keycloakify 11.4.5 → 11.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/bin/375.index.js +4089 -0
  2. package/bin/{20.index.js → 490.index.js} +378 -56
  3. package/bin/{36.index.js → 503.index.js} +53 -2
  4. package/bin/{450.index.js → 525.index.js} +2 -4085
  5. package/bin/653.index.js +108 -110
  6. package/bin/682.index.js +1987 -0
  7. package/bin/735.index.js +107 -109
  8. package/bin/921.index.js +1 -1
  9. package/bin/main.js +8 -2
  10. package/bin/shared/constants.d.ts +3 -0
  11. package/bin/shared/constants.js +3 -0
  12. package/bin/shared/constants.js.map +1 -1
  13. package/bin/start-keycloak/getSupportedDockerImageTags.d.ts +8 -0
  14. package/bin/start-keycloak/realmConfig/ParsedRealmJson.d.ts +45 -0
  15. package/bin/start-keycloak/realmConfig/defaultConfig/defaultConfig.d.ts +8 -0
  16. package/bin/start-keycloak/realmConfig/defaultConfig/index.d.ts +1 -0
  17. package/bin/start-keycloak/realmConfig/dumpContainerConfig.d.ts +9 -0
  18. package/bin/start-keycloak/realmConfig/index.d.ts +1 -0
  19. package/bin/start-keycloak/realmConfig/prepareRealmConfig.d.ts +15 -0
  20. package/bin/start-keycloak/realmConfig/realmConfig.d.ts +16 -0
  21. package/package.json +31 -14
  22. package/src/bin/shared/constants.ts +6 -0
  23. package/src/bin/start-keycloak/getSupportedDockerImageTags.ts +230 -0
  24. package/src/bin/start-keycloak/keycloakify-logging-1.0.3.jar +0 -0
  25. package/src/bin/start-keycloak/realmConfig/ParsedRealmJson.ts +136 -0
  26. package/src/bin/start-keycloak/realmConfig/defaultConfig/defaultConfig.ts +75 -0
  27. package/src/bin/start-keycloak/realmConfig/defaultConfig/index.ts +1 -0
  28. package/src/bin/start-keycloak/{myrealm-realm-18.json → realmConfig/defaultConfig/realm-kc-18.json} +123 -60
  29. package/src/bin/start-keycloak/{myrealm-realm-19.json → realmConfig/defaultConfig/realm-kc-19.json} +81 -41
  30. package/src/bin/start-keycloak/{myrealm-realm-20.json → realmConfig/defaultConfig/realm-kc-20.json} +83 -42
  31. package/src/bin/start-keycloak/{myrealm-realm-21.json → realmConfig/defaultConfig/realm-kc-21.json} +58 -17
  32. package/src/bin/start-keycloak/{myrealm-realm-23.json → realmConfig/defaultConfig/realm-kc-23.json} +64 -20
  33. package/src/bin/start-keycloak/{myrealm-realm-24.json → realmConfig/defaultConfig/realm-kc-24.json} +63 -19
  34. package/src/bin/start-keycloak/{myrealm-realm-25.json → realmConfig/defaultConfig/realm-kc-25.json} +75 -20
  35. package/src/bin/start-keycloak/{myrealm-realm-26.json → realmConfig/defaultConfig/realm-kc-26.json} +103 -19
  36. package/src/bin/start-keycloak/realmConfig/dumpContainerConfig.ts +194 -0
  37. package/src/bin/start-keycloak/realmConfig/index.ts +1 -0
  38. package/src/bin/start-keycloak/realmConfig/prepareRealmConfig.ts +365 -0
  39. package/src/bin/start-keycloak/realmConfig/realmConfig.ts +159 -0
  40. package/src/bin/start-keycloak/start-keycloak.ts +160 -184
  41. package/src/bin/start-keycloak/startViteDevServer.ts +1 -0
  42. package/vite-plugin/index.js +6 -0
  43. package/bin/392.index.js +0 -740
  44. package/bin/932.index.js +0 -327
