UserSessionRepresentation {
private String ipAddress;
private long start;
private long lastAccess;
- private Map<String, String> applications = new HashMap<String, String>();
private Map<String, String> clients = new HashMap<String, String>();
public String getId() {
@@ -58,14 +57,6 @@ public class UserSessionRepresentation {
this.lastAccess = lastAccess;
}
- public Map<String, String> getApplications() {
- return applications;
- }
-
- public void setApplications(Map<String, String> applications) {
- this.applications = applications;
- }
-
public Map<String, String> getClients() {
return clients;
}
diff --git a/core/src/main/java/org/keycloak/util/Time.java b/core/src/main/java/org/keycloak/util/Time.java
index 7da54f1..a5334dd 100644
--- a/core/src/main/java/org/keycloak/util/Time.java
+++ b/core/src/main/java/org/keycloak/util/Time.java
@@ -17,6 +17,10 @@ public class Time {
return new Date(((long) time ) * 1000);
}
+ public static long toMillis(int time) {
+ return ((long) time) * 1000;
+ }
+
public static void setOffset(int offset) {
Time.offset = offset;
}
diff --git a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
index 43d1f6b..c404c3d 100755
--- a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
+++ b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
@@ -65,30 +65,30 @@ public class ExportUtils {
// Roles
List<RoleRepresentation> realmRoleReps = null;
- Map<String, List<RoleRepresentation>> appRolesReps = new HashMap<String, List<RoleRepresentation>>();
+ Map<String, List<RoleRepresentation>> clientRolesReps = new HashMap<>();
Set<RoleModel> realmRoles = realm.getRoles();
if (realmRoles != null && realmRoles.size() > 0) {
realmRoleReps = exportRoles(realmRoles);
}
- for (ClientModel app : clients) {
- Set<RoleModel> currentAppRoles = app.getRoles();
+ for (ClientModel client : clients) {
+ Set<RoleModel> currentAppRoles = client.getRoles();
List<RoleRepresentation> currentAppRoleReps = exportRoles(currentAppRoles);
- appRolesReps.put(app.getClientId(), currentAppRoleReps);
+ clientRolesReps.put(client.getClientId(), currentAppRoleReps);
}
RolesRepresentation rolesRep = new RolesRepresentation();
if (realmRoleReps != null) {
rolesRep.setRealm(realmRoleReps);
}
- if (appRolesReps.size() > 0) {
- rolesRep.setApplication(appRolesReps);
+ if (clientRolesReps.size() > 0) {
+ rolesRep.setClient(clientRolesReps);
}
rep.setRoles(rolesRep);
// Scopes
List<ClientModel> allClients = new ArrayList<>(clients);
- Map<String, List<ScopeMappingRepresentation>> appScopeReps = new HashMap<>();
+ Map<String, List<ScopeMappingRepresentation>> clientScopeReps = new HashMap<>();
for (ClientModel client : allClients) {
Set<RoleModel> clientScopes = client.getScopeMappings();
@@ -102,10 +102,10 @@ public class ExportUtils {
} else {
ClientModel app = (ClientModel)scope.getContainer();
String appName = app.getClientId();
- List<ScopeMappingRepresentation> currentAppScopes = appScopeReps.get(appName);
+ List<ScopeMappingRepresentation> currentAppScopes = clientScopeReps.get(appName);
if (currentAppScopes == null) {
currentAppScopes = new ArrayList<>();
- appScopeReps.put(appName, currentAppScopes);
+ clientScopeReps.put(appName, currentAppScopes);
}
ScopeMappingRepresentation currentClientScope = null;
@@ -125,8 +125,8 @@ public class ExportUtils {
}
}
- if (appScopeReps.size() > 0) {
- rep.setApplicationScopeMappings(appScopeReps);
+ if (clientScopeReps.size() > 0) {
+ rep.setClientScopeMappings(clientScopeReps);
}
// Finally users if needed
@@ -186,27 +186,27 @@ public class ExportUtils {
Set<RoleModel> composites = role.getComposites();
if (composites != null && composites.size() > 0) {
Set<String> compositeRealmRoles = null;
- Map<String, List<String>> compositeAppRoles = null;
+ Map<String, List<String>> compositeClientRoles = null;
for (RoleModel composite : composites) {
RoleContainerModel crContainer = composite.getContainer();
if (crContainer instanceof RealmModel) {
if (compositeRealmRoles == null) {
- compositeRealmRoles = new HashSet<String>();
+ compositeRealmRoles = new HashSet<>();
}
compositeRealmRoles.add(composite.getName());
} else {
- if (compositeAppRoles == null) {
- compositeAppRoles = new HashMap<String, List<String>>();
+ if (compositeClientRoles == null) {
+ compositeClientRoles = new HashMap<>();
}
ClientModel app = (ClientModel)crContainer;
String appName = app.getClientId();
- List<String> currentAppComposites = compositeAppRoles.get(appName);
+ List<String> currentAppComposites = compositeClientRoles.get(appName);
if (currentAppComposites == null) {
- currentAppComposites = new ArrayList<String>();
- compositeAppRoles.put(appName, currentAppComposites);
+ currentAppComposites = new ArrayList<>();
+ compositeClientRoles.put(appName, currentAppComposites);
}
currentAppComposites.add(composite.getName());
}
@@ -216,8 +216,8 @@ public class ExportUtils {
if (compositeRealmRoles != null) {
compRep.setRealm(compositeRealmRoles);
}
- if (compositeAppRoles != null) {
- compRep.setApplication(compositeAppRoles);
+ if (compositeClientRoles != null) {
+ compRep.setClient(compositeClientRoles);
}
roleRep.setComposites(compRep);
@@ -248,29 +248,29 @@ public class ExportUtils {
// Role mappings
Set<RoleModel> roles = user.getRoleMappings();
- List<String> realmRoleNames = new ArrayList<String>();
- Map<String, List<String>> appRoleNames = new HashMap<String, List<String>>();
+ List<String> realmRoleNames = new ArrayList<>();
+ Map<String, List<String>> clientRoleNames = new HashMap<>();
for (RoleModel role : roles) {
if (role.getContainer() instanceof RealmModel) {
realmRoleNames.add(role.getName());
} else {
- ClientModel app = (ClientModel)role.getContainer();
- String appName = app.getClientId();
- List<String> currentAppRoles = appRoleNames.get(appName);
- if (currentAppRoles == null) {
- currentAppRoles = new ArrayList<String>();
- appRoleNames.put(appName, currentAppRoles);
+ ClientModel client = (ClientModel)role.getContainer();
+ String clientId = client.getClientId();
+ List<String> currentClientRoles = clientRoleNames.get(clientId);
+ if (currentClientRoles == null) {
+ currentClientRoles = new ArrayList<>();
+ clientRoleNames.put(clientId, currentClientRoles);
}
- currentAppRoles.add(role.getName());
+ currentClientRoles.add(role.getName());
}
}
if (realmRoleNames.size() > 0) {
userRep.setRealmRoles(realmRoleNames);
}
- if (appRoleNames.size() > 0) {
- userRep.setApplicationRoles(appRoleNames);
+ if (clientRoleNames.size() > 0) {
+ userRep.setClientRoles(clientRoleNames);
}
// Credentials
diff --git a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ImportUtils.java b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ImportUtils.java
index b109dc3..66b106c 100755
--- a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ImportUtils.java
+++ b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ImportUtils.java
@@ -54,7 +54,7 @@ public class ImportUtils {
if (Config.getAdminRealm().equals(realm.getId())) {
// Delete all masterAdmin apps due to foreign key constraints
for (RealmModel currRealm : model.getRealms()) {
- currRealm.setMasterAdminApp(null);
+ currRealm.setMasterAdminClient(null);
}
}
// TODO: For migration between versions, it should be possible to delete just realm but keep it's users
@@ -81,9 +81,9 @@ public class ImportUtils {
// We just imported master realm. All 'masterAdminApps' need to be refreshed
RealmModel adminRealm = realm;
for (RealmModel currentRealm : model.getRealms()) {
- ClientModel masterApp = adminRealm.getClientByClientId(KeycloakModelUtils.getMasterRealmAdminApplicationName(currentRealm));
+ ClientModel masterApp = adminRealm.getClientByClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(currentRealm));
if (masterApp != null) {
- currentRealm.setMasterAdminApp(masterApp);
+ currentRealm.setMasterAdminClient(masterApp);
} else {
setupMasterAdminManagement(model, currentRealm);
}
@@ -91,9 +91,9 @@ public class ImportUtils {
} else {
// Need to refresh masterApp for current realm
RealmModel adminRealm = model.getRealm(adminRealmId);
- ClientModel masterApp = adminRealm.getClientByClientId(KeycloakModelUtils.getMasterRealmAdminApplicationName(realm));
+ ClientModel masterApp = adminRealm.getClientByClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(realm));
if (masterApp != null) {
- realm.setMasterAdminApp(masterApp);
+ realm.setMasterAdminClient(masterApp);
} else {
setupMasterAdminManagement(model, realm);
}
@@ -119,9 +119,9 @@ public class ImportUtils {
}
adminRole.setDescription("${role_"+AdminRoles.ADMIN+"}");
- ClientModel realmAdminApp = KeycloakModelUtils.createClient(adminRealm, KeycloakModelUtils.getMasterRealmAdminApplicationName(realm));
+ ClientModel realmAdminApp = KeycloakModelUtils.createClient(adminRealm, KeycloakModelUtils.getMasterRealmAdminApplicationClientId(realm));
realmAdminApp.setBearerOnly(true);
- realm.setMasterAdminApp(realmAdminApp);
+ realm.setMasterAdminClient(realmAdminApp);
for (String r : AdminRoles.ALL_REALM_ROLES) {
RoleModel role = realmAdminApp.addRole(r);
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/index.ftl b/forms/common-themes/src/main/resources/theme/base/admin/index.ftl
index 161acda..20e21b7 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/index.ftl
+++ b/forms/common-themes/src/main/resources/theme/base/admin/index.ftl
@@ -30,8 +30,7 @@
<script src="${resourceUrl}/js/app.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/controllers/realm.js" type="text/javascript"></script>
- <script src="${resourceUrl}/js/controllers/applications.js" type="text/javascript"></script>
- <script src="${resourceUrl}/js/controllers/oauth-clients.js" type="text/javascript"></script>
+ <script src="${resourceUrl}/js/controllers/clients.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/controllers/users.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/loaders.js" type="text/javascript"></script>
<script src="${resourceUrl}/js/services.js" type="text/javascript"></script>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
index f7ea60d..f45453c 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/app.js
@@ -212,8 +212,8 @@ module.config([ '$routeProvider', function($routeProvider) {
realm : function(RealmLoader) {
return RealmLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
},
roles : function(RoleListLoader) {
return RoleListLoader();
@@ -311,8 +311,8 @@ module.config([ '$routeProvider', function($routeProvider) {
user : function(UserLoader) {
return UserLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
}
},
controller : 'UserRoleMappingCtrl'
@@ -369,8 +369,8 @@ module.config([ '$routeProvider', function($routeProvider) {
roles : function(RoleListLoader) {
return RoleListLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
}
},
controller : 'RoleDetailCtrl'
@@ -387,8 +387,8 @@ module.config([ '$routeProvider', function($routeProvider) {
roles : function(RoleListLoader) {
return RoleListLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
}
},
controller : 'RoleDetailCtrl'
@@ -406,14 +406,14 @@ module.config([ '$routeProvider', function($routeProvider) {
controller : 'RoleListCtrl'
})
- .when('/create/role/:realm/applications/:application', {
- templateUrl : resourceUrl + '/partials/application-role-detail.html',
+ .when('/create/role/:realm/clients/:client', {
+ templateUrl : resourceUrl + '/partials/client-role-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
role : function() {
return {};
@@ -421,56 +421,56 @@ module.config([ '$routeProvider', function($routeProvider) {
roles : function(RoleListLoader) {
return RoleListLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
}
},
- controller : 'ApplicationRoleDetailCtrl'
+ controller : 'ClientRoleDetailCtrl'
})
- .when('/realms/:realm/applications/:application/roles/:role', {
- templateUrl : resourceUrl + '/partials/application-role-detail.html',
+ .when('/realms/:realm/clients/:client/roles/:role', {
+ templateUrl : resourceUrl + '/partials/client-role-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
- role : function(ApplicationRoleLoader) {
- return ApplicationRoleLoader();
+ role : function(ClientRoleLoader) {
+ return ClientRoleLoader();
},
roles : function(RoleListLoader) {
return RoleListLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
}
},
- controller : 'ApplicationRoleDetailCtrl'
+ controller : 'ClientRoleDetailCtrl'
})
- .when('/realms/:realm/applications/:application/mappers', {
- templateUrl : resourceUrl + '/partials/application-mappers.html',
+ .when('/realms/:realm/clients/:client/mappers', {
+ templateUrl : resourceUrl + '/partials/client-mappers.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
}
},
- controller : 'ApplicationProtocolMapperListCtrl'
+ controller : 'ClientProtocolMapperListCtrl'
})
- .when('/realms/:realm/applications/:application/add-mappers', {
- templateUrl : resourceUrl + '/partials/application-mappers-add.html',
+ .when('/realms/:realm/clients/:client/add-mappers', {
+ templateUrl : resourceUrl + '/partials/client-mappers-add.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
@@ -478,26 +478,26 @@ module.config([ '$routeProvider', function($routeProvider) {
},
controller : 'AddBuiltinProtocolMapperCtrl'
})
- .when('/realms/:realm/applications/:application/mappers/:id', {
+ .when('/realms/:realm/clients/:client/mappers/:id', {
templateUrl : resourceUrl + '/partials/protocol-mapper-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
- mapper : function(ApplicationProtocolMapperLoader) {
- return ApplicationProtocolMapperLoader();
+ mapper : function(ClientProtocolMapperLoader) {
+ return ClientProtocolMapperLoader();
}
},
- controller : 'ApplicationProtocolMapperCtrl'
+ controller : 'ClientProtocolMapperCtrl'
})
- .when('/create/application/:realm/:application/mappers', {
+ .when('/create/client/:realm/:client/mappers', {
templateUrl : resourceUrl + '/partials/protocol-mapper-detail.html',
resolve : {
realm : function(RealmLoader) {
@@ -506,231 +506,231 @@ module.config([ '$routeProvider', function($routeProvider) {
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationProtocolMapperCreateCtrl'
+ controller : 'ClientProtocolMapperCreateCtrl'
})
- .when('/realms/:realm/applications/:application/sessions', {
- templateUrl : resourceUrl + '/partials/application-sessions.html',
+ .when('/realms/:realm/clients/:client/sessions', {
+ templateUrl : resourceUrl + '/partials/client-sessions.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
- sessionCount : function(ApplicationSessionCountLoader) {
- return ApplicationSessionCountLoader();
+ sessionCount : function(ClientSessionCountLoader) {
+ return ClientSessionCountLoader();
}
},
- controller : 'ApplicationSessionsCtrl'
+ controller : 'ClientSessionsCtrl'
})
- .when('/realms/:realm/applications/:application/credentials', {
- templateUrl : resourceUrl + '/partials/application-credentials.html',
+ .when('/realms/:realm/clients/:client/credentials', {
+ templateUrl : resourceUrl + '/partials/client-credentials.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationCredentialsCtrl'
+ controller : 'ClientCredentialsCtrl'
})
- .when('/realms/:realm/applications/:application/identity-provider', {
- templateUrl : resourceUrl + '/partials/application-identity-provider.html',
+ .when('/realms/:realm/clients/:client/identity-provider', {
+ templateUrl : resourceUrl + '/partials/client-identity-provider.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationIdentityProviderCtrl'
+ controller : 'ClientIdentityProviderCtrl'
})
- .when('/realms/:realm/applications/:application/clustering', {
- templateUrl : resourceUrl + '/partials/application-clustering.html',
+ .when('/realms/:realm/clients/:client/clustering', {
+ templateUrl : resourceUrl + '/partials/client-clustering.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationClusteringCtrl'
+ controller : 'ClientClusteringCtrl'
})
- .when('/register-node/realms/:realm/applications/:application/clustering', {
- templateUrl : resourceUrl + '/partials/application-clustering-node.html',
+ .when('/register-node/realms/:realm/clients/:client/clustering', {
+ templateUrl : resourceUrl + '/partials/client-clustering-node.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationClusteringNodeCtrl'
+ controller : 'ClientClusteringNodeCtrl'
})
- .when('/realms/:realm/applications/:application/clustering/:node', {
- templateUrl : resourceUrl + '/partials/application-clustering-node.html',
+ .when('/realms/:realm/clients/:client/clustering/:node', {
+ templateUrl : resourceUrl + '/partials/client-clustering-node.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationClusteringNodeCtrl'
+ controller : 'ClientClusteringNodeCtrl'
})
- .when('/realms/:realm/applications/:application/saml/keys', {
- templateUrl : resourceUrl + '/partials/application-saml-keys.html',
+ .when('/realms/:realm/clients/:client/saml/keys', {
+ templateUrl : resourceUrl + '/partials/client-saml-keys.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationSamlKeyCtrl'
+ controller : 'ClientSamlKeyCtrl'
})
- .when('/realms/:realm/applications/:application/saml/:keyType/import/:attribute', {
- templateUrl : resourceUrl + '/partials/application-saml-key-import.html',
+ .when('/realms/:realm/clients/:client/saml/:keyType/import/:attribute', {
+ templateUrl : resourceUrl + '/partials/client-saml-key-import.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationCertificateImportCtrl'
+ controller : 'ClientCertificateImportCtrl'
})
- .when('/realms/:realm/applications/:application/saml/:keyType/export/:attribute', {
- templateUrl : resourceUrl + '/partials/application-saml-key-export.html',
+ .when('/realms/:realm/clients/:client/saml/:keyType/export/:attribute', {
+ templateUrl : resourceUrl + '/partials/client-saml-key-export.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationCertificateExportCtrl'
+ controller : 'ClientCertificateExportCtrl'
})
- .when('/realms/:realm/applications/:application/roles', {
- templateUrl : resourceUrl + '/partials/application-role-list.html',
+ .when('/realms/:realm/clients/:client/roles', {
+ templateUrl : resourceUrl + '/partials/client-role-list.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
- roles : function(ApplicationRoleListLoader) {
- return ApplicationRoleListLoader();
+ roles : function(ClientRoleListLoader) {
+ return ClientRoleListLoader();
}
},
- controller : 'ApplicationRoleListCtrl'
+ controller : 'ClientRoleListCtrl'
})
- .when('/realms/:realm/applications/:application/revocation', {
- templateUrl : resourceUrl + '/partials/application-revocation.html',
+ .when('/realms/:realm/clients/:client/revocation', {
+ templateUrl : resourceUrl + '/partials/client-revocation.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationRevocationCtrl'
+ controller : 'ClientRevocationCtrl'
})
- .when('/realms/:realm/applications/:application/scope-mappings', {
- templateUrl : resourceUrl + '/partials/application-scope-mappings.html',
+ .when('/realms/:realm/clients/:client/scope-mappings', {
+ templateUrl : resourceUrl + '/partials/client-scope-mappings.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
}
},
- controller : 'ApplicationScopeMappingCtrl'
+ controller : 'ClientScopeMappingCtrl'
})
- .when('/realms/:realm/applications/:application/installation', {
- templateUrl : resourceUrl + '/partials/application-installation.html',
+ .when('/realms/:realm/clients/:client/installation', {
+ templateUrl : resourceUrl + '/partials/client-installation.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
}
},
- controller : 'ApplicationInstallationCtrl'
+ controller : 'ClientInstallationCtrl'
})
- .when('/create/application/:realm', {
- templateUrl : resourceUrl + '/partials/application-detail.html',
+ .when('/create/client/:realm', {
+ templateUrl : resourceUrl + '/partials/client-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
},
- application : function() {
+ client : function() {
return {};
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
}
},
- controller : 'ApplicationDetailCtrl'
+ controller : 'ClientDetailCtrl'
})
- .when('/realms/:realm/applications/:application', {
- templateUrl : resourceUrl + '/partials/application-detail.html',
+ .when('/realms/:realm/clients/:client', {
+ templateUrl : resourceUrl + '/partials/client-detail.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
},
- application : function(ApplicationLoader) {
- return ApplicationLoader();
+ client : function(ClientLoader) {
+ return ClientLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
}
},
- controller : 'ApplicationDetailCtrl'
+ controller : 'ClientDetailCtrl'
})
- .when('/realms/:realm/applications', {
- templateUrl : resourceUrl + '/partials/application-list.html',
+ .when('/realms/:realm/clients', {
+ templateUrl : resourceUrl + '/partials/client-list.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
},
- applications : function(ApplicationListLoader) {
- return ApplicationListLoader();
+ clients : function(ClientListLoader) {
+ return ClientListLoader();
},
serverInfo : function(ServerInfoLoader) {
return ServerInfoLoader();
}
},
- controller : 'ApplicationListCtrl'
+ controller : 'ClientListCtrl'
})
- .when('/import/application/:realm', {
- templateUrl : resourceUrl + '/partials/application-import.html',
+ .when('/import/client/:realm', {
+ templateUrl : resourceUrl + '/partials/client-import.html',
resolve : {
realm : function(RealmLoader) {
return RealmLoader();
@@ -739,7 +739,7 @@ module.config([ '$routeProvider', function($routeProvider) {
return ServerInfoLoader();
}
},
- controller : 'ApplicationImportCtrl'
+ controller : 'ClientImportCtrl'
})
.when('/', {
templateUrl : resourceUrl + '/partials/home.html',
@@ -772,8 +772,8 @@ module.config([ '$routeProvider', function($routeProvider) {
realm : function(RealmLoader) {
return RealmLoader();
},
- stats : function(RealmApplicationSessionStatsLoader) {
- return RealmApplicationSessionStatsLoader();
+ stats : function(RealmClientSessionStatsLoader) {
+ return RealmClientSessionStatsLoader();
}
},
controller : 'RealmSessionStatsCtrl'
@@ -1353,12 +1353,12 @@ module.directive('kcNavigation', function ($compile, Notifications) {
}
});
-module.directive('kcNavigationApplication', function () {
+module.directive('kcNavigationClient', function () {
return {
scope: true,
restrict: 'E',
replace: true,
- templateUrl: resourceUrl + '/templates/kc-navigation-application.html'
+ templateUrl: resourceUrl + '/templates/kc-navigation-client.html'
}
});
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
index 750d482..97c1bda 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
@@ -476,7 +476,7 @@ module.controller('RealmRequiredCredentialsCtrl', function($scope, Realm, realm,
};
});
-module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, applications, roles, Notifications, ApplicationRole, Application) {
+module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, clients, roles, Notifications, ClientRole, Client) {
console.log('RealmDefaultRolesCtrl');
@@ -486,17 +486,17 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli
$scope.selectedRealmRoles = [];
$scope.selectedRealmDefRoles = [];
- $scope.applications = angular.copy(applications);
- for (var i = 0; i < applications.length; i++) {
- if (applications[i].name == 'account') {
- $scope.application = $scope.applications[i];
+ $scope.clients = angular.copy(clients);
+ for (var i = 0; i < clients.length; i++) {
+ if (clients[i].name == 'account') {
+ $scope.client = $scope.clients[i];
break;
}
}
- $scope.availableAppRoles = [];
- $scope.selectedAppRoles = [];
- $scope.selectedAppDefRoles = [];
+ $scope.availableClientRoles = [];
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientDefRoles = [];
if (!$scope.realm.hasOwnProperty('defaultRoles') || $scope.realm.defaultRoles === null) {
$scope.realm.defaultRoles = [];
@@ -550,81 +550,81 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli
});
};
- $scope.changeApplication = function () {
+ $scope.changeClient = function () {
- $scope.selectedAppRoles = [];
- $scope.selectedAppDefRoles = [];
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientDefRoles = [];
- // Populate available roles for selected application
- if ($scope.application) {
- var appDefaultRoles = ApplicationRole.query({realm: $scope.realm.realm, application: $scope.application.id}, function () {
+ // Populate available roles for selected client
+ if ($scope.client) {
+ var appDefaultRoles = ClientRole.query({realm: $scope.realm.realm, client: $scope.client.id}, function () {
- if (!$scope.application.hasOwnProperty('defaultRoles') || $scope.application.defaultRoles === null) {
- $scope.application.defaultRoles = [];
+ if (!$scope.client.hasOwnProperty('defaultRoles') || $scope.client.defaultRoles === null) {
+ $scope.client.defaultRoles = [];
}
- $scope.availableAppRoles = [];
+ $scope.availableClientRoles = [];
for (var i = 0; i < appDefaultRoles.length; i++) {
var roleName = appDefaultRoles[i].name;
- if ($scope.application.defaultRoles.indexOf(roleName) < 0) {
- $scope.availableAppRoles.push(roleName);
+ if ($scope.client.defaultRoles.indexOf(roleName) < 0) {
+ $scope.availableClientRoles.push(roleName);
}
}
});
} else {
- $scope.availableAppRoles = null;
+ $scope.availableClientRoles = null;
}
};
- $scope.addAppDefaultRole = function () {
+ $scope.addClientDefaultRole = function () {
// Remove selected roles from the app available roles and add them to app default roles (move from left to right).
