├── .gitignore ├── README.md ├── build.gradle ├── gradle └── wrapper │ ├── gradle-wrapper.jar │ └── gradle-wrapper.properties ├── gradlew ├── gradlew.bat ├── keycloak-backend-springbootsecurity ├── build.gradle └── src │ ├── main │ ├── java │ │ └── com │ │ │ └── thoughtworks │ │ │ └── high17 │ │ │ └── demo │ │ │ └── keycloaksecurity │ │ │ ├── KeycloakAuthenticatoin.java │ │ │ ├── KeycloaksecurityServiceApplication.java │ │ │ ├── SecurityConfig.java │ │ │ ├── UserController.java │ │ │ ├── WebConfig.java │ │ │ └── contract │ │ │ └── web │ │ │ └── ContractResource.java │ └── resources │ │ ├── application.properties │ │ └── keycloak.json │ └── test │ └── java │ └── com │ └── demo │ └── LocalDateTest.java ├── keycloak-react ├── .babelrc ├── .codeclimate.yml ├── .editorconfig ├── .eslintrc.json ├── .gitignore ├── .nvmrc ├── .sass-lint.yml ├── .travis.yml ├── README.md ├── package.json ├── postcss.config.js ├── src │ ├── client │ │ └── app │ │ │ └── spritesmith-generated │ │ │ ├── sprite.png │ │ │ └── sprite.scss │ ├── components │ │ └── LoginComponent │ │ │ ├── LoginComponent.scss │ │ │ ├── index.jsx │ │ │ ├── keycloak.js │ │ │ └── keycloak.json │ ├── index.html │ └── index.jsx ├── webpack.config.js └── yarn.lock ├── keycloak-saml ├── build.gradle └── src │ └── main │ ├── java │ └── com │ │ └── keycloak │ │ └── saml │ │ └── demo │ │ ├── KeycloakSamlApplication.java │ │ ├── LogoutController.java │ │ ├── UserController.java │ │ └── WebConfig.java │ └── resources │ ├── application.properties │ ├── keycloak-saml.xml │ └── static │ ├── admin │ └── index.html │ ├── index.html │ ├── jquery.js │ └── session │ └── main.html ├── keycloak-springbootsecurity ├── build.gradle └── src │ └── main │ ├── java │ └── com │ │ └── thoughtworks │ │ └── high17 │ │ └── demo │ │ └── keycloaksecurity │ │ ├── CustomFacade.java │ │ ├── CustomKeycloakAuthenticatedActionsFilter.java │ │ ├── CustomKeycloakAuthenticationProvider.java │ │ ├── KeycloakAuthenticatoin.java │ │ ├── KeycloaksecurityApplication.java │ │ ├── ManagerController.java │ │ ├── SecurityConfig.java │ │ └── UserController.java │ └── resources │ ├── application.properties │ ├── keycloak.json │ └── static │ ├── admin │ └── index.html │ ├── index.html │ ├── jquery.js │ └── session │ └── main.html ├── keycloak ├── configuration │ ├── core-realm.json │ └── core-users-0.json ├── docker-compose.yml └── themes │ └── core │ ├── account │ ├── account.ftl │ ├── applications.ftl │ ├── federatedIdentity.ftl │ ├── log.ftl │ ├── messages │ │ ├── messages_ca.properties │ │ ├── messages_de.properties │ │ ├── messages_en.properties │ │ ├── messages_es.properties │ │ ├── messages_fr.properties │ │ ├── messages_it.properties │ │ ├── messages_ja.properties │ │ ├── messages_lt.properties │ │ ├── messages_no.properties │ │ ├── messages_pt_BR.properties │ │ ├── messages_ru.properties │ │ └── messages_sv.properties │ ├── password.ftl │ ├── resources │ │ ├── css │ │ │ └── style.css │ │ └── img │ │ │ ├── icon-sidebar-active.png │ │ │ └── tw-logo.png │ ├── sessions.ftl │ ├── template.ftl │ ├── theme.properties │ └── totp.ftl │ └── login │ ├── login-reset-password.ftl │ ├── login-update-profile.ftl │ ├── login.ftl │ ├── register.ftl │ ├── resources │ └── css │ │ └── login.css │ └── theme.properties └── settings.gradle /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | .gradle/ 3 | build 4 | .DS_Store -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## This repositor conains multiple application 2 | ### Run 3 | * Requirement 4 | * docker 5 | * jre1.8 6 | * yarn 7 | * Steps 8 | 1. Enter ./keycloak folder, and exec docker-compose up 9 | 2. Enter ./keycloak-react, and exec yarn server 10 | 3. exec ./gradlew bootRun --parallel 11 | 4. open browser and visit [http://localhost:7000](http://localhost:7000) 12 | ### Describe 13 | 1. keycloak-saml 14 | Support SAML protocol to security web application. The adapter use spring boot security. 15 | 2. keycloak-springbootsecurity 16 | Support OpenIdConnect protocol to security application, which use spring boot and spring security. 17 | 3. keycloak-react 18 | Support OpenIdConnect protocol to security application, which use keycloak javascript adapter and send token to service. 19 | 4. keycloak-backend-springbootsecurity 20 | Support OpenIdConnect protocol to security application, which use use spring boot and spring security. -------------------------------------------------------------------------------- /build.gradle: -------------------------------------------------------------------------------- 1 | buildscript { 2 | repositories { 3 | jcenter() 4 | } 5 | dependencies { 6 | classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.2.RELEASE") 7 | } 8 | } 9 | allprojects { 10 | 11 | apply plugin: 'idea' 12 | } 13 | 14 | subprojects { 15 | apply plugin: 'java' 16 | apply plugin: 'org.springframework.boot' 17 | apply plugin: 'application' 18 | 19 | repositories { 20 | jcenter() 21 | } 22 | 23 | sourceCompatibility = 1.8 24 | targetCompatibility = 1.8 25 | 26 | dependencies { 27 | compile("org.springframework.boot:spring-boot-starter-web") 28 | testCompile("org.springframework.boot:spring-boot-starter-test") 29 | } 30 | 31 | group = 'com.tw.sso.demo' 32 | version = '1.0' 33 | 34 | bootRun { 35 | systemProperties System.properties 36 | } 37 | 38 | } 39 | 40 | -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yourwafer/keycloak-sso/f2154d6eb6a1552e811cb25f007b5ef66e9bd453/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- 1 | #Thu Jun 01 15:57:20 CST 2017 2 | distributionBase=GRADLE_USER_HOME 3 | distributionPath=wrapper/dists 4 | zipStoreBase=GRADLE_USER_HOME 5 | zipStorePath=wrapper/dists 6 | distributionUrl=https\://services.gradle.org/distributions/gradle-3.1-bin.zip 7 | -------------------------------------------------------------------------------- /gradlew: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ############################################################################## 4 | ## 5 | ## Gradle start up script for UN*X 6 | ## 7 | ############################################################################## 8 | 9 | # Attempt to set APP_HOME 10 | # Resolve links: $0 may be a link 11 | PRG="$0" 12 | # Need this for relative symlinks. 13 | while [ -h "$PRG" ] ; do 14 | ls=`ls -ld "$PRG"` 15 | link=`expr "$ls" : '.*-> \(.*\)$'` 16 | if expr "$link" : '/.*' > /dev/null; then 17 | PRG="$link" 18 | else 19 | PRG=`dirname "$PRG"`"/$link" 20 | fi 21 | done 22 | SAVED="`pwd`" 23 | cd "`dirname \"$PRG\"`/" >/dev/null 24 | APP_HOME="`pwd -P`" 25 | cd "$SAVED" >/dev/null 26 | 27 | APP_NAME="Gradle" 28 | APP_BASE_NAME=`basename "$0"` 29 | 30 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 31 | DEFAULT_JVM_OPTS="" 32 | 33 | # Use the maximum available, or set MAX_FD != -1 to use that value. 34 | MAX_FD="maximum" 35 | 36 | warn ( ) { 37 | echo "$*" 38 | } 39 | 40 | die ( ) { 41 | echo 42 | echo "$*" 43 | echo 44 | exit 1 45 | } 46 | 47 | # OS specific support (must be 'true' or 'false'). 48 | cygwin=false 49 | msys=false 50 | darwin=false 51 | nonstop=false 52 | case "`uname`" in 53 | CYGWIN* ) 54 | cygwin=true 55 | ;; 56 | Darwin* ) 57 | darwin=true 58 | ;; 59 | MINGW* ) 60 | msys=true 61 | ;; 62 | NONSTOP* ) 63 | nonstop=true 64 | ;; 65 | esac 66 | 67 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar 68 | 69 | # Determine the Java command to use to start the JVM. 70 | if [ -n "$JAVA_HOME" ] ; then 71 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 72 | # IBM's JDK on AIX uses strange locations for the executables 73 | JAVACMD="$JAVA_HOME/jre/sh/java" 74 | else 75 | JAVACMD="$JAVA_HOME/bin/java" 76 | fi 77 | if [ ! -x "$JAVACMD" ] ; then 78 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME 79 | 80 | Please set the JAVA_HOME variable in your environment to match the 81 | location of your Java installation." 82 | fi 83 | else 84 | JAVACMD="java" 85 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 86 | 87 | Please set the JAVA_HOME variable in your environment to match the 88 | location of your Java installation." 89 | fi 90 | 91 | # Increase the maximum file descriptors if we can. 92 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then 93 | MAX_FD_LIMIT=`ulimit -H -n` 94 | if [ $? -eq 0 ] ; then 95 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then 96 | MAX_FD="$MAX_FD_LIMIT" 97 | fi 98 | ulimit -n $MAX_FD 99 | if [ $? -ne 0 ] ; then 100 | warn "Could not set maximum file descriptor limit: $MAX_FD" 101 | fi 102 | else 103 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" 104 | fi 105 | fi 106 | 107 | # For Darwin, add options to specify how the application appears in the dock 108 | if $darwin; then 109 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" 110 | fi 111 | 112 | # For Cygwin, switch paths to Windows format before running java 113 | if $cygwin ; then 114 | APP_HOME=`cygpath --path --mixed "$APP_HOME"` 115 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` 116 | JAVACMD=`cygpath --unix "$JAVACMD"` 117 | 118 | # We build the pattern for arguments to be converted via cygpath 119 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` 120 | SEP="" 121 | for dir in $ROOTDIRSRAW ; do 122 | ROOTDIRS="$ROOTDIRS$SEP$dir" 123 | SEP="|" 124 | done 125 | OURCYGPATTERN="(^($ROOTDIRS))" 126 | # Add a user-defined pattern to the cygpath arguments 127 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then 128 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" 129 | fi 130 | # Now convert the arguments - kludge to limit ourselves to /bin/sh 131 | i=0 132 | for arg in "$@" ; do 133 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` 134 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option 