package/src/bin/start-keycloak/{myrealm-realm-20.json → realmConfig/defaultConfig/realm-kc-20.json} RENAMED
@@ -73,7 +73,7 @@
73
73
  "composites": {
74
74
  "realm": ["offline_access", "uma_authorization"],
75
75
  "client": {
76
- "account": ["delete-account", "view-profile", "manage-account"]
76
+ "account": ["view-profile", "manage-account", "delete-account"]
77
77
  }
78
78
  },
79
79
  "clientRole": false,
@@ -407,7 +407,7 @@
407
407
  "otpPolicyLookAheadWindow": 1,
408
408
  "otpPolicyPeriod": 30,
409
409
  "otpPolicyCodeReusable": false,
410
- "otpSupportedApplications": ["totpAppGoogleName", "totpAppFreeOTPName"],
410
+ "otpSupportedApplications": ["totpAppFreeOTPName", "totpAppGoogleName"],
411
411
  "webAuthnPolicyRpEntityName": "keycloak",
412
412
  "webAuthnPolicySignatureAlgorithms": ["ES256"],
413
413
  "webAuthnPolicyRpId": "",
@@ -452,6 +452,40 @@
452
452
  "disableableCredentialTypes": [],
453
453
  "requiredActions": [],
454
454
  "realmRoles": ["default-roles-myrealm"],
455
+ "clientRoles": {
456
+ "realm-management": [
457
+ "create-client",
458
+ "view-identity-providers",
459
+ "manage-realm",
460
+ "query-groups",
461
+ "manage-clients",
462
+ "query-users",
463
+ "realm-admin",
464
+ "view-authorization",
465
+ "view-events",
466
+ "view-clients",
467
+ "view-realm",
468
+ "manage-events",
469
+ "query-realms",
470
+ "query-clients",
471
+ "manage-identity-providers",
472
+ "manage-users",
473
+ "view-users",
474
+ "impersonation",
475
+ "manage-authorization"
476
+ ],
477
+ "broker": ["read-token"],
478
+ "account": [
479
+ "view-profile",
480
+ "manage-account-links",
481
+ "view-applications",
482
+ "manage-consent",
483
+ "delete-account",
484
+ "manage-account",
485
+ "view-groups",
486
+ "view-consent"
487
+ ]
488
+ },
455
489
  "notBefore": 0,
456
490
  "groups": []
457
491
  }
@@ -517,8 +551,12 @@
517
551
  "enabled": true,
518
552
  "alwaysDisplayInConsole": false,
519
553
  "clientAuthenticatorType": "client-secret",
520
- "redirectUris": ["/realms/myrealm/account/*"],
521
- "webOrigins": [],
554
+ "redirectUris": [
555
+ "http://localhost*",
556
+ "http://127.0.0.1*",
557
+ "/realms/myrealm/account/*"
558
+ ],
559
+ "webOrigins": ["*"],
522
560
  "notBefore": 0,
523
561
  "bearerOnly": false,
524
562
  "consentRequired": false,
@@ -653,7 +691,6 @@
653
691
  "attributes": {
654
692
  "oidc.ciba.grant.enabled": "false",
655
693
  "backchannel.logout.session.required": "true",
656
- "login_theme": "keycloakify-starter",
657
694
  "post.logout.redirect.uris": "+",
658
695
  "display.on.consent.screen": "false",
659
696
  "oauth2.device.authorization.grant.enabled": "false",
@@ -714,8 +751,12 @@
714
751
  "enabled": true,
715
752
  "alwaysDisplayInConsole": false,
716
753
  "clientAuthenticatorType": "client-secret",
717
- "redirectUris": ["/admin/myrealm/console/*"],
718
- "webOrigins": ["+"],
754
+ "redirectUris": [
755
+ "http://localhost*",
756
+ "http://127.0.0.1*",
757
+ "/admin/myrealm/console/*"
758
+ ],
759
+ "webOrigins": ["*"],
719
760
  "notBefore": 0,
720
761
  "bearerOnly": false,
721
762
  "consentRequired": false,
@@ -1294,11 +1335,11 @@
1294
1335
  },
1295
1336
  "smtpServer": {},
1296
1337