- for (var i = 0; i < $scope.selectedAppRoles.length; i++) {
- var role = $scope.selectedAppRoles[i];
+ for (var i = 0; i < $scope.selectedClientRoles.length; i++) {
+ var role = $scope.selectedClientRoles[i];
- var idx = $scope.application.defaultRoles.indexOf(role);
+ var idx = $scope.client.defaultRoles.indexOf(role);
if (idx < 0) {
- $scope.application.defaultRoles.push(role);
+ $scope.client.defaultRoles.push(role);
}
- idx = $scope.availableAppRoles.indexOf(role);
+ idx = $scope.availableClientRoles.indexOf(role);
if (idx != -1) {
- $scope.availableAppRoles.splice(idx, 1);
+ $scope.availableClientRoles.splice(idx, 1);
}
}
- // Update/save the selected application with new default roles.
- Application.update({
+ // Update/save the selected client with new default roles.
+ Client.update({
realm: $scope.realm.realm,
- application: $scope.application.id
- }, $scope.application, function () {
- Notifications.success("Your changes have been saved to the application.");
+ client: $scope.client.id
+ }, $scope.client, function () {
+ Notifications.success("Your changes have been saved to the client.");
});
};
- $scope.rmAppDefaultRole = function () {
+ $scope.rmClientDefaultRole = function () {
// Remove selected roles from the app default roles and add them to app available roles (move from right to left).
- for (var i = 0; i < $scope.selectedAppDefRoles.length; i++) {
- var role = $scope.selectedAppDefRoles[i];
- var idx = $scope.application.defaultRoles.indexOf(role);
+ for (var i = 0; i < $scope.selectedClientDefRoles.length; i++) {
+ var role = $scope.selectedClientDefRoles[i];
+ var idx = $scope.client.defaultRoles.indexOf(role);
if (idx != -1) {
- $scope.application.defaultRoles.splice(idx, 1);
+ $scope.client.defaultRoles.splice(idx, 1);
}
- idx = $scope.availableAppRoles.indexOf(role);
+ idx = $scope.availableClientRoles.indexOf(role);
if (idx < 0) {
- $scope.availableAppRoles.push(role);
+ $scope.availableClientRoles.push(role);
}
}
- // Update/save the selected application with new default roles.
- Application.update({
+ // Update/save the selected client with new default roles.
+ Client.update({
realm: $scope.realm.realm,
- application: $scope.application.id
- }, $scope.application, function () {
- Notifications.success("Your changes have been saved to the application.");
+ client: $scope.client.id
+ }, $scope.client, function () {
+ Notifications.success("Your changes have been saved to the client.");
});
};
@@ -848,7 +848,7 @@ module.controller('RealmIdentityProviderCtrl', function($scope, $filter, $upload
alias : $scope.identityProvider.alias
}, function() {
$location.url("/realms/" + realm.realm + "/identity-provider-settings");
- Notifications.success("The application has been deleted.");
+ Notifications.success("The client has been deleted.");
});
});
};
@@ -1008,7 +1008,7 @@ module.controller('RealmKeysDetailCtrl', function($scope, Realm, realm, $http, $
};
});
-module.controller('RealmSessionStatsCtrl', function($scope, realm, stats, RealmApplicationSessionStats, RealmLogoutAll, Notifications) {
+module.controller('RealmSessionStatsCtrl', function($scope, realm, stats, RealmClientSessionStats, RealmLogoutAll, Notifications) {
$scope.realm = realm;
$scope.stats = stats;
@@ -1073,7 +1073,7 @@ module.controller('RealmRevocationCtrl', function($scope, Realm, RealmPushRevoca
var msgStart = successCount>0 ? 'Successfully push notBefore to: ' + globalReqResult.successRequests + ' . ' : '';
Notifications.error(msgStart + 'Failed to push notBefore to: ' + globalReqResult.failedRequests + '. Verify availability of failed hosts and try again');
} else {
- Notifications.success('Successfully push notBefore to all configured applications');
+ Notifications.success('Successfully push notBefore to all configured clients');
}
});
}
@@ -1094,8 +1094,8 @@ module.controller('RoleListCtrl', function($scope, $location, realm, roles) {
});
-module.controller('RoleDetailCtrl', function($scope, realm, role, roles, applications,
- Role, ApplicationRole, RoleById, RoleRealmComposites, RoleApplicationComposites,
+module.controller('RoleDetailCtrl', function($scope, realm, role, roles, clients,
+ Role, ClientRole, RoleById, RoleRealmComposites, RoleClientComposites,
$http, $location, Dialog, Notifications) {
$scope.realm = realm;
$scope.role = angular.copy(role);
@@ -1141,8 +1141,8 @@ module.controller('RoleDetailCtrl', function($scope, realm, role, roles, applica
- roleControl($scope, realm, role, roles, applications,
- ApplicationRole, RoleById, RoleRealmComposites, RoleApplicationComposites,
+ roleControl($scope, realm, role, roles, clients,
+ ClientRole, RoleById, RoleRealmComposites, RoleClientComposites,
$http, $location, Notifications, Dialog);
});
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
index 3d50839..30003bd 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
@@ -1,17 +1,17 @@
-module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, applications, Notifications, RealmRoleMapping,
- ApplicationRoleMapping, AvailableRealmRoleMapping, AvailableApplicationRoleMapping,
- CompositeRealmRoleMapping, CompositeApplicationRoleMapping) {
+module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, clients, Notifications, RealmRoleMapping,
+ ClientRoleMapping, AvailableRealmRoleMapping, AvailableClientRoleMapping,
+ CompositeRealmRoleMapping, CompositeClientRoleMapping) {
$scope.realm = realm;
$scope.user = user;
$scope.selectedRealmRoles = [];
$scope.selectedRealmMappings = [];
$scope.realmMappings = [];
- $scope.applications = applications;
- $scope.applicationRoles = [];
- $scope.applicationComposite = [];
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
- $scope.applicationMappings = [];
+ $scope.clients = clients;
+ $scope.clientRoles = [];
+ $scope.clientComposite = [];
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
+ $scope.clientMappings = [];
$scope.dummymodel = [];
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
@@ -26,13 +26,13 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, ap
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.selectedRealmMappings = [];
$scope.selectRealmRoles = [];
- if ($scope.application) {
+ if ($scope.client) {
console.log('load available');
- $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
+ $scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
}
Notifications.success("Role mappings updated.");
@@ -47,57 +47,57 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, ap
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.selectedRealmMappings = [];
$scope.selectRealmRoles = [];
- if ($scope.application) {
+ if ($scope.client) {
console.log('load available');
- $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
+ $scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
}
Notifications.success("Role mappings updated.");
});
};
- $scope.addApplicationRole = function() {
- $http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/applications-by-id/' + $scope.application.id,
- $scope.selectedApplicationRoles).success(function() {
- $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
+ $scope.addClientRole = function() {
+ $http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients-by-id/' + $scope.client.id,
+ $scope.selectedClientRoles).success(function() {
+ $scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
Notifications.success("Role mappings updated.");
});
};
- $scope.deleteApplicationRole = function() {
- $http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/applications-by-id/' + $scope.application.id,
- {data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
- $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
+ $scope.deleteClientRole = function() {
+ $http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients-by-id/' + $scope.client.id,
+ {data : $scope.selectedClientMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ $scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
Notifications.success("Role mappings updated.");
});
};
- $scope.changeApplication = function() {
- console.log('changeApplication');
- if ($scope.application) {
+ $scope.changeClient = function() {
+ console.log('changeClient');
+ if ($scope.client) {
console.log('load available');
- $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
- $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.id});
+ $scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
+ $scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
} else {
- $scope.applicationRoles = null;
- $scope.applicationMappings = null;
- $scope.applicationComposite = null;
+ $scope.clientRoles = null;
+ $scope.clientMappings = null;
+ $scope.clientComposite = null;
}
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
};
@@ -111,7 +111,7 @@ module.controller('UserSessionsCtrl', function($scope, realm, user, sessions, Us
$scope.logoutAll = function() {
UserLogout.save({realm : realm.realm, user: user.username}, function () {
- Notifications.success('Logged out user in all applications');
+ Notifications.success('Logged out user in all clients');
UserSessions.query({realm: realm.realm, user: user.username}, function(updated) {
$scope.sessions = updated;
})
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js
index 7223ae5..b6e0541 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/loaders.js
@@ -71,19 +71,19 @@ module.factory('RealmSessionStatsLoader', function(Loader, RealmSessionStats, $r
});
});
-module.factory('RealmApplicationSessionStatsLoader', function(Loader, RealmApplicationSessionStats, $route, $q) {
- return Loader.query(RealmApplicationSessionStats, function() {
+module.factory('RealmClientSessionStatsLoader', function(Loader, RealmClientSessionStats, $route, $q) {
+ return Loader.query(RealmClientSessionStats, function() {
return {
realm : $route.current.params.realm
}
});
});
-module.factory('ApplicationProtocolMapperLoader', function(Loader, ApplicationProtocolMapper, $route, $q) {
- return Loader.get(ApplicationProtocolMapper, function() {
+module.factory('ClientProtocolMapperLoader', function(Loader, ClientProtocolMapper, $route, $q) {
+ return Loader.get(ClientProtocolMapper, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application,
+ client : $route.current.params.client,
id: $route.current.params.id
}
});
@@ -164,74 +164,74 @@ module.factory('RoleListLoader', function(Loader, Role, $route, $q) {
});
});
-module.factory('ApplicationRoleLoader', function(Loader, RoleById, $route, $q) {
+module.factory('ClientRoleLoader', function(Loader, RoleById, $route, $q) {
return Loader.get(RoleById, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application,
+ client : $route.current.params.client,
role : $route.current.params.role
}
});
});
-module.factory('ApplicationSessionStatsLoader', function(Loader, ApplicationSessionStats, $route, $q) {
- return Loader.get(ApplicationSessionStats, function() {
+module.factory('ClientSessionStatsLoader', function(Loader, ClientSessionStats, $route, $q) {
+ return Loader.get(ClientSessionStats, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application
+ client : $route.current.params.client
}
});
});
-module.factory('ApplicationSessionCountLoader', function(Loader, ApplicationSessionCount, $route, $q) {
- return Loader.get(ApplicationSessionCount, function() {
+module.factory('ClientSessionCountLoader', function(Loader, ClientSessionCount, $route, $q) {
+ return Loader.get(ClientSessionCount, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application
+ client : $route.current.params.client
}
});
});
-module.factory('ApplicationClaimsLoader', function(Loader, ApplicationClaims, $route, $q) {
- return Loader.get(ApplicationClaims, function() {
+module.factory('ClientClaimsLoader', function(Loader, ClientClaims, $route, $q) {
+ return Loader.get(ClientClaims, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application
+ client : $route.current.params.client
}
});
});
-module.factory('ApplicationInstallationLoader', function(Loader, ApplicationInstallation, $route, $q) {
- return Loader.get(ApplicationInstallation, function() {
+module.factory('ClientInstallationLoader', function(Loader, ClientInstallation, $route, $q) {
+ return Loader.get(ClientInstallation, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application
+ client : $route.current.params.client
}
});
});
-module.factory('ApplicationRoleListLoader', function(Loader, ApplicationRole, $route, $q) {
- return Loader.query(ApplicationRole, function() {
+module.factory('ClientRoleListLoader', function(Loader, ClientRole, $route, $q) {
+ return Loader.query(ClientRole, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application
+ client : $route.current.params.client
}
});
});
-module.factory('ApplicationLoader', function(Loader, Application, $route, $q) {
- return Loader.get(Application, function() {
+module.factory('ClientLoader', function(Loader, Client, $route, $q) {
+ return Loader.get(Client, function() {
return {
realm : $route.current.params.realm,
- application : $route.current.params.application
+ client : $route.current.params.client
}
});
});
-module.factory('ApplicationListLoader', function(Loader, Application, $route, $q) {
- return Loader.query(Application, function() {
+module.factory('ClientListLoader', function(Loader, Client, $route, $q) {
+ return Loader.query(Client, function() {
return {
realm : $route.current.params.realm
}
@@ -240,7 +240,7 @@ module.factory('ApplicationListLoader', function(Loader, Application, $route, $q
module.factory('RoleMappingLoader', function(Loader, RoleMapping, $route, $q) {
- var realm = $route.current.params.realm || $route.current.params.application;
+ var realm = $route.current.params.realm || $route.current.params.client;
return Loader.query(RoleMapping, function() {
return {
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js
index 805bc01..da0b2eb 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/js/services.js
@@ -190,10 +190,10 @@ module.factory('ServerInfo', function($resource) {
-module.factory('ApplicationProtocolMapper', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/protocol-mappers/models/:id', {
+module.factory('ClientProtocolMapper', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/protocol-mappers/models/:id', {
realm : '@realm',
- application: '@application',
+ client: '@client',
id : "@id"
}, {
update : {
@@ -324,72 +324,72 @@ module.factory('AvailableRealmRoleMapping', function($resource) {
});
-module.factory('ApplicationRoleMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/applications-by-id/:application', {
+module.factory('ClientRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients-by-id/:client', {
realm : '@realm',
userId : '@userId',
- application : "@application"
+ client : "@client"
});
});
-module.factory('AvailableApplicationRoleMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/applications-by-id/:application/available', {
+module.factory('AvailableClientRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients-by-id/:client/available', {
realm : '@realm',
userId : '@userId',
- application : "@application"
+ client : "@client"
});
});
-module.factory('CompositeApplicationRoleMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/applications-by-id/:application/composite', {
+module.factory('CompositeClientRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients-by-id/:client/composite', {
realm : '@realm',
userId : '@userId',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationRealmScopeMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/scope-mappings/realm', {
+module.factory('ClientRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/realm', {
realm : '@realm',
- application : '@application'
+ client : '@client'
});
});
-module.factory('ApplicationAvailableRealmScopeMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/scope-mappings/realm/available', {
+module.factory('ClientAvailableRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/realm/available', {
realm : '@realm',
- application : '@application'
+ client : '@client'
});
});
-module.factory('ApplicationCompositeRealmScopeMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/scope-mappings/realm/composite', {
+module.factory('ClientCompositeRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/realm/composite', {
realm : '@realm',
- application : '@application'
+ client : '@client'
});
});
-module.factory('ApplicationApplicationScopeMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/scope-mappings/applications-by-id/:targetApp', {
+module.factory('ClientClientScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/clients-by-id/:targetClient', {
realm : '@realm',
- application : '@application',
- targetApp : '@targetApp'
+ client : '@client',
+ targetClient : '@targetClient'
});
});
-module.factory('ApplicationAvailableApplicationScopeMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/scope-mappings/applications-by-id/:targetApp/available', {
+module.factory('ClientAvailableClientScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/clients-by-id/:targetClient/available', {
realm : '@realm',
- application : '@application',
- targetApp : '@targetApp'
+ client : '@client',
+ targetClient : '@targetClient'
});
});
-module.factory('ApplicationCompositeApplicationScopeMapping', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/scope-mappings/applications-by-id/:targetApp/composite', {
+module.factory('ClientCompositeClientScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/clients-by-id/:targetClient/composite', {
realm : '@realm',
- application : '@application',
- targetApp : '@targetApp'
+ client : '@client',
+ targetClient : '@targetClient'
});
});
@@ -420,24 +420,24 @@ module.factory('RealmSessionStats', function($resource) {
});
});
-module.factory('RealmApplicationSessionStats', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/application-by-id-session-stats', {
+module.factory('RealmClientSessionStats', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/client-by-id-session-stats', {
realm : '@realm'
});
});
-module.factory('RoleApplicationComposites', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/roles-by-id/:role/composites/applications-by-id/:application', {
+module.factory('RoleClientComposites', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/roles-by-id/:role/composites/clients-by-id/:client', {
realm : '@realm',
role : '@role',
- application : "@application"
+ client : "@client"
});
});
-function roleControl($scope, realm, role, roles, applications,
- ApplicationRole, RoleById, RoleRealmComposites, RoleApplicationComposites,
+function roleControl($scope, realm, role, roles, clients,
+ ClientRole, RoleById, RoleRealmComposites, RoleClientComposites,
$http, $location, Notifications, Dialog) {
$scope.$watch(function () {
@@ -476,11 +476,11 @@ function roleControl($scope, realm, role, roles, applications,
$scope.selectedRealmRoles = [];
$scope.selectedRealmMappings = [];
$scope.realmMappings = [];
- $scope.applications = applications;
- $scope.applicationRoles = [];
- $scope.selectedApplicationRoles = [];
- $scope.selectedApplicationMappings = [];
- $scope.applicationMappings = [];
+ $scope.clients = clients;
+ $scope.clientRoles = [];
+ $scope.selectedClientRoles = [];
+ $scope.selectedClientMappings = [];
+ $scope.clientMappings = [];
for (var j = 0; j < $scope.realmRoles.length; j++) {
if ($scope.realmRoles[j].id == role.id) {
@@ -540,61 +540,61 @@ function roleControl($scope, realm, role, roles, applications,
});
};
- $scope.addApplicationRole = function() {
+ $scope.addClientRole = function() {
$scope.compositeSwitchDisabled=true;
$http.post(authUrl + '/admin/realms/' + realm.realm + '/roles-by-id/' + role.id + '/composites',
- $scope.selectedApplicationRoles).success(function() {
- for (var i = 0; i < $scope.selectedApplicationRoles.length; i++) {
- var role = $scope.selectedApplicationRoles[i];
- var idx = $scope.applicationRoles.indexOf($scope.selectedApplicationRoles[i]);
+ $scope.selectedClientRoles).success(function() {
+ for (var i = 0; i < $scope.selectedClientRoles.length; i++) {
+ var role = $scope.selectedClientRoles[i];
+ var idx = $scope.clientRoles.indexOf($scope.selectedClientRoles[i]);
if (idx != -1) {
- $scope.applicationRoles.splice(idx, 1);
- $scope.applicationMappings.push(role);
+ $scope.clientRoles.splice(idx, 1);
+ $scope.clientMappings.push(role);
}
}
- $scope.selectedApplicationRoles = [];
+ $scope.selectedClientRoles = [];
});
};
- $scope.deleteApplicationRole = function() {
+ $scope.deleteClientRole = function() {
$scope.compositeSwitchDisabled=true;
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/roles-by-id/' + role.id + '/composites',
- {data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
- for (var i = 0; i < $scope.selectedApplicationMappings.length; i++) {
- var role = $scope.selectedApplicationMappings[i];
- var idx = $scope.applicationMappings.indexOf($scope.selectedApplicationMappings[i]);
+ {data : $scope.selectedClientMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ for (var i = 0; i < $scope.selectedClientMappings.length; i++) {
+ var role = $scope.selectedClientMappings[i];
+ var idx = $scope.clientMappings.indexOf($scope.selectedClientMappings[i]);
if (idx != -1) {
- $scope.applicationMappings.splice(idx, 1);
- $scope.applicationRoles.push(role);
+ $scope.clientMappings.splice(idx, 1);
+ $scope.clientRoles.push(role);
}
}
- $scope.selectedApplicationMappings = [];
+ $scope.selectedClientMappings = [];
});
};
- $scope.changeApplication = function() {
- $scope.applicationRoles = ApplicationRole.query({realm : realm.realm, application : $scope.compositeApp.id}, function() {
- $scope.applicationMappings = RoleApplicationComposites.query({realm : realm.realm, role : role.id, application : $scope.compositeApp.id}, function(){
- for (var i = 0; i < $scope.applicationMappings.length; i++) {
- var role = $scope.applicationMappings[i];
- for (var j = 0; j < $scope.applicationRoles.length; j++) {
- var realmRole = $scope.applicationRoles[j];
+ $scope.changeClient = function() {
+ $scope.clientRoles = ClientRole.query({realm : realm.realm, client : $scope.compositeClient.id}, function() {
+ $scope.clientMappings = RoleClientComposites.query({realm : realm.realm, role : role.id, client : $scope.compositeClient.id}, function(){
+ for (var i = 0; i < $scope.clientMappings.length; i++) {
+ var role = $scope.clientMappings[i];
+ for (var j = 0; j < $scope.clientRoles.length; j++) {
+ var realmRole = $scope.clientRoles[j];
if (realmRole.id == role.id) {
- var idx = $scope.applicationRoles.indexOf(realmRole);
+ var idx = $scope.clientRoles.indexOf(realmRole);
if (idx != -1) {
- $scope.applicationRoles.splice(idx, 1);
+ $scope.clientRoles.splice(idx, 1);
break;
}
}
}
}
});
- for (var j = 0; j < $scope.applicationRoles.length; j++) {
- if ($scope.applicationRoles[j] == role.id) {
- var appRole = $scope.applicationRoles[j];
- var idx = $scope.applicationRoles.indexof(appRole);
- $scope.applicationRoles.splice(idx, 1);
+ for (var j = 0; j < $scope.clientRoles.length; j++) {
+ if ($scope.clientRoles[j] == role.id) {
+ var appRole = $scope.clientRoles[j];
+ var idx = $scope.clientRoles.indexof(appRole);
+ $scope.clientRoles.splice(idx, 1);
break;
}
}
@@ -630,10 +630,10 @@ module.factory('RoleById', function($resource) {
});
});
-module.factory('ApplicationRole', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/roles/:role', {
+module.factory('ClientRole', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/roles/:role', {
realm : '@realm',
- application : "@application",
+ client : "@client",
role : '@role'
}, {
update : {
@@ -642,10 +642,10 @@ module.factory('ApplicationRole', function($resource) {
});
});
-module.factory('ApplicationClaims', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/claims', {
+module.factory('ClientClaims', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/claims', {
realm : '@realm',
- application : "@application"
+ client : "@client"
}, {
update : {
method : 'PUT'
@@ -653,52 +653,52 @@ module.factory('ApplicationClaims', function($resource) {
});
});
-module.factory('ApplicationProtocolMappersByProtocol', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/protocol-mappers/protocol/:protocol', {
+module.factory('ClientProtocolMappersByProtocol', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/protocol-mappers/protocol/:protocol', {
realm : '@realm',
- application : "@application",
+ client : "@client",
protocol : "@protocol"
});
});
-module.factory('ApplicationSessionStats', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/session-stats', {
+module.factory('ClientSessionStats', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/session-stats', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationSessionStatsWithUsers', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/session-stats?users=true', {
+module.factory('ClientSessionStatsWithUsers', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/session-stats?users=true', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationSessionCount', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/session-count', {
+module.factory('ClientSessionCount', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/session-count', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationUserSessions', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/user-sessions', {
+module.factory('ClientUserSessions', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/user-sessions', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationLogoutAll', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/logout-all', {
+module.factory('ClientLogoutAll', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/logout-all', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationLogoutUser', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/logout-user/:user', {
+module.factory('ClientLogoutUser', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/logout-user/:user', {
realm : '@realm',
- application : "@application",
+ client : "@client",
user : "@user"
});
});
@@ -708,39 +708,39 @@ module.factory('RealmLogoutAll', function($resource) {
});
});
-module.factory('ApplicationPushRevocation', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/push-revocation', {
+module.factory('ClientPushRevocation', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/push-revocation', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationClusterNode', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/nodes/:node', {
+module.factory('ClientClusterNode', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/nodes/:node', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationTestNodesAvailable', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/test-nodes-available', {
+module.factory('ClientTestNodesAvailable', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/test-nodes-available', {
realm : '@realm',
- application : "@application"
+ client : "@client"
});
});
-module.factory('ApplicationCertificate', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/certificates/:attribute', {
+module.factory('ClientCertificate', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/certificates/:attribute', {
realm : '@realm',
- application : "@application",
+ client : "@client",
attribute: "@attribute"
});
});
-module.factory('ApplicationCertificateGenerate', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/certificates/:attribute/generate', {
+module.factory('ClientCertificateGenerate', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/certificates/:attribute/generate', {
realm : '@realm',
- application : "@application",
+ client : "@client",
attribute: "@attribute"
},
{
@@ -750,10 +750,10 @@ module.factory('ApplicationCertificateGenerate', function($resource) {
});
});
-module.factory('ApplicationCertificateDownload', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/certificates/:attribute/download', {
+module.factory('ClientCertificateDownload', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/certificates/:attribute/download', {
realm : '@realm',
- application : "@application",
+ client : "@client",
attribute: "@attribute"
},
{
@@ -764,10 +764,10 @@ module.factory('ApplicationCertificateDownload', function($resource) {
});
});
-module.factory('Application', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application', {
+module.factory('Client', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client', {
realm : '@realm',
- application : '@application'
+ client : '@client'
}, {
update : {
method : 'PUT'
@@ -775,29 +775,29 @@ module.factory('Application', function($resource) {
});
});
-module.factory('ApplicationInstallation', function($resource) {
- var url = authUrl + '/admin/realms/:realm/applications-by-id/:application/installation/json';
+module.factory('ClientInstallation', function($resource) {
+ var url = authUrl + '/admin/realms/:realm/clients-by-id/:client/installation/json';
return {
url : function(parameters)
{
- return url.replace(':realm', parameters.realm).replace(':application', parameters.application);
+ return url.replace(':realm', parameters.realm).replace(':client', parameters.client);
}
}
});
-module.factory('ApplicationInstallationJBoss', function($resource) {
- var url = authUrl + '/admin/realms/:realm/applications-by-id/:application/installation/jboss';
+module.factory('ClientInstallationJBoss', function($resource) {