135 | 136 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition 137 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` 138 | else 139 | eval `echo args$i`="\"$arg\"" 140 | fi 141 | i=$((i+1)) 142 | done 143 | case $i in 144 | (0) set -- ;; 145 | (1) set -- "$args0" ;; 146 | (2) set -- "$args0" "$args1" ;; 147 | (3) set -- "$args0" "$args1" "$args2" ;; 148 | (4) set -- "$args0" "$args1" "$args2" "$args3" ;; 149 | (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; 150 | (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; 151 | (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; 152 | (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; 153 | (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; 154 | esac 155 | fi 156 | 157 | # Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules 158 | function splitJvmOpts() { 159 | JVM_OPTS=("$@") 160 | } 161 | eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS 162 | JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME" 163 | 164 | # by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong 165 | if [[ "$(uname)" == "Darwin" ]] && [[ "$HOME" == "$PWD" ]]; then 166 | cd "$(dirname "$0")" 167 | fi 168 | 169 | exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@" 170 | -------------------------------------------------------------------------------- /gradlew.bat: -------------------------------------------------------------------------------- 1 | @if "%DEBUG%" == "" @echo off 2 | @rem ########################################################################## 3 | @rem 4 | @rem Gradle startup script for Windows 5 | @rem 6 | @rem ########################################################################## 7 | 8 | @rem Set local scope for the variables with windows NT shell 9 | if "%OS%"=="Windows_NT" setlocal 10 | 11 | set DIRNAME=%~dp0 12 | if "%DIRNAME%" == "" set DIRNAME=. 13 | set APP_BASE_NAME=%~n0 14 | set APP_HOME=%DIRNAME% 15 | 16 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 17 | set DEFAULT_JVM_OPTS= 18 | 19 | @rem Find java.exe 20 | if defined JAVA_HOME goto findJavaFromJavaHome 21 | 22 | set JAVA_EXE=java.exe 23 | %JAVA_EXE% -version >NUL 2>&1 24 | if "%ERRORLEVEL%" == "0" goto init 25 | 26 | echo. 27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 28 | echo. 29 | echo Please set the JAVA_HOME variable in your environment to match the 30 | echo location of your Java installation. 31 | 32 | goto fail 33 | 34 | :findJavaFromJavaHome 35 | set JAVA_HOME=%JAVA_HOME:"=% 36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe 37 | 38 | if exist "%JAVA_EXE%" goto init 39 | 40 | echo. 41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 42 | echo. 43 | echo Please set the JAVA_HOME variable in your environment to match the 44 | echo location of your Java installation. 45 | 46 | goto fail 47 | 48 | :init 49 | @rem Get command-line arguments, handling Windows variants 50 | 51 | if not "%OS%" == "Windows_NT" goto win9xME_args 52 | 53 | :win9xME_args 54 | @rem Slurp the command line arguments. 55 | set CMD_LINE_ARGS= 56 | set _SKIP=2 57 | 58 | :win9xME_args_slurp 59 | if "x%~1" == "x" goto execute 60 | 61 | set CMD_LINE_ARGS=%* 62 | 63 | :execute 64 | @rem Setup the command line 65 | 66 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar 67 | 68 | @rem Execute Gradle 69 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% 70 | 71 | :end 72 | @rem End local scope for the variables with windows NT shell 73 | if "%ERRORLEVEL%"=="0" goto mainEnd 74 | 75 | :fail 76 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of 77 | rem the _cmd.exe /c_ return code! 78 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 79 | exit /b 1 80 | 81 | :mainEnd 82 | if "%OS%"=="Windows_NT" endlocal 83 | 84 | :omega 85 | -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/build.gradle: -------------------------------------------------------------------------------- 1 | description "use spring-boot-security to authenticate keycloak" 2 | 3 | dependencies { 4 | compile group: 'org.keycloak', name: 'keycloak-authz-client', version: '2.5.1.Final' 5 | 6 | compile group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '1.5.1.RELEASE' 7 | 8 | compile group: 'org.keycloak', name: 'keycloak-spring-security-adapter', version: '2.5.1.Final' 9 | compile group: 'org.keycloak', name: 'keycloak-model-api', version: '1.8.1.Final' 10 | 11 | testCompile group: 'junit', name: 'junit', version: '4.11' 12 | } 13 | -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/KeycloakAuthenticatoin.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import com.fasterxml.jackson.annotation.JsonIgnore; 4 | import org.keycloak.KeycloakPrincipal; 5 | import org.keycloak.KeycloakSecurityContext; 6 | import org.keycloak.adapters.RefreshableKeycloakSecurityContext; 7 | import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount; 8 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 9 | import org.springframework.security.core.Authentication; 10 | import org.springframework.security.core.GrantedAuthority; 11 | 12 | import java.util.Collection; 13 | import java.util.HashMap; 14 | import java.util.Map; 15 | 16 | /** 17 | * Created by hwwei on 2017/2/24. 18 | */ 19 | public class KeycloakAuthenticatoin implements Authentication { 20 | 21 | @JsonIgnore 22 | private KeycloakAuthenticationToken authenticationToken; 23 | 24 | public KeycloakAuthenticatoin(KeycloakAuthenticationToken authenticationToken) { 25 | 26 | this.authenticationToken = authenticationToken; 27 | } 28 | 29 | @Override 30 | public Collection getAuthorities() { 31 | return authenticationToken.getAuthorities(); 32 | } 33 | 34 | @Override 35 | public Object getCredentials() { 36 | return null; 37 | } 38 | 39 | @Override 40 | public Object getDetails() { 41 | SimpleKeycloakAccount details = (SimpleKeycloakAccount) authenticationToken.getDetails(); 42 | return details.getKeycloakSecurityContext().getToken(); 43 | } 44 | 45 | @Override 46 | public Object getPrincipal() { 47 | KeycloakPrincipal principal = (KeycloakPrincipal) authenticationToken.getPrincipal(); 48 | Map result = new HashMap<>(); 49 | result.put("name", principal.getName()); 50 | RefreshableKeycloakSecurityContext keycloakSecurityContext = (RefreshableKeycloakSecurityContext) principal.getKeycloakSecurityContext(); 51 | result.put("refreshToken", keycloakSecurityContext.getRefreshToken()); 52 | result.put("tokenString", keycloakSecurityContext.getTokenString()); 53 | result.put("refreshToken", keycloakSecurityContext.getRefreshToken()); 54 | return null; 55 | } 56 | 57 | @Override 58 | public boolean isAuthenticated() { 59 | return authenticationToken.isAuthenticated(); 60 | } 61 | 62 | @Override 63 | public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { 64 | authenticationToken.setAuthenticated(isAuthenticated); 65 | } 66 | 67 | @Override 68 | public String getName() { 69 | SimpleKeycloakAccount details = (SimpleKeycloakAccount) authenticationToken.getDetails(); 70 | return details.getKeycloakSecurityContext().getToken().getPreferredUsername(); 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/KeycloaksecurityServiceApplication.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | /** 7 | * Created by hwwei on 2017/2/24. 8 | */ 9 | @SpringBootApplication 10 | public class KeycloaksecurityServiceApplication { 11 | public static void main(String[] args) { 12 | SpringApplication.run(KeycloaksecurityServiceApplication.class, args); 13 | } 14 | 15 | } 16 | -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.adapters.springsecurity.KeycloakSecurityComponents; 4 | import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.context.annotation.Bean; 7 | import org.springframework.context.annotation.ComponentScan; 8 | import org.springframework.context.annotation.Configuration; 9 | import org.springframework.http.HttpMethod; 10 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 11 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 12 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 13 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 14 | import org.springframework.security.core.session.SessionRegistryImpl; 15 | import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy; 16 | import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy; 17 | import org.springframework.security.web.csrf.CookieCsrfTokenRepository; 18 | 19 | @Configuration 20 | @EnableWebSecurity 21 | @ComponentScan(basePackageClasses = KeycloakSecurityComponents.class) 22 | public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter { 23 | 24 | public SecurityConfig() { 25 | } 26 | 27 | /** 28 | * Registers the KeycloakAuthenticationProvider with the authentication manager. 29 | */ 30 | @Autowired 31 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { 32 | auth.authenticationProvider(keycloakAuthenticationProvider()); 33 | } 34 | 35 | /** 36 | * Defines the session authentication strategy. 37 | */ 38 | @Bean 39 | @Override 40 | protected SessionAuthenticationStrategy sessionAuthenticationStrategy() { 41 | return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl()); 42 | } 43 | 44 | /** 45 | * if you want to use csrf,you can use code follow. 46 | * http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); 47 | * @param http 48 | * @throws Exception 49 | */ 50 | @Override 51 | protected void configure(HttpSecurity http) throws Exception { 52 | super.configure(http); 53 | http.csrf().disable(); 54 | http.authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll() 55 | .antMatchers("/**").authenticated().anyRequest().permitAll(); 56 | } 57 | 58 | 59 | } -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/UserController.