  "loginTheme": "keycloakify-starter",
1297
- "accountTheme": "keycloakify-starter",
1338
+ "accountTheme": "",
1298
1339
  "adminTheme": "",
1299
1340
  "emailTheme": "",
1300
1341
  "eventsEnabled": false,
1301
- "eventsListeners": ["jboss-logging"],
1342
+ "eventsListeners": ["keycloakify-logging", "jboss-logging"],
1302
1343
  "enabledEventTypes": [],
1303
1344
  "adminEventsEnabled": false,
1304
1345
  "adminEventsDetailsEnabled": false,
@@ -1314,14 +1355,14 @@
1314
1355
  "subComponents": {},
1315
1356
  "config": {
1316
1357
  "allowed-protocol-mapper-types": [
1317
- "saml-user-property-mapper",
1318
- "oidc-sha256-pairwise-sub-mapper",
1319
- "oidc-usermodel-attribute-mapper",
1320
- "saml-user-attribute-mapper",
1321
1358
  "oidc-address-mapper",
1322
- "saml-role-list-mapper",
1323
1359
  "oidc-full-name-mapper",
1324
- "oidc-usermodel-property-mapper"
1360
+ "saml-role-list-mapper",
1361
+ "oidc-sha256-pairwise-sub-mapper",
1362
+ "oidc-usermodel-property-mapper",
1363
+ "oidc-usermodel-attribute-mapper",
1364
+ "saml-user-property-mapper",
1365
+ "saml-user-attribute-mapper"
1325
1366
  ]
1326
1367
  }
1327
1368
  },
@@ -1370,14 +1411,14 @@
1370
1411
  "subComponents": {},
1371
1412
  "config": {
1372
1413
  "allowed-protocol-mapper-types": [
1373
- "oidc-sha256-pairwise-sub-mapper",
1374
- "oidc-address-mapper",
1375
- "saml-role-list-mapper",
1376
1414
  "saml-user-attribute-mapper",
1377
- "oidc-usermodel-attribute-mapper",
1415
+ "saml-role-list-mapper",
1416
+ "oidc-sha256-pairwise-sub-mapper",
1378
1417
  "oidc-full-name-mapper",
1418
+ "oidc-usermodel-property-mapper",
1419
+ "oidc-address-mapper",
1379
1420
  "saml-user-property-mapper",
1380
- "oidc-usermodel-property-mapper"
1421
+ "oidc-usermodel-attribute-mapper"
1381
1422
  ]
1382
1423
  }
1383
1424
  },
@@ -1495,7 +1536,7 @@
1495
1536
  "defaultLocale": "en",
1496
1537
  "authenticationFlows": [
1497
1538
  {
1498
- "id": "19317acb-fe8e-4c79-82bc-90e159273075",
1539
+ "id": "c40791b4-4d59-4df2-bebd-2b71e793704f",
1499
1540
  "alias": "Account verification options",
1500
1541
  "description": "Method with which to verity the existing account",
1501
1542
  "providerId": "basic-flow",
@@ -1521,7 +1562,7 @@
1521
1562
  ]
1522
1563
  },
1523
1564
  {
1524
- "id": "122857d2-33da-4086-8acb-cb0e303aaf1b",
1565
+ "id": "8813b6d1-8b88-4672-b29b-8420ce3f3975",
1525
1566
  "alias": "Authentication Options",
1526
1567
  "description": "Authentication options.",
1527
1568
  "providerId": "basic-flow",
@@ -1555,7 +1596,7 @@
1555
1596
  ]
1556
1597
  },
1557
1598
  {
1558
- "id": "abf5dd35-4791-4268-a10c-5f4b6a06b84a",
1599
+ "id": "a9937c40-a1ee-4c57-adf7-ede0a9983953",
1559
1600
  "alias": "Browser - Conditional OTP",
1560
1601
  "description": "Flow to determine if the OTP is required for the authentication",
1561
1602
  "providerId": "basic-flow",
@@ -1581,7 +1622,7 @@
1581
1622
  ]
1582
1623
  },
1583
1624
  {
1584
- "id": "a18daeec-a33c-4a43-b014-10c84ec69b81",
1625
+ "id": "2d494b5a-eb73-40d0-94d3-a8d8024a7db4",
1585
1626
  "alias": "Direct Grant - Conditional OTP",
1586
1627
  "description": "Flow to determine if the OTP is required for the authentication",