+ var url = authUrl + '/admin/realms/:realm/clients-by-id/:client/installation/jboss';
return {
url : function(parameters)
{
- return url.replace(':realm', parameters.realm).replace(':application', parameters.application);
+ return url.replace(':realm', parameters.realm).replace(':client', parameters.client);
}
}
});
-module.factory('ApplicationCredentials', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/client-secret', {
+module.factory('ClientCredentials', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/client-secret', {
realm : '@realm',
- application : '@application'
+ client : '@client'
}, {
update : {
method : 'POST'
@@ -805,10 +805,10 @@ module.factory('ApplicationCredentials', function($resource) {
});
});
-module.factory('ApplicationOrigins', function($resource) {
- return $resource(authUrl + '/admin/realms/:realm/applications-by-id/:application/allowed-origins', {
+module.factory('ClientOrigins', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/allowed-origins', {
realm : '@realm',
- application : '@application'
+ client : '@client'
}, {
update : {
method : 'PUT',
@@ -822,8 +822,8 @@ module.factory('Current', function(Realm, $route) {
current.realms = {};
current.realm = null;
- current.applications = {};
- current.application = null;
+ current.clients = {};
+ current.client = null;
current.refresh = function() {
current.realm = null;
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/protocol-mapper-detail.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/protocol-mapper-detail.html
index aed7f50..03a52bb 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/protocol-mapper-detail.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/protocol-mapper-detail.html
@@ -1,18 +1,18 @@
<div class="bs-sidebar col-sm-3 " data-ng-include data-src="resourceUrl + '/partials/realm-menu.html'"></div>
<div id="content-area" class="col-sm-9" role="main">
- <kc-navigation-application></kc-navigation-application>
+ <kc-navigation-client></kc-navigation-client>
<div id="content">
<ol class="breadcrumb" data-ng-show="create">
- <li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
- <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}">{{application.name}}</a></li>
- <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers">Protocol Mappers</a></li>
+ <li><a href="#/realms/{{realm.realm}}/clients">Clients</a></li>
+ <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+ <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/mappers">Protocol Mappers</a></li>
<li class="active">Create Protocol Mapper</li>
</ol>
<ol class="breadcrumb" data-ng-hide="create">
- <li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
- <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}">{{application.name}}</a></li>
- <li><a href="#/realms/{{realm.realm}}/applications/{{application.id}}/mappers">Protocol Mappers</a></li>
+ <li><a href="#/realms/{{realm.realm}}/clients">Clients</a></li>
+ <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">{{client.clientId}}</a></li>
+ <li><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/mappers">Protocol Mappers</a></li>
<li class="active">{{mapper.name}}</li>
</ol>
<h2 class="pull-left" data-ng-hide="create">{{mapper.name}} Protocol Mapper</h2>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-cache-settings.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-cache-settings.html
index 2567173..e4a134c 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-cache-settings.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-cache-settings.html
@@ -12,7 +12,7 @@
<div class="col-sm-4">
<input ng-model="realm.realmCacheEnabled" name="realmCacheEnabled" id="realmCacheEnabled" onoffswitch />
</div>
- <span tooltip-placement="right" tooltip="Enable/disable cache for realm, application, oauth client, and role data." class="fa fa-info-circle"></span>
+ <span tooltip-placement="right" tooltip="Enable/disable cache for realm, client and role data." class="fa fa-info-circle"></span>
</div>
<div class="form-group">
<label class="col-sm-2 control-label" for="userCacheEnabled">User Cache Enabled</label>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-default-roles.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-default-roles.html
index d2207f7..f03349e 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-default-roles.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-default-roles.html
@@ -40,45 +40,45 @@
</div>
</fieldset>
- <fieldset ng-show="applications.length > 0">
- <legend><span class="text">Application Default Roles</span> </legend>
+ <fieldset ng-show="clients.length > 0">
+ <legend><span class="text">Client Default Roles</span> </legend>
<div class="form-group input-select">
- <label class="col-sm-2 control-label" for="applications">Application <span tooltip-placement="top" tooltip="Select an application to view/modify assigned default roles." class="fa fa-info-circle"></span></label>
+ <label class="col-sm-2 control-label" for="clients">Client <span tooltip-placement="top" tooltip="Select an client to view/modify assigned default roles." class="fa fa-info-circle"></span></label>
<div class="col-sm-4">
<div class="input-group">
<div class="select-kc">
- <select id="applications" name="applications" ng-change="changeApplication()" ng-model="application" ng-options="a.name for a in applications" ng-disabled="false">
- <option value="" selected> Select an Application...</option>
+ <select id="clients" name="clients" ng-change="changeClient()" ng-model="client" ng-options="a.clientId for a in clients" ng-disabled="false">
+ <option value="" selected> Select a Client...</option>
</select>
</div>
</div>
</div>
</div>
- <div class="form-group" ng-show="application">
+ <div class="form-group" ng-show="client">
<div class="controls changing-selectors col-sm-10">
<div class="select-title">
- <label class="control-label" for="available-app">Available Roles <span tooltip-placement="right" tooltip="Roles from this application that are assignable as a default." class="fa fa-info-circle"></span></label>
- <select id="available-app" class="form-control" multiple size="5"
+ <label class="control-label" for="available-client">Available Roles <span tooltip-placement="right" tooltip="Roles from this client that are assignable as a default." class="fa fa-info-circle"></span></label>
+ <select id="available-client" class="form-control" multiple size="5"
ng-multiple="true"
- ng-model="selectedAppRoles"
- ng-options="r for r in availableAppRoles">
+ ng-model="selectedClientRoles"
+ ng-options="r for r in availableClientRoles">
</select>
</div>
<div class="middle-buttons">
- <button class="btn btn-default" type="submit" ng-click="addAppDefaultRole()" tooltip="Assign role" tooltip-placement="right">
+ <button class="btn btn-default" type="submit" ng-click="addClientDefaultRole()" tooltip="Assign role" tooltip-placement="right">
<span class="kc-icon-arrow-right"><span>Move right</span></span>
</button>
- <button class="btn btn-default" type="submit" ng-click="rmAppDefaultRole()" tooltip="Unassign role" tooltip-placement="left">
+ <button class="btn btn-default" type="submit" ng-click="rmClientDefaultRole()" tooltip="Unassign role" tooltip-placement="left">
<span class="kc-icon-arrow-left"><span>Move left</span></span>
</button>
</div>
<div class="select-title">
- <label class="control-label" for="assigned-app">Application Default Roles <span tooltip-placement="right" tooltip="Roles from this application assigned as a default role." class="fa fa-info-circle"></span></label>
- <select id="assigned-app" class="form-control" multiple size=5
+ <label class="control-label" for="assigned-client">Client Default Roles <span tooltip-placement="right" tooltip="Roles from this client assigned as a default role." class="fa fa-info-circle"></span></label>
+ <select id="assigned-client" class="form-control" multiple size=5
ng-multiple="true"
- ng-model="selectedAppDefRoles"
- ng-options="r for r in application.defaultRoles">
+ ng-model="selectedClientDefRoles"
+ ng-options="r for r in client.defaultRoles">
</select>
</div>
</div>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html
index 80f8e13..ae5b53a 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html
@@ -17,7 +17,7 @@
</div>
<div class="form-group">
<label class="col-sm-2 control-label" for="enabled">Enabled</label>
- <span tooltip="Users and applications can only access a realm if it's enabled" class="fa fa-info-circle"></span>
+ <span tooltip="Users and clients can only access a realm if it's enabled" class="fa fa-info-circle"></span>
<div class="col-sm-4">
<input ng-model="realm.enabled" name="enabled" id="enabled" onoffswitch />
</div>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html
index d093744..67b0a68 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-oidc.html
@@ -98,7 +98,7 @@
<div class="col-sm-4">
<input class="form-control" id="clientId" type="text" ng-model="identityProvider.config.clientId" required>
</div>
- <span tooltip-placement="right" tooltip="The client or application identifier registered withing the identity provider." class="fa fa-info-circle"></span>
+ <span tooltip-placement="right" tooltip="The client or client identifier registered withing the identity provider." class="fa fa-info-circle"></span>
</div>
<div class="form-group clearfix">
<label class="col-sm-2 control-label" for="clientSecret">Client Secret <span class="required">*</span></label>
@@ -108,7 +108,7 @@
<a href="" ng-click="showPassword(false)" class="link" ng-show="hidePassword">Show Secret</a>
<a href="" ng-click="showPassword(true);" ng-show="!hidePassword">Hide Secret</a>
</div>
- <span tooltip-placement="right" tooltip="The client or application secret registered withing the identity provider." class="fa fa-info-circle"></span>
+ <span tooltip-placement="right" tooltip="The client or client secret registered withing the identity provider." class="fa fa-info-circle"></span>
</div>
<div class="form-group clearfix">
<label class="col-sm-2 control-label" for="issuer">Issuer </label>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html
index 809984b..dd07093 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-social.html
@@ -25,7 +25,7 @@
<div class="col-sm-4">
<input class="form-control" id="clientId" type="text" ng-model="identityProvider.config.clientId" required>
</div>
- <span tooltip-placement="right" tooltip="The client or application identifier registered withing the identity provider." class="fa fa-info-circle"></span>
+ <span tooltip-placement="right" tooltip="The client identifier registered withing the identity provider." class="fa fa-info-circle"></span>
</div>
<div class="form-group clearfix">
<label class="col-sm-2 control-label" for="clientSecret">Client Secret <span class="required">*</span></label>
@@ -35,7 +35,7 @@
<a href="" ng-click="showPassword(false)" class="link" ng-show="hidePassword">Show Secret</a>
<a href="" ng-click="showPassword(true);" ng-show="!hidePassword">Hide Secret</a>
</div>
- <span tooltip-placement="right" tooltip="The client or application secret registered withing the identity provider." class="fa fa-info-circle"></span>
+ <span tooltip-placement="right" tooltip="The client secret registered withing the identity provider." class="fa fa-info-circle"></span>
</div>
<div data-ng-include data-src="resourceUrl + '/partials/realm-identity-provider-' + identityProvider.providerId + '-ext.html'"></div>
<div class="form-group clearfix">
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-stackoverflow-ext.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-stackoverflow-ext.html
index 86516df..07a0e60 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-stackoverflow-ext.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-stackoverflow-ext.html
@@ -3,5 +3,5 @@
<div class="col-sm-4">
<input class="form-control" id="clientId" type="text" ng-model="identityProvider.config.key" required>
</div>
- <span tooltip-placement="right" tooltip="The Key obtained from Stack Overflow application registration." class="fa fa-info-circle"></span>
+ <span tooltip-placement="right" tooltip="The Key obtained from Stack Overflow client registration." class="fa fa-info-circle"></span>
</div>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-menu.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-menu.html
index 00d2e31..4c60b02 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-menu.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-menu.html
@@ -4,12 +4,12 @@
|| path[2] == 'login-settings'
|| path[2] == 'theme-settings'
|| path[2] == 'cache-settings'
- || path[2] == 'keys-settings' || path[2] == 'smtp-settings' || path[2] == 'ldap-settings' || path[2] == 'auth-settings') && path[3] != 'applications') && 'active'">
+ || path[2] == 'keys-settings' || path[2] == 'smtp-settings' || path[2] == 'ldap-settings' || path[2] == 'auth-settings') && path[3] != 'clients') && 'active'">
<a href="#/realms/{{realm.realm}}">Settings</a>
</li>
<li data-ng-show="access.viewUsers" data-ng-class="(path[2] == 'users' || path[1] == 'user') && 'active'"><a href="#/realms/{{realm.realm}}/users">Users</a></li>
- <li data-ng-show="access.viewClients" data-ng-class="(path[2] == 'applications' || path[1] == 'application' || path[3] == 'applications') && 'active'"><a href="#/realms/{{realm.realm}}/applications">Clients</a></li>
- <li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'roles' || (path[1] == 'role' && path[3] != 'applications')) && 'active'"><a href="#/realms/{{realm.realm}}/roles">Roles</a></li>
+ <li data-ng-show="access.viewClients" data-ng-class="(path[2] == 'clients' || path[1] == 'client' || path[3] == 'clients') && 'active'"><a href="#/realms/{{realm.realm}}/clients">Clients</a></li>
+ <li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'roles' || (path[1] == 'role' && path[3] != 'clients')) && 'active'"><a href="#/realms/{{realm.realm}}/roles">Roles</a></li>
<li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'sessions' || path[2] == 'token-settings') && 'active'"><a href="#/realms/{{realm.realm}}/sessions/realm">Sessions and Tokens</a></li>
<li data-ng-show="access.viewRealm" data-ng-class="(path[2] == 'defense') && 'active'"><a href="#/realms/{{realm.realm}}/defense/headers">Security Defenses</a></li>
<li data-ng-show="access.viewEvents" data-ng-class="(path[2] == 'events' || path[2] == 'events-settings') && 'active'"><a href="#/realms/{{realm.realm}}/events">Events</a></li>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html
index 2f30127..eb519ee 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/realm-tokens.html
@@ -90,8 +90,7 @@
</div>
</div>
</div>
- <span tooltip-placement="right" tooltip="Max time an application or oauth client has to finish the access token protocol. This should normally be 1 minute." class="fa fa-info-circle"></span>
- </div>
+ <span tooltip-placement="right" tooltip="Max time an client has to finish the access token protocol. This should normally be 1 minute." class="fa fa-info-circle"></span> </div>
<div class="form-group input-select">
<label class="col-sm-2 control-label" for="accessCodeLifespanLogin" class="two-lines">Login lifespan</label>
<div class="col-sm-5">
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-detail.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-detail.html
index d5be190..412c8a0 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-detail.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-detail.html
@@ -74,45 +74,45 @@
</div>
</fieldset>
- <fieldset ng-show="applications.length > 0 && !create && (compositeSwitch || role.composite)">
- <legend uncollapsed class="collapsible"><span class="text">Composite Application Roles</span> </legend>
+ <fieldset ng-show="clients.length > 0 && !create && (compositeSwitch || role.composite)">
+ <legend uncollapsed class="collapsible"><span class="text">Composite Client Roles</span> </legend>
<div class="form-group input-select">
- <label class="col-sm-2 control-label" for="applications">Application <span tooltip-placement="right" tooltip="Select an application to view/modify roles associated with this composite." class="fa fa-info-circle"></span>
+ <label class="col-sm-2 control-label" for="clients">Client <span tooltip-placement="right" tooltip="Select a client to view/modify roles associated with this composite." class="fa fa-info-circle"></span>
</label>
<div class="col-sm-4">
<div class="input-group">
<div class="select-kc">
- <select id="applications" name="applications" ng-change="changeApplication()" ng-model="compositeApp" ng-options="a.name for a in applications" ng-disabled="false">
- <option value="" selected> Select an Application...</option>
+ <select id="clients" name="clients" ng-change="changeClient()" ng-model="compositeClient" ng-options="a.clientId for a in clients" ng-disabled="false">
+ <option value="" selected> Select a Client...</option>
</select>
</div>
</div>
</div>
</div>
- <div class="form-group" ng-show="compositeApp">
+ <div class="form-group" ng-show="compositeClient">
<div class="controls changing-selectors col-sm-10">
<div class="select-title">
- <label class="control-label" for="available-app">Available Roles <span tooltip-placement="right" tooltip="Roles from this application that you can associate to this composite role." class="fa fa-info-circle"></span></label>
- <select id="available-app" class="form-control" multiple size="5"
+ <label class="control-label" for="available-client">Available Roles <span tooltip-placement="right" tooltip="Roles from this client that you can associate to this composite role." class="fa fa-info-circle"></span></label>
+ <select id="available-client" class="form-control" multiple size="5"
ng-multiple="true"
- ng-model="selectedApplicationRoles"
- ng-options="r.name for r in applicationRoles">
+ ng-model="selectedClientRoles"
+ ng-options="r.name for r in clientRoles">
</select>
</div>
<div class="middle-buttons kc-vertical">
- <button class="btn btn-default" type="submit" ng-click="addApplicationRole()" tooltip="Associate role" tooltip-placement="right">
+ <button class="btn btn-default" type="submit" ng-click="addClientRole()" tooltip="Associate role" tooltip-placement="right">
<span class="kc-icon-arrow-right">Move right</span>
</button>
- <button class="btn btn-default" type="submit" ng-click="deleteApplicationRole()" tooltip="Disassociate role" tooltip-placement="left">
+ <button class="btn btn-default" type="submit" ng-click="deleteClientRole()" tooltip="Disassociate role" tooltip-placement="left">
<span class="kc-icon-arrow-left">Move left</span>
</button>
</div>
<div class="select-title">
- <label class="control-label" for="assigned-app">Associated Roles <span tooltip-placement="right" tooltip="Application roles associated with this composite role." class="fa fa-info-circle"></span></label>
- <select id="assigned-app" class="form-control" multiple size=5
+ <label class="control-label" for="assigned-client">Associated Roles <span tooltip-placement="right" tooltip="Client roles associated with this composite role." class="fa fa-info-circle"></span></label>
+ <select id="assigned-client" class="form-control" multiple size=5
ng-multiple="true"
- ng-model="selectedApplicationMappings"
- ng-options="r.name for r in applicationMappings">
+ ng-model="selectedClientMappings"
+ ng-options="r.name for r in clientMappings">
</select>
</div>
</div>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-mappings.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-mappings.html
index 0ae08be..314212b 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-mappings.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/role-mappings.html
@@ -63,56 +63,56 @@
</div>
</fieldset>
- <fieldset ng-show="applications.length > 0">
- <legend><span class="text">Application Roles</span> </legend>
+ <fieldset ng-show="clients.length > 0">
+ <legend><span class="text">Client Roles</span> </legend>
<div class="form-group input-select">
- <label class="col-sm-2 control-label" for="applications">Application <span tooltip-placement="right" tooltip="Select an application to view or modify additional roles to map." class="fa fa-info-circle"></span></label>
+ <label class="col-sm-2 control-label" for="clients">Client <span tooltip-placement="right" tooltip="Select a client to view or modify additional roles to map." class="fa fa-info-circle"></span></label>
<div class="col-sm-4">
<div class="input-group">
<div class="select-kc">
- <select id="applications" name="applications" ng-change="changeApplication()" ng-model="application" ng-options="a.name for a in applications" ng-disabled="false">
- <option value="" selected> Select an Application...</option>
+ <select id="clients" name="clients" ng-change="changeClient()" ng-model="client" ng-options="a.clientId for a in clients" ng-disabled="false">
+ <option value="" selected> Select a Client...</option>
</select>
</div>
</div>
</div>
</div>
- <div class="form-group" ng-show="application">
+ <div class="form-group" ng-show="client">
<div class="controls changing-selectors col-sm-10">
<div class="select-title">
- <label class="control-label" for="available-app">Available Roles <span tooltip-placement="right" tooltip="Assignable roles from this application." class="fa fa-info-circle"></span></label>
- <select id="available-app" class="form-control" multiple size="5"
+ <label class="control-label" for="available-client">Available Roles <span tooltip-placement="right" tooltip="Assignable roles from this client." class="fa fa-info-circle"></span></label>
+ <select id="available-client" class="form-control" multiple size="5"
ng-multiple="true"
- ng-model="selectedApplicationRoles"
- ng-options="r.name for r in applicationRoles">
+ ng-model="selectedClientRoles"
+ ng-options="r.name for r in clientRoles">
</select>
</div>
<div class="middle-buttons">
- <button class="btn btn-default" type="submit" ng-click="addApplicationRole()" tooltip="Assign role" tooltip-placement="right">
+ <button class="btn btn-default" type="submit" ng-click="addClientRole()" tooltip="Assign role" tooltip-placement="right">
<span class="kc-icon-arrow-right">Move right</span>
</button>
- <button class="btn btn-default" type="submit" ng-click="deleteApplicationRole()" tooltip="Unassign role" tooltip-placement="left">
+ <button class="btn btn-default" type="submit" ng-click="deleteClientRole()" tooltip="Unassign role" tooltip-placement="left">
<span class="kc-icon-arrow-left">Move left</span>
</button>
</div>
<div class="select-title">
- <label class="control-label" for="assigned-app">Assigned Roles <span tooltip-placement="right" tooltip="Role mappings for this application." class="fa fa-info-circle"></span></label>
- <select id="assigned-app" class="form-control" multiple size=5
+ <label class="control-label" for="assigned-client">Assigned Roles <span tooltip-placement="right" tooltip="Role mappings for this client." class="fa fa-info-circle"></span></label>
+ <select id="assigned-client" class="form-control" multiple size=5
ng-multiple="true"
- ng-model="selectedApplicationMappings"
- ng-options="r.name for r in applicationMappings">
+ ng-model="selectedClientMappings"
+ ng-options="r.name for r in clientMappings">
</select>
</div>
<div class="middle-buttons">
-
</div>
<div class="select-title">
- <label class="control-label" for="app-composite">Effective Roles <span tooltip-placement="right" tooltip="Role mappings for this application. Some roles here might be inherited from a mapped composite role." class="fa fa-info-circle"></span></label>
- <select id="app-composite" class="form-control" multiple size=5
+ <label class="control-label" for="client-composite">Effective Roles <span tooltip-placement="right" tooltip="Role mappings for this client. Some roles here might be inherited from a mapped composite role." class="fa fa-info-circle"></span></label>
+ <select id="client-composite" class="form-control" multiple size=5
ng-disabled="true"
ng-model="dummymodel"
- ng-options="r.name for r in applicationComposite">
+ ng-options="r.name for r in clientComposite">
</select>
</div>
</div>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-realm.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-realm.html
index 1394703..2535b46 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-realm.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-realm.html
@@ -18,13 +18,13 @@
</th>
</tr>
<tr>
- <th>Application</th>
+ <th>Client</th>
<th>Active Sessions</th>
</tr>
</thead>
<tbody>
<tr data-ng-repeat="data in stats">
- <td><a href="#/realms/{{realm.realm}}/applications/{{data.id}}/sessions">{{data.name}}</a></td>
+ <td><a href="#/realms/{{realm.realm}}/clients/{{data.id}}/sessions">{{data.clientId}}</a></td>
<td>{{data.active}}</td>
</tr>
</tbody>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-revocation.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-revocation.html
index 79007bc..f84c5ae 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-revocation.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/session-revocation.html
@@ -23,7 +23,7 @@
</button>
<button type="submit" data-ng-click="setNotBeforeNow()" class="btn btn-primary btn-lg">Set To Now
</button>
- <button type="submit" data-ng-click="pushRevocation()" class="btn btn-primary btn-lg" tooltip="For every application that has an admin URL, notify them of the new revocation policy." tooltip-placement="bottom">Push
+ <button type="submit" data-ng-click="pushRevocation()" class="btn btn-primary btn-lg" tooltip="For every client that has an admin URL, notify them of the new revocation policy." tooltip-placement="bottom">Push
</button>
</div>
</form>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/user-sessions.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/user-sessions.html
index f3de7e4..9db3f7d 100755
--- a/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/user-sessions.html
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/partials/user-sessions.html
@@ -27,8 +27,7 @@
<th>IP Address</th>
<th>Started</th>
<th>Last Access</th>
- <th>Applications</th>
- <th>OAuth Clients</th>
+ <th>Clients</th>
<th>Action</th>
</tr>
</thead>
@@ -38,16 +37,11 @@
<td>{{session.start | date:'medium'}}</td>
<td>{{session.lastAccess | date:'medium'}}</td>
<td>
- <div data-ng-repeat="(id, name) in session.applications">
- <a href="#/realms/{{realm.realm}}/applications/{{id}}">{{name}}</a>
+ <div data-ng-repeat="(id, clientId) in session.clients">
+ <a href="#/realms/{{realm.realm}}/clients/{{id}}">{{clientId}}</a>
</div>
</ul>
</td>
- <td>
- <div data-ng-repeat="(clientId, clientName) in session.clients">
- <a href="#/realms/{{realm.realm}}/oauth-clients/{{clientId}}">{{clientName}}</a>
- </div>
- </td>
<td><a href="" ng-click="logoutSession(session.id)">logout</a> </td>
</tr>
</tbody>
diff --git a/forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-navigation-client.html b/forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-navigation-client.html
new file mode 100755
index 0000000..9794e38
--- /dev/null
+++ b/forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-navigation-client.html
@@ -0,0 +1,13 @@
+<ul class="nav nav-tabs nav-tabs-pf" data-ng-hide="create && !path[4]">
+ <li ng-class="{active: !path[4]}"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}">Settings</a></li>
+ <li ng-class="{active: path[4] == 'credentials'}" data-ng-show="!client.publicClient && client.protocol != 'saml'"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/credentials">Credentials</a></li>
+ <li ng-class="{active: path[4] == 'saml'}" data-ng-show="client.protocol == 'saml' && (client.attributes['saml.client.signature'] == 'true' || client.attributes['saml.encrypt'] == 'true')"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/saml/keys">SAML Keys</a></li>
+ <li ng-class="{active: path[4] == 'roles'}"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/roles">Roles</a></li>
+ <li ng-class="{active: path[4] == 'mappers'}" data-ng-show="!client.bearerOnly"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/mappers">Mappers</a></li>
+ <li ng-class="{active: path[4] == 'scope-mappings'}" data-ng-show="!client.bearerOnly"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/scope-mappings">Scope</a></li>
+ <li ng-class="{active: path[4] == 'revocation'}"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/revocation">Revocation</a></li>
+<!-- <li ng-class="{active: path[4] == 'identity-provider'}" data-ng-show="realm.identityFederationEnabled"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/identity-provider">Identity Provider</a></li> -->
+ <li ng-class="{active: path[4] == 'sessions'}" data-ng-show="!client.bearerOnly"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/sessions">Sessions</a></li>
+ <li ng-class="{active: path[4] == 'clustering'}" data-ng-show="!client.publicClient"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/clustering">Clustering</a></li>
+ <li ng-class="{active: path[4] == 'installation'}" data-ng-show="client.protocol != 'saml'"><a href="#/realms/{{realm.realm}}/clients/{{client.id}}/installation">Installation</a></li>
+</ul>
\ No newline at end of file
diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/ServerRequest.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/ServerRequest.java
index 27a2949..701dc09 100755
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/ServerRequest.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/ServerRequest.java
