[keycloak-dev] simplfying client creation
Bill Burke
bburke at redhat.com
Mon Dec 21 16:54:58 EST 2015
PR sent. New method on LoginProtocolFactory created for default settings.
On 12/21/2015 10:31 AM, Bill Burke wrote:
> The last phase of client templates would be to allow defining
> configuration items in the client template that the client inherits. I
> was going to implement it as an either or. There will be a switch
> "Inherit Template Configuration" If this is off, then config items are
> taken from the client, otherwise they are taken from the template.
> There would be no mix and match.
>
> FYI, I"m not sure I'll be able to finish this prior to our deadline of
> early January. There's still a lot of JIRAs to do beyond this.
>
> This week though, I think I want to rework and simplify client creation
> a bit more. Create client on the admin console would only require must
> needed config attributes:
>
> OIDC:
> Client ID
> Root URL
> Choose Client Template if wanted
>
> These would be the defaults:
> * Access type: public (pretty much covers any use)
> * enabled true
> * Redirect URIs would default to Root/*
> * Standard Flow true
> * Direct Grants false
> * Service Accounts false
>
> SAML:
> Client Entity ID:
> SAML SP Endpoint (not required, can make it more fine grained)
> Choose client template if wanted
>
> * Sign Docs: true
> * Sign Assertions: false
> * Client Signature Required: true
> * Force POST BInding true
> * Front Channel logout: true
> * Force Name ID Format: false
> * Name ID Format username
> * Valid Redirect URIS renamed to Valid Assertion Consumer Service URIs
> * certs would be generated by default
>
> I'm also going to add a method to LoginProtocolFactory:
>
> setupDefaults(ClientModel). When a client is created, this method would
> be called, then the defaults would be overriden if they are set in the
> ClientRepresentation. Right now, all this default logic is in the admin
> console and I don't think it should be there.
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list