1587
1628
  "providerId": "basic-flow",
@@ -1607,7 +1648,7 @@
1607
1648
  ]
1608
1649
  },
1609
1650
  {
1610
- "id": "e9f032a7-32f7-457c-becf-011a1a35cc6a",
1651
+ "id": "2e977f5a-8110-412b-b704-3e15164dbb1b",
1611
1652
  "alias": "First broker login - Conditional OTP",
1612
1653
  "description": "Flow to determine if the OTP is required for the authentication",
1613
1654
  "providerId": "basic-flow",
@@ -1633,7 +1674,7 @@
1633
1674
  ]
1634
1675
  },
1635
1676
  {
1636
- "id": "9db65b7c-98ca-4003-beea-611038831ffe",
1677
+ "id": "6f171b4b-8723-4e6d-bb1e-6b4293a7bb3f",
1637
1678
  "alias": "Handle Existing Account",
1638
1679
  "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
1639
1680
  "providerId": "basic-flow",
@@ -1659,7 +1700,7 @@
1659
1700
  ]
1660
1701
  },
1661
1702
  {
1662
- "id": "7bd0854c-d7ae-43d7-a1ae-7b759a34cb1d",
1703
+ "id": "2dbb7f27-757d-4178-8217-4a24fdb0163c",
1663
1704
  "alias": "Reset - Conditional OTP",
1664
1705
  "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
1665
1706
  "providerId": "basic-flow",
@@ -1685,7 +1726,7 @@
1685
1726
  ]
1686
1727
  },
1687
1728
  {
1688
- "id": "2de1a450-fe98-443a-9c6c-d24d8a7ebcb3",
1729
+ "id": "7295aaf7-acf4-4b78-8186-d2415ea4ede0",
1689
1730
  "alias": "User creation or linking",
1690
1731
  "description": "Flow for the existing/non-existing user alternatives",
1691
1732
  "providerId": "basic-flow",
@@ -1712,7 +1753,7 @@
1712
1753
  ]
1713
1754
  },
1714
1755
  {
1715
- "id": "7b3efad5-4b7d-4385-a41c-fecc73afdcc4",
1756
+ "id": "e0d34d7c-7bbb-4847-8864-fbd97a1f3e89",
1716
1757
  "alias": "Verify Existing Account by Re-authentication",
1717
1758
  "description": "Reauthentication of existing account",
1718
1759
  "providerId": "basic-flow",
@@ -1738,7 +1779,7 @@
1738
1779
  ]
1739
1780
  },
1740
1781
  {
1741
- "id": "de93418e-8f28-4099-b15e-ad36ec194796",
1782
+ "id": "5f3d0fb0-d95e-4841-89d3-a27d0cdbbcb4",
1742
1783
  "alias": "browser",
1743
1784
  "description": "browser based authentication",
1744
1785
  "providerId": "basic-flow",
@@ -1780,7 +1821,7 @@
1780
1821
  ]
1781
1822
  },
1782
1823
  {
1783
- "id": "0dd3345c-6e82-4c3a-a39a-d49ae1f5c409",
1824
+ "id": "c246380d-af25-4151-ab19-1f1e5b553008",
1784
1825
  "alias": "clients",
1785
1826
  "description": "Base authentication for clients",
1786
1827
  "providerId": "client-flow",
@@ -1822,7 +1863,7 @@
1822
1863
  ]
1823
1864
  },
1824
1865
  {
1825
- "id": "87fb4dd0-5326-47a1-b670-982f4872ff89",
1866
+ "id": "abacf398-0f1f-4f28-a310-8d306d588048",
1826
1867
  "alias": "direct grant",
1827
1868
  "description": "OpenID Connect Resource Owner Grant",
1828
1869
  "providerId": "basic-flow",
@@ -1856,7 +1897,7 @@
1856
1897
  ]
1857
1898
  },
1858
1899
  {
1859
- "id": "344723b3-4ab1-4999-abdd-32398e82327b",
1900
+ "id": "a0f87683-619a-44d4-8b4f-4b053bba2346",
1860
1901
  "alias": "docker auth",
1861
1902
  "description": "Used by Docker clients to authenticate against the IDP",
1862
1903
  "providerId": "basic-flow",
@@ -1874,7 +1915,7 @@
1874
1915
  ]
1875
1916
  },
1876
1917
  {
1877
- "id": "f3341938-caf9-4c8a-9cd5-eb34609809ab",
1918