@@ -102,8 +102,8 @@ public class ServerRequest {
formparams.add(new BasicNameValuePair(OAuth2Constants.CODE, code));
formparams.add(new BasicNameValuePair(OAuth2Constants.REDIRECT_URI, redirectUri));
if (sessionId != null) {
- formparams.add(new BasicNameValuePair(AdapterConstants.APPLICATION_SESSION_STATE, sessionId));
- formparams.add(new BasicNameValuePair(AdapterConstants.APPLICATION_SESSION_HOST, HostUtils.getHostName()));
+ formparams.add(new BasicNameValuePair(AdapterConstants.CLIENT_SESSION_STATE, sessionId));
+ formparams.add(new BasicNameValuePair(AdapterConstants.CLIENT_SESSION_HOST, HostUtils.getHostName()));
}
HttpResponse response = null;
HttpPost post = new HttpPost(tokenUrl);
@@ -237,7 +237,7 @@ public class ServerRequest {
}
List<NameValuePair> formparams = new ArrayList<NameValuePair>();
- formparams.add(new BasicNameValuePair(AdapterConstants.APPLICATION_CLUSTER_HOST, host));
+ formparams.add(new BasicNameValuePair(AdapterConstants.CLIENT_CLUSTER_HOST, host));
HttpPost post = new HttpPost(endpointUrl);
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java
index 0bc8ad7..94b254d 100755
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientResource.java
@@ -1,6 +1,5 @@
package org.keycloak.admin.client.resource;
-import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
index abc9424..9843bc5 100755
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
@@ -1,6 +1,5 @@
package org.keycloak.admin.client.resource;
-import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import javax.ws.rs.Consumes;
@@ -17,8 +16,8 @@ import java.util.List;
*/
public interface ClientsResource {
- @Path("{appName}")
- public ClientResource get(@PathParam("appName") String appName);
+ @Path("{clientId}")
+ public ClientResource get(@PathParam("clientId") String clientId);
@POST
@Consumes(MediaType.APPLICATION_JSON)
@@ -26,7 +25,7 @@ public interface ClientsResource {
@GET
@Produces(MediaType.APPLICATION_JSON)
- public List<ApplicationRepresentation> findAll();
+ public List<ClientRepresentation> findAll();
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
index 8cd1d90..4045ecf 100644
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
@@ -23,7 +23,7 @@ public interface RealmResource {
@Consumes(MediaType.APPLICATION_JSON)
public void update(RealmRepresentation realmRepresentation);
- @Path("applications")
+ @Path("clients")
public ClientsResource clients();
@Path("users")
diff --git a/model/api/src/main/java/org/keycloak/models/AdminRoles.java b/model/api/src/main/java/org/keycloak/models/AdminRoles.java
index 73a93c3..c067a1d 100755
--- a/model/api/src/main/java/org/keycloak/models/AdminRoles.java
+++ b/model/api/src/main/java/org/keycloak/models/AdminRoles.java
@@ -9,7 +9,7 @@ public class AdminRoles {
public static String ADMIN = "admin";
- // for admin application local to each realm
+ // for admin client local to each realm
public static String REALM_ADMIN = "realm-admin";
public static String CREATE_REALM = "create-realm";
diff --git a/model/api/src/main/java/org/keycloak/models/ClientModel.java b/model/api/src/main/java/org/keycloak/models/ClientModel.java
index ad0c51e..026e35e 100755
--- a/model/api/src/main/java/org/keycloak/models/ClientModel.java
+++ b/model/api/src/main/java/org/keycloak/models/ClientModel.java
@@ -16,7 +16,7 @@ public interface ClientModel extends RoleContainerModel {
String PUBLIC_KEY = "publicKey";
String X509CERTIFICATE = "X509Certificate";
- void updateApplication();
+ void updateClient();
String getId();
@@ -62,7 +62,7 @@ public interface ClientModel extends RoleContainerModel {
void updateDefaultRoles(String[] defaultRoles);
- Set<RoleModel> getApplicationScopeMappings(ClientModel client);
+ Set<RoleModel> getClientScopeMappings(ClientModel client);
boolean isBearerOnly();
void setBearerOnly(boolean only);
diff --git a/model/api/src/main/java/org/keycloak/models/Constants.java b/model/api/src/main/java/org/keycloak/models/Constants.java
index 7374d7b..edba3e3 100755
--- a/model/api/src/main/java/org/keycloak/models/Constants.java
+++ b/model/api/src/main/java/org/keycloak/models/Constants.java
@@ -5,9 +5,9 @@ package org.keycloak.models;
* @version $Revision: 1 $
*/
public interface Constants {
- String ADMIN_CONSOLE_APPLICATION = "security-admin-console";
+ String ADMIN_CONSOLE_CLIENT_ID = "security-admin-console";
- String ACCOUNT_MANAGEMENT_APP = "account";
+ String ACCOUNT_MANAGEMENT_CLIENT_ID = "account";
String INSTALLED_APP_URN = "urn:ietf:wg:oauth:2.0:oob";
String INSTALLED_APP_URL = "http://localhost";
diff --git a/model/api/src/main/java/org/keycloak/models/RealmModel.java b/model/api/src/main/java/org/keycloak/models/RealmModel.java
index 0272500..17c88ea 100755
--- a/model/api/src/main/java/org/keycloak/models/RealmModel.java
+++ b/model/api/src/main/java/org/keycloak/models/RealmModel.java
@@ -232,9 +232,9 @@ public interface RealmModel extends RoleContainerModel {
void setEnabledEventTypes(Set<String> enabledEventTypes);
- ClientModel getMasterAdminApp();
+ ClientModel getMasterAdminClient();
- void setMasterAdminApp(ClientModel app);
+ void setMasterAdminClient(ClientModel client);
boolean isIdentityFederationEnabled();
diff --git a/model/api/src/main/java/org/keycloak/models/UserModel.java b/model/api/src/main/java/org/keycloak/models/UserModel.java
index 9055e7c..770cf03 100755
--- a/model/api/src/main/java/org/keycloak/models/UserModel.java
+++ b/model/api/src/main/java/org/keycloak/models/UserModel.java
@@ -66,7 +66,7 @@ public interface UserModel {
void updateCredentialDirectly(UserCredentialValueModel cred);
Set<RoleModel> getRealmRoleMappings();
- Set<RoleModel> getApplicationRoleMappings(ClientModel app);
+ Set<RoleModel> getClientRoleMappings(ClientModel app);
boolean hasRole(RoleModel role);
void grantRole(RoleModel role);
Set<RoleModel> getRoleMappings();
diff --git a/model/api/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java b/model/api/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
index bd03cac..8ee918b 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
@@ -245,7 +245,7 @@ public final class KeycloakModelUtils {
}
}
- public static String getMasterRealmAdminApplicationName(RealmModel realm) {
+ public static String getMasterRealmAdminApplicationClientId(RealmModel realm) {
return realm.getName() + "-realm";
}
}
diff --git a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
index f9e3556..dc1124a 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -26,6 +26,7 @@ import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
+import org.keycloak.util.Time;
import java.util.ArrayList;
import java.util.HashMap;
@@ -207,13 +208,13 @@ public class ModelToRepresentation {
public static UserSessionRepresentation toRepresentation(UserSessionModel session) {
UserSessionRepresentation rep = new UserSessionRepresentation();
rep.setId(session.getId());
- rep.setStart(((long)session.getStarted()) * 1000L);
- rep.setLastAccess(((long)session.getLastSessionRefresh())* 1000L);
+ rep.setStart(Time.toMillis(session.getStarted()));
+ rep.setLastAccess(Time.toMillis(session.getLastSessionRefresh()));
rep.setUser(session.getUser().getUsername());
rep.setIpAddress(session.getIpAddress());
for (ClientSessionModel clientSession : session.getClientSessions()) {
ClientModel client = clientSession.getClient();
- rep.getApplications().put(client.getId(), client.getClientId());
+ rep.getClients().put(client.getId(), client.getClientId());
}
return rep;
}
diff --git a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
index cf8de18..f830ac1 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
@@ -139,15 +139,15 @@ public class RepresentationToModel {
createRole(newRealm, roleRep);
}
}
- if (rep.getRoles().getApplication() != null) {
- for (Map.Entry<String, List<RoleRepresentation>> entry : rep.getRoles().getApplication().entrySet()) {
- ClientModel app = newRealm.getClientByClientId(entry.getKey());
- if (app == null) {
+ if (rep.getRoles().getClient() != null) {
+ for (Map.Entry<String, List<RoleRepresentation>> entry : rep.getRoles().getClient().entrySet()) {
+ ClientModel client = newRealm.getClientByClientId(entry.getKey());
+ if (client == null) {
throw new RuntimeException("App doesn't exist in role definitions: " + entry.getKey());
}
for (RoleRepresentation roleRep : entry.getValue()) {
// Application role may already exists (for example if it is defaultRole)
- RoleModel role = roleRep.getId()!=null ? app.addRole(roleRep.getId(), roleRep.getName()) : app.addRole(roleRep.getName());
+ RoleModel role = roleRep.getId()!=null ? client.addRole(roleRep.getId(), roleRep.getName()) : client.addRole(roleRep.getName());
role.setDescription(roleRep.getDescription());
}
}
@@ -159,14 +159,14 @@ public class RepresentationToModel {
addComposites(role, roleRep, newRealm);
}
}
- if (rep.getRoles().getApplication() != null) {
- for (Map.Entry<String, List<RoleRepresentation>> entry : rep.getRoles().getApplication().entrySet()) {
- ClientModel app = newRealm.getClientByClientId(entry.getKey());
- if (app == null) {
+ if (rep.getRoles().getClient() != null) {
+ for (Map.Entry<String, List<RoleRepresentation>> entry : rep.getRoles().getClient().entrySet()) {
+ ClientModel client = newRealm.getClientByClientId(entry.getKey());
+ if (client == null) {
throw new RuntimeException("App doesn't exist in role definitions: " + entry.getKey());
}
for (RoleRepresentation roleRep : entry.getValue()) {
- RoleModel role = app.getRole(roleRep.getName());
+ RoleModel role = client.getRole(roleRep.getName());
addComposites(role, roleRep, newRealm);
}
}
@@ -193,9 +193,9 @@ public class RepresentationToModel {
Map<String, ClientModel> appMap = newRealm.getClientNameMap();
- if (rep.getApplicationScopeMappings() != null) {
+ if (rep.getClientScopeMappings() != null) {
- for (Map.Entry<String, List<ScopeMappingRepresentation>> entry : rep.getApplicationScopeMappings().entrySet()) {
+ for (Map.Entry<String, List<ScopeMappingRepresentation>> entry : rep.getClientScopeMappings().entrySet()) {
ClientModel app = appMap.get(entry.getKey());
if (app == null) {
throw new RuntimeException("Unable to find client role mappings for client: " + entry.getKey());
@@ -285,10 +285,6 @@ public class RepresentationToModel {
rep.setIdentityProviders(identityProviders);
}
}
-
- rep.setSocial(null);
- rep.setSocialProviders(null);
- rep.setUpdateProfileOnInitialSocialLogin(false);
}
private static void convertDeprecatedSocialProviders(UserRepresentation user) {
@@ -341,8 +337,40 @@ public class RepresentationToModel {
realm.getClients().add(app);
}
+ }
+
+ if (realm.getApplicationScopeMappings() != null && realm.getClientScopeMappings() == null) {
+ realm.setClientScopeMappings(realm.getApplicationScopeMappings());
+ }
+
+ if (realm.getRoles() != null && realm.getRoles().getApplication() != null && realm.getRoles().getClient() == null) {
+ realm.getRoles().setClient(realm.getRoles().getApplication());
+ }
+
+ if (realm.getUsers() != null) {
+ for (UserRepresentation user : realm.getUsers()) {
+ if (user.getApplicationRoles() != null && user.getClientRoles() == null) {
+ user.setClientRoles(user.getApplicationRoles());
+ }
+ }
+ }
+
+ if (realm.getRoles() != null && realm.getRoles().getRealm() != null) {
+ for (RoleRepresentation role : realm.getRoles().getRealm()) {
+ if (role.getComposites() != null && role.getComposites().getApplication() != null && role.getComposites().getClient() == null) {
+ role.getComposites().setClient(role.getComposites().getApplication());
+ }
+ }
+ }
- realm.setApplications(null);
+ if (realm.getRoles() != null && realm.getRoles().getClient() != null) {
+ for (Map.Entry<String, List<RoleRepresentation>> clientRoles : realm.getRoles().getClient().entrySet()) {
+ for (RoleRepresentation role : clientRoles.getValue()) {
+ if (role.getComposites() != null && role.getComposites().getApplication() != null && role.getComposites().getClient() == null) {
+ role.getComposites().setClient(role.getComposites().getApplication());
+ }
+ }
+ }
}
}
@@ -453,25 +481,24 @@ public class RepresentationToModel {
role.addCompositeRole(realmRole);
}
}
- if (roleRep.getComposites().getApplication() != null) {
- for (Map.Entry<String, List<String>> entry : roleRep.getComposites().getApplication().entrySet()) {
- ClientModel app = realm.getClientByClientId(entry.getKey());
- if (app == null) {
+ if (roleRep.getComposites().getClient() != null) {
+ for (Map.Entry<String, List<String>> entry : roleRep.getComposites().getClient().entrySet()) {
+ ClientModel client = realm.getClientByClientId(entry.getKey());
+ if (client == null) {
throw new RuntimeException("App doesn't exist in role definitions: " + roleRep.getName());
}
for (String roleStr : entry.getValue()) {
- RoleModel appRole = app.getRole(roleStr);
- if (appRole == null) throw new RuntimeException("Unable to find composite app role: " + roleStr);
- role.addCompositeRole(appRole);
+ RoleModel clientRole = client.getRole(roleStr);
+ if (clientRole == null) throw new RuntimeException("Unable to find composite client role: " + roleStr);
+ role.addCompositeRole(clientRole);
}
-
}
}
}
- // APPLICATIONS
+ // CLIENTS
private static Map<String, ClientModel> createClients(KeycloakSession session, RealmRepresentation rep, RealmModel realm) {
Map<String, ClientModel> appMap = new HashMap<String, ClientModel>();
@@ -490,7 +517,7 @@ public class RepresentationToModel {
* @return
*/
public static ClientModel createClient(KeycloakSession session, RealmModel realm, ClientRepresentation resourceRep, boolean addDefaultRoles) {
- logger.debug("************ CREATE APPLICATION: {0}" + resourceRep.getClientId());
+ logger.debug("Create client: {0}" + resourceRep.getClientId());
ClientModel client = resourceRep.getId()!=null ? realm.addClient(resourceRep.getId(), resourceRep.getClientId()) : realm.addClient(resourceRep.getClientId());
if (resourceRep.isEnabled() != null) client.setEnabled(resourceRep.isEnabled());
@@ -506,14 +533,14 @@ public class RepresentationToModel {
if (resourceRep.isFullScopeAllowed() != null) {
client.setFullScopeAllowed(resourceRep.isFullScopeAllowed());
} else {
- client.setFullScopeAllowed(true);
+ client.setFullScopeAllowed(!client.isConsentRequired());
}
if (resourceRep.getNodeReRegistrationTimeout() != null) {
client.setNodeReRegistrationTimeout(resourceRep.getNodeReRegistrationTimeout());
} else {
client.setNodeReRegistrationTimeout(-1);
}
- client.updateApplication();
+ client.updateClient();
if (resourceRep.getNotBefore() != null) {
client.setNotBefore(resourceRep.getNotBefore());
@@ -538,7 +565,7 @@ public class RepresentationToModel {
}
if (resourceRep.getWebOrigins() != null) {
for (String webOrigin : resourceRep.getWebOrigins()) {
- logger.debugv("Application: {0} webOrigin: {1}", resourceRep.getClientId(), webOrigin);
+ logger.debugv("Client: {0} webOrigin: {1}", resourceRep.getClientId(), webOrigin);
client.addWebOrigin(webOrigin);
}
} else {
@@ -553,7 +580,7 @@ public class RepresentationToModel {
if (uri.getPort() != -1) {
origin += ":" + uri.getPort();
}
- logger.debugv("adding default application origin: {0}" , origin);
+ logger.debugv("adding default client origin: {0}" , origin);
origins.add(origin);
}
}
@@ -600,7 +627,7 @@ public class RepresentationToModel {
if (rep.getBaseUrl() != null) resource.setBaseUrl(rep.getBaseUrl());
if (rep.isSurrogateAuthRequired() != null) resource.setSurrogateAuthRequired(rep.isSurrogateAuthRequired());
if (rep.getNodeReRegistrationTimeout() != null) resource.setNodeReRegistrationTimeout(rep.getNodeReRegistrationTimeout());
- resource.updateApplication();
+ resource.updateClient();
if (rep.getProtocol() != null) resource.setProtocol(rep.getProtocol());
if (rep.getAttributes() != null) {
@@ -698,7 +725,7 @@ public class RepresentationToModel {
for (ScopeMappingRepresentation mapping : mappings) {
ClientModel client = realm.getClientByClientId(mapping.getClient());
if (client == null) {
- throw new RuntimeException("Unknown client specified in application scope mappings");
+ throw new RuntimeException("Unknown client specified in client scope mappings");
}
for (String roleString : mapping.getRoles()) {
RoleModel role = clientModel.getRole(roleString.trim());
@@ -753,8 +780,8 @@ public class RepresentationToModel {
user.grantRole(role);
}
}
- if (userRep.getApplicationRoles() != null) {
- for (Map.Entry<String, List<String>> entry : userRep.getApplicationRoles().entrySet()) {
+ if (userRep.getClientRoles() != null) {
+ for (Map.Entry<String, List<String>> entry : userRep.getClientRoles().entrySet()) {
ClientModel client = clientMap.get(entry.getKey());
if (client == null) {
throw new RuntimeException("Unable to find client role mappings for client: " + entry.getKey());
@@ -794,15 +821,15 @@ public class RepresentationToModel {
// Role mappings
- public static void createClientRoleMappings(ClientModel applicationModel, UserModel user, List<String> roleNames) {
+ public static void createClientRoleMappings(ClientModel clientModel, UserModel user, List<String> roleNames) {
if (user == null) {
throw new RuntimeException("User not found");
}
for (String roleName : roleNames) {
- RoleModel role = applicationModel.getRole(roleName.trim());
+ RoleModel role = clientModel.getRole(roleName.trim());
if (role == null) {
- role = applicationModel.addRole(roleName.trim());
+ role = clientModel.addRole(roleName.trim());
}
user.grantRole(role);
diff --git a/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java b/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java
index 40665e3..0e84ca9 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java
@@ -152,8 +152,8 @@ public class UserModelDelegate implements UserModel {
}
@Override
- public Set<RoleModel> getApplicationRoleMappings(ClientModel app) {
- return delegate.getApplicationRoleMappings(app);
+ public Set<RoleModel> getClientRoleMappings(ClientModel app) {
+ return delegate.getClientRoleMappings(app);
}
@Override
diff --git a/model/file/src/main/java/org/keycloak/models/file/adapter/ClientAdapter.java b/model/file/src/main/java/org/keycloak/models/file/adapter/ClientAdapter.java
index 85d9efc..18cc9c8 100755
--- a/model/file/src/main/java/org/keycloak/models/file/adapter/ClientAdapter.java
+++ b/model/file/src/main/java/org/keycloak/models/file/adapter/ClientAdapter.java
@@ -62,7 +62,7 @@ public class ClientAdapter implements ClientModel {
}
@Override
- public void updateApplication() {
+ public void updateClient() {
}
@Override
@@ -565,7 +565,7 @@ public class ClientAdapter implements ClientModel {
}
@Override
- public Set<RoleModel> getApplicationScopeMappings(ClientModel client) {
+ public Set<RoleModel> getClientScopeMappings(ClientModel client) {
Set<RoleModel> allScopes = client.getScopeMappings();
Set<RoleModel> appRoles = new HashSet<RoleModel>();
diff --git a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
index 57e1620..31b4bfc 100755
--- a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
+++ b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
@@ -959,22 +959,22 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public ClientModel getMasterAdminApp() {
+ public ClientModel getMasterAdminClient() {
return this.masterAdminApp;
}
@Override
- public void setMasterAdminApp(ClientModel app) {
- if (app == null) {
+ public void setMasterAdminClient(ClientModel client) {
+ if (client == null) {
realm.setAdminAppId(null);
this.masterAdminApp = null;
} else {
- String appId = app.getId();
+ String appId = client.getId();
if (appId == null) {
throw new IllegalStateException("Master Admin app not initialized.");
}
realm.setAdminAppId(appId);
- this.masterAdminApp = app;
+ this.masterAdminApp = client;
}
}
diff --git a/model/file/src/main/java/org/keycloak/models/file/adapter/UserAdapter.java b/model/file/src/main/java/org/keycloak/models/file/adapter/UserAdapter.java
index 00b6af8..e9ba84a 100755
--- a/model/file/src/main/java/org/keycloak/models/file/adapter/UserAdapter.java
+++ b/model/file/src/main/java/org/keycloak/models/file/adapter/UserAdapter.java
@@ -325,7 +325,7 @@ public class UserAdapter implements UserModel, Comparable {
}
@Override
- public Set<RoleModel> getApplicationRoleMappings(ClientModel app) {
+ public Set<RoleModel> getClientRoleMappings(ClientModel app) {
Set<RoleModel> result = new HashSet<RoleModel>();
for (RoleModel role : allRoles) {
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/ClientAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/ClientAdapter.java
index 0dc490d..5330fbc 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/ClientAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/ClientAdapter.java
@@ -42,8 +42,8 @@ public class ClientAdapter implements ClientModel {
}
@Override
- public void updateApplication() {
- if (updated != null) updated.updateApplication();
+ public void updateClient() {
+ if (updated != null) updated.updateClient();
}
@Override
@@ -377,7 +377,7 @@ public class ClientAdapter implements ClientModel {
}
@Override
- public Set<RoleModel> getApplicationScopeMappings(ClientModel client) {
+ public Set<RoleModel> getClientScopeMappings(ClientModel client) {
Set<RoleModel> roleMappings = client.getScopeMappings();
Set<RoleModel> appRoles = new HashSet<RoleModel>();
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
index baafe43..d302c48 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
@@ -155,7 +155,7 @@ public class CachedRealm {
eventsListeners.addAll(model.getEventsListeners());
enabledEventTypes.addAll(model.getEnabledEventTypes());
defaultRoles.addAll(model.getDefaultRoles());
- masterAdminApp = model.getMasterAdminApp().getId();
+ masterAdminApp = model.getMasterAdminClient().getId();
for (RoleModel role : model.getRoles()) {
realmRoles.put(role.getName(), role.getId());
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
index 1e51a0c..f2532af 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
@@ -11,7 +11,6 @@ import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.cache.entities.CachedRealm;
-import org.keycloak.models.entities.IdentityProviderMapperEntity;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.security.Key;
@@ -752,14 +751,14 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public ClientModel getMasterAdminApp() {
+ public ClientModel getMasterAdminClient() {
return cacheSession.getRealm(Config.getAdminRealm()).getClientById(cached.getMasterAdminApp());
}
@Override
- public void setMasterAdminApp(ClientModel app) {
+ public void setMasterAdminClient(ClientModel client) {
getDelegateForUpdate();
- updated.setMasterAdminApp(app);
+ updated.setMasterAdminClient(client);
}
@Override
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java
index e659837..2087fc2 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java
@@ -219,8 +219,8 @@ public class UserAdapter implements UserModel {
}
@Override
- public Set<RoleModel> getApplicationRoleMappings(ClientModel app) {
- if (updated != null) return updated.getApplicationRoleMappings(app);
+ public Set<RoleModel> getClientRoleMappings(ClientModel app) {
+ if (updated != null) return updated.getClientRoleMappings(app);
Set<RoleModel> roleMappings = getRoleMappings();
Set<RoleModel> appMappings = new HashSet<RoleModel>();
for (RoleModel role : roleMappings) {
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
index 0bf53ef..b04a92c 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
@@ -469,7 +469,7 @@ public class ClientAdapter implements ClientModel {
}
@Override
- public void updateApplication() {
+ public void updateClient() {
em.flush();
}
@@ -625,7 +625,7 @@ public class ClientAdapter implements ClientModel {
}
@Override
- public Set<RoleModel> getApplicationScopeMappings(ClientModel client) {
+ public Set<RoleModel> getClientScopeMappings(ClientModel client) {
Set<RoleModel> roleMappings = client.getScopeMappings();
Set<RoleModel> appRoles = new HashSet<RoleModel>();
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index 2df2bf2..4370165 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -1065,13 +1065,13 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public ClientModel getMasterAdminApp() {
+ public ClientModel getMasterAdminClient() {
return new ClientAdapter(this, em, session, realm.getMasterAdminApp());
}
@Override
- public void setMasterAdminApp(ClientModel app) {
- ClientEntity appEntity = app!=null ? em.getReference(ClientEntity.class, app.getId()) : null;
+ public void setMasterAdminClient(ClientModel client) {
+ ClientEntity appEntity = client !=null ? em.getReference(ClientEntity.class, client.getId()) : null;
realm.setMasterAdminApp(appEntity);
em.flush();
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java
index c0263ed..a51d0de 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java
@@ -363,7 +363,7 @@ public class UserAdapter implements UserModel {
}
@Override
- public Set<RoleModel> getApplicationRoleMappings(ClientModel app) {
+ public Set<RoleModel> getClientRoleMappings(ClientModel app) {
Set<RoleModel> roleMappings = getRoleMappings();
Set<RoleModel> roles = new HashSet<RoleModel>();
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
index 0867ce1..803cedf 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
@@ -46,7 +46,7 @@ public class ClientAdapter extends AbstractMongoAdapter<MongoClientEntity> imple
}
@Override
- public void updateApplication() {
+ public void updateClient() {
updateMongoEntity();
}
@@ -575,7 +575,7 @@ public class ClientAdapter extends AbstractMongoAdapter<MongoClientEntity> imple
}
@Override
- public Set<RoleModel> getApplicationScopeMappings(ClientModel client) {
+ public Set<RoleModel> getClientScopeMappings(ClientModel client) {
Set<RoleModel> result = new HashSet<RoleModel>();
List<MongoRoleEntity> roles = MongoModelUtils.getAllScopesOfClient(client, invocationContext);
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
index 64b5c41..d7a534a 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@@ -978,14 +978,14 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
}
@Override
- public ClientModel getMasterAdminApp() {
+ public ClientModel getMasterAdminClient() {
MongoClientEntity appData = getMongoStore().loadEntity(MongoClientEntity.class, realm.getAdminAppId(), invocationContext);
return appData != null ? new ClientAdapter(session, this, appData, invocationContext) : null;
}
@Override
- public void setMasterAdminApp(ClientModel app) {
- String adminAppId = app != null ? app.getId() : null;
+ public void setMasterAdminClient(ClientModel client) {
+ String adminAppId = client != null ? client.getId() : null;
realm.setAdminAppId(adminAppId);
updateRealm();
}
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
index 6e7994a..874f7d8 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
@@ -316,7 +316,7 @@ public class UserAdapter extends AbstractMongoAdapter<MongoUserEntity> implement
}
@Override
- public Set<RoleModel> getApplicationRoleMappings(ClientModel app) {
+ public Set<RoleModel> getClientRoleMappings(ClientModel app) {
Set<RoleModel> result = new HashSet<RoleModel>();
List<MongoRoleEntity> roles = MongoModelUtils.getAllRolesOfUser(this, invocationContext);
diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporter.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporter.java
index 32f0990..1ad72bf 100755
--- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporter.java
+++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporter.java
@@ -1,6 +1,6 @@
package org.keycloak.protocol.saml;
-import org.keycloak.exportimport.ApplicationImporter;
+import org.keycloak.exportimport.ClientImporter;
import org.keycloak.models.RealmModel;
import org.keycloak.services.resources.admin.RealmAuth;
@@ -8,7 +8,7 @@ import org.keycloak.services.resources.admin.RealmAuth;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class EntityDescriptorImporter implements ApplicationImporter {
+public class EntityDescriptorImporter implements ClientImporter {
@Override
public Object createJaxrsService(RealmModel realm, RealmAuth auth) {
return new EntityDescriptorImporterService(realm, auth);
diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterFactory.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterFactory.java
index 51644d9..14af685 100755
--- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterFactory.java
+++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterFactory.java
@@ -1,8 +1,8 @@
package org.keycloak.protocol.saml;
import org.keycloak.Config;
-import org.keycloak.exportimport.ApplicationImporter;
-import org.keycloak.exportimport.ApplicationImporterFactory;
+import org.keycloak.exportimport.ClientImporter;
+import org.keycloak.exportimport.ClientImporterFactory;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
@@ -10,14 +10,14 @@ import org.keycloak.models.KeycloakSessionFactory;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class EntityDescriptorImporterFactory implements ApplicationImporterFactory {
+public class EntityDescriptorImporterFactory implements ClientImporterFactory {
@Override
public String getDisplayName() {
return "SAML 2.0 Entity Descriptor";
}
@Override
- public ApplicationImporter create(KeycloakSession session) {
+ public ClientImporter create(KeycloakSession session) {
return new EntityDescriptorImporter();
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
index 582de38..5bab0e0 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
@@ -145,9 +145,9 @@ public class LogoutEndpoint {
* authenticate the client if it is not public.