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 4 | import org.springframework.http.HttpRequest; 5 | import org.springframework.security.core.Authentication; 6 | import org.springframework.security.core.context.SecurityContextHolder; 7 | import org.springframework.web.bind.annotation.RequestMapping; 8 | import org.springframework.web.bind.annotation.RestController; 9 | 10 | import javax.servlet.http.HttpServletRequest; 11 | import javax.servlet.http.HttpServletResponse; 12 | 13 | /** 14 | * Created by hwwei on 2017/2/23. 15 | */ 16 | @RestController 17 | @RequestMapping("user") 18 | public class UserController { 19 | 20 | @RequestMapping 21 | public Authentication getUserInfo(HttpServletRequest request, HttpServletResponse response) { 22 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 23 | if(authentication instanceof KeycloakAuthenticationToken) { 24 | return new KeycloakAuthenticatoin((KeycloakAuthenticationToken) authentication); 25 | } 26 | return authentication; 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/WebConfig.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.springframework.boot.web.servlet.FilterRegistrationBean; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | import org.springframework.core.Ordered; 7 | import org.springframework.web.cors.CorsConfiguration; 8 | import org.springframework.web.cors.UrlBasedCorsConfigurationSource; 9 | import org.springframework.web.filter.CorsFilter; 10 | import org.springframework.web.servlet.config.annotation.CorsRegistry; 11 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; 12 | 13 | @Configuration 14 | public class WebConfig extends WebMvcConfigurerAdapter { 15 | @Override 16 | public void addCorsMappings(CorsRegistry registry) { 17 | registry.addMapping("/**") 18 | .allowedHeaders("*") 19 | .allowedMethods("*") 20 | .allowedOrigins("*"); 21 | } 22 | 23 | 24 | 25 | // @Bean 26 | // public FilterRegistrationBean corsFilter() { 27 | // UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 28 | // CorsConfiguration config = new CorsConfiguration(); 29 | // config.addAllowedOrigin("*"); 30 | // config.setAllowCredentials(true); 31 | // config.addAllowedHeader("*"); 32 | // config.addAllowedMethod("*"); 33 | // source.registerCorsConfiguration("/**", config); 34 | // 35 | // FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); 36 | // bean.setOrder(0); 37 | // return bean; 38 | // } 39 | } -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/contract/web/ContractResource.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity.contract.web; 2 | 3 | 4 | import com.thoughtworks.high17.demo.keycloaksecurity.KeycloakAuthenticatoin; 5 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 6 | import org.springframework.security.core.Authentication; 7 | import org.springframework.security.core.context.SecurityContextHolder; 8 | import org.springframework.web.bind.annotation.RequestMapping; 9 | import org.springframework.web.bind.annotation.RequestMethod; 10 | import org.springframework.web.bind.annotation.ResponseBody; 11 | import org.springframework.web.bind.annotation.RestController; 12 | 13 | import java.util.ArrayList; 14 | import java.util.List; 15 | 16 | @RestController 17 | @RequestMapping(value = "/api/contracts") 18 | public class ContractResource { 19 | 20 | @RequestMapping(method = RequestMethod.GET) 21 | @ResponseBody 22 | public Authentication getContracts() { 23 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 24 | if(authentication instanceof KeycloakAuthenticationToken) { 25 | return new KeycloakAuthenticatoin((KeycloakAuthenticationToken) authentication); 26 | } 27 | return authentication; 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port=7002 2 | #debug=true 3 | keycloak.configurationFile=classpath:keycloak.json -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/main/resources/keycloak.json: -------------------------------------------------------------------------------- 1 | { 2 | "realm": "core", 3 | "bearer-only": true, 4 | "auth-server-url": "http://localhost:8081/auth", 5 | "ssl-required": "external", 6 | "resource": "openid-token-backend" 7 | } -------------------------------------------------------------------------------- /keycloak-backend-springbootsecurity/src/test/java/com/demo/LocalDateTest.java: -------------------------------------------------------------------------------- 1 | package com.demo; 2 | 3 | import org.junit.Test; 4 | 5 | import java.time.Instant; 6 | import java.time.LocalDate; 7 | import java.time.LocalDateTime; 8 | import java.time.ZoneOffset; 9 | import java.time.temporal.ChronoField; 10 | import java.time.temporal.ChronoUnit; 11 | import java.time.temporal.TemporalField; 12 | import java.util.Date; 13 | 14 | public class LocalDateTest { 15 | @Test 16 | public void name() throws Exception { 17 | LocalDateTime now = LocalDateTime.now(); 18 | Instant instant = now.toInstant(ZoneOffset.ofHours(8)); 19 | System.out.println(instant.getEpochSecond()); 20 | Date date = new Date(); 21 | System.out.println(date.getTime()); 22 | 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /keycloak-react/.babelrc: -------------------------------------------------------------------------------- 1 | { 2 | "presets" : ["es2015", "react"] 3 | } -------------------------------------------------------------------------------- /keycloak-react/.codeclimate.yml: -------------------------------------------------------------------------------- 1 | engines: 2 | eslint: 3 | enabled: true 4 | scss-lint: 5 | enabled: true 6 | ratings: 7 | paths: 8 | - src/** 9 | exclude_paths: 10 | - node_modules/** 11 | -------------------------------------------------------------------------------- /keycloak-react/.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | indent_style = space 5 | indent_size = 2 6 | charset = utf-8 7 | trim_trailing_whitespace = true 8 | insert_final_newline = true 9 | end_of_line = lf 10 | # editorconfig-tools is unable to ignore longs strings or urls 11 | max_line_length = null -------------------------------------------------------------------------------- /keycloak-react/.eslintrc.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": "airbnb", 3 | "plugins": [ 4 | "react", 5 | "jsx-a11y", 6 | "import" 7 | ], 8 | "env": { 9 | "browser": true, 10 | "node": true, 11 | "jest": true, 12 | "mocha": true 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /keycloak-react/.gitignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | node_modules/ 3 | public 4 | coverage 5 | npm-debug.log -------------------------------------------------------------------------------- /keycloak-react/.nvmrc: -------------------------------------------------------------------------------- 1 | 6.9.4 2 | -------------------------------------------------------------------------------- /keycloak-react/.sass-lint.yml: -------------------------------------------------------------------------------- 1 | files: 2 | include: 'src/**/*.s+(a|c)ss' 3 | 4 | severity: error 5 | 6 | linters: 7 | 8 | BorderZero: 9 | enabled: true 10 | convention: zero 11 | 12 | BemDepth: 13 | enabled: true 14 | 15 | DeclarationOrder: 16 | enabled: false 17 | 18 | ExtendDirective: 19 | enabled: true 20 | 21 | LeadingZero: 22 | enabled: false 23 | 24 | NameFormat: 25 | enabled: true 26 | 27 | PrivateNamingConvention: 28 | enabled: true 29 | prefix: _ 30 | 31 | PropertySortOrder: 32 | enabled: false 33 | 34 | QualifyingElement: 35 | enabled: false 36 | 37 | SelectorFormat: 38 | enabled: true 39 | convention: hyphenated_BEM 40 | class_convention: ^(?!js-).* 41 | class_convention_explanation: should not be written in the form js-* 42 | 43 | SingleLinePerProperty: 44 | enabled: true 45 | allow_single_line_rule_sets: false 46 | 47 | StringQuotes: 48 | enabled: true 49 | style: double_quotes 50 | -------------------------------------------------------------------------------- /keycloak-react/.travis.yml: -------------------------------------------------------------------------------- 1 | language: node_js 2 | script: 3 | - npm run lint 4 | - npm run ci-test 5 | -------------------------------------------------------------------------------- /keycloak-react/README.md: -------------------------------------------------------------------------------- 1 | # 17high 2 | 3 | [![Build Status](https://travis-ci.org/ThoughtWorksWuhanUI/17high.svg?branch=master)](https://travis-ci.org/ThoughtWorksWuhanUI/17high) 4 | [![Coverage Status](https://coveralls.io/repos/github/ThoughtWorksWuhanUI/17high/badge.svg?branch=master)](https://coveralls.io/github/ThoughtWorksWuhanUI/17high?branch=master) 5 | [![Known Vulnerabilities](https://snyk.io/test/github/thoughtworkswuhanui/17high/badge.svg)](https://snyk.io/test/github/thoughtworkswuhanui/17high) 6 | [![Code Climate](https://codeclimate.com/github/ThoughtWorksWuhanUI/17high/badges/gpa.svg)](https://codeclimate.com/github/ThoughtWorksWuhanUI/17high) 7 | 8 | ## Install 9 | 10 | node -version v6.9.4(run 'nvm use', install it if not exist) 11 | 12 | brew update 13 | 14 | brew install yarn 15 | 16 | yarn install 17 | 18 | ## Scripts 19 | 20 | - `yarn bundle` bundle with webpack 21 | - `yarn server` run server 22 | - `yarn eslint` run eslint 23 | - `yarn csslint` run scss lint 24 | - `yarn lint` run eslint and scss lint 25 | - `yarn test` run Jest test 26 | 27 | For more information, please refer to our [wiki](https://github.com/ThoughtWorksWuhanUI/17high/wiki). 