+ "id": "e8820c7c-22a7-4618-beb7-3e09be72c00c",
1878
1919
  "alias": "first broker login",
1879
1920
  "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
1880
1921
  "providerId": "basic-flow",
@@ -1901,7 +1942,7 @@
1901
1942
  ]
1902
1943
  },
1903
1944
  {
1904
- "id": "ba7b7357-e324-4b71-9bda-f8512a760e02",
1945
+ "id": "cac00c38-ee44-44c9-b95e-cc755bab36ef",
1905
1946
  "alias": "forms",
1906
1947
  "description": "Username, password, otp and other auth forms.",
1907
1948
  "providerId": "basic-flow",
@@ -1927,7 +1968,7 @@
1927
1968
  ]
1928
1969
  },
1929
1970
  {
1930
- "id": "134971e6-bf63-432c-806e-74ca4fb09963",
1971
+ "id": "688cde36-507e-4a68-afdf-18ec4ad626a7",
1931
1972
  "alias": "http challenge",
1932
1973
  "description": "An authentication flow based on challenge-response HTTP Authentication Schemes",
1933
1974
  "providerId": "basic-flow",
@@ -1953,7 +1994,7 @@
1953
1994
  ]
1954
1995
  },
1955
1996
  {
1956
- "id": "6ea9e2cf-5684-4c65-8c07-930d1cbb0b46",
1997
+ "id": "e058697c-f450-4f14-ae64-04e9299fa24f",
1957
1998
  "alias": "registration",
1958
1999
  "description": "registration flow",
1959
2000
  "providerId": "basic-flow",
@@ -1972,7 +2013,7 @@
1972
2013
  ]
1973
2014
  },
1974
2015
  {
1975
- "id": "67e3c8c7-1b5e-4119-84a2-e90876293150",
2016
+ "id": "ad768088-32c9-4979-90dd-61bf111fd72e",
1976
2017
  "alias": "registration form",
1977
2018
  "description": "registration form",
1978
2019
  "providerId": "form-flow",
@@ -2014,7 +2055,7 @@
2014
2055
  ]
2015
2056
  },
2016
2057
  {
2017
- "id": "fc6d48ec-a1f1-41b1-9310-54f58861d5aa",
2058
+ "id": "47d4b090-f965-4588-b5bc-029ccb59876f",
2018
2059
  "alias": "reset credentials",
2019
2060
  "description": "Reset credentials for a user if they forgot their password or something",
2020
2061
  "providerId": "basic-flow",
@@ -2056,7 +2097,7 @@
2056
2097
  ]
2057
2098
  },
2058
2099
  {
2059
- "id": "80b1d464-c2ec-4eb1-82e8-32cbede779a8",
2100
+ "id": "1f68feec-7f99-4c49-afe6-45d46684ca21",
2060
2101
  "alias": "saml ecp",
2061
2102
  "description": "SAML ECP Profile Authentication Flow",
2062
2103
  "providerId": "basic-flow",
@@ -2076,14 +2117,14 @@
2076
2117
  ],
2077
2118
  "authenticatorConfig": [
2078
2119
  {
2079
- "id": "86b1d5fa-450c-40d8-899c-725861ac39fc",
2120
+ "id": "bd7365c7-842b-4bc6-a4ca-498cf025c210",
2080
2121
  "alias": "create unique user config",
2081
2122
  "config": {
2082
2123
  "require.password.update.after.registration": "false"
2083
2124
  }
2084
2125
  },
2085
2126
  {
2086
- "id": "ea724f02-029a-493d-b4d3-08972be21cfb",
2127
+ "id": "b929192d-f650-4a09-9701-3d3216547552",
2087
2128
  "alias": "review profile config",
2088
2129
  "config": {
2089
2130
  "update.profile.on.first.login": "missing"
package/src/bin/start-keycloak/{myrealm-realm-21.json → realmConfig/defaultConfig/realm-kc-21.json} RENAMED
@@ -73,7 +73,7 @@
73
73
  "composites": {
74
74
  "realm": ["offline_access", "uma_authorization"],
75
75
  "client": {
76
- "account": ["delete-account", "view-profile", "manage-account"]
76
+ "account": ["view-profile", "manage-account", "delete-account"]
77
77
  }
78
78
  },
79
79
  "clientRole": false,
@@ -456,6 +456,40 @@