*
* If the client is a confidential client
- * you must include the client-id (application name or oauth client name) and secret in an Basic Auth Authorization header.
+ * you must include the client-id and secret in an Basic Auth Authorization header.
*
- * If the client is a public client, then you must include a "client_id" form parameter with the app's or oauth client's name.
+ * If the client is a public client, then you must include a "client_id" form parameter.
*
* returns 204 if successful, 400 if not with a json error response.
*
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
index 331dbec..60b1b98 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
@@ -231,15 +231,15 @@ public class TokenEndpoint {
throw new ErrorResponseException("invalid_grant", "Session not active", Response.Status.BAD_REQUEST);
}
- String adapterSessionId = formParams.getFirst(AdapterConstants.APPLICATION_SESSION_STATE);
+ String adapterSessionId = formParams.getFirst(AdapterConstants.CLIENT_SESSION_STATE);
if (adapterSessionId != null) {
- String adapterSessionHost = formParams.getFirst(AdapterConstants.APPLICATION_SESSION_HOST);
+ String adapterSessionHost = formParams.getFirst(AdapterConstants.CLIENT_SESSION_HOST);
logger.debugf("Adapter Session '%s' saved in ClientSession for client '%s'. Host is '%s'", adapterSessionId, client.getClientId(), adapterSessionHost);
- event.detail(AdapterConstants.APPLICATION_SESSION_STATE, adapterSessionId);
- clientSession.setNote(AdapterConstants.APPLICATION_SESSION_STATE, adapterSessionId);
- event.detail(AdapterConstants.APPLICATION_SESSION_HOST, adapterSessionHost);
- clientSession.setNote(AdapterConstants.APPLICATION_SESSION_HOST, adapterSessionHost);
+ event.detail(AdapterConstants.CLIENT_SESSION_STATE, adapterSessionId);
+ clientSession.setNote(AdapterConstants.CLIENT_SESSION_STATE, adapterSessionId);
+ event.detail(AdapterConstants.CLIENT_SESSION_HOST, adapterSessionHost);
+ clientSession.setNote(AdapterConstants.CLIENT_SESSION_HOST, adapterSessionHost);
}
AccessToken token = tokenManager.createClientAccessToken(session, accessCode.getRequestedRoles(), realm, client, user, userSession, clientSession);
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ValidateTokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ValidateTokenEndpoint.java
index 31499d1..249aa30 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ValidateTokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ValidateTokenEndpoint.java
@@ -88,7 +88,7 @@ public class ValidateTokenEndpoint {
error.put(OAuth2Constants.ERROR, e.getError());
if (e.getDescription() != null) error.put(OAuth2Constants.ERROR_DESCRIPTION, e.getDescription());
event.error(Errors.INVALID_TOKEN);
- return Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build();
+ return Response.status(Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build();
}
event.success();
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/HardcodedRole.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/HardcodedRole.java
index 088389f..4bed115 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/HardcodedRole.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/HardcodedRole.java
@@ -30,7 +30,7 @@ public class HardcodedRole extends AbstractOIDCProtocolMapper implements OIDCAcc
property = new ConfigProperty();
property.setName(ROLE_CONFIG);
property.setLabel("Role");
- property.setHelpText("Role you want added to the token. To specify an application role the syntax is appname.approle, i.e. myapp.myrole");
+ property.setHelpText("Role you want added to the token. To specify a client role the syntax is clientId.clientRole, i.e. myapp.myrole");
property.setType(ConfigProperty.STRING_TYPE);
configProperties.add(property);
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/RoleNameMapper.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/RoleNameMapper.java
index 1e5784c..14c68d6 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/RoleNameMapper.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/RoleNameMapper.java
@@ -33,7 +33,7 @@ public class RoleNameMapper extends AbstractOIDCProtocolMapper implements OIDCAc
property = new ConfigProperty();
property.setName(ROLE_CONFIG);
property.setLabel("Role");
- property.setHelpText("Role name you want changed. To reference an application role the syntax is appname.approle, i.e. myapp.myrole");
+ property.setHelpText("Role name you want changed. To reference an client role the syntax is clientId.clientRole, i.e. myapp.myrole");
property.setType(ConfigProperty.STRING_TYPE);
configProperties.add(property);
property = new ConfigProperty();
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java b/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
index 6a27c55..8d9ab8c 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
@@ -260,12 +260,12 @@ public class TokenManager {
for (Map.Entry<String, AccessToken.Access> entry : token.getResourceAccess().entrySet()) {
AccessToken.Access appAccess = newToken.getResourceAccess(entry.getKey());
if (appAccess == null && !entry.getValue().getRoles().isEmpty()) {
- throw new OAuthErrorException(OAuthErrorException.INVALID_SCOPE, "User or application no longer has role permissions for application key: " + entry.getKey());
+ throw new OAuthErrorException(OAuthErrorException.INVALID_SCOPE, "User or client no longer has role permissions for client key: " + entry.getKey());
}
for (String roleName : entry.getValue().getRoles()) {
if (!appAccess.getRoles().contains(roleName)) {
- throw new OAuthErrorException(OAuthErrorException.INVALID_SCOPE, "User no long has permission for application role " + roleName);
+ throw new OAuthErrorException(OAuthErrorException.INVALID_SCOPE, "User no long has permission for client role " + roleName);
}
}
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/utils/AuthorizeClientUtil.java b/services/src/main/java/org/keycloak/protocol/oidc/utils/AuthorizeClientUtil.java
index 4b97c97..a8a9e2a 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/utils/AuthorizeClientUtil.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/utils/AuthorizeClientUtil.java
@@ -10,6 +10,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.util.BasicAuthHelper;
import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import java.util.HashMap;
@@ -39,7 +40,7 @@ public class AuthorizeClientUtil {
Map<String, String> error = new HashMap<String, String>();
error.put(OAuth2Constants.ERROR, "invalid_client");
error.put(OAuth2Constants.ERROR_DESCRIPTION, "Could not find client");
- throw new BadRequestException("Could not find client", Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
+ throw new BadRequestException("Could not find client", Response.status(Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build());
}
event.client(client_id);
@@ -50,7 +51,7 @@ public class AuthorizeClientUtil {
error.put(OAuth2Constants.ERROR, "invalid_client");
error.put(OAuth2Constants.ERROR_DESCRIPTION, "Could not find client");
event.error(Errors.CLIENT_NOT_FOUND);
- throw new BadRequestException("Could not find client", Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
+ throw new BadRequestException("Could not find client", Response.status(Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build());
}
if (!client.isEnabled()) {
@@ -58,7 +59,7 @@ public class AuthorizeClientUtil {
error.put(OAuth2Constants.ERROR, "invalid_client");
error.put(OAuth2Constants.ERROR_DESCRIPTION, "Client is not enabled");
event.error(Errors.CLIENT_DISABLED);
- throw new BadRequestException("Client is not enabled", Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
+ throw new BadRequestException("Client is not enabled", Response.status(Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build());
}
if (!client.isPublicClient()) {
@@ -66,7 +67,7 @@ public class AuthorizeClientUtil {
Map<String, String> error = new HashMap<String, String>();
error.put(OAuth2Constants.ERROR, "unauthorized_client");
event.error(Errors.INVALID_CLIENT_CREDENTIALS);
- throw new BadRequestException("Unauthorized Client", Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
+ throw new BadRequestException("Unauthorized Client", Response.status(Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build());
}
}
diff --git a/services/src/main/java/org/keycloak/services/ErrorResponseException.java b/services/src/main/java/org/keycloak/services/ErrorResponseException.java
index bf9f278..0dd3e13 100644
--- a/services/src/main/java/org/keycloak/services/ErrorResponseException.java
+++ b/services/src/main/java/org/keycloak/services/ErrorResponseException.java
@@ -6,6 +6,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.services.resources.flows.Flows;
import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.HashMap;
@@ -33,7 +34,7 @@ public class ErrorResponseException extends WebApplicationException {
if (errorDescription != null) {
e.put(OAuth2Constants.ERROR_DESCRIPTION, errorDescription);
}
- return Response.status(status).entity(e).type("application/json").build();
+ return Response.status(status).entity(e).type(MediaType.APPLICATION_JSON_TYPE).build();
}
}
diff --git a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
index 3caa713..8760ff0 100755
--- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
@@ -71,7 +71,7 @@ public class ApplianceBootstrap {
RoleModel adminRole = realm.getRole(AdminRoles.ADMIN);
adminUser.grantRole(adminRole);
- ClientModel accountApp = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
+ ClientModel accountApp = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
for (String r : accountApp.getDefaultRoles()) {
adminUser.grantRole(accountApp.getRole(r));
}
diff --git a/services/src/main/java/org/keycloak/services/managers/Auth.java b/services/src/main/java/org/keycloak/services/managers/Auth.java
index ecaf0d9..8d76e56 100755
--- a/services/src/main/java/org/keycloak/services/managers/Auth.java
+++ b/services/src/main/java/org/keycloak/services/managers/Auth.java
@@ -80,7 +80,7 @@ public class Auth {
return false;
}
- public boolean hasAppRole(ClientModel app, String role) {
+ public boolean hasClientRole(ClientModel app, String role) {
if (cookie) {
return user.hasRole(app.getRole(role));
} else {
@@ -91,7 +91,7 @@ public class Auth {
public boolean hasOneOfAppRole(ClientModel app, String... roles) {
for (String r : roles) {
- if (hasAppRole(app, r)) {
+ if (hasClientRole(app, r)) {
return true;
}
}
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 4a03c26..53b460a 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -18,7 +18,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.RepresentationToModel;
-import org.keycloak.representations.idm.ApplicationRepresentation;
+import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.timer.TimerProvider;
@@ -90,8 +90,8 @@ public class RealmManager {
}
protected void setupAdminConsole(RealmModel realm) {
- ClientModel adminConsole = realm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
- if (adminConsole == null) adminConsole = new ClientManager(this).createClient(realm, Constants.ADMIN_CONSOLE_APPLICATION);
+ ClientModel adminConsole = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
+ if (adminConsole == null) adminConsole = new ClientManager(this).createClient(realm, Constants.ADMIN_CONSOLE_CLIENT_ID);
String baseUrl = contextPath + "/admin/" + realm.getName() + "/console";
adminConsole.setBaseUrl(baseUrl + "/index.html");
adminConsole.setEnabled(true);
@@ -103,18 +103,18 @@ public class RealmManager {
if (realm.getName().equals(Config.getAdminRealm())) {
adminRole = realm.getRole(AdminRoles.ADMIN);
} else {
- String realmAdminApplicationName = getRealmAdminApplicationName(realm);
- ClientModel realmAdminApp = realm.getClientByClientId(realmAdminApplicationName);
+ String realmAdminApplicationClientId = getRealmAdminClientId(realm);
+ ClientModel realmAdminApp = realm.getClientByClientId(realmAdminApplicationClientId);
adminRole = realmAdminApp.getRole(AdminRoles.REALM_ADMIN);
}
adminConsole.addScopeMapping(adminRole);
}
- public String getRealmAdminApplicationName(RealmModel realm) {
+ public String getRealmAdminClientId(RealmModel realm) {
return "realm-management";
}
- public String getRealmAdminApplicationName(RealmRepresentation realm) {
+ public String getRealmAdminClientId(RealmRepresentation realm) {
return "realm-management";
}
@@ -139,7 +139,7 @@ public class RealmManager {
boolean removed = model.removeRealm(realm.getId());
if (removed) {
- new ClientManager(this).removeClient(getKeycloakAdminstrationRealm(), realm.getMasterAdminApp());
+ new ClientManager(this).removeClient(getKeycloakAdminstrationRealm(), realm.getMasterAdminClient());
UserSessionProvider sessions = session.sessions();
if (sessions != null) {
@@ -176,18 +176,18 @@ public class RealmManager {
ClientManager clientManager = new ClientManager(new RealmManager(session));
- String realmAdminApplicationName = getRealmAdminApplicationName(realm);
- ClientModel realmAdminApp = realm.getClientByClientId(realmAdminApplicationName);
- if (realmAdminApp == null) {
- realmAdminApp = clientManager.createClient(realm, realmAdminApplicationName);
+ String realmAdminClientId = getRealmAdminClientId(realm);
+ ClientModel realmAdminClient = realm.getClientByClientId(realmAdminClientId);
+ if (realmAdminClient == null) {
+ realmAdminClient = clientManager.createClient(realm, realmAdminClientId);
}
- RoleModel adminRole = realmAdminApp.addRole(AdminRoles.REALM_ADMIN);
- adminRole.setDescription("${role_"+AdminRoles.REALM_ADMIN+"}");
- realmAdminApp.setBearerOnly(true);
- realmAdminApp.setFullScopeAllowed(false);
+ RoleModel adminRole = realmAdminClient.addRole(AdminRoles.REALM_ADMIN);
+ adminRole.setDescription("${role_" + AdminRoles.REALM_ADMIN + "}");
+ realmAdminClient.setBearerOnly(true);
+ realmAdminClient.setFullScopeAllowed(false);
for (String r : AdminRoles.ALL_REALM_ROLES) {
- RoleModel role = realmAdminApp.addRole(r);
+ RoleModel role = realmAdminClient.addRole(r);
role.setDescription("${role_"+r+"}");
adminRole.addCompositeRole(role);
}
@@ -195,19 +195,19 @@ public class RealmManager {
private void setupAccountManagement(RealmModel realm) {
- ClientModel application = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
- if (application == null) {
- application = new ClientManager(this).createClient(realm, Constants.ACCOUNT_MANAGEMENT_APP);
- application.setEnabled(true);
- application.setFullScopeAllowed(false);
+ ClientModel client = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
+ if (client == null) {
+ client = new ClientManager(this).createClient(realm, Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
+ client.setEnabled(true);
+ client.setFullScopeAllowed(false);
String base = contextPath + "/realms/" + realm.getName() + "/account";
String redirectUri = base + "/*";
- application.addRedirectUri(redirectUri);
- application.setBaseUrl(base);
+ client.addRedirectUri(redirectUri);
+ client.setBaseUrl(base);
for (String role : AccountRoles.ALL) {
- application.addDefaultRole(role);
- application.getRole(role).setDescription("${role_"+role+"}");
+ client.addDefaultRole(role);
+ client.getRole(role).setDescription("${role_"+role+"}");
}
}
}
@@ -224,9 +224,9 @@ public class RealmManager {
setupRealmDefaults(realm);
setupMasterAdminManagement(realm);
- if (!hasRealmAdminManagementApp(rep)) setupRealmAdminManagement(realm);
- if (!hasAccountManagementApp(rep)) setupAccountManagement(realm);
- if (!hasAdminConsoleApp(rep)) setupAdminConsole(realm);
+ if (!hasRealmAdminManagementClient(rep)) setupRealmAdminManagement(realm);
+ if (!hasAccountManagementClient(rep)) setupAccountManagement(realm);
+ if (!hasAdminConsoleClient(rep)) setupAdminConsole(realm);
RepresentationToModel.importRealm(session, rep, realm);
@@ -239,30 +239,30 @@ public class RealmManager {
return realm;
}
- private boolean hasRealmAdminManagementApp(RealmRepresentation rep) {
- if (rep.getApplications() == null) return false;
- for (ApplicationRepresentation app : rep.getApplications()) {
- if (app.getName().equals(getRealmAdminApplicationName(rep))) {
+ private boolean hasRealmAdminManagementClient(RealmRepresentation rep) {
+ if (rep.getClients() == null) return false;
+ for (ClientRepresentation clientRep : rep.getClients()) {
+ if (clientRep.getClientId().equals(getRealmAdminClientId(rep))) {
return true;
}
}
return false;
}
- private boolean hasAccountManagementApp(RealmRepresentation rep) {
- if (rep.getApplications() == null) return false;
- for (ApplicationRepresentation app : rep.getApplications()) {
- if (app.getName().equals(Constants.ACCOUNT_MANAGEMENT_APP)) {
+ private boolean hasAccountManagementClient(RealmRepresentation rep) {
+ if (rep.getClients() == null) return false;
+ for (ClientRepresentation clientRep : rep.getClients()) {
+ if (clientRep.getClientId().equals(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID)) {
return true;
}
}
return false;
}
- private boolean hasAdminConsoleApp(RealmRepresentation rep) {
- if (rep.getApplications() == null) return false;
- for (ApplicationRepresentation app : rep.getApplications()) {
- if (app.getName().equals(Constants.ADMIN_CONSOLE_APPLICATION)) {
+ private boolean hasAdminConsoleClient(RealmRepresentation rep) {
+ if (rep.getClients() == null) return false;
+ for (ClientRepresentation clientRep : rep.getClients()) {
+ if (clientRep.getClientId().equals(Constants.ADMIN_CONSOLE_CLIENT_ID)) {
return true;
}
}
diff --git a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
index fa219d6..ac64cbc 100755
--- a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
@@ -42,7 +42,7 @@ import java.util.Set;
*/
public class ResourceAdminManager {
protected static Logger logger = Logger.getLogger(ResourceAdminManager.class);
- private static final String APPLICATION_SESSION_HOST_PROPERTY = "${application.session.host}";
+ private static final String CLIENT_SESSION_HOST_PROPERTY = "${application.session.host}";
public static ApacheHttpClient4Executor createExecutor() {
HttpClient client = new HttpClientBuilder()
@@ -57,13 +57,13 @@ public class ResourceAdminManager {
}
- public static String getManagementUrl(URI requestUri, ClientModel application) {
- String mgmtUrl = application.getManagementUrl();
+ public static String getManagementUrl(URI requestUri, ClientModel client) {
+ String mgmtUrl = client.getManagementUrl();
if (mgmtUrl == null || mgmtUrl.equals("")) {
return null;
}
- // this is to support relative admin urls when keycloak and applications are deployed on the same machine
+ // this is to support relative admin urls when keycloak and clients are deployed on the same machine
String absoluteURI = ResolveRelative.resolveRelativeUri(requestUri, mgmtUrl);
// this is for resolving URI like "http://${jboss.host.name}:8080/..." in order to send request to same machine and avoid request to LB in cluster environment
@@ -72,13 +72,13 @@ public class ResourceAdminManager {
// For non-cluster setup, return just single configured managementUrls
// For cluster setup, return the management Urls corresponding to all registered cluster nodes
- private List<String> getAllManagementUrls(URI requestUri, ClientModel application) {
- String baseMgmtUrl = getManagementUrl(requestUri, application);
+ private List<String> getAllManagementUrls(URI requestUri, ClientModel client) {
+ String baseMgmtUrl = getManagementUrl(requestUri, client);
if (baseMgmtUrl == null) {
return Collections.emptyList();
}
- Set<String> registeredNodesHosts = new ClientManager().validateRegisteredNodes(application);
+ Set<String> registeredNodesHosts = new ClientManager().validateRegisteredNodes(client);
// No-cluster setup
if (registeredNodesHosts.isEmpty()) {
@@ -128,7 +128,7 @@ public class ResourceAdminManager {
}
}
- public void logoutUserFromApplication(URI requestUri, RealmModel realm, ClientModel resource, UserModel user, KeycloakSession session) {
+ public void logoutUserFromClient(URI requestUri, RealmModel realm, ClientModel resource, UserModel user, KeycloakSession session) {
ApacheHttpClient4Executor executor = createExecutor();
try {
@@ -163,9 +163,9 @@ public class ResourceAdminManager {
if (clientSessions != null && clientSessions.size() > 0) {
adapterSessionIds = new MultivaluedHashMap<String, String>();
for (ClientSessionModel clientSession : clientSessions) {
- String adapterSessionId = clientSession.getNote(AdapterConstants.APPLICATION_SESSION_STATE);
+ String adapterSessionId = clientSession.getNote(AdapterConstants.CLIENT_SESSION_STATE);
if (adapterSessionId != null) {
- String host = clientSession.getNote(AdapterConstants.APPLICATION_SESSION_HOST);
+ String host = clientSession.getNote(AdapterConstants.CLIENT_SESSION_HOST);
adapterSessionIds.add(host, adapterSessionId);
}
if (clientSession.getUserSession() != null) userSessions.add(clientSession.getUserSession().getId());
@@ -177,13 +177,13 @@ public class ResourceAdminManager {
return false;
}
- if (managementUrl.contains(APPLICATION_SESSION_HOST_PROPERTY)) {
+ if (managementUrl.contains(CLIENT_SESSION_HOST_PROPERTY)) {
boolean allPassed = true;
// Send logout separately to each host (needed for single-sign-out in cluster for non-distributable apps - KEYCLOAK-748)
for (Map.Entry<String, List<String>> entry : adapterSessionIds.entrySet()) {
String host = entry.getKey();
List<String> sessionIds = entry.getValue();
- String currentHostMgmtUrl = managementUrl.replace(APPLICATION_SESSION_HOST_PROPERTY, host);
+ String currentHostMgmtUrl = managementUrl.replace(CLIENT_SESSION_HOST_PROPERTY, host);
allPassed = sendLogoutRequest(realm, resource, sessionIds, userSessions, client, 0, currentHostMgmtUrl) && allPassed;
}
@@ -215,7 +215,7 @@ public class ResourceAdminManager {
GlobalRequestResult finalResult = new GlobalRequestResult();
for (ClientModel resource : resources) {
- GlobalRequestResult currentResult = logoutApplication(requestUri, realm, resource, executor, realm.getNotBefore());
+ GlobalRequestResult currentResult = logoutClient(requestUri, realm, resource, executor, realm.getNotBefore());
finalResult.addAll(currentResult);
}
return finalResult;
@@ -224,25 +224,25 @@ public class ResourceAdminManager {
}
}
- public GlobalRequestResult logoutApplication(URI requestUri, RealmModel realm, ClientModel resource) {
+ public GlobalRequestResult logoutClient(URI requestUri, RealmModel realm, ClientModel resource) {
ApacheHttpClient4Executor executor = createExecutor();
try {
resource.setNotBefore(Time.currentTime());
- return logoutApplication(requestUri, realm, resource, executor, resource.getNotBefore());
+ return logoutClient(requestUri, realm, resource, executor, resource.getNotBefore());
} finally {
executor.getHttpClient().getConnectionManager().shutdown();
}
}
- protected GlobalRequestResult logoutApplication(URI requestUri, RealmModel realm, ClientModel resource, ApacheHttpClient4Executor executor, int notBefore) {
+ protected GlobalRequestResult logoutClient(URI requestUri, RealmModel realm, ClientModel resource, ApacheHttpClient4Executor executor, int notBefore) {
List<String> mgmtUrls = getAllManagementUrls(requestUri, resource);
if (mgmtUrls.isEmpty()) {
- logger.debug("No management URL or no registered cluster nodes for the application " + resource.getClientId());
+ logger.debug("No management URL or no registered cluster nodes for the client " + resource.getClientId());
return new GlobalRequestResult();
}
- if (logger.isDebugEnabled()) logger.debug("Send logoutApplication for URLs: " + mgmtUrls);
+ if (logger.isDebugEnabled()) logger.debug("Send logoutClient for URLs: " + mgmtUrls);
// Propagate this to all hosts
GlobalRequestResult result = new GlobalRequestResult();
@@ -265,7 +265,7 @@ public class ResourceAdminManager {
try {
response = request.body(MediaType.TEXT_PLAIN_TYPE, token).post();
} catch (Exception e) {
- logger.warn("Logout for application '" + resource.getClientId() + "' failed", e);
+ logger.warn("Logout for client '" + resource.getClientId() + "' failed", e);
return false;
}
try {
@@ -282,8 +282,8 @@ public class ResourceAdminManager {
try {
GlobalRequestResult finalResult = new GlobalRequestResult();
- for (ClientModel application : realm.getClients()) {
- GlobalRequestResult currentResult = pushRevocationPolicy(requestUri, realm, application, realm.getNotBefore(), executor);
+ for (ClientModel client : realm.getClients()) {
+ GlobalRequestResult currentResult = pushRevocationPolicy(requestUri, realm, client, realm.getNotBefore(), executor);
finalResult.addAll(currentResult);
}
return finalResult;
@@ -292,11 +292,11 @@ public class ResourceAdminManager {
}
}
- public GlobalRequestResult pushApplicationRevocationPolicy(URI requestUri, RealmModel realm, ClientModel application) {
+ public GlobalRequestResult pushClientRevocationPolicy(URI requestUri, RealmModel realm, ClientModel client) {
ApacheHttpClient4Executor executor = createExecutor();
try {
- return pushRevocationPolicy(requestUri, realm, application, application.getNotBefore(), executor);
+ return pushRevocationPolicy(requestUri, realm, client, client.getNotBefore(), executor);
} finally {
executor.getHttpClient().getConnectionManager().shutdown();