28 | -------------------------------------------------------------------------------- /keycloak-react/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "17high", 3 | "version": "1.0.0", 4 | "main": "index.js", 5 | "repository": "git@github.com:ThoughtWorksWuhanUI/17high.git", 6 | "author": "ThoughtWorksWuhan", 7 | "license": "MIT", 8 | "devDependencies": { 9 | "babel-core": "^6.24.0", 10 | "babel-eslint": "^7.1.1", 11 | "babel-jest": "^19.0.0", 12 | "babel-loader": "^6.4.0", 13 | "babel-polyfill": "^6.23.0", 14 | "babel-preset-es2015": "^6.24.0", 15 | "babel-preset-react": "^6.23.0", 16 | "babel-preset-react-optimize": "^1.0.1", 17 | "babel-preset-stage-0": "^6.22.0", 18 | "css-loader": "^0.27.3", 19 | "enzyme": "^2.7.1", 20 | "eslint": "^3.17.1", 21 | "eslint-config-airbnb": "^14.1.0", 22 | "eslint-loader": "^1.6.3", 23 | "eslint-plugin-import": "^2.2.0", 24 | "eslint-plugin-jsx-a11y": "^4.0.0", 25 | "eslint-plugin-react": "^6.10.0", 26 | "extract-text-webpack-plugin": "^2.1.0", 27 | "file-loader": "^0.11.1", 28 | "html-webpack-plugin": "^2.28.0", 29 | "identity-obj-proxy": "^3.0.0", 30 | "image-webpack-loader": "^3.2.0", 31 | "jest": "^19.0.2", 32 | "node-sass": "^4.5.0", 33 | "postcss-loader": "^1.3.3", 34 | "react-addons-test-utils": "^15.4.2", 35 | "sass-loader": "^6.0.3", 36 | "style-loader": "^0.13.2", 37 | "webpack": "^2.2.1", 38 | "webpack-bundle-size-analyzer": "^2.6.0", 39 | "webpack-dev-server": "^2.4.2", 40 | "webpack-spritesmith": "^0.3.3" 41 | }, 42 | "dependencies": { 43 | "autoprefixer": "^6.7.7", 44 | "axios": "^0.15.3", 45 | "classnames": "^2.2.5", 46 | "echarts-for-react": "^1.2.1", 47 | "jquery": "^3.2.1", 48 | "lodash": "^4.17.4", 49 | "moment": "^2.18.1", 50 | "normalize.css": "^6.0.0", 51 | "precss": "^1.4.0", 52 | "react": "^15.4.2", 53 | "react-datetime": "https://github.com/yourwafer/react-datetime.git#dd30e03", 54 | "react-datetime-slot": "https://github.com/dandankity/react-datetime-slot.git#d5a211c", 55 | "react-dom": "^15.4.2", 56 | "react-fileupload": "^2.4.0", 57 | "react-modal": "^1.7.3", 58 | "react-popover": "^0.4.8", 59 | "react-redux": "^5.0.3", 60 | "react-router": "2.8.1", 61 | "react-router-redux": "^4.0.8", 62 | "redux": "^3.6.0", 63 | "redux-logger": "^3.0.1", 64 | "redux-promise-middleware": "^4.2.0", 65 | "redux-thunk": "^2.2.0" 66 | }, 67 | "scripts": { 68 | "start": "yarn clean-dist && webpack && webpack-dev-server --inline --hot", 69 | "bundle": "webpack", 70 | "clean-dist": "rm -rf public", 71 | "server": "yarn install && webpack-dev-server --port 7001", 72 | "test": "jest --coverage", 73 | "ci-test": "jest --coverage && nyc report --temp-directory=coverage --reporter=text-lcov | coveralls", 74 | "eslint": "eslint src/**/*.jsx", 75 | "csslint": "sass-lint", 76 | "lint": "yarn eslint && yarn csslint" 77 | }, 78 | "jest": { 79 | "verbose": true, 80 | "testPathDirs": [ 81 | "src/components" 82 | ], 83 | "unmockedModulePathPatterns": [ 84 | "node_modules/react/", 85 | "node_modules/enzyme/" 86 | ], 87 | "moduleNameMapper": { 88 | "\\.(css|scss)$": "identity-obj-proxy" 89 | } 90 | } 91 | } 92 | -------------------------------------------------------------------------------- /keycloak-react/postcss.config.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | plugins: [ 3 | require('precss'), 4 | require('autoprefixer'), 5 | ], 6 | }; 7 | -------------------------------------------------------------------------------- /keycloak-react/src/client/app/spritesmith-generated/sprite.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yourwafer/keycloak-sso/f2154d6eb6a1552e811cb25f007b5ef66e9bd453/keycloak-react/src/client/app/spritesmith-generated/sprite.png -------------------------------------------------------------------------------- /keycloak-react/src/client/app/spritesmith-generated/sprite.scss: -------------------------------------------------------------------------------- 1 | // SCSS variables are information about icon's compiled state, stored under its original file name 2 | // 3 | // .icon-home { 4 | // width: $icon-home-width; 5 | // } 6 | // 7 | // The large array-like variables contain all information about a single icon 8 | // $icon-home: x y offset_x offset_y width height total_width total_height image_path; 9 | // 10 | // At the bottom of this section, we provide information about the spritesheet itself 11 | // $spritesheet: width height image $spritesheet-sprites; 12 | $spritesheet-width: 0px; 13 | $spritesheet-height: 0px; 14 | $spritesheet-image: 'sprite.png'; 15 | $spritesheet-sprites: (); 16 | $spritesheet: (0px, 0px, 'sprite.png', $spritesheet-sprites, ); 17 | 18 | // The provided mixins are intended to be used with the array-like variables 19 | // 20 | // .icon-home { 21 | // @include sprite-width($icon-home); 22 | // } 23 | // 24 | // .icon-email { 25 | // @include sprite($icon-email); 26 | // } 27 | // 28 | // Example usage in HTML: 29 | // 30 | // `display: block` sprite: 31 | //
32 | // 33 | // To change `display` (e.g. `display: inline-block;`), we suggest using a common CSS class: 34 | // 35 | // // CSS 36 | // .icon { 37 | // display: inline-block; 38 | // } 39 | // 40 | // // HTML 41 | // 42 | @mixin sprite-width($sprite) { 43 | width: nth($sprite, 5); 44 | } 45 | 46 | @mixin sprite-height($sprite) { 47 | height: nth($sprite, 6); 48 | } 49 | 50 | @mixin sprite-position($sprite) { 51 | $sprite-offset-x: nth($sprite, 3); 52 | $sprite-offset-y: nth($sprite, 4); 53 | background-position: $sprite-offset-x $sprite-offset-y; 54 | } 55 | 56 | @mixin sprite-image($sprite) { 57 | $sprite-image: nth($sprite, 9); 58 | background-image: url(#{$sprite-image}); 59 | } 60 | 61 | @mixin sprite($sprite) { 62 | @include sprite-image($sprite); 63 | @include sprite-position($sprite); 64 | @include sprite-width($sprite); 65 | @include sprite-height($sprite); 66 | } 67 | 68 | // The `sprites` mixin generates identical output to the CSS template 69 | // but can be overridden inside of SCSS 70 | // 71 | // @include sprites($spritesheet-sprites); 72 | @mixin sprites($sprites) { 73 | @each $sprite in $sprites { 74 | $sprite-name: nth($sprite, 10); 75 | .#{$sprite-name} { 76 | @include sprite($sprite); 77 | } 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /keycloak-react/src/components/LoginComponent/LoginComponent.scss: -------------------------------------------------------------------------------- 1 | .menu-container { 2 | background-color: #eeeeee; 3 | border: 1px solid white; 4 | padding: 10px; 5 | border-radius: 5px; 6 | } 7 | .nav-item { 8 | background-color: #00aa5b; 9 | margin-top: 5px; 10 | padding: 5px; 11 | border-radius: 5px; 12 | color: white; 13 | letter-spacing: 1.2px; 14 | padding: 0px 5px; 15 | } 16 | .nav-item a { 17 | text-decoration: none; 18 | color: inherit; 19 | display: block; 20 | width: 100%; 21 | height: 100%; 22 | font-weight: bold; 23 | } 24 | .nav-item a:hover { 25 | border-radius: 4px; 26 | background-color: #e2f1f6; 27 | box-shadow: 0 2px 4px 0 #41abc4; 28 | color: #2fb5d4; 29 | } 30 | -------------------------------------------------------------------------------- /keycloak-react/src/components/LoginComponent/index.jsx: -------------------------------------------------------------------------------- 1 | import Keycloak from './keycloak'; 2 | import config from './keycloak.json'; 3 | import React from 'react'; 4 | import $ from 'jquery'; 5 | import style from './LoginComponent.scss'; 6 | import classNames from 'classnames/bind'; 7 | const cx = classNames.bind(style); 8 | 9 | var LoginComponent = React.createClass({ 10 | getInitialState: function () { 11 | var that = this; 12 | 13 | let states = { profile: {}, contacts: {} }; 14 | var keycloakInitConfig = {}; 15 | keycloakInitConfig.url = config['auth-server-url']; 16 | keycloakInitConfig.realm = config['realm']; 17 | keycloakInitConfig.clientId = config['resource']; 18 | keycloakInitConfig.secret = (config['credentials'] || {})['secret']; 19 | 20 | let _keycloak = states.keycloak = Keycloak(keycloakInitConfig); 21 | 22 | _keycloak.init({ 23 | onLoad: 'login-required' 24 | }) 25 | .success((authenticated) => { 26 | if (authenticated) { 27 | var isExpired = _keycloak.isTokenExpired(); 28 | var token = _keycloak.token; 29 | 30 | if (isExpired) { 31 | _keycloak.updateToken(5) 32 | .success(function () { 33 | // $.ajaxSetup({ 34 | // headers: {"common": {Authorization: "BEARER " + that.state.keycloak.token}} 35 | // }); 36 | }) 37 | .error(function () { 38 | console.error('Failed to refresh token'); 39 | }); 40 | } 41 | // $.ajaxSetup({ 42 | // headers: {"common": {Authorization: "BEARER " + that.state.keycloak.token}} 43 | // }); 44 | 45 | states.keycloak.loadUserProfile().success(function (profile) { 46 | var newState = Object.assign({}, that.state); 47 | newState.profile = profile; 48 | that.setState(newState); 49 | }); 50 | } 51 | else { 52 | window.location.reload(); 53 | } 54 | }) 55 | .error(function () { 56 | window.location.reload(); 57 | }); 58 | return states; 59 | }, 60 | logout: function () { 61 | this.state.keycloak.logout(); 62 | }, 63 | getContracts: function () { 64 | var that = this; 65 | $.ajax({ 66 | type: "GET", 67 | url: "http://localhost:7002/user", 68 | crossDomain: true, 69 | xhrFields: { cors: false }, 70 | headers: { 71 | "Authorization": "BEARER " + that.state.keycloak.token 72 | }, 73 | error: function (a, b, c) { 74 | console.log(a); 75 | }, 76 | success: function (data) { 77 | var newState = Object.assign({}, that.state); 78 | newState.contacts = data; 79 | that.setState(newState); 80 | } 81 | }); 82 | }, 83 | render: function () { 84 | return ( 85 |
86 |
87 |
88 |
89 | OpenId Connect Tradition Web(Springboot,Security):7000 90 |
91 |
92 | Public Web(React, js adapter):7001 93 |
94 |
95 | Public Service(Token):7002 96 |
97 |
98 | Saml Web(Spring,Filter):7003 99 |
100 |
101 |
102 |
You're logged in as:
103 | 104 | Id: {this.state.profile.id} 105 |