456
456
  "disableableCredentialTypes": [],
457
457
  "requiredActions": [],
458
458
  "realmRoles": ["default-roles-myrealm"],
459
+ "clientRoles": {
460
+ "realm-management": [
461
+ "create-client",
462
+ "view-identity-providers",
463
+ "manage-realm",
464
+ "query-groups",
465
+ "manage-clients",
466
+ "query-users",
467
+ "realm-admin",
468
+ "view-authorization",
469
+ "view-events",
470
+ "view-clients",
471
+ "view-realm",
472
+ "manage-events",
473
+ "query-realms",
474
+ "query-clients",
475
+ "manage-identity-providers",
476
+ "manage-users",
477
+ "view-users",
478
+ "impersonation",
479
+ "manage-authorization"
480
+ ],
481
+ "broker": ["read-token"],
482
+ "account": [
483
+ "view-profile",
484
+ "manage-account-links",
485
+ "view-applications",
486
+ "manage-consent",
487
+ "delete-account",
488
+ "manage-account",
489
+ "view-groups",
490
+ "view-consent"
491
+ ]
492
+ },
459
493
  "notBefore": 0,
460
494
  "groups": []
461
495
  }
@@ -521,8 +555,12 @@
521
555
  "enabled": true,
522
556
  "alwaysDisplayInConsole": false,
523
557
  "clientAuthenticatorType": "client-secret",
524
- "redirectUris": ["/realms/myrealm/account/*"],
525
- "webOrigins": [],
558
+ "redirectUris": [
559
+ "http://localhost*",
560
+ "http://127.0.0.1*",
561
+ "/realms/myrealm/account/*"
562
+ ],
563
+ "webOrigins": ["*"],
526
564
  "notBefore": 0,
527
565
  "bearerOnly": false,
528
566
  "consentRequired": false,
@@ -657,7 +695,6 @@
657
695
  "attributes": {
658
696
  "oidc.ciba.grant.enabled": "false",
659
697
  "backchannel.logout.session.required": "true",
660
- "login_theme": "keycloakify-starter",
661
698
  "post.logout.redirect.uris": "+",
662
699
  "display.on.consent.screen": "false",
663
700
  "oauth2.device.authorization.grant.enabled": "false",
@@ -718,8 +755,12 @@
718
755
  "enabled": true,
719
756
  "alwaysDisplayInConsole": false,
720
757
  "clientAuthenticatorType": "client-secret",
721
- "redirectUris": ["/admin/myrealm/console/*"],
722
- "webOrigins": ["+"],
758
+ "redirectUris": [
759
+ "http://localhost*",
760
+ "http://127.0.0.1*",
761
+ "/admin/myrealm/console/*"
762
+ ],
763
+ "webOrigins": ["*"],
723
764
  "notBefore": 0,
724
765
  "bearerOnly": false,
725
766
  "consentRequired": false,
@@ -1298,11 +1339,11 @@
1298
1339
  },
1299
1340
  "smtpServer": {},
1300
1341
  "loginTheme": "keycloakify-starter",
1301
- "accountTheme": "keycloakify-starter",
1342
+ "accountTheme": "",
1302
1343
  "adminTheme": "",
1303
1344
  "emailTheme": "",
1304
1345
  "eventsEnabled": false,
1305
- "eventsListeners": ["jboss-logging"],
1346
+ "eventsListeners": ["keycloakify-logging", "jboss-logging"],
1306
1347
  "enabledEventTypes": [],
1307
1348
  "adminEventsEnabled": false,
1308
1349
  "adminEventsDetailsEnabled": false,
@@ -1318,13 +1359,13 @@
1318
1359
  "subComponents": {},
1319
1360
  "config": {
1320
1361
  "allowed-protocol-mapper-types": [
1321
- "oidc-usermodel-property-mapper",
1322
- "oidc-usermodel-attribute-mapper",
1323
- "oidc-full-name-mapper",
1324
- "saml-user-property-mapper",
1325
- "saml-role-list-mapper",
1326
1362
  "saml-user-attribute-mapper",
1363
+ "saml-user-property-mapper",