}
@@ -306,7 +306,7 @@ public class ResourceAdminManager {
protected GlobalRequestResult pushRevocationPolicy(URI requestUri, RealmModel realm, ClientModel resource, int notBefore, ApacheHttpClient4Executor executor) {
List<String> mgmtUrls = getAllManagementUrls(requestUri, resource);
if (mgmtUrls.isEmpty()) {
- logger.debugf("No management URL or no registered cluster nodes for the application %s", resource.getClientId());
+ logger.debugf("No management URL or no registered cluster nodes for the client %s", resource.getClientId());
return new GlobalRequestResult();
}
@@ -345,10 +345,10 @@ public class ResourceAdminManager {
}
}
- public GlobalRequestResult testNodesAvailability(URI requestUri, RealmModel realm, ClientModel application) {
- List<String> mgmtUrls = getAllManagementUrls(requestUri, application);
+ public GlobalRequestResult testNodesAvailability(URI requestUri, RealmModel realm, ClientModel client) {
+ List<String> mgmtUrls = getAllManagementUrls(requestUri, client);
if (mgmtUrls.isEmpty()) {
- logger.debug("No management URL or no registered cluster nodes for the application " + application.getClientId());
+ logger.debug("No management URL or no registered cluster nodes for the application " + client.getClientId());
return new GlobalRequestResult();
}
@@ -360,7 +360,7 @@ public class ResourceAdminManager {
// Propagate this to all hosts
GlobalRequestResult result = new GlobalRequestResult();
for (String mgmtUrl : mgmtUrls) {
- if (sendTestNodeAvailabilityRequest(realm, application, executor, mgmtUrl)) {
+ if (sendTestNodeAvailabilityRequest(realm, client, executor, mgmtUrl)) {
result.addSuccessRequest(mgmtUrl);
} else {
result.addFailedRequest(mgmtUrl);
@@ -372,11 +372,11 @@ public class ResourceAdminManager {
}
}
- protected boolean sendTestNodeAvailabilityRequest(RealmModel realm, ClientModel application, ApacheHttpClient4Executor client, String managementUrl) {
- TestAvailabilityAction adminAction = new TestAvailabilityAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, application.getClientId());
+ protected boolean sendTestNodeAvailabilityRequest(RealmModel realm, ClientModel client, ApacheHttpClient4Executor httpClient, String managementUrl) {
+ TestAvailabilityAction adminAction = new TestAvailabilityAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, client.getClientId());
String token = new TokenManager().encodeToken(realm, adminAction);
- logger.debugv("testNodes availability resource: {0} url: {1}", application.getClientId(), managementUrl);
- ClientRequest request = client.createRequest(UriBuilder.fromUri(managementUrl).path(AdapterConstants.K_TEST_AVAILABLE).build().toString());
+ logger.debugv("testNodes availability resource: {0} url: {1}", client.getClientId(), managementUrl);
+ ClientRequest request = httpClient.createRequest(UriBuilder.fromUri(managementUrl).path(AdapterConstants.K_TEST_AVAILABLE).build().toString());
ClientResponse response;
try {
response = request.body(MediaType.TEXT_PLAIN_TYPE, token).post();
diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java
index d3e979b..71fb570 100755
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@@ -131,16 +131,16 @@ public class AccountService {
private KeycloakSession session;
private final AppAuthManager authManager;
- private final ClientModel application;
+ private final ClientModel client;
private EventBuilder event;
private AccountProvider account;
private Auth auth;
private EventStoreProvider eventStore;
private String stateChecker;
- public AccountService(RealmModel realm, ClientModel application, EventBuilder event) {
+ public AccountService(RealmModel realm, ClientModel client, EventBuilder event) {
this.realm = realm;
- this.application = application;
+ this.client = client;
this.event = event;
this.authManager = new AppAuthManager();
}
@@ -152,11 +152,11 @@ public class AccountService {
AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(session, realm, uriInfo, clientConnection, headers);
if (authResult != null) {
- auth = new Auth(realm, authResult.getToken(), authResult.getUser(), application, authResult.getSession(), false);
+ auth = new Auth(realm, authResult.getToken(), authResult.getUser(), client, authResult.getSession(), false);
} else {
authResult = authManager.authenticateIdentityCookie(session, realm, uriInfo, clientConnection, headers);
if (authResult != null) {
- auth = new Auth(realm, authResult.getToken(), authResult.getUser(), application, authResult.getSession(), true);
+ auth = new Auth(realm, authResult.getToken(), authResult.getUser(), client, authResult.getSession(), true);
Cookie cookie = headers.getCookies().get(KEYCLOAK_STATE_CHECKER);
if (cookie != null) {
stateChecker = cookie.getValue();
@@ -193,14 +193,14 @@ public class AccountService {
if (userSession != null) {
boolean associated = false;
for (ClientSessionModel c : userSession.getClientSessions()) {
- if (c.getClient().equals(application)) {
+ if (c.getClient().equals(client)) {
auth.setClientSession(c);
associated = true;
break;
}
}
if (!associated) {
- ClientSessionModel clientSession = session.sessions().createClientSession(realm, application);
+ ClientSessionModel clientSession = session.sessions().createClientSession(realm, client);
clientSession.setUserSession(userSession);
auth.setClientSession(clientSession);
}
@@ -737,7 +737,7 @@ public class AccountService {
logger.debug("realm not enabled");
throw new ForbiddenException();
}
- if (!application.isEnabled()) {
+ if (!client.isEnabled()) {
logger.debug("account management app not enabled");
throw new ForbiddenException();
}
@@ -766,7 +766,7 @@ public class AccountService {
String authUrl = OIDCLoginProtocolService.authUrl(uriInfo).build(realm.getName()).toString();
oauth.setAuthUrl(authUrl);
- oauth.setClientId(Constants.ACCOUNT_MANAGEMENT_APP);
+ oauth.setClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
UriBuilder uriBuilder = Urls.accountPageBuilder(uriInfo.getBaseUri()).path(AccountService.class, "loginRedirect");
@@ -813,21 +813,21 @@ public class AccountService {
String referrerUri = uriInfo.getQueryParameters().getFirst("referrer_uri");
- ClientModel application = realm.getClientByClientId(referrer);
- if (application != null) {
+ ClientModel referrerClient = realm.getClientByClientId(referrer);
+ if (referrerClient != null) {
if (referrerUri != null) {
- referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, application);
+ referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient);
} else {
- referrerUri = ResolveRelative.resolveRelativeUri(uriInfo.getRequestUri(), application.getBaseUrl());
+ referrerUri = ResolveRelative.resolveRelativeUri(uriInfo.getRequestUri(), referrerClient.getBaseUrl());
}
if (referrerUri != null) {
return new String[]{referrer, referrerUri};
}
} else if (referrerUri != null) {
- ClientModel client = realm.getClientByClientId(referrer);
+ referrerClient = realm.getClientByClientId(referrer);
if (client != null) {
- referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, application);
+ referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient);
if (referrerUri != null) {
return new String[]{referrer, referrerUri};
@@ -843,7 +843,7 @@ public class AccountService {
throw new ForbiddenException();
}
- if (!auth.hasAppRole(application, role)) {
+ if (!auth.hasClientRole(client, role)) {
throw new ForbiddenException();
}
}
@@ -853,7 +853,7 @@ public class AccountService {
throw new ForbiddenException();
}
- if (!auth.hasOneOfAppRole(application, roles)) {
+ if (!auth.hasOneOfAppRole(client, roles)) {
throw new ForbiddenException();
}
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
index bfe70da..24d76b2 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
@@ -151,12 +151,12 @@ public class AdminConsole {
*/
@Path("config")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public ClientManager.InstallationAdapterConfig config() {
- ClientModel consoleApp = realm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
+ ClientModel consoleApp = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
if (consoleApp == null) {
- throw new NotFoundException("Could not find admin console application");
+ throw new NotFoundException("Could not find admin console client");
}
return new ClientManager().toInstallationRepresentation(realm, consoleApp, keycloak.getBaseUri(uriInfo));
@@ -170,7 +170,7 @@ public class AdminConsole {
*/
@Path("whoami")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public Response whoAmI(final @Context HttpHeaders headers) {
RealmManager realmManager = new RealmManager(session);
@@ -208,7 +208,7 @@ public class AdminConsole {
private void addRealmAccess(RealmModel realm, UserModel user, Map<String, Set<String>> realmAdminAccess) {
RealmManager realmManager = new RealmManager(session);
- ClientModel realmAdminApp = realm.getClientByClientId(realmManager.getRealmAdminApplicationName(realm));
+ ClientModel realmAdminApp = realm.getClientByClientId(realmManager.getRealmAdminClientId(realm));
Set<RoleModel> roles = realmAdminApp.getRoles();
for (RoleModel role : roles) {
if (!user.hasRole(role)) continue;
@@ -223,7 +223,7 @@ public class AdminConsole {
private void addMasterRealmAccess(RealmModel masterRealm, UserModel user, Map<String, Set<String>> realmAdminAccess) {
List<RealmModel> realms = session.realms().getRealms();
for (RealmModel realm : realms) {
- ClientModel realmAdminApp = realm.getMasterAdminApp();
+ ClientModel realmAdminApp = realm.getMasterAdminClient();
Set<RoleModel> roles = realmAdminApp.getRoles();
for (RoleModel role : roles) {
if (!user.hasRole(role)) continue;
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
index 8c68975..f0decf3 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
@@ -16,7 +16,6 @@ import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
-import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
@@ -49,7 +48,7 @@ import java.util.Map;
import java.util.Set;
/**
- * Base resource class for managing one particular application of a realm.
+ * Base resource class for managing one particular client of a realm.
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
@@ -88,7 +87,7 @@ public class ClientResource {
}
/**
- * Update the application.
+ * Update the client.
* @param rep
* @return
*/
@@ -107,7 +106,7 @@ public class ClientResource {
/**
- * Get representation of the application.
+ * Get representation of the client.
*
* @return
*/
@@ -132,7 +131,7 @@ public class ClientResource {
/**
- * Return keycloak.json file for this application to be used to configure the adapter of that application.
+ * Return keycloak.json file for this client to be used to configure the adapter of that client.
*
* @return
* @throws IOException
@@ -152,7 +151,7 @@ public class ClientResource {
}
/**
- * Return XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application.
+ * Return XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that client.
*
* @return
* @throws IOException
@@ -169,26 +168,26 @@ public class ClientResource {
}
/**
- * Delete this application.
+ * Delete this client.
*
*/
@DELETE
@NoCache
- public void deleteApplication() {
+ public void deleteClient() {
auth.requireManage();
new ClientManager(new RealmManager(session)).removeClient(realm, client);
}
/**
- * Generates a new secret for this application
+ * Generates a new secret for this client
*
* @return
*/
@Path("client-secret")
@POST
- @Produces("application/json")
- @Consumes("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
+ @Consumes(MediaType.APPLICATION_JSON)
public CredentialRepresentation regenerateSecret() {
auth.requireManage();
@@ -199,25 +198,25 @@ public class ClientResource {
}
/**
- * Get the secret of this application
+ * Get the secret of this client
*
* @return
*/
@Path("client-secret")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public CredentialRepresentation getClientSecret() {
auth.requireView();
logger.debug("getClientSecret");
UserCredentialModel model = UserCredentialModel.secret(client.getSecret());
- if (model == null) throw new NotFoundException("Application does not have a secret");
+ if (model == null) throw new NotFoundException("Client does not have a secret");
return ModelToRepresentation.toRepresentation(model);
}
/**
- * Base path for managing the scope mappings for this application
+ * Base path for managing the scope mappings for this client
*
* @return
*/
@@ -233,14 +232,14 @@ public class ClientResource {
/**
* Returns set of allowed origin. This is used for CORS requests. Access tokens will have
- * their allowedOrigins claim set to this value for tokens created for this application.
+ * their allowedOrigins claim set to this value for tokens created for this client.
*
* @return
*/
@Path("allowed-origins")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Set<String> getAllowedOrigins()
{
auth.requireView();
@@ -250,13 +249,13 @@ public class ClientResource {
/**
* Change the set of allowed origins. This is used for CORS requests. Access tokens will have
- * their allowedOrigins claim set to this value for tokens created for this application.
+ * their allowedOrigins claim set to this value for tokens created for this client.
*
* @param allowedOrigins
*/
@Path("allowed-origins")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void updateAllowedOrigins(Set<String> allowedOrigins)
{
auth.requireManage();
@@ -266,13 +265,13 @@ public class ClientResource {
/**
* Remove set of allowed origins from current allowed origins list. This is used for CORS requests. Access tokens will have
- * their allowedOrigins claim set to this value for tokens created for this application.
+ * their allowedOrigins claim set to this value for tokens created for this client.
*
* @param allowedOrigins
*/
@Path("allowed-origins")
@DELETE
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void deleteAllowedOrigins(Set<String> allowedOrigins)
{
auth.requireManage();
@@ -283,18 +282,18 @@ public class ClientResource {
}
/**
- * If the application has an admin URL, push the application's revocation policy to it.
+ * If the client has an admin URL, push the client's revocation policy to it.
*
*/
@Path("push-revocation")
@POST
public GlobalRequestResult pushRevocation() {
auth.requireManage();
- return new ResourceAdminManager().pushApplicationRevocationPolicy(uriInfo.getRequestUri(), realm, client);
+ return new ResourceAdminManager().pushClientRevocationPolicy(uriInfo.getRequestUri(), realm, client);
}
/**
- * Number of user sessions associated with this application
+ * Number of user sessions associated with this client
*
* {
* "count": number
@@ -314,7 +313,7 @@ public class ClientResource {
}
/**
- * Return a list of user sessions associated with this application
+ * Return a list of user sessions associated with this client
*
* @return
*/
@@ -335,18 +334,18 @@ public class ClientResource {
}
/**
- * If the application has an admin URL, invalidate all sessions associated with that application directly.
+ * If the client has an admin URL, invalidate all sessions associated with that client directly.
*
*/
@Path("logout-all")
@POST
public GlobalRequestResult logoutAll() {
auth.requireManage();
- return new ResourceAdminManager().logoutApplication(uriInfo.getRequestUri(), realm, client);
+ return new ResourceAdminManager().logoutClient(uriInfo.getRequestUri(), realm, client);
}
/**
- * If the application has an admin URL, invalidate the sessions for a particular user directly.
+ * If the client has an admin URL, invalidate the sessions for a particular user directly.
*
*/
@Path("logout-user/{username}")
@@ -357,18 +356,18 @@ public class ClientResource {
if (user == null) {
throw new NotFoundException("User not found");
}
- new ResourceAdminManager().logoutUserFromApplication(uriInfo.getRequestUri(), realm, client, user, session);
+ new ResourceAdminManager().logoutUserFromClient(uriInfo.getRequestUri(), realm, client, user, session);
}
/**
- * Manually register cluster node to this application - usually it's not needed to call this directly as adapter should handle
+ * Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle
* by sending registration request to Keycloak
*
* @param formParams
*/
@Path("nodes")
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void registerNode(Map<String, String> formParams) {
auth.requireManage();
String node = formParams.get("node");
@@ -380,7 +379,7 @@ public class ClientResource {
}
/**
- * Unregister cluster node from this application
+ * Unregister cluster node from this client
*
* @param node
*/
@@ -393,7 +392,7 @@ public class ClientResource {
Integer time = client.getRegisteredNodes().get(node);
if (time == null) {
- throw new NotFoundException("Application does not have a node " + node);
+ throw new NotFoundException("Client does not have a node " + node);
}
client.unregisterNode(node);
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
index 7432efb..270b7ac 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
@@ -27,7 +27,7 @@ import java.util.ArrayList;
import java.util.List;
/**
- * Base resource class for managing a realm's applications.
+ * Base resource class for managing a realm's clients.
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
@@ -48,7 +48,7 @@ public class ClientsResource {
}
/**
- * List of applications belonging to this realm.
+ * List of clients belonging to this realm.
*
* @return
*/
@@ -100,7 +100,7 @@ public class ClientsResource {
}
/**
- * Base path for managing a specific application.
+ * Base path for managing a specific client.
*
* @param name
* @return
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
index 97c56f1..bbb32b4 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
@@ -27,6 +27,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.ArrayList;
@@ -53,7 +54,7 @@ public class IdentityProviderResource {
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public IdentityProviderRepresentation getIdentityProvider() {
IdentityProviderRepresentation rep = ModelToRepresentation.toRepresentation(this.identityProviderModel);
@@ -73,7 +74,7 @@ public class IdentityProviderResource {
}
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response update(IdentityProviderRepresentation providerRep) {
try {
this.auth.requireManage();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
index e59ee6e..ef0e94b 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
@@ -57,7 +57,7 @@ public class IdentityProvidersResource {
@Path("/providers/{provider_id}")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Response getIdentityProviders(@PathParam("provider_id") String providerId) {
this.auth.requireView();
IdentityProviderFactory providerFactory = getProviderFactorytById(providerId);
@@ -108,7 +108,7 @@ public class IdentityProvidersResource {
@GET
@Path("instances")
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<IdentityProviderRepresentation> getIdentityProviders() {
this.auth.requireView();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
index d4cedda..36428b8 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
@@ -19,6 +19,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.LinkedList;
@@ -59,7 +60,7 @@ public class ProtocolMappersResource {
@GET
@NoCache
@Path("protocol/{protocol}")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<ProtocolMapperRepresentation> getMappersPerProtocol(@PathParam("protocol") String protocol) {
auth.requireView();
List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
@@ -77,7 +78,7 @@ public class ProtocolMappersResource {
@Path("models")
@POST
@NoCache
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response createMapper(ProtocolMapperRepresentation rep) {
auth.requireManage();
ProtocolMapperModel model = RepresentationToModel.toModel(rep);
@@ -91,7 +92,7 @@ public class ProtocolMappersResource {
@Path("add-models")
@POST
@NoCache
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void createMapper(List<ProtocolMapperRepresentation> reps) {
auth.requireManage();
for (ProtocolMapperRepresentation rep : reps) {
@@ -103,7 +104,7 @@ public class ProtocolMappersResource {
@GET
@NoCache
@Path("models")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<ProtocolMapperRepresentation> getMappers() {
auth.requireView();
List<ProtocolMapperRepresentation> mappers = new LinkedList<ProtocolMapperRepresentation>();
@@ -116,7 +117,7 @@ public class ProtocolMappersResource {
@GET
@NoCache
@Path("models/{id}")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public ProtocolMapperRepresentation getMapperById(@PathParam("id") String id) {
auth.requireView();
ProtocolMapperModel model = client.getProtocolMapperById(id);
@@ -127,7 +128,7 @@ public class ProtocolMappersResource {
@PUT
@NoCache
@Path("models/{id}")
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void update(@PathParam("id") String id, ProtocolMapperRepresentation rep) {
auth.requireManage();
ProtocolMapperModel model = client.getProtocolMapperById(id);
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index 313d810..5fea57d 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -9,7 +9,7 @@ import org.keycloak.events.Event;
import org.keycloak.events.EventQuery;
import org.keycloak.events.EventStoreProvider;
import org.keycloak.events.EventType;
-import org.keycloak.exportimport.ApplicationImporter;
+import org.keycloak.exportimport.ClientImporter;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
@@ -85,40 +85,38 @@ public class RealmAdminResource {
}
/**
- * Base path for importing applications under this realm.
+ * Base path for importing clients under this realm.
*
* @return
*/
- @Path("application-importers/{formatId}")
- public Object getApplicationImporter(@PathParam("formatId") String formatId) {
- ApplicationImporter importer = session.getProvider(ApplicationImporter.class, formatId);
+ @Path("client-importers/{formatId}")
+ public Object getClientImporter(@PathParam("formatId") String formatId) {
+ ClientImporter importer = session.getProvider(ClientImporter.class, formatId);
return importer.createJaxrsService(realm, auth);
}
/**
- * Base path for managing applications under this realm.
+ * Base path for managing clients under this realm.
*
* @return
*/
- @Path("applications")
- public ClientsResource getApplications() {
+ @Path("clients")
+ public ClientsResource getClients() {
ClientsResource clientsResource = new ClientsResource(realm, auth);
ResteasyProviderFactory.getInstance().injectProperties(clientsResource);
- //resourceContext.initResource(applicationsResource);
return clientsResource;
}
/**
- * Base path for managing applications under this realm.
+ * Base path for managing clients under this realm.
*
* @return
*/
- @Path("applications-by-id")
- public ClientsByIdResource getApplicationsById() {
- ClientsByIdResource applicationsResource = new ClientsByIdResource(realm, auth);
- ResteasyProviderFactory.getInstance().injectProperties(applicationsResource);
- //resourceContext.initResource(applicationsResource);
- return applicationsResource;
+ @Path("clients-by-id")
+ public ClientsByIdResource getClientsById() {
+ ClientsByIdResource clientsResource = new ClientsByIdResource(realm, auth);
+ ResteasyProviderFactory.getInstance().injectProperties(clientsResource);
+ return clientsResource;
}
/**
@@ -132,14 +130,13 @@ public class RealmAdminResource {
}
/**
- * Get the top-level representation of the realm. It will not include nested information like User, Application, or OAuth
- * Client representations.
+ * Get the top-level representation of the realm. It will not include nested information like User and Client representations.
*
* @return
*/
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public RealmRepresentation getRealm() {
if (auth.hasView()) {
RealmRepresentation rep = ModelToRepresentation.toRepresentation(realm, false);
@@ -162,14 +159,14 @@ public class RealmAdminResource {
}
/**
- * Update the top-level information of this realm. Any user, roles, application, or oauth client information in the representation
+ * Update the top-level information of this realm. Any user, roles or client information in the representation
* will be ignored. This will only update top-level attributes of the realm.
*
* @param rep
* @return
*/
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response updateRealm(final RealmRepresentation rep) {
auth.requireManage();
@@ -237,7 +234,7 @@ public class RealmAdminResource {
}
/**
- * Path for managing all realm-level or application-level roles defined in this realm by it's id.
+ * Path for managing all realm-level or client-level roles defined in this realm by it's id.
*
* @return
*/
@@ -250,7 +247,7 @@ public class RealmAdminResource {
}
/**
- * Push the realm's revocation policy to any application that has an admin url associated with it.
+ * Push the realm's revocation policy to any client that has an admin url associated with it.
*
*/
@Path("push-revocation")
@@ -261,7 +258,7 @@ public class RealmAdminResource {
}
/**
- * Removes all user sessions. Any application that has an admin url will also be told to invalidate any sessions
+ * Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions
* they have.