106 | Username: {this.state.profile.username} 107 |

108 | Email: {this.state.profile.email} 109 |

110 | Full Name: {this.state.profile.firstName} {this.state.profile.lastName} 111 |

112 | 113 | 114 | 115 | 116 |

    117 | {JSON.stringify(this.state.contacts)} 118 |
119 |
120 |
121 |
122 | ); 123 | } 124 | }); 125 | 126 | export default LoginComponent; 127 | -------------------------------------------------------------------------------- /keycloak-react/src/components/LoginComponent/keycloak.json: -------------------------------------------------------------------------------- 1 | { 2 | "realm": "core", 3 | "auth-server-url": "http://localhost:8081/auth", 4 | "ssl-required": "external", 5 | "resource": "openid-frontend", 6 | "public-client": true 7 | } 8 | -------------------------------------------------------------------------------- /keycloak-react/src/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 17High 11 | 12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /keycloak-react/src/index.jsx: -------------------------------------------------------------------------------- 1 | import React from 'react'; 2 | import { render } from 'react-dom'; 3 | import LoginComponent from './components/LoginComponent'; 4 | 5 | const Login = () => ; 6 | 7 | render(, document.getElementById('app')); 8 | -------------------------------------------------------------------------------- /keycloak-react/webpack.config.js: -------------------------------------------------------------------------------- 1 | const path = require('path'); 2 | const HtmlWebpackPlugin = require('html-webpack-plugin'); 3 | const ExtractTextPlugin = require('extract-text-webpack-plugin'); 4 | 5 | const BUILD_DIR = path.resolve(__dirname, 'public'); 6 | const APP_DIR = path.resolve(__dirname, 'src'); 7 | 8 | 9 | const config = { 10 | entry: `${APP_DIR}/index.jsx`, 11 | output: { 12 | path: BUILD_DIR, 13 | filename: 'bundle.js', 14 | }, 15 | resolve: { 16 | extensions: ['.jsx', '.js'], 17 | modules: ['node_modules'] 18 | }, 19 | module: { 20 | loaders: [ 21 | { 22 | test: /\.jsx?/, 23 | include: APP_DIR, 24 | loader: 'babel-loader', 25 | }, 26 | { 27 | test: /\.scss$/, 28 | use: ['style-loader', 'css-loader?minimize&modules&importLoaders=2&localIdentName=[name]__[local]', 'postcss-loader', 'sass-loader'] 29 | }, 30 | { 31 | test: /\.css$/, 32 | use: ['style-loader', 'css-loader?minimize&modules&importLoaders=2&localIdentName=[local]', 'postcss-loader'] 33 | }, 34 | {test: /\.json$/, loader: 'json-loader'}, 35 | ], 36 | }, 37 | plugins: [ 38 | new HtmlWebpackPlugin({ 39 | template: 'src/index.html', 40 | inject: 'body', 41 | }), 42 | new ExtractTextPlugin("style.css") 43 | ], 44 | }; 45 | 46 | module.exports = config; 47 | -------------------------------------------------------------------------------- /keycloak-saml/build.gradle: -------------------------------------------------------------------------------- 1 | description "use spring-boot-security to authenticate keycloak" 2 | 3 | dependencies { 4 | 5 | compile group: 'org.springframework.boot', name: 'spring-boot-starter-web', version: '1.5.3.RELEASE' 6 | compile group: 'org.keycloak', name: 'keycloak-saml-servlet-filter-adapter', version: '3.1.0.Final' 7 | compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.3' 8 | 9 | testCompile group: 'junit', name: 'junit', version: '4.11' 10 | } 11 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/java/com/keycloak/saml/demo/KeycloakSamlApplication.java: -------------------------------------------------------------------------------- 1 | package com.keycloak.saml.demo; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class KeycloakSamlApplication { 8 | public static void main(String[] args) { 9 | SpringApplication.run(KeycloakSamlApplication.class, args); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/java/com/keycloak/saml/demo/LogoutController.java: -------------------------------------------------------------------------------- 1 | package com.keycloak.saml.demo; 2 | 3 | import org.springframework.stereotype.Controller; 4 | import org.springframework.web.bind.annotation.RequestMapping; 5 | import org.springframework.web.bind.annotation.RequestMethod; 6 | 7 | import javax.servlet.ServletException; 8 | import javax.servlet.http.HttpServletRequest; 9 | 10 | @Controller 11 | @RequestMapping("logout") 12 | public class LogoutController { 13 | 14 | @RequestMapping(method = {RequestMethod.POST, RequestMethod.GET}) 15 | public String logout(HttpServletRequest request) throws ServletException { 16 | request.logout(); 17 | return "redirect:/session/main.html"; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/java/com/keycloak/saml/demo/UserController.java: -------------------------------------------------------------------------------- 1 | package com.keycloak.saml.demo; 2 | 3 | import org.keycloak.adapters.saml.SamlPrincipal; 4 | import org.springframework.stereotype.Controller; 5 | import org.springframework.web.bind.annotation.GetMapping; 6 | import org.springframework.web.bind.annotation.RequestMapping; 7 | import org.springframework.web.bind.annotation.RestController; 8 | 9 | import javax.servlet.http.HttpServletRequest; 10 | import java.security.Principal; 11 | 12 | @RestController 13 | @RequestMapping("admin/core") 14 | public class UserController { 15 | 16 | @GetMapping 17 | public SamlPrincipal req(HttpServletRequest request){ 18 | Principal userPrincipal = request.getUserPrincipal(); 19 | SamlPrincipal samlPrincipal = (SamlPrincipal) userPrincipal; 20 | return samlPrincipal; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/java/com/keycloak/saml/demo/WebConfig.java: -------------------------------------------------------------------------------- 1 | package com.keycloak.saml.demo; 2 | 3 | import org.keycloak.adapters.saml.servlet.SamlFilter; 4 | import org.springframework.boot.web.servlet.FilterRegistrationBean; 5 | import org.springframework.context.ResourceLoaderAware; 6 | import org.springframework.context.annotation.Bean; 7 | import org.springframework.context.annotation.Configuration; 8 | import org.springframework.core.io.ClassPathResource; 9 | import org.springframework.core.io.Resource; 10 | import org.springframework.core.io.ResourceLoader; 11 | import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; 12 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; 13 | 14 | import java.io.IOException; 15 | 16 | @Configuration 17 | public class WebConfig extends WebMvcConfigurerAdapter implements ResourceLoaderAware{ 18 | private ResourceLoader resourceLoader; 19 | 20 | @Override 21 | public void addResourceHandlers(ResourceHandlerRegistry registry) { 22 | // Resources controlled by Spring Security, which 23 | // adds "Cache-Control: must-revalidate". 24 | registry.addResourceHandler("/static/**") 25 | .addResourceLocations("classpath:/static/") 26 | .setCachePeriod(-1); 27 | } 28 | 29 | @Bean 30 | public FilterRegistrationBean someFilterRegistration() throws IOException { 31 | Resource resource = resourceLoader.getResource("classpath:keycloak-saml.xml"); 32 | FilterRegistrationBean registration = new FilterRegistrationBean(); 33 | registration.setFilter(filter()); 34 | registration.setOrder(0); 35 | registration.addUrlPatterns("/admin/*"); 36 | registration.addInitParameter("keycloak.config.file", resource.getFile().getAbsolutePath()); 37 | registration.setName("Keycloak Filter"); 38 | return registration; 39 | } 40 | 41 | public SamlFilter filter(){ 42 | SamlFilter filter = new SamlFilter(); 43 | return filter; 44 | } 45 | 46 | @Override 47 | public void setResourceLoader(ResourceLoader resourceLoader) { 48 | this.resourceLoader = resourceLoader; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port=7003 2 | #debug=true -------------------------------------------------------------------------------- /keycloak-saml/src/main/resources/keycloak-saml.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 8 | MIIEowIBAAKCAQEAxbAWS774cSQBY/KPEbSqVuiFX89ZNJB8ixYd+2eo/P8BJQZ5dgwvcCUvrCsj1pHe8VJd0z6QJzcmTyL+Pt9adi8KBh4c7Cl54z8Io07YOOdckLuYz3xKbH+7z+zd01iUZVk/LChzNdVsebnIr532/ALo6k6RALMJMAd5Bj5f7rPfguf/o7xTgwYvtir0QkHqm/8FI+Nf9z/bcbKxMeU0eFHKTzYTxWE4QvCcMq2gt9FcCzVtQSd/vQM6j03FqoxloiVFh4BOLGxf/bJ/s4+yGG36Y6nMt4vFRHJNj74Eiy6bADCOs1iHSPHUJz/vrZ6CcZcwCl6di2prW5LG92HBjwIDAQABAoIBAQCPjUzDeEukrQatc2fc7Zp8PaEMb99RQlKOFWN0OlQGU46bOlZdGIAiKX6ywSjnGUoRZ0Rmr5myQGP7N2f0c/CWvZXD134dKAkwsYcuP4TX3XnkR7WxhYntu9vAIzr5y+sGpYYwJLd0siRxSC2pCUZeviYwbxjwrxHO5L5HgGfdR0zHfwRdCpZFRnrBePS4ZIwadmOnV1DBEDlpqu28zggsgwvWHvaToL3eIUx164g9We0E+nlx7P+9mlt/C1sA8CZM8U5nRzSAuHhLnGPoUOMoPvxoi1Bk/asJVv9/IMnzyhFQD5YkEWGTbjw/ur0gvcpy8s/zK5tNo1VZBtE4xN1RAoGBAPZah7rAo+WyYh9rWxROqRSkCIa3Qe8Rg+EOpX4oq/RMQ545AJotfqqzQ5cTGsuULVqWVfqjL1j1fai5UJddzPFiu8crREjwXrB53j86hgEXRdRIO7GsfT8cJ+zTGkCFNLiSuu1iK0hLyg+P93yHl7k8tWzcFZBTsdTDNGaJQ7prAoGBAM1tuhJST/Ulz/gbdFGC/bdYJErcKNDD0WrWBAaHf4U09PaI/NlR3zWzvjhDUwXOY49V6ZR7nWeg9mkK6qIBrd4xMP4+groWH9GvCCSatTfQYHHkmyALVgv9DTuC9iYjaVOV3+QxteR5BQqAEkweiJpnINtHsxBfvU5T9v8OfqZtAoGAaFDnXn4KKM6DXDiSZaP1Vscq0Riyc7Af/uG71BMW1SiiDVKn3aFcHJ4yBbvSQdgp6Ez2dV46Q1oYbqSh6qaOjLw5NVot3RDjl6jTIkT+z2FycTRxCog2tM2QXmj5mc6OB4YiXziNiVyGYFae/n1QEuERFdqPywCVsblC7BQ9uKcCgYAZ7QIxs7+xka8YgeaBLwX0MKSL6hMgncX9NLtXU5xtZEySHKHEj4ebEG8uTJjav7xi55XODnfED1Vp1l3cSlf2FcE4JQ18jLRBU1S0we2i+KJjXVWSiru2UZ5s509HauqtCNozw25QQlG3jIhCoQveaKuF4RuhMmQC0af3co3bVQKBgCvaNH8KArsU7aX/kptDczE9FsAPDi6YTyQip6zGPrdQJBwu80VRNKSUxSTmSV+GoQNRPXAV4WrIP7RiIJ7sCu4L6Vlwcsu5QYN5gflDBUsvL5tU/W+GjspL5aXmfVBGD5PvYMHMxr2OwhdUdNd7KtPvcOyWjfpteh4mu6amLtZM 9 | 10 | 11 | MIICnTCCAYUCBgFcYruQXTANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdzYW1sd2ViMB4XDTE3MDYwMTA4MTYxOFoXDTI3MDYwMTA4MTc1OFowEjEQMA4GA1UEAwwHc2FtbHdlYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWwFku++HEkAWPyjxG0qlbohV/PWTSQfIsWHftnqPz/ASUGeXYML3AlL6wrI9aR3vFSXdM+kCc3Jk8i/j7fWnYvCgYeHOwpeeM/CKNO2DjnXJC7mM98Smx/u8/s3dNYlGVZPywoczXVbHm5yK+d9vwC6OpOkQCzCTAHeQY+X+6z34Ln/6O8U4MGL7Yq9EJB6pv/BSPjX/c/23GysTHlNHhRyk82E8VhOELwnDKtoLfRXAs1bUEnf70DOo9NxaqMZaIlRYeATixsX/2yf7OPshht+mOpzLeLxURyTY++BIsumwAwjrNYh0jx1Cc/762egnGXMApenYtqa1uSxvdhwY8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgfUxuMuMPE4XqVD68+CPxFWnyfmPlUszar/fEHx576FzTwztW23FpWtYD32HRn9+zM+zk8bW1qrbdZWvJYnV3UcsKC9dE9Pc2UKSvGkxKhycllhDYCbL/R9dHczbMnX8qLpQK1/KiVQ1Uj8A+JSLbfsu+0nZ0tGWTWY8fd6/urLSYTTCfb162KPRnlLyTny2wZQRDQ1h++JNSRa34n0PFl8yJlmaOC3CL6cN2fWTFewXFV33DuRa973QeL4mhogTMDjwc0W0NKjp/CBOis1WNvJnELuVFpVu7HVPzupCQNPuFj1gORLxxwbTaYm9HDOV+RuHJ62mN60zr/uqNDAUsQ== 12 | 13 | 14 | 15 | 18 | 23 | 31 | 32 | 33 | 34 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/resources/static/admin/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | keycloak saml 权限受控页面 6 | 7 | 8 | 9 |
10 | 68 |
69 |
70 | OpenId Connect Tradition Web(Springboot,Security):7000 71 |
72 |
73 | Public Web(React, js adapter):7001 74 |
75 |
76 | Public Service(Token):7002 77 |
78 |
79 | Saml Web(Spring,Filter):7003 80 |
81 | 84 |
85 | 86 | 109 |
110 |
保护资源,需要权限
111 |
log out
112 |
普通资源,不需要权限
113 |
114 |
115 | 116 |