1327
1364
  "oidc-sha256-pairwise-sub-mapper",
1365
+ "saml-role-list-mapper",
1366
+ "oidc-usermodel-attribute-mapper",
1367
+ "oidc-full-name-mapper",
1368
+ "oidc-usermodel-property-mapper",
1328
1369
  "oidc-address-mapper"
1329
1370
  ]
1330
1371
  }
@@ -1374,14 +1415,14 @@
1374
1415
  "subComponents": {},
1375
1416
  "config": {
1376
1417
  "allowed-protocol-mapper-types": [
1377
- "oidc-sha256-pairwise-sub-mapper",
1378
1418
  "oidc-address-mapper",
1379
- "oidc-full-name-mapper",
1380
1419
  "oidc-usermodel-property-mapper",
1381
1420
  "oidc-usermodel-attribute-mapper",
1382
- "saml-user-attribute-mapper",
1421
+ "oidc-full-name-mapper",
1422
+ "oidc-sha256-pairwise-sub-mapper",
1423
+ "saml-user-property-mapper",
1383
1424
  "saml-role-list-mapper",
1384
- "saml-user-property-mapper"
1425
+ "saml-user-attribute-mapper"
1385
1426
  ]
1386
1427
  }
1387
1428
  },
package/src/bin/start-keycloak/{myrealm-realm-23.json → realmConfig/defaultConfig/realm-kc-23.json} RENAMED
@@ -55,7 +55,7 @@
55
55
  "composites": {
56
56
  "realm": ["offline_access", "uma_authorization"],
57
57
  "client": {
58
- "account": ["delete-account", "view-profile", "manage-account"]
58
+ "account": ["view-profile", "delete-account", "manage-account"]
59
59
  }
60
60
  },
61
61
  "clientRole": false,
@@ -459,6 +459,40 @@
459
459
  "disableableCredentialTypes": [],
460
460
  "requiredActions": [],
461
461
  "realmRoles": ["default-roles-myrealm"],
462
+ "clientRoles": {
463
+ "realm-management": [
464
+ "query-clients",
465
+ "manage-identity-providers",
466
+ "create-client",
467
+ "view-users",
468
+ "query-groups",
469
+ "view-realm",
470
+ "manage-authorization",
471
+ "view-authorization",
472
+ "query-users",
473
+ "impersonation",
474
+ "realm-admin",
475
+ "manage-users",
476
+ "view-identity-providers",
477
+ "manage-realm",
478
+ "manage-clients",
479
+ "query-realms",
480
+ "view-events",
481
+ "manage-events",
482
+ "view-clients"
483
+ ],
484
+ "broker": ["read-token"],
485
+ "account": [
486
+ "manage-account",
487
+ "view-consent",
488
+ "view-groups",
489
+ "delete-account",
490
+ "view-applications",
491
+ "manage-account-links",
492
+ "view-profile",
493
+ "manage-consent"
494
+ ]
495
+ },
462
496
  "notBefore": 0,
463
497
  "groups": []
464
498
  }
@@ -505,7 +539,6 @@
505
539
  "attributes": {
506
540
  "oidc.ciba.grant.enabled": "false",
507
541
  "backchannel.logout.session.required": "true",
508
- "login_theme": "keycloakify-starter",
509
542
  "post.logout.redirect.uris": "+",
510
543
  "oauth2.device.authorization.grant.enabled": "false",
511
544
  "display.on.consent.screen": "false",
@@ -532,8 +565,12 @@
532
565
  "enabled": true,
533
566
  "alwaysDisplayInConsole": false,
534
567
  "clientAuthenticatorType": "client-secret",
535
- "redirectUris": ["/realms/myrealm/account/*"],
536
- "webOrigins": [],
568
+ "redirectUris": [
569
+ "http://localhost*",
570
+ "http://127.0.0.1*",
571
+ "/realms/myrealm/account/*"
572
+ ],
573
+ "webOrigins": ["*"],
537
574
  "notBefore": 0,
538
575
  "bearerOnly": false,
539
576
  "consentRequired": false,
@@ -649,7 +686,11 @@
649
686
  "enabled": true,
650
687