*
*/
@@ -273,7 +270,7 @@ public class RealmAdminResource {
}
/**
- * Remove a specific user session. Any application that has an admin url will also be told to invalidate this
+ * Remove a specific user session. Any client that has an admin url will also be told to invalidate this
* particular session.
*
* @param sessionId
@@ -287,46 +284,46 @@ public class RealmAdminResource {
}
/**
- * Returns a JSON map. The key is the application name, the value is the number of sessions that currently are active
- * with that application. Only application's that actually have a session associated with them will be in this map.
+ * Returns a JSON map. The key is the client name, the value is the number of sessions that currently are active
+ * with that client. Only client's that actually have a session associated with them will be in this map.
*
* @return
*/
- @Path("application-session-stats")
+ @Path("client-session-stats")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
@Deprecated
- public Map<String, Integer> getApplicationSessionStats() {
+ public Map<String, Integer> getClientSessionStats() {
auth.requireView();
Map<String, Integer> stats = new HashMap<String, Integer>();
- for (ClientModel application : realm.getClients()) {
- int size = session.sessions().getActiveUserSessions(application.getRealm(), application);
+ for (ClientModel client : realm.getClients()) {
+ int size = session.sessions().getActiveUserSessions(client.getRealm(), client);
if (size == 0) continue;
- stats.put(application.getClientId(), size);
+ stats.put(client.getClientId(), size);
}
return stats;
}
/**
- * Returns a JSON map. The key is the application id, the value is the number of sessions that currently are active
- * with that application. Only application's that actually have a session associated with them will be in this map.
+ * Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active
+ * with that client. Only client's that actually have a session associated with them will be in this map.
*
* @return
*/
- @Path("application-by-id-session-stats")
+ @Path("client-by-id-session-stats")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
- public List<Map<String, String>> getApplicationByIdSessionStats() {
+ public List<Map<String, String>> getClientByIdSessionStats() {
auth.requireView();
List<Map<String, String>> data = new LinkedList<Map<String, String>>();
- for (ClientModel application : realm.getClients()) {
- int size = session.sessions().getActiveUserSessions(application.getRealm(), application);
+ for (ClientModel client : realm.getClients()) {
+ int size = session.sessions().getActiveUserSessions(client.getRealm(), client);
if (size == 0) continue;
Map<String, String> map = new HashMap<String, String>();
- map.put("id", application.getId());
- map.put("name", application.getClientId());
+ map.put("id", client.getId());
+ map.put("clientId", client.getClientId());
map.put("active", size + "");
data.add(map);
}
@@ -341,7 +338,7 @@ public class RealmAdminResource {
@GET
@NoCache
@Path("events/config")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public RealmEventsConfigRepresentation getRealmEventsConfig() {
auth.init(RealmAuth.Resource.EVENTS).requireView();
@@ -355,7 +352,7 @@ public class RealmAdminResource {
*/
@PUT
@Path("events/config")
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void updateRealmEventsConfig(final RealmEventsConfigRepresentation rep) {
auth.init(RealmAuth.Resource.EVENTS).requireManage();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
index 963bd6a..21fc79e 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@@ -74,27 +74,27 @@ public class RealmsAdminResource {
*/
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<RealmRepresentation> getRealms() {
RealmManager realmManager = new RealmManager(session);
List<RealmRepresentation> reps = new ArrayList<RealmRepresentation>();
if (auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
List<RealmModel> realms = session.realms().getRealms();
for (RealmModel realm : realms) {
- addRealmRep(reps, realm, realm.getMasterAdminApp());
+ addRealmRep(reps, realm, realm.getMasterAdminClient());
}
} else {
- ClientModel adminApp = auth.getRealm().getClientByClientId(realmManager.getRealmAdminApplicationName(auth.getRealm()));
+ ClientModel adminApp = auth.getRealm().getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm()));
addRealmRep(reps, auth.getRealm(), adminApp);
}
logger.debug(("getRealms()"));
return reps;
}
- protected void addRealmRep(List<RealmRepresentation> reps, RealmModel realm, ClientModel realmManagementApplication) {
- if (auth.hasAppRole(realmManagementApplication, AdminRoles.MANAGE_REALM)) {
+ protected void addRealmRep(List<RealmRepresentation> reps, RealmModel realm, ClientModel realmManagementClient) {
+ if (auth.hasAppRole(realmManagementClient, AdminRoles.MANAGE_REALM)) {
reps.add(ModelToRepresentation.toRepresentation(realm, false));
- } else if (auth.hasOneOfAppRole(realmManagementApplication, AdminRoles.ALL_REALM_ROLES)) {
+ } else if (auth.hasOneOfAppRole(realmManagementClient, AdminRoles.ALL_REALM_ROLES)) {
RealmRepresentation rep = new RealmRepresentation();
rep.setRealm(realm.getName());
reps.add(rep);
@@ -109,7 +109,7 @@ public class RealmsAdminResource {
* @return
*/
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response importRealm(@Context final UriInfo uriInfo, final RealmRepresentation rep) {
RealmManager realmManager = new RealmManager(session);
realmManager.setContextPath(keycloak.getContextPath());
@@ -186,7 +186,7 @@ public class RealmsAdminResource {
}
RealmModel adminRealm = new RealmManager(session).getKeycloakAdminstrationRealm();
- ClientModel realmAdminApp = realm.getMasterAdminApp();
+ ClientModel realmAdminApp = realm.getMasterAdminClient();
for (String r : AdminRoles.ALL_REALM_ROLES) {
RoleModel role = realmAdminApp.getRole(r);
auth.getUser().grantRole(role);
@@ -214,9 +214,9 @@ public class RealmsAdminResource {
RealmAuth realmAuth;
if (auth.getRealm().equals(realmManager.getKeycloakAdminstrationRealm())) {
- realmAuth = new RealmAuth(auth, realm.getMasterAdminApp());
+ realmAuth = new RealmAuth(auth, realm.getMasterAdminClient());
} else {
- realmAuth = new RealmAuth(auth, realm.getClientByClientId(realmManager.getRealmAdminApplicationName(auth.getRealm())));
+ realmAuth = new RealmAuth(auth, realm.getClientByClientId(realmManager.getRealmAdminClientId(auth.getRealm())));
}
RealmAdminResource adminResource = new RealmAdminResource(realmAuth, realm, tokenManager);
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
index 710f065..67d8c12 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
@@ -19,6 +19,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import java.util.List;
import java.util.Set;
@@ -52,7 +53,7 @@ public class RoleByIdResource extends RoleResource {
@Path("{role-id}")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public RoleRepresentation getRole(final @PathParam("role-id") String id) {
RoleModel roleModel = getRoleModel(id);
auth.requireView();
@@ -101,7 +102,7 @@ public class RoleByIdResource extends RoleResource {
*/
@Path("{role-id}")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void updateRole(final @PathParam("role-id") String id, final RoleRepresentation rep) {
RoleModel role = getRoleModel(id);
auth.requireManage();
@@ -116,7 +117,7 @@ public class RoleByIdResource extends RoleResource {
*/
@Path("{role-id}/composites")
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void addComposites(final @PathParam("role-id") String id, List<RoleRepresentation> roles) {
RoleModel role = getRoleModel(id);
auth.requireManage();
@@ -132,7 +133,7 @@ public class RoleByIdResource extends RoleResource {
@Path("{role-id}/composites")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Set<RoleRepresentation> getRoleComposites(final @PathParam("role-id") String id) {
if (logger.isDebugEnabled()) logger.debug("*** getRoleComposites: '" + id + "'");
@@ -150,7 +151,7 @@ public class RoleByIdResource extends RoleResource {
@Path("{role-id}/composites/realm")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Set<RoleRepresentation> getRealmRoleComposites(final @PathParam("role-id") String id) {
RoleModel role = getRoleModel(id);
auth.requireView();
@@ -158,49 +159,49 @@ public class RoleByIdResource extends RoleResource {
}
/**
- * Return a set of application-level roles for a specific app that are in the role's composite
+ * Return a set of client-level roles for a specific client that are in the role's composite
*
* @param id
* @param appName
* @return
*/
- @Path("{role-id}/composites/applications/{app}")
+ @Path("{role-id}/composites/clients/{app}")
@GET
@NoCache
- @Produces("application/json")
- public Set<RoleRepresentation> getApplicationRoleComposites(final @PathParam("role-id") String id,
+ @Produces(MediaType.APPLICATION_JSON)
+ public Set<RoleRepresentation> getClientRoleComposites(final @PathParam("role-id") String id,
final @PathParam("app") String appName) {
RoleModel role = getRoleModel(id);
auth.requireView();
ClientModel app = realm.getClientByClientId(appName);
if (app == null) {
- throw new NotFoundException("Could not find application: " + appName);
+ throw new NotFoundException("Could not find client: " + appName);
}
- return getApplicationRoleComposites(app, role);
+ return getClientRoleComposites(app, role);
}
/**
- * Return a set of application-level roles for a specific app that are in the role's composite
+ * Return a set of client-level roles for a specific client that are in the role's composite
*
* @param id
* @param appId
* @return
*/
- @Path("{role-id}/composites/applications-by-id/{appId}")
+ @Path("{role-id}/composites/clients-by-id/{appId}")
@GET
@NoCache
- @Produces("application/json")
- public Set<RoleRepresentation> getApplicationByIdRoleComposites(final @PathParam("role-id") String id,
+ @Produces(MediaType.APPLICATION_JSON)
+ public Set<RoleRepresentation> getClientByIdRoleComposites(final @PathParam("role-id") String id,
final @PathParam("appId") String appId) {
RoleModel role = getRoleModel(id);
auth.requireView();
ClientModel app = realm.getClientById(appId);
if (app == null) {
- throw new NotFoundException("Could not find application: " + appId);
+ throw new NotFoundException("Could not find client: " + appId);
}
- return getApplicationRoleComposites(app, role);
+ return getClientRoleComposites(app, role);
}
/**
@@ -211,7 +212,7 @@ public class RoleByIdResource extends RoleResource {
*/
@Path("{role-id}/composites")
@DELETE
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void deleteComposites(final @PathParam("role-id") String id, List<RoleRepresentation> roles) {
RoleModel role = getRoleModel(id);
auth.requireManage();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java
index e1d5c28..66d37a9 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java
@@ -20,6 +20,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.ArrayList;
@@ -43,13 +44,13 @@ public class RoleContainerResource extends RoleResource {
}
/**
- * List all roles for this realm or application
+ * List all roles for this realm or client
*
* @return
*/
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<RoleRepresentation> getRoles() {
auth.requireAny();
@@ -62,14 +63,14 @@ public class RoleContainerResource extends RoleResource {
}
/**
- * Create a new role for this realm or application
+ * Create a new role for this realm or client
*
* @param uriInfo
* @param rep
* @return
*/
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response createRole(final @Context UriInfo uriInfo, final RoleRepresentation rep) {
auth.requireManage();
@@ -91,7 +92,7 @@ public class RoleContainerResource extends RoleResource {
@Path("{role-name}")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public RoleRepresentation getRole(final @PathParam("role-name") String roleName) {
auth.requireView();
@@ -131,7 +132,7 @@ public class RoleContainerResource extends RoleResource {
*/
@Path("{role-name}")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response updateRole(final @PathParam("role-name") String roleName, final RoleRepresentation rep) {
auth.requireManage();
@@ -155,7 +156,7 @@ public class RoleContainerResource extends RoleResource {
*/
@Path("{role-name}/composites")
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void addComposites(final @PathParam("role-name") String roleName, List<RoleRepresentation> roles) {
auth.requireManage();
@@ -175,7 +176,7 @@ public class RoleContainerResource extends RoleResource {
@Path("{role-name}/composites")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Set<RoleRepresentation> getRoleComposites(final @PathParam("role-name") String roleName) {
auth.requireManage();
@@ -195,7 +196,7 @@ public class RoleContainerResource extends RoleResource {
@Path("{role-name}/composites/realm")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Set<RoleRepresentation> getRealmRoleComposites(final @PathParam("role-name") String roleName) {
auth.requireManage();
@@ -207,30 +208,30 @@ public class RoleContainerResource extends RoleResource {
}
/**
- * An app-level roles for a specific app for this role's composite
+ * An client-level roles for a specific client for this role's composite
*
* @param roleName role's name (not id!)
- * @param appName
+ * @param clientId
* @return
*/
- @Path("{role-name}/composites/application/{app}")
+ @Path("{role-name}/composites/client/{clientId}")
@GET
@NoCache
- @Produces("application/json")
- public Set<RoleRepresentation> getApplicationRoleComposites(final @PathParam("role-name") String roleName,
- final @PathParam("app") String appName) {
+ @Produces(MediaType.APPLICATION_JSON)
+ public Set<RoleRepresentation> getClientRoleComposites(final @PathParam("role-name") String roleName,
+ final @PathParam("clientId") String clientId) {
auth.requireManage();
RoleModel role = roleContainer.getRole(roleName);
if (role == null) {
throw new NotFoundException("Could not find role: " + roleName);
}
- ClientModel app = realm.getClientByClientId(appName);
+ ClientModel app = realm.getClientByClientId(clientId);
if (app == null) {
- throw new NotFoundException("Could not find application: " + appName);
+ throw new NotFoundException("Could not find client: " + clientId);
}
- return getApplicationRoleComposites(app, role);
+ return getClientRoleComposites(app, role);
}
@@ -238,27 +239,27 @@ public class RoleContainerResource extends RoleResource {
* An app-level roles for a specific app for this role's composite
*
* @param roleName role's name (not id!)
- * @param appId
+ * @param id
* @return
*/
- @Path("{role-name}/composites/application-by-id/{appId}")
+ @Path("{role-name}/composites/client-by-id/{id}")
@GET
@NoCache
- @Produces("application/json")
- public Set<RoleRepresentation> getApplicationByIdRoleComposites(final @PathParam("role-name") String roleName,
- final @PathParam("appId") String appId) {
+ @Produces(MediaType.APPLICATION_JSON)
+ public Set<RoleRepresentation> getClientByIdRoleComposites(final @PathParam("role-name") String roleName,
+ final @PathParam("id") String id) {
auth.requireManage();
RoleModel role = roleContainer.getRole(roleName);
if (role == null) {
throw new NotFoundException("Could not find role: " + roleName);
}
- ClientModel app = realm.getClientById(appId);
- if (app == null) {
- throw new NotFoundException("Could not find application: " + appId);
+ ClientModel client = realm.getClientById(id);
+ if (client == null) {
+ throw new NotFoundException("Could not find client: " + id);
}
- return getApplicationRoleComposites(app, role);
+ return getClientRoleComposites(client, role);
}
@@ -270,7 +271,7 @@ public class RoleContainerResource extends RoleResource {
*/
@Path("{role-name}/composites")
@DELETE
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void deleteComposites(final @PathParam("role-name") String roleName, List<RoleRepresentation> roles) {
auth.requireManage();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java
index 80b6b42..8196528 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java
@@ -69,7 +69,7 @@ public abstract class RoleResource {
return composites;
}
- protected Set<RoleRepresentation> getApplicationRoleComposites(ClientModel app, RoleModel role) {
+ protected Set<RoleRepresentation> getClientRoleComposites(ClientModel app, RoleModel role) {
if (!role.isComposite() || role.getComposites().size() == 0) return Collections.emptySet();
Set<RoleRepresentation> composites = new HashSet<RoleRepresentation>(role.getComposites().size());
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
index 2dda52b..8d4e005 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
@@ -7,7 +7,7 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.utils.ModelToRepresentation;
-import org.keycloak.representations.idm.ApplicationMappingsRepresentation;
+import org.keycloak.representations.idm.ClientMappingsRepresentation;
import org.keycloak.representations.idm.MappingsRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
@@ -18,6 +18,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
@@ -25,7 +26,7 @@ import java.util.Map;
import java.util.Set;
/**
- * Base class for managing the scope mappings of a specific client (application or oauth).
+ * Base class for managing the scope mappings of a specific client.
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
@@ -49,7 +50,7 @@ public class ScopeMappedResource {
* @return
*/
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public MappingsRepresentation getScopeMappings() {
auth.requireView();
@@ -64,22 +65,22 @@ public class ScopeMappedResource {
all.setRealmMappings(realmRep);
}
- List<ClientModel> applications = realm.getClients();
- if (applications.size() > 0) {
- Map<String, ApplicationMappingsRepresentation> appMappings = new HashMap<String, ApplicationMappingsRepresentation>();
- for (ClientModel app : applications) {
- Set<RoleModel> roleMappings = app.getApplicationScopeMappings(client);
+ List<ClientModel> clients = realm.getClients();
+ if (clients.size() > 0) {
+ Map<String, ClientMappingsRepresentation> clientMappings = new HashMap<String, ClientMappingsRepresentation>();
+ for (ClientModel client : clients) {
+ Set<RoleModel> roleMappings = client.getClientScopeMappings(this.client);
if (roleMappings.size() > 0) {
- ApplicationMappingsRepresentation mappings = new ApplicationMappingsRepresentation();
- mappings.setApplicationId(app.getId());
- mappings.setApplication(app.getClientId());
+ ClientMappingsRepresentation mappings = new ClientMappingsRepresentation();
+ mappings.setId(client.getId());
+ mappings.setClient(client.getClientId());
List<RoleRepresentation> roles = new ArrayList<RoleRepresentation>();
mappings.setMappings(roles);
for (RoleModel role : roleMappings) {
roles.add(ModelToRepresentation.toRepresentation(role));
}
- appMappings.put(app.getClientId(), mappings);
- all.setApplicationMappings(appMappings);
+ clientMappings.put(client.getClientId(), mappings);
+ all.setClientMappings(clientMappings);
}
}
}
@@ -93,7 +94,7 @@ public class ScopeMappedResource {
*/
@Path("realm")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getRealmScopeMappings() {
auth.requireView();
@@ -113,7 +114,7 @@ public class ScopeMappedResource {
*/
@Path("realm/available")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getAvailableRealmScopeMappings() {
auth.requireView();
@@ -140,7 +141,7 @@ public class ScopeMappedResource {
*/
@Path("realm/composite")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getCompositeRealmScopeMappings() {
auth.requireView();
@@ -164,7 +165,7 @@ public class ScopeMappedResource {
*/
@Path("realm")
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void addRealmScopeMappings(List<RoleRepresentation> roles) {
auth.requireManage();
@@ -186,7 +187,7 @@ public class ScopeMappedResource {
*/
@Path("realm")
@DELETE
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void deleteRealmScopeMappings(List<RoleRepresentation> roles) {
auth.requireManage();
@@ -200,32 +201,32 @@ public class ScopeMappedResource {
for (RoleRepresentation role : roles) {
RoleModel roleModel = realm.getRoleById(role.getId());
if (roleModel == null) {
- throw new NotFoundException("Application not found");
+ throw new NotFoundException("Client not found");
}
client.deleteScopeMapping(roleModel);
}
}
}
- @Path("applications/{app}")
- public ScopeMappedApplicationResource getApplicationScopeMappings(@PathParam("app") String appName) {
- ClientModel app = realm.getClientByClientId(appName);
+ @Path("clients/{clientId}")
+ public ScopeMappedClientResource getClientScopeMappings(@PathParam("clientId") String clientId) {
+ ClientModel app = realm.getClientByClientId(clientId);
if (app == null) {
throw new NotFoundException("Role not found");
}
- return new ScopeMappedApplicationResource(realm, auth, client, session, app);
+ return new ScopeMappedClientResource(realm, auth, client, session, app);
}
- @Path("applications-by-id/{appId}")
- public ScopeMappedApplicationResource getApplicationByIdScopeMappings(@PathParam("appId") String appId) {
- ClientModel app = realm.getClientById(appId);
+ @Path("clients-by-id/{id}")
+ public ScopeMappedClientResource getClientByIdScopeMappings(@PathParam("id") String id) {
+ ClientModel app = realm.getClientById(id);
if (app == null) {
- throw new NotFoundException("Application not found");
+ throw new NotFoundException("Client not found");
}
- return new ScopeMappedApplicationResource(realm, auth, client, session, app);
+ return new ScopeMappedClientResource(realm, auth, client, session, app);
}
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
index ec72cc1..322f60d 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
@@ -5,8 +5,8 @@ import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.IdentityProviderFactory;
import org.keycloak.events.EventListenerProvider;
import org.keycloak.events.EventType;
-import org.keycloak.exportimport.ApplicationImporter;
-import org.keycloak.exportimport.ApplicationImporterFactory;
+import org.keycloak.exportimport.ClientImporter;
+import org.keycloak.exportimport.ClientImporterFactory;
import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeProvider;
import org.keycloak.models.KeycloakSession;
@@ -55,7 +55,7 @@ public class ServerInfoAdminResource {
setThemes(info);
setEventListeners(info);
setProtocols(info);
- setApplicationImporters(info);
+ setClientImporters(info);
setProviders(info);
setProtocolMapperTypes(info);
setBuiltinProtocolMappers(info);
@@ -167,14 +167,14 @@ public class ServerInfoAdminResource {
}
}
- private void setApplicationImporters(ServerInfoRepresentation info) {
- info.applicationImporters = new LinkedList<Map<String, String>>();
- for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(ApplicationImporter.class)) {
- ApplicationImporterFactory factory = (ApplicationImporterFactory)p;
+ private void setClientImporters(ServerInfoRepresentation info) {
+ info.clientImporters = new LinkedList<Map<String, String>>();
+ for (ProviderFactory p : session.getKeycloakSessionFactory().getProviderFactories(ClientImporter.class)) {
+ ClientImporterFactory factory = (ClientImporterFactory)p;
Map<String, String> data = new HashMap<String, String>();
data.put("id", factory.getId());
data.put("name", factory.getDisplayName());
- info.applicationImporters.add(data);
+ info.clientImporters.add(data);
}
}
@@ -198,7 +198,7 @@ public class ServerInfoAdminResource {
private List<Map<String, String>> socialProviders;
public List<Map<String, String>> identityProviders;
private List<String> protocols;
- private List<Map<String, String>> applicationImporters;
+ private List<Map<String, String>> clientImporters;
private Map<String, Set<String>> providers;
@@ -239,8 +239,8 @@ public class ServerInfoAdminResource {
return protocols;
}
- public List<Map<String, String>> getApplicationImporters() {
- return applicationImporters;
+ public List<Map<String, String>> getClientImporters() {
+ return clientImporters;
}
public Map<String, Set<String>> getProviders() {
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java
index 006124b..188cb30 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java
@@ -28,6 +28,7 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.LinkedList;
@@ -67,7 +68,7 @@ public class UserFederationResource {
@GET
@NoCache
@Path("providers")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<UserFederationProviderFactoryRepresentation> getProviders() {
auth.requireView();
List<UserFederationProviderFactoryRepresentation> providers = new LinkedList<UserFederationProviderFactoryRepresentation>();
@@ -88,7 +89,7 @@ public class UserFederationResource {
@GET
@NoCache
@Path("providers/{id}")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public UserFederationProviderFactoryRepresentation getProvider(@PathParam("id") String id) {
auth.requireView();
for (ProviderFactory factory : session.getKeycloakSessionFactory().getProviderFactories(UserFederationProvider.class)) {
@@ -111,7 +112,7 @@ public class UserFederationResource {
*/
@POST
@Path("instances")
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response createProviderInstance(UserFederationProviderRepresentation rep) {
auth.requireManage();
String displayName = rep.getDisplayName();
@@ -133,7 +134,7 @@ public class UserFederationResource {
*/
@PUT
@Path("instances/{id}")
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void updateProviderInstance(@PathParam("id") String id, UserFederationProviderRepresentation rep) {
auth.requireManage();
String displayName = rep.getDisplayName();
@@ -155,7 +156,7 @@ public class UserFederationResource {
@GET
@NoCache
@Path("instances/{id}")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public UserFederationProviderRepresentation getProviderInstance(@PathParam("id") String id) {
auth.requireView();
for (UserFederationProviderModel model : realm.getUserFederationProviders()) {
@@ -191,7 +192,7 @@ public class UserFederationResource {
*/
@GET
@Path("instances")
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<UserFederationProviderRepresentation> getUserFederationInstances() {
auth.requireManage();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
index e424175..8bad898 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@@ -25,7 +25,7 @@ import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.protocol.oidc.utils.RedirectUtils;
-import org.keycloak.representations.idm.ApplicationMappingsRepresentation;
+import org.keycloak.representations.idm.ClientMappingsRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.MappingsRepresentation;
@@ -106,7 +106,7 @@ public class UsersResource {
*/
@Path("{username}")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response updateUser(final @PathParam("username") String username, final UserRepresentation rep) {
auth.requireManage();
@@ -137,7 +137,7 @@ public class UsersResource {
* @return
*/
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response createUser(final @Context UriInfo uriInfo, final UserRepresentation rep) {
auth.requireManage();
@@ -209,7 +209,7 @@ public class UsersResource {
@Path("{username}")
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public UserRepresentation getUser(final @PathParam("username") String username) {
auth.requireView();
@@ -311,7 +311,7 @@ public class UsersResource {
}
/**
- * Remove all user sessions associated with this user. And, for all applications that have an admin URL, tell
+ * Remove all user sessions associated with this user. And, for all client that have an admin URL, tell
* them to invalidate the sessions for this particular user.
*
* @param username username (not id!)