欢迎进入管理板后台管理

117 |
118 |
119 | age: 120 |
121 |
    122 | 123 |
124 |
125 |
126 |
127 | 128 | 129 | 145 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/resources/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | keycloak Saml Web problem 6 | 7 | 8 |
9 | 64 |
65 |
66 | OpenId Connect Tradition Web(Springboot,Security):7000 67 |
68 |
69 | Public Web(React, js adapter):7001 70 |
71 |
72 | Public Service(Token):7002 73 |
74 |
75 | Saml Web(Spring,Filter):7003 76 |
77 | 80 |
81 | 82 | 103 |
104 |
保护资源,需要权限
105 |
log out
106 |
普通资源,不需要权限
107 |
108 |
109 | 110 | -------------------------------------------------------------------------------- /keycloak-saml/src/main/resources/static/session/main.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | keycloak saml 自由页面 6 | 7 | 8 |

这里session展示模块,不需要登录

9 | 40 |
41 |
42 | OpenId Connect Tradition Web(Springboot,Security):7000 43 |
44 |
45 | Public Web(React, js adapter):7001 46 |
47 |
48 | Public Service(Token):7002 49 |
50 |
51 | Saml Web(Spring,Filter):7003 52 |
53 |
54 | 55 | 76 |
77 |
保护资源,需要权限
78 |
log out
79 |
普通资源,不需要权限
80 |
81 |
82 | 83 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/build.gradle: -------------------------------------------------------------------------------- 1 | description "use spring-boot-security to authenticate keycloak" 2 | 3 | dependencies { 4 | compile group: 'org.keycloak', name: 'keycloak-authz-client', version: '3.1.0.Final' 5 | 6 | compile group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '1.5.1.RELEASE' 7 | 8 | compile group: 'org.keycloak', name: 'keycloak-spring-security-adapter', version: '3.1.0.Final' 9 | 10 | testCompile group: 'junit', name: 'junit', version: '4.11' 11 | } 12 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/CustomFacade.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.KeycloakPrincipal; 4 | import org.keycloak.KeycloakSecurityContext; 5 | import org.keycloak.adapters.OidcKeycloakAccount; 6 | import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade; 7 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 8 | import org.springframework.security.core.context.SecurityContext; 9 | import org.springframework.security.core.context.SecurityContextHolder; 10 | 11 | import javax.servlet.http.HttpServletRequest; 12 | import javax.servlet.http.HttpServletResponse; 13 | 14 | public class CustomFacade extends SimpleHttpFacade { 15 | 16 | public CustomFacade(HttpServletRequest request, HttpServletResponse response) { 17 | super(request, response); 18 | } 19 | 20 | @Override 21 | public KeycloakSecurityContext getSecurityContext() { 22 | Object details = getAuthentication(SecurityContextHolder.getContext()); 23 | if (details != null) { 24 | if(details instanceof KeycloakAuthenticationToken){ 25 | KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) details; 26 | KeycloakPrincipal principal = (KeycloakPrincipal)token.getPrincipal(); 27 | return principal.getKeycloakSecurityContext(); 28 | } else if(details instanceof KeycloakSecurityContext){ 29 | return (KeycloakSecurityContext) details; 30 | } else if (details instanceof OidcKeycloakAccount) { 31 | return ((OidcKeycloakAccount) details).getKeycloakSecurityContext(); 32 | } 33 | } 34 | return null; 35 | } 36 | 37 | Object getAuthentication(SecurityContext context) { 38 | return context.getAuthentication(); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/CustomKeycloakAuthenticatedActionsFilter.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.adapters.AdapterDeploymentContext; 4 | import org.keycloak.adapters.AuthenticatedActionsHandler; 5 | import org.keycloak.adapters.OIDCHttpFacade; 6 | import org.keycloak.adapters.spi.HttpFacade; 7 | import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade; 8 | import org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticatedActionsFilter; 9 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 10 | import org.slf4j.Logger; 11 | import org.slf4j.LoggerFactory; 12 | import org.springframework.beans.BeansException; 13 | import org.springframework.context.ApplicationContext; 14 | import org.springframework.security.core.Authentication; 15 | import org.springframework.security.core.context.SecurityContextHolder; 16 | 17 | import javax.servlet.FilterChain; 18 | import javax.servlet.ServletException; 19 | import javax.servlet.ServletRequest; 20 | import javax.servlet.ServletResponse; 21 | import javax.servlet.http.HttpServletRequest; 22 | import javax.servlet.http.HttpServletResponse; 23 | import java.io.IOException; 24 | 25 | public class CustomKeycloakAuthenticatedActionsFilter extends KeycloakAuthenticatedActionsFilter { 26 | private final Logger log = LoggerFactory.getLogger(CustomKeycloakAuthenticatedActionsFilter.class); 27 | protected ApplicationContext context; 28 | protected AdapterDeploymentContext deploymentContext; 29 | 30 | @Override 31 | public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { 32 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 33 | if (authentication instanceof KeycloakAuthenticationToken) { 34 | HttpFacade facade = new CustomFacade((HttpServletRequest) request, (HttpServletResponse) response); 35 | AuthenticatedActionsHandler handler = new AuthenticatedActionsHandler(deploymentContext.resolveDeployment(facade), (OIDCHttpFacade) facade); 36 | boolean handled = handler.handledRequest(); 37 | if (handled) { 38 | log.debug("Authenticated filter handled request: {}", ((HttpServletRequest) request).getRequestURI()); 39 | } else { 40 | chain.doFilter(request, response); 41 | } 42 | } else { 43 | chain.doFilter(request, response); 44 | } 45 | } 46 | 47 | @Override 48 | protected void initFilterBean() throws ServletException { 49 | deploymentContext = context.getBean(AdapterDeploymentContext.class); 50 | } 51 | 52 | @Override 53 | public void setApplicationContext(ApplicationContext applicationContext) throws BeansException { 54 | this.context = applicationContext; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/CustomKeycloakAuthenticationProvider.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.adapters.springsecurity.account.KeycloakRole; 4 | import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider; 5 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 6 | import org.springframework.security.authentication.AuthenticationProvider; 7 | import org.springframework.security.core.Authentication; 8 | import org.springframework.security.core.AuthenticationException; 9 | import org.springframework.security.core.GrantedAuthority; 10 | import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; 11 | 12 | import java.util.ArrayList; 13 | import java.util.Collection; 14 | import java.util.List; 15 | 16 | public class CustomKeycloakAuthenticationProvider extends KeycloakAuthenticationProvider { 17 | private GrantedAuthoritiesMapper grantedAuthoritiesMapper; 18 | 19 | public void setGrantedAuthoritiesMapper(GrantedAuthoritiesMapper grantedAuthoritiesMapper) { 20 | this.grantedAuthoritiesMapper = grantedAuthoritiesMapper; 21 | } 22 | 23 | @Override 24 | public Authentication authenticate(Authentication authentication) throws AuthenticationException { 25 | KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) authentication; 26 | List grantedAuthorities = new ArrayList(); 27 | 28 | for (String role : token.getAccount().getRoles()) { 29 | grantedAuthorities.add(new KeycloakRole(role)); 30 | } 31 | return new KeycloakAuthenticationToken(token.getAccount(), mapAuthorities(grantedAuthorities)); 32 | } 33 | 34 | private Collection mapAuthorities( 35 | Collection authorities) { 36 | return grantedAuthoritiesMapper != null 37 | ? grantedAuthoritiesMapper.mapAuthorities(authorities) 38 | : authorities; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/KeycloakAuthenticatoin.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import com.fasterxml.jackson.annotation.JsonIgnore; 4 | import org.keycloak.KeycloakPrincipal; 5 | import org.keycloak.KeycloakSecurityContext; 6 | import org.keycloak.adapters.RefreshableKeycloakSecurityContext; 7 | import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount; 8 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 9 | import org.springframework.security.core.Authentication; 10 | import org.springframework.security.core.GrantedAuthority; 11 | 12 | import java.util.Collection; 13 | import java.util.HashMap; 14 | import java.util.Map; 15 | 16 | /** 17 | * Created by hwwei on 2017/2/24. 