  "alwaysDisplayInConsole": false,
651
688
  "clientAuthenticatorType": "client-secret",
652
- "redirectUris": ["https://my-theme.keycloakify.dev/*", "http://localhost*"],
689
+ "redirectUris": [
690
+ "https://my-theme.keycloakify.dev/*",
691
+ "http://localhost*",
692
+ "http://127.0.0.1*"
693
+ ],
653
694
  "webOrigins": ["*"],
654
695
  "notBefore": 0,
655
696
  "bearerOnly": false,
@@ -664,8 +705,7 @@
664
705
  "attributes": {
665
706
  "oidc.ciba.grant.enabled": "false",
666
707
  "backchannel.logout.session.required": "true",
667
- "login_theme": "keycloakify-starter",
668
- "post.logout.redirect.uris": "https://my-theme.keycloakify.dev/*",
708
+ "post.logout.redirect.uris": "+",
669
709
  "oauth2.device.authorization.grant.enabled": "false",
670
710
  "display.on.consent.screen": "false",
671
711
  "backchannel.logout.revoke.offline.tokens": "false"
@@ -725,8 +765,12 @@
725
765
  "enabled": true,
726
766
  "alwaysDisplayInConsole": false,
727
767
  "clientAuthenticatorType": "client-secret",
728
- "redirectUris": ["/admin/myrealm/console/*"],
729
- "webOrigins": ["+"],
768
+ "redirectUris": [
769
+ "http://localhost*",
770
+ "http://127.0.0.1*",
771
+ "/admin/myrealm/console/*"
772
+ ],
773
+ "webOrigins": ["*"],
730
774
  "notBefore": 0,
731
775
  "bearerOnly": false,
732
776
  "consentRequired": false,
@@ -1336,12 +1380,12 @@
1336
1380
  "strictTransportSecurity": "max-age=31536000; includeSubDomains"
1337
1381
  },
1338
1382
  "smtpServer": {},
1339
- "loginTheme": "",
1340
- "accountTheme": "keycloakify-starter",
1383
+ "loginTheme": "keycloakify-starter",
1384
+ "accountTheme": "",
1341
1385
  "adminTheme": "",
1342
1386
  "emailTheme": "",
1343
1387
  "eventsEnabled": false,
1344
- "eventsListeners": ["jboss-logging"],
1388
+ "eventsListeners": ["keycloakify-logging", "jboss-logging"],
1345
1389
  "enabledEventTypes": [],
1346
1390
  "adminEventsEnabled": false,
1347
1391
  "adminEventsDetailsEnabled": false,
@@ -1357,13 +1401,13 @@
1357
1401
  "subComponents": {},
1358
1402
  "config": {
1359
1403
  "allowed-protocol-mapper-types": [
1360
- "oidc-sha256-pairwise-sub-mapper",
1361
- "saml-user-property-mapper",
1362
- "oidc-address-mapper",
1363
- "oidc-full-name-mapper",
1364
1404
  "saml-role-list-mapper",
1405
+ "oidc-sha256-pairwise-sub-mapper",
1365
1406
  "oidc-usermodel-attribute-mapper",
1366
1407
  "saml-user-attribute-mapper",
1408
+ "oidc-full-name-mapper",
1409
+ "oidc-address-mapper",
1410
+ "saml-user-property-mapper",
1367
1411
  "oidc-usermodel-property-mapper"
1368
1412
  ]
1369
1413
  }
@@ -1433,13 +1477,13 @@
1433
1477
  "subComponents": {},
1434
1478
  "config": {
1435
1479
  "allowed-protocol-mapper-types": [
1436
- "saml-role-list-mapper",
1437
- "oidc-full-name-mapper",
1438
- "oidc-address-mapper",
1439
1480
  "saml-user-attribute-mapper",
1440
- "oidc-sha256-pairwise-sub-mapper",
1481
+ "saml-role-list-mapper",
1441
1482
  "oidc-usermodel-attribute-mapper",
1483
+ "oidc-address-mapper",
1442
1484
  "saml-user-property-mapper",
1485
+ "oidc-full-name-mapper",
1486
+ "oidc-sha256-pairwise-sub-mapper",
1443
1487
  "oidc-usermodel-property-mapper"
1444
1488
  ]
1445
1489
  }