@@ -368,7 +368,7 @@ public class UsersResource {
*/
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public List<UserRepresentation> getUsers(@QueryParam("search") String search,
@QueryParam("lastName") String last,
@QueryParam("firstName") String first,
@@ -418,7 +418,7 @@ public class UsersResource {
*/
@Path("{username}/role-mappings")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public MappingsRepresentation getRoleMappings(@PathParam("username") String username) {
auth.requireView();
@@ -439,22 +439,22 @@ public class UsersResource {
all.setRealmMappings(realmRep);
}
- List<ClientModel> applications = realm.getClients();
- if (applications.size() > 0) {
- Map<String, ApplicationMappingsRepresentation> appMappings = new HashMap<String, ApplicationMappingsRepresentation>();
- for (ClientModel application : applications) {
- Set<RoleModel> roleMappings = user.getApplicationRoleMappings(application);
+ List<ClientModel> clients = realm.getClients();
+ if (clients.size() > 0) {
+ Map<String, ClientMappingsRepresentation> appMappings = new HashMap<String, ClientMappingsRepresentation>();
+ for (ClientModel client : clients) {
+ Set<RoleModel> roleMappings = user.getClientRoleMappings(client);
if (roleMappings.size() > 0) {
- ApplicationMappingsRepresentation mappings = new ApplicationMappingsRepresentation();
- mappings.setApplicationId(application.getId());
- mappings.setApplication(application.getClientId());
+ ClientMappingsRepresentation mappings = new ClientMappingsRepresentation();
+ mappings.setId(client.getId());
+ mappings.setClient(client.getClientId());
List<RoleRepresentation> roles = new ArrayList<RoleRepresentation>();
mappings.setMappings(roles);
for (RoleModel role : roleMappings) {
roles.add(ModelToRepresentation.toRepresentation(role));
}
- appMappings.put(application.getClientId(), mappings);
- all.setApplicationMappings(appMappings);
+ appMappings.put(client.getClientId(), mappings);
+ all.setClientMappings(appMappings);
}
}
}
@@ -469,7 +469,7 @@ public class UsersResource {
*/
@Path("{username}/role-mappings/realm")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getRealmRoleMappings(@PathParam("username") String username) {
auth.requireView();
@@ -495,7 +495,7 @@ public class UsersResource {
*/
@Path("{username}/role-mappings/realm/composite")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getCompositeRealmRoleMappings(@PathParam("username") String username) {
auth.requireView();
@@ -523,7 +523,7 @@ public class UsersResource {
*/
@Path("{username}/role-mappings/realm/available")
@GET
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getAvailableRealmRoleMappings(@PathParam("username") String username) {
auth.requireView();
@@ -534,7 +534,7 @@ public class UsersResource {
}
Set<RoleModel> available = realm.getRoles();
- return UserApplicationRoleMappingsResource.getAvailableRoles(user, available);
+ return UserClientRoleMappingsResource.getAvailableRoles(user, available);
}
/**
@@ -545,7 +545,7 @@ public class UsersResource {
*/
@Path("{username}/role-mappings/realm")
@POST
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void addRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
auth.requireManage();
@@ -574,7 +574,7 @@ public class UsersResource {
*/
@Path("{username}/role-mappings/realm")
@DELETE
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void deleteRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
auth.requireManage();
@@ -601,36 +601,36 @@ public class UsersResource {
}
}
- @Path("{username}/role-mappings/applications/{app}")
- public UserApplicationRoleMappingsResource getUserApplicationRoleMappingsResource(@PathParam("username") String username, @PathParam("app") String appName) {
+ @Path("{username}/role-mappings/clients/{clientId}")
+ public UserClientRoleMappingsResource getUserClientRoleMappingsResource(@PathParam("username") String username, @PathParam("clientId") String clientId) {
UserModel user = session.users().getUserByUsername(username, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
- ClientModel application = realm.getClientByClientId(appName);
+ ClientModel client = realm.getClientByClientId(clientId);
- if (application == null) {
- throw new NotFoundException("Application not found");
+ if (client == null) {
+ throw new NotFoundException("Client not found");
}
- return new UserApplicationRoleMappingsResource(realm, auth, user, application);
+ return new UserClientRoleMappingsResource(realm, auth, user, client);
}
- @Path("{username}/role-mappings/applications-by-id/{appId}")
- public UserApplicationRoleMappingsResource getUserApplicationRoleMappingsResourceById(@PathParam("username") String username, @PathParam("appId") String appId) {
+ @Path("{username}/role-mappings/clients-by-id/{id}")
+ public UserClientRoleMappingsResource getUserClientRoleMappingsResourceById(@PathParam("username") String username, @PathParam("id") String id) {
UserModel user = session.users().getUserByUsername(username, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
- ClientModel application = realm.getClientById(appId);
+ ClientModel client = realm.getClientById(id);
- if (application == null) {
- throw new NotFoundException("Application not found");
+ if (client == null) {
+ throw new NotFoundException("Client not found");
}
- return new UserApplicationRoleMappingsResource(realm, auth, user, application);
+ return new UserClientRoleMappingsResource(realm, auth, user, client);
}
/**
@@ -642,7 +642,7 @@ public class UsersResource {
*/
@Path("{username}/reset-password")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void resetPassword(@PathParam("username") String username, CredentialRepresentation pass) {
auth.requireManage();
@@ -670,7 +670,7 @@ public class UsersResource {
*/
@Path("{username}/remove-totp")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public void removeTotp(@PathParam("username") String username) {
auth.requireManage();
@@ -685,7 +685,7 @@ public class UsersResource {
/**
* Send an email to the user with a link they can click to reset their password.
* The redirectUri and clientId parameters are optional. The default for the
- * redirect is the account application.
+ * redirect is the account client.
*
* @param username username (not id!)
* @param redirectUri redirect uri
@@ -694,7 +694,7 @@ public class UsersResource {
*/
@Path("{username}/reset-password-email")
@PUT
- @Consumes("application/json")
+ @Consumes(MediaType.APPLICATION_JSON)
public Response resetPasswordEmail(@PathParam("username") String username, @QueryParam(OIDCLoginProtocol.REDIRECT_URI_PARAM) String redirectUri, @QueryParam(OIDCLoginProtocol.CLIENT_ID_PARAM) String clientId) {
auth.requireManage();
@@ -716,7 +716,7 @@ public class UsersResource {
}
if(clientId == null){
- clientId = Constants.ACCOUNT_MANAGEMENT_APP;
+ clientId = Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
}
ClientModel client = realm.getClientByClientId(clientId);
diff --git a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
index beca17d..1eb5480 100755
--- a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
+++ b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
@@ -24,6 +24,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
@@ -81,7 +82,7 @@ public class ClientsManagementService {
}
/**
- * URL invoked by adapter to register new application cluster node. Each application cluster node will invoke this URL once it joins cluster
+ * URL invoked by adapter to register new client cluster node. Each application cluster node will invoke this URL once it joins cluster
*
* @param authorizationHeader
* @param formData
@@ -89,7 +90,7 @@ public class ClientsManagementService {
*/
@Path("register-node")
@POST
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Response registerNode(@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap<String, String> formData) {
if (!checkSsl()) {
throw new ForbiddenException("HTTPS required");
@@ -102,13 +103,13 @@ public class ClientsManagementService {
throw new UnauthorizedException("Realm not enabled");
}
- ClientModel application = authorizeApplication(authorizationHeader, formData);
- String nodeHost = getApplicationClusterHost(formData);
+ ClientModel client = authorizeClient(authorizationHeader, formData);
+ String nodeHost = getClientClusterHost(formData);
- event.client(application).detail(Details.NODE_HOST, nodeHost);
- logger.debugf("Registering cluster host '%s' for client '%s'", nodeHost, application.getClientId());
+ event.client(client).detail(Details.NODE_HOST, nodeHost);
+ logger.debugf("Registering cluster host '%s' for client '%s'", nodeHost, client.getClientId());
- application.registerNode(nodeHost, Time.currentTime());
+ client.registerNode(nodeHost, Time.currentTime());
event.success();
@@ -117,7 +118,7 @@ public class ClientsManagementService {
/**
- * URL invoked by adapter to register new application cluster node. Each application cluster node will invoke this URL once it joins cluster
+ * URL invoked by adapter to register new client cluster node. Each application cluster node will invoke this URL once it joins cluster
*
* @param authorizationHeader
* @param formData
@@ -125,7 +126,7 @@ public class ClientsManagementService {
*/
@Path("unregister-node")
@POST
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public Response unregisterNode(@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap<String, String> formData) {
if (!checkSsl()) {
throw new ForbiddenException("HTTPS required");
@@ -138,20 +139,20 @@ public class ClientsManagementService {
throw new UnauthorizedException("Realm not enabled");
}
- ClientModel application = authorizeApplication(authorizationHeader, formData);
- String nodeHost = getApplicationClusterHost(formData);
+ ClientModel client = authorizeClient(authorizationHeader, formData);
+ String nodeHost = getClientClusterHost(formData);
- event.client(application).detail(Details.NODE_HOST, nodeHost);
- logger.debugf("Unregistering cluster host '%s' for client '%s'", nodeHost, application.getClientId());
+ event.client(client).detail(Details.NODE_HOST, nodeHost);
+ logger.debugf("Unregistering cluster host '%s' for client '%s'", nodeHost, client.getClientId());
- application.unregisterNode(nodeHost);
+ client.unregisterNode(nodeHost);
event.success();
return Response.noContent().build();
}
- protected ClientModel authorizeApplication(String authorizationHeader, MultivaluedMap<String, String> formData) {
+ protected ClientModel authorizeClient(String authorizationHeader, MultivaluedMap<String, String> formData) {
ClientModel client = AuthorizeClientUtil.authorizeClient(authorizationHeader, formData, event, realm);
if (client.isPublicClient()) {
@@ -159,31 +160,23 @@ public class ClientsManagementService {
error.put(OAuth2Constants.ERROR, "invalid_client");
error.put(OAuth2Constants.ERROR_DESCRIPTION, "Public clients not allowed");
event.error(Errors.INVALID_CLIENT);
- throw new BadRequestException("Public clients not allowed", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
+ throw new BadRequestException("Public clients not allowed", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build());
}
- if (!(client instanceof ClientModel)) {
- Map<String, String> error = new HashMap<String, String>();
- error.put(OAuth2Constants.ERROR, "invalid_client");
- error.put(OAuth2Constants.ERROR_DESCRIPTION, "Just applications are allowed");
- event.error(Errors.INVALID_CLIENT);
- throw new BadRequestException("ust applications are allowed", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
- }
-
- return (ClientModel)client;
+ return client;
}
- protected String getApplicationClusterHost(MultivaluedMap<String, String> formData) {
- String applicationClusterHost = formData.getFirst(AdapterConstants.APPLICATION_CLUSTER_HOST);
- if (applicationClusterHost == null || applicationClusterHost.length() == 0) {
+ protected String getClientClusterHost(MultivaluedMap<String, String> formData) {
+ String clientClusterHost = formData.getFirst(AdapterConstants.CLIENT_CLUSTER_HOST);
+ if (clientClusterHost == null || clientClusterHost.length() == 0) {
Map<String, String> error = new HashMap<String, String>();
error.put(OAuth2Constants.ERROR, "invalid_request");
- error.put(OAuth2Constants.ERROR_DESCRIPTION, "application cluster host not specified");
+ error.put(OAuth2Constants.ERROR_DESCRIPTION, "Client cluster host not specified");
event.error(Errors.INVALID_CODE);
- throw new BadRequestException("Cluster host not specified", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(error).type("application/json").build());
+ throw new BadRequestException("Cluster host not specified", javax.ws.rs.core.Response.status(javax.ws.rs.core.Response.Status.BAD_REQUEST).entity(error).type(MediaType.APPLICATION_JSON_TYPE).build());
}
- return applicationClusterHost;
+ return clientClusterHost;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
index a26b279..f8e5e8f 100755
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
@@ -73,7 +73,7 @@ import java.util.Map;
import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT;
import static org.keycloak.models.ClientSessionModel.Action.AUTHENTICATE;
-import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_APP;
+import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
import static org.keycloak.models.UserModel.RequiredAction.UPDATE_PROFILE;
/**
@@ -327,7 +327,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
return redirectToErrorPage(Messages.ACCOUNT_DISABLED);
}
- if (!authenticatedUser.hasRole(this.realmModel.getClientByClientId(ACCOUNT_MANAGEMENT_APP).getRole(MANAGE_ACCOUNT))) {
+ if (!authenticatedUser.hasRole(this.realmModel.getClientByClientId(ACCOUNT_MANAGEMENT_CLIENT_ID).getRole(MANAGE_ACCOUNT))) {
fireErrorEvent(Errors.NOT_ALLOWED);
return redirectToErrorPage(Messages.INSUFFICIENT_PERMISSION);
}
@@ -382,7 +382,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
return clientCode;
}
- throw new IdentityBrokerException("Invalid code, please login again through your application.");
+ throw new IdentityBrokerException("Invalid code, please login again through your client.");
}
private AuthenticationRequest createAuthenticationRequest(String providerId, ClientSessionCode clientSessionCode) {
diff --git a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
index b4c3284..25beaa5 100755
--- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
@@ -14,6 +14,7 @@ import javax.ws.rs.OPTIONS;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
@@ -59,7 +60,7 @@ public class PublicRealmResource {
*/
@GET
@NoCache
- @Produces("application/json")
+ @Produces(MediaType.APPLICATION_JSON)
public PublishedRealmRepresentation getRealm() {
Cors.add(request).allowedOrigins(Cors.ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD).auth().build(response);
return realmRep(realm, uriInfo);
diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
index 4989fbc..571f111 100755
--- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
@@ -157,16 +157,15 @@ public class RealmsResource {
RealmManager realmManager = new RealmManager(session);
RealmModel realm = locateRealm(name, realmManager);
- ClientModel application = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
- if (application == null || !application.isEnabled()) {
+ ClientModel client = realm.getClientNameMap().get(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
+ if (client == null || !client.isEnabled()) {
logger.debug("account management not enabled");
throw new NotFoundException("account management not enabled");
}
EventBuilder event = new EventBuilder(realm, session, clientConnection);
- AccountService accountService = new AccountService(realm, application, event);
+ AccountService accountService = new AccountService(realm, client, event);
ResteasyProviderFactory.getInstance().injectProperties(accountService);
- //resourceContext.initResource(accountService);
accountService.init();
return accountService;
}
@@ -177,7 +176,6 @@ public class RealmsResource {
RealmModel realm = locateRealm(name, realmManager);
PublicRealmResource realmResource = new PublicRealmResource(realm);
ResteasyProviderFactory.getInstance().injectProperties(realmResource);
- //resourceContext.initResource(realmResource);
return realmResource;
}
@@ -188,7 +186,6 @@ public class RealmsResource {
IdentityBrokerService brokerService = new IdentityBrokerService(realm);
ResteasyProviderFactory.getInstance().injectProperties(brokerService);
- //resourceContext.initResource(brokerService);
brokerService.init();
diff --git a/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index cb01455..e1c0b91 100755
--- a/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -1,4 +1,4 @@
org.keycloak.protocol.LoginProtocolSpi
org.keycloak.protocol.ProtocolMapperSpi
-org.keycloak.exportimport.ApplicationImportSpi
+org.keycloak.exportimport.ClientImportSpi
org.keycloak.wellknown.WellKnownSpi
\ No newline at end of file
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
index 8e22acf..999fdb8 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
@@ -25,7 +25,6 @@ import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.ClassRule;
-import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.events.Details;
@@ -75,7 +74,7 @@ public class AccountTest {
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
UserModel user = manager.getSession().users().getUserByUsername("test-user@localhost", appRealm);
- ClientModel accountApp = appRealm.getClientNameMap().get(org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_APP);
+ ClientModel accountApp = appRealm.getClientNameMap().get(org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
UserModel user2 = manager.getSession().users().addUser(appRealm, "test-user-no-access@localhost");
user2.setEnabled(true);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java
index a189032..44ebaf1 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java
@@ -53,7 +53,7 @@ public class ProfileTest {
user.setAttribute("key1", "value1");
user.setAttribute("key2", "value2");
- ClientModel accountApp = appRealm.getClientByClientId(org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_APP);
+ ClientModel accountApp = appRealm.getClientByClientId(org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
UserModel user2 = manager.getSession().users().addUser(appRealm, "test-user-no-access@localhost");
user2.setEnabled(true);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
index dcbdcbf..ba41ceb 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
@@ -22,7 +22,6 @@
package org.keycloak.testsuite.adapter;
import org.junit.Assert;
-import org.junit.Test;
import org.junit.rules.ExternalResource;
import org.keycloak.Config;
import org.keycloak.OAuth2Constants;
@@ -137,7 +136,7 @@ public class AdapterTestStrategy extends ExternalResource {
RealmManager manager = new RealmManager(session);
RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
- ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
+ ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
TokenManager tm = new TokenManager();
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
ClientSessionModel clientSession = session.sessions().createClientSession(adminRealm, adminConsole);
@@ -213,7 +212,7 @@ public class AdapterTestStrategy extends ExternalResource {
Client client = ClientBuilder.newClient();
UriBuilder authBase = UriBuilder.fromUri(AUTH_SERVER_URL);
WebTarget adminTarget = client.target(AdminRoot.realmsUrl(authBase)).path("demo");
- Map<String, Integer> stats = adminTarget.path("application-session-stats").request()
+ Map<String, Integer> stats = adminTarget.path("client-session-stats").request()
.header(HttpHeaders.AUTHORIZATION, "Bearer " + adminToken)
.get(new GenericType<Map<String, Integer>>() {
});
@@ -574,7 +573,7 @@ public class AdapterTestStrategy extends ExternalResource {
loginAndCheckSession(driver, loginPage);
// logout mposolda with admin client
- Keycloak keycloakAdmin = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CONSOLE_APPLICATION);
+ Keycloak keycloakAdmin = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CONSOLE_CLIENT_ID);
keycloakAdmin.realm("demo").clients().get("session-portal").logoutUser("mposolda");
// bburke should be still logged with original httpSession in our browser window
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java
index b56232e..4c22533 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java
@@ -85,7 +85,7 @@ public class RelativeUriAdapterTest {
deployApplication("customer-db", "/customer-db", CustomerDatabaseServlet.class, url.getPath(), "user");
url = getClass().getResource("/adapter-test/product-keycloak-relative.json");
deployApplication("product-portal", "/product-portal", ProductServlet.class, url.getPath(), "user");
- ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
+ ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
TokenManager tm = new TokenManager();
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
ClientSessionModel clientSession = session.sessions().createClientSession(realm, adminConsole);
@@ -135,7 +135,7 @@ public class RelativeUriAdapterTest {
Client client = ClientBuilder.newClient();
UriBuilder authBase = UriBuilder.fromUri("http://localhost:8081/auth");
WebTarget adminTarget = client.target(AdminRoot.realmsUrl(authBase)).path("demo");
- Map<String, Integer> stats = adminTarget.path("application-session-stats").request()
+ Map<String, Integer> stats = adminTarget.path("client-session-stats").request()
.header(HttpHeaders.AUTHORIZATION, "Bearer " + adminToken)
.get(new GenericType<Map<String, Integer>>(){});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
index d221df0..1a8c554 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
@@ -8,10 +8,8 @@ import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.models.Constants;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
-import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.rule.KeycloakRule;
@@ -49,7 +47,7 @@ public abstract class AbstractClientTest {
}
});
- keycloak = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", Constants.ADMIN_CONSOLE_APPLICATION);
+ keycloak = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", Constants.ADMIN_CONSOLE_CLIENT_ID);
realm = keycloak.realm(REALM_NAME);
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
index a8a4292..b3a7ca6 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
@@ -77,7 +77,7 @@ public class AdminAPITest {
RealmManager manager = new RealmManager(session);
RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
- ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
+ ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
TokenManager tm = new TokenManager();
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
ClientSessionModel clientSession = session.sessions().createClientSession(adminRealm, adminConsole);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/ClientTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/ClientTest.java
index 7dc9952..8151ca5 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/ClientTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/ClientTest.java
@@ -87,7 +87,7 @@ public class ClientTest extends AbstractClientTest {
List<UserSessionRepresentation> userSessions = app.getUserSessions(0, 100);
assertEquals(2, userSessions.size());
- assertEquals(1, userSessions.get(0).getApplications().size());
+ assertEquals(1, userSessions.get(0).getClients().size());
}
@Test
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AdapterTest.java
index e7440ab..0e48914 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AdapterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AdapterTest.java
@@ -469,7 +469,7 @@ public class AdapterTest extends AbstractModelTest {
// Role "foo" is default realm role
Assert.assertTrue(user.hasRole(realmModel.getRole("foo")));
- roles = user.getApplicationRoleMappings(application);
+ roles = user.getClientRoleMappings(application);
Assert.assertEquals(roles.size(), 2);
assertRolesContains(application.getRole("user"), roles);
assertRolesContains(appBarRole, roles);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java
index a9b1344..f0fc63b 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java
@@ -48,7 +48,7 @@ public class ClientModelTest extends AbstractModelTest {
client.registerNode("node1", 10);
client.registerNode("10.20.30.40", 50);
- client.updateApplication();
+ client.updateClient();
}
@Test
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
index 13b019a..54f4cbe 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
@@ -86,7 +86,7 @@ public class ImportTest extends AbstractModelTest {
// Test applications imported
ClientModel application = realm.getClientByClientId("Application");
ClientModel otherApp = realm.getClientByClientId("OtherApp");
- ClientModel accountApp = realm.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_APP);
+ ClientModel accountApp = realm.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
ClientModel nonExisting = realm.getClientByClientId("NonExisting");
Assert.assertNotNull(application);
Assert.assertNotNull(otherApp);
@@ -130,7 +130,7 @@ public class ImportTest extends AbstractModelTest {
Assert.assertEquals(1, realmRoles.size());
Assert.assertEquals("admin", realmRoles.iterator().next().getName());
- Set<RoleModel> appRoles = admin.getApplicationRoleMappings(application);
+ Set<RoleModel> appRoles = admin.getClientRoleMappings(application);
Assert.assertEquals(1, appRoles.size());
Assert.assertEquals("app-admin", appRoles.iterator().next().getName());
@@ -149,7 +149,7 @@ public class ImportTest extends AbstractModelTest {
Set<RoleModel> realmScopes = oauthClient.getRealmScopeMappings();
Assert.assertTrue(realmScopes.contains(realm.getRole("admin")));
- Set<RoleModel> appScopes = application.getApplicationScopeMappings(oauthClient);
+ Set<RoleModel> appScopes = application.getClientScopeMappings(oauthClient);
Assert.assertTrue(appScopes.contains(application.getRole("app-user")));
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/saml/SamlBindingTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/saml/SamlBindingTest.java
index 000eaad..e91d58c 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/saml/SamlBindingTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/saml/SamlBindingTest.java
@@ -419,7 +419,7 @@ public class SamlBindingTest {
RealmManager manager = new RealmManager(session);
RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
- ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_APPLICATION);
+ ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
TokenManager tm = new TokenManager();
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
ClientSessionModel clientSession = session.sessions().createClientSession(adminRealm, adminConsole);
@@ -466,7 +466,7 @@ public class SamlBindingTest {
Assert.assertNotNull(is);
formData.addFormData("file", is, MediaType.APPLICATION_XML_TYPE);
- WebTarget upload = adminRealms.path("demo/application-importers/saml2-entity-descriptor/upload");
+ WebTarget upload = adminRealms.path("demo/client-importers/saml2-entity-descriptor/upload");
System.out.println(upload.getUri());
Response response = upload.request().post(Entity.entity(formData, MediaType.MULTIPART_FORM_DATA));
Assert.assertEquals(204, response.getStatus());
diff --git a/testsuite/integration/src/test/resources/testrealm.json b/testsuite/integration/src/test/resources/testrealm.json
index cedc22d..c9b6708 100755
--- a/testsuite/integration/src/test/resources/testrealm.json
+++ b/testsuite/integration/src/test/resources/testrealm.json
@@ -27,7 +27,7 @@
"value" : "password" }
],
"realmRoles": ["user"],
- "applicationRoles": {
+ "clientRoles": {
"test-app": [ "customer-user" ],
"account": [ "view-profile", "manage-account" ]
}
@@ -41,22 +41,12 @@
"value" : "password" }
],
"realmRoles": ["user"],
- "applicationRoles": {
+ "clientRoles": {
"test-app": [ "customer-user" ],
"account": [ "view-profile", "manage-account" ]
}
}
],
- "oauthClients" : [
- {
- "name" : "third-party",
- "enabled": true,
- "redirectUris": [
- "http://localhost:8081/app/*"
- ],
- "secret": "password"
- }
- ],
"scopeMappings": [
{
"client": "third-party",
@@ -67,9 +57,9 @@
"roles": ["user"]
}
],
- "applications": [
+ "clients": [
{
- "name": "test-app",
+ "clientId": "test-app",
"enabled": true,
"baseUrl": "http://localhost:8081/app",
"redirectUris": [
@@ -77,7 +67,17 @@
],
"adminUrl": "http://localhost:8081/app/logout",
"secret": "password"
- }
+ },
+ {
+ "clientId" : "third-party",
+ "enabled": true,
+ "consentRequired": true,
+
+ "redirectUris": [
+ "http://localhost:8081/app/*"
+ ],
+ "secret": "password"
+ }
],
"roles" : {
"realm" : [
@@ -90,7 +90,7 @@
"description": "Have Administrator privileges"
}
],
- "application" : {
+ "client" : {
"test-app" : [
{
"name": "customer-user",
@@ -105,7 +105,7 @@
},
- "applicationScopeMappings": {
+ "clientScopeMappings": {
"test-app": [
{
"client": "third-party",