18 | */ 19 | public class KeycloakAuthenticatoin implements Authentication { 20 | 21 | @JsonIgnore 22 | private KeycloakAuthenticationToken authenticationToken; 23 | 24 | public KeycloakAuthenticatoin(KeycloakAuthenticationToken authenticationToken) { 25 | 26 | this.authenticationToken = authenticationToken; 27 | } 28 | 29 | @Override 30 | public Collection getAuthorities() { 31 | return authenticationToken.getAuthorities(); 32 | } 33 | 34 | @Override 35 | public Object getCredentials() { 36 | return null; 37 | } 38 | 39 | @Override 40 | public Object getDetails() { 41 | SimpleKeycloakAccount details = (SimpleKeycloakAccount) authenticationToken.getDetails(); 42 | return details.getKeycloakSecurityContext().getToken(); 43 | } 44 | 45 | @Override 46 | public Object getPrincipal() { 47 | KeycloakPrincipal principal = (KeycloakPrincipal) authenticationToken.getPrincipal(); 48 | Map result = new HashMap<>(); 49 | result.put("name", principal.getName()); 50 | RefreshableKeycloakSecurityContext keycloakSecurityContext = (RefreshableKeycloakSecurityContext) principal.getKeycloakSecurityContext(); 51 | result.put("refreshToken", keycloakSecurityContext.getRefreshToken()); 52 | result.put("tokenString", keycloakSecurityContext.getTokenString()); 53 | result.put("refreshToken", keycloakSecurityContext.getRefreshToken()); 54 | return result; 55 | } 56 | 57 | @Override 58 | public boolean isAuthenticated() { 59 | return authenticationToken.isAuthenticated(); 60 | } 61 | 62 | @Override 63 | public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { 64 | authenticationToken.setAuthenticated(isAuthenticated); 65 | } 66 | 67 | @Override 68 | public String getName() { 69 | SimpleKeycloakAccount details = (SimpleKeycloakAccount) authenticationToken.getDetails(); 70 | return details.getKeycloakSecurityContext().getToken().getPreferredUsername(); 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/KeycloaksecurityApplication.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 6 | 7 | /** 8 | * Created by hwwei on 2017/2/24. 9 | */ 10 | @SpringBootApplication 11 | @EnableGlobalMethodSecurity(securedEnabled = true) 12 | public class KeycloaksecurityApplication { 13 | public static void main(String[] args) { 14 | SpringApplication.run(KeycloaksecurityApplication.class, args); 15 | } 16 | 17 | } 18 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/ManagerController.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.AuthorizationContext; 4 | import org.keycloak.KeycloakSecurityContext; 5 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 6 | import org.keycloak.representations.idm.authorization.Permission; 7 | import org.springframework.security.core.Authentication; 8 | import org.springframework.security.core.context.SecurityContext; 9 | import org.springframework.security.core.context.SecurityContextHolder; 10 | import org.springframework.web.bind.annotation.GetMapping; 11 | import org.springframework.web.bind.annotation.RequestMapping; 12 | import org.springframework.web.bind.annotation.RestController; 13 | 14 | import javax.servlet.http.HttpServletRequest; 15 | import java.util.List; 16 | 17 | @RestController 18 | @RequestMapping("manager") 19 | public class ManagerController { 20 | 21 | @GetMapping 22 | public String get(HttpServletRequest request){ 23 | 24 | return "fine"; 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.adapters.springsecurity.KeycloakSecurityComponents; 4 | import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider; 5 | import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter; 6 | import org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.context.ApplicationContextAware; 9 | import org.springframework.context.annotation.Bean; 10 | import org.springframework.context.annotation.ComponentScan; 11 | import org.springframework.context.annotation.Configuration; 12 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 13 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 14 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 15 | import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper; 16 | import org.springframework.security.core.session.SessionRegistryImpl; 17 | import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy; 18 | import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy; 19 | 20 | @Configuration 21 | @EnableWebSecurity 22 | @ComponentScan(basePackageClasses = KeycloakSecurityComponents.class) 23 | public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter implements ApplicationContextAware { 24 | 25 | /** 26 | * Registers the KeycloakAuthenticationProvider with the authentication manager. 27 | */ 28 | @Autowired 29 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { 30 | KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider(); 31 | SimpleAuthorityMapper grantedAuthorityMapper = new SimpleAuthorityMapper(); 32 | grantedAuthorityMapper.setPrefix("ROLE_"); 33 | grantedAuthorityMapper.setConvertToUpperCase(true); 34 | keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(grantedAuthorityMapper); 35 | auth.authenticationProvider(keycloakAuthenticationProvider); 36 | } 37 | 38 | @Override 39 | protected KeycloakAuthenticationProvider keycloakAuthenticationProvider() { 40 | return new CustomKeycloakAuthenticationProvider(); 41 | } 42 | 43 | /** 44 | * Defines the session authentication strategy. 45 | */ 46 | @Bean 47 | @Override 48 | protected SessionAuthenticationStrategy sessionAuthenticationStrategy() { 49 | return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl()); 50 | } 51 | 52 | /** 53 | * if you want to use csrf,you can use code follow. 54 | * http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); 55 | * 56 | * @param http 57 | * @throws Exception 58 | */ 59 | @Override 60 | protected void configure(HttpSecurity http) throws Exception { 61 | super.configure(http); 62 | http.csrf().disable(); 63 | http.authorizeRequests().antMatchers("/admin/*").authenticated().anyRequest().permitAll(); 64 | 65 | CustomKeycloakAuthenticatedActionsFilter filter = new CustomKeycloakAuthenticatedActionsFilter(); 66 | filter.setApplicationContext(getApplicationContext()); 67 | filter.initFilterBean(); 68 | 69 | http.addFilterAfter(filter, KeycloakAuthenticationProcessingFilter.class); 70 | } 71 | 72 | 73 | } -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/java/com/thoughtworks/high17/demo/keycloaksecurity/UserController.java: -------------------------------------------------------------------------------- 1 | package com.thoughtworks.high17.demo.keycloaksecurity; 2 | 3 | import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; 4 | import org.springframework.http.HttpRequest; 5 | import org.springframework.security.access.annotation.Secured; 6 | import org.springframework.security.access.prepost.PreAuthorize; 7 | import org.springframework.security.core.Authentication; 8 | import org.springframework.security.core.context.SecurityContextHolder; 9 | import org.springframework.web.bind.annotation.RequestMapping; 10 | import org.springframework.web.bind.annotation.RestController; 11 | 12 | import javax.servlet.http.HttpServletRequest; 13 | import javax.servlet.http.HttpServletResponse; 14 | 15 | /** 16 | * Created by hwwei on 2017/2/23. 17 | */ 18 | @RestController 19 | @RequestMapping("user") 20 | public class UserController { 21 | 22 | @RequestMapping 23 | @Secured("ROLE_MANAGER") 24 | public Authentication getUserInfo(HttpServletRequest request, HttpServletResponse response) { 25 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 26 | if(authentication instanceof KeycloakAuthenticationToken) { 27 | return new KeycloakAuthenticatoin((KeycloakAuthenticationToken) authentication); 28 | } 29 | return authentication; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port=7000 2 | #debug=true 3 | keycloak.configurationFile=classpath:keycloak.json -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/resources/keycloak.json: -------------------------------------------------------------------------------- 1 | { 2 | "realm": "core", 3 | "auth-server-url": "http://localhost:8081/auth", 4 | "ssl-required": "external", 5 | "resource": "openid-web", 6 | "credentials": { 7 | "secret": "a5c01231-9e91-4990-ba5d-59e1976a19c7" 8 | }, 9 | "use-resource-role-mappings": true, 10 | "policy-enforcer": { 11 | "enforcement-mode" : "PERMISSIVE" 12 | } 13 | } -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/resources/static/admin/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Keycloak OpenIdConnect 受控页面 6 | 7 | 8 | 9 |
10 | 44 |
45 |
46 | OpenId Connect Tradition Web(Springboot,Security):7000 47 |
48 |
49 | Public Web(React, js adapter):7001 50 |
51 |
52 | Public Service(Token):7002 53 |
54 |
55 | Saml Web(Spring,Filter):7003 56 |
57 |
58 | 59 | 82 |
83 |
保护资源,需要权限
84 |
log out
85 |
普通资源,不需要权限
86 |
87 |
88 | 89 |

欢迎进入管理板后台管理

90 |
91 |
92 | grade: 93 |
94 |
    95 | 96 |
97 |
98 |
99 |
100 | 101 | 102 | 117 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/resources/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | keycloak OpenIdConnect Web 6 | 7 | 8 |
9 | 64 |
65 |
66 | OpenId Connect Tradition Web(Springboot,Security):7000 67 |
68 |
69 | Public Web(React, js adapter):7001 70 |
71 |
72 | Public Service(Token):7002 73 |
74 |
75 | Saml Web(Spring,Filter):7003 76 |
77 | 80 |
81 | 82 | 103 |
104 |
保护资源,需要权限
105 |
log out
106 |
普通资源,不需要权限
107 |
108 |
109 | 110 | -------------------------------------------------------------------------------- /keycloak-springbootsecurity/src/main/resources/static/session/main.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Keycloak 自由模块 6 | 7 | 8 |

这里session展示模块,不需要登录

9 | 40 |
41 |
42 | OpenId Connect Tradition Web(Springboot,Security):7000 43 |
44 |
45 | Public Web(React, js adapter):7001 46 |
47 |
48 | Public Service(Token):7002 49 |
50 |
51 | Saml Web(Spring,Filter):7003 52 |
53 |
54 | 55 | 76 |
77 |
保护资源,需要权限
78 |
log out
79 |
普通资源,不需要权限
80 |
81 |
82 | 83 | -------------------------------------------------------------------------------- /keycloak/configuration/core-users-0.json: -------------------------------------------------------------------------------- 1 | { 2 | "realm" : "core", 3 | "users" : [ { 4 | "id" : "11e412a7-50fe-453b-9d74-73f0f6cf4ade", 5 | "createdTimestamp" : 1496469792891, 6 | "username" : "admin", 7 | "enabled" : true, 8 | "totp" : false, 9 | "emailVerified" : true, 10 | "firstName" : "admin", 11 | "lastName" : "root", 12 | "email" : "yourwafer@qq.com", 13 | "attributes" : { 14 | "age" : [ "26" ], 15 | "grade" : [ "junior" ] 16 | }, 17 | "credentials" : [ { 18 | "type" : "password", 19 | "hashedSaltedValue" : "VA5DJ7yKHRJLB/EB7cNd05F7Lnp4Q/NVDPqeT7bKBGTJRgOSWMLin7654Wqt8xQ+BoXx/Pb9mmrE7s9cEAQUNQ==", 20 | "salt" : "9XCpL/EDTEimWMKsFAyfEw==", 21 | "hashIterations" : 20000, 22 | "counter" : 0, 23 | "algorithm" : "pbkdf2", 24 | "digits" : 0, 25 | "period" : 0, 26 | "createdDate" : 1496469803454, 27 | "config" : { } 28 | } ], 29 | "disableableCredentialTypes" : [ "password" ], 30 | "requiredActions" : [ ], 31 | "realmRoles" : [ "offline_access", "global_manager", "uma_authorization" ], 32 | "clientRoles" : { 33 | "broker" : [ "read-token" ], 34 | "openid-web" : [ "manager" ], 35 | "account" : [ "view-profile", "manage-account" ] 36 | }, 37 | "clientConsents" : [ { 38 | "clientId" : "samlweb", 39 | "grantedProtocolMappers" : { }, 40 | "grantedRealmRoles" : [ "global_manager", "uma_authorization" ], 41 | "grantedClientRoles" : { 42 | "account" : [ "view-profile", "manage-account" ] 43 | }, 44 | "createdDate" : 1496593348767, 45 | "lastUpdatedDate" : 1496593348809 46 | } ], 47 | "groups" : [ "/anonymous" ] 48 | }, { 49 | "id" : "e5d493e8-6bf2-4613-85b0-eef82fb87634", 50 | "createdTimestamp" : 1496304729029, 51 | "username" : "guest", 52 | "enabled" : true, 53 | "totp" : false, 54 | "emailVerified" : false, 55 | "attributes" : { 56 | "age" : [ "26" ] 57 | }, 58 | "credentials" : [ { 59 | "type" : "password", 60 | "hashedSaltedValue" : "6YtUZOxhnWqFQgGj1ECVJwL+KSjvkjyrclSxk248HqKSwlokDZccwEa3Ooo9gecf2KN9Uhmmufeo4nlTAC4WCQ==", 61 | "salt" : "mkUSPfT8Z/IU96z4qUZZhg==", 62 | "hashIterations" : 20000, 63 | "counter" : 0, 64 | "algorithm" : "pbkdf2", 65 | "digits" : 0, 66 | "period" : 0, 67 | "createdDate" : 1496304739943, 68 | "config" : { } 69 | } ], 70 | "disableableCredentialTypes" : [ "password" ], 71 | "requiredActions" : [ ], 72 | "realmRoles" : [ "offline_access", "uma_authorization" ], 73 | "clientRoles" : { 74 | "account" : [ "view-profile", "manage-account" ] 75 | }, 76 | "groups" : [ ] 77 | }, { 78 | "id" : "81bdf263-8680-422e-bd4f-eb2e255b2c3c", 79 | "createdTimestamp" : 1496652075537, 80 | "username" : "hwwei@thoughtworks.com", 81 | "enabled" : true, 82 | "totp" : false, 83 | "emailVerified" : false, 84 | "firstName" : "Hongwei", 85 | "lastName" : "Wei", 86 | "email" : "hwwei@thoughtworks.com", 87 | "credentials" : [ ], 88 | "disableableCredentialTypes" : [ ], 89 | "requiredActions" : [ ], 90 | "federatedIdentities" : [ { 91 | "identityProvider" : "google", 92 | "userId" : "117914017725294278985", 93 | "userName" : "hwwei@thoughtworks.com" 94 | } ], 95 | "realmRoles" : [ "offline_access", "uma_authorization" ], 96 | "clientRoles" : { 97 | "broker" : [ "read-token" ], 98 | "account" : [ "view-profile", "manage-account" ] 99 | }, 100 | "groups" : [ ] 101 | }, { 102 | "id" : "8ed3a369-b0d6-4422-8e7e-df39817b91df", 103 | "createdTimestamp" : 1496304712009, 104 | "username" : "manager", 105 | "enabled" : true, 106 | "totp" : false, 107 | "emailVerified" : true, 108 | "firstName" : "wei", 109 | "lastName" : "wei", 110 | "email" : "yourwafer@foxmail.com", 111 | "attributes" : { 112 | "saml.persistent.name.id.for.samlweb" : [ "G-ff1851b0-a6c2-4db7-a5be-cb73ee5caa81" ], 113 | "age" : [ "25" ], 114 | "grade" : [ "senior" ] 115 | }, 116 | "credentials" : [ { 117 | "type" : "password", 118 | "hashedSaltedValue" : "6+KDEQf+91y/dcrJQDc/juVec8j55eFwgSPHDhOkGs9cQ4Mg73sGXf+sjvElXHBn2xUOPwttnw30EQkWtyx0Sg==", 119 | "salt" : "nNsFUwzAZUjMza0MM0pFbw==", 120 | "hashIterations" : 20000, 121 | "counter" : 0, 122 | "algorithm" : "pbkdf2", 123 | "digits" : 0, 124 | "period" : 0, 125 | "createdDate" : 1496305246883, 126 | "config" : { } 127 | } ], 128 | "disableableCredentialTypes" : [ "password" ], 129 | "requiredActions" : [ ], 130 | "realmRoles" : [ "offline_access", "global_manager", "uma_authorization" ], 131 | "clientRoles" : { 132 | "account" : [ "view-profile", "manage-account" ] 133 | }, 134 | "clientConsents" : [ { 135 | "clientId" : "samlweb", 136 | "grantedProtocolMappers" : { }, 137 | "grantedRealmRoles" : [ "global_manager", "uma_authorization" ], 138 | "grantedClientRoles" : { 139 | "account" : [ "view-profile", "manage-account" ] 140 | }, 141 | "createdDate" : 1496593349094, 142 | "lastUpdatedDate" : 1496593349116 143 | } ], 144 | "groups" : [ "/anonymous" ] 145 | }, { 146 | "id" : "771ea0f0-dbff-4a71-afa6-4a038be41310", 147 | "createdTimestamp" : 1496594142741, 148 | "username" : "service-account-openid-web", 149 | "enabled" : true, 150 | "totp" : false, 151 | "emailVerified" : false, 152 | "email" : "service-account-openid-web@placeholder.org", 153 | "serviceAccountClientId" : "openid-web", 154 | "credentials" : [ ], 155 | "disableableCredentialTypes" : [ ], 156 | "requiredActions" : [ ], 157 | "realmRoles" : [ "offline_access", "uma_authorization" ], 158 | "clientRoles" : { 159 | "openid-web" : [ "uma_protection" ], 160 | "account" : [ "view-profile", "manage-account" ] 161 | }, 162 | "groups" : [ ] 163 | }, { 164 | "id" : "44a667aa-e3dd-4bcc-931f-905931584d1d", 165 | "createdTimestamp" : 1496651684325, 166 | "username" : "yourwafer", 167 | "enabled" : true, 168 | "totp" : false, 169 | "emailVerified" : false, 170 | "firstName" : "wei", 171 | "lastName" : "wei", 172 | "email" : "yourwafer@sina.com", 173 | "credentials" : [ ], 174 | "disableableCredentialTypes" : [ ], 175 | "requiredActions" : [ ], 176 | "federatedIdentities" : [ { 177 | "identityProvider" : "github", 178 | "userId" : "5535122", 179 | "userName" : "yourwafer" 180 | } ], 181 | "realmRoles" : [ "offline_access", "uma_authorization" ], 182 | "clientRoles" : { 183 | "broker" : [ "read-token" ], 184 | "account" : [ "view-profile", "manage-account" ] 185 | }, 186 | "groups" : [ ] 187 | } ] 188 | } -------------------------------------------------------------------------------- /keycloak/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | services: 3 | keycloak: 4 | image: "jboss/keycloak:3.1.0.Final" 5 | ports: 6 | - "8081:8080" 7 | - "9991:9990" 8 | volumes: 9 | - ./configuration:/var/tmp 10 | - ./themes/core:/opt/jboss/keycloak/themes/core 11 | environment: 12 | - KEYCLOAK_USER=admin 13 | - KEYCLOAK_PASSWORD=admin 14 | # entrypoint: /opt/jboss/docker-entrypoint.sh -b 0.0.0.0 -Dkeycloak.migration.action=import -Dkeycloak.migration.provider=dir -Dkeycloak.migration.dir=/var/tmp 15 | command: 16 | - -b 0.0.0.0 17 | - -Dkeycloak.migration.action=import 18 | - -Dkeycloak.migration.provider=dir 19 | - -Dkeycloak.migration.dir=/var/tmp 20 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/account.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='account' bodyClass='user'; section> 3 | 4 |
5 |
6 |

${msg("editAccountHtmlTitle")}

7 |
8 |
9 | * ${msg("requiredFields")} 10 |
11 |
12 | 13 |
14 | 15 | 16 | 17 | <#if !realm.registrationEmailAsUsername> 18 |
19 |
20 | <#if realm.editUsernameAllowed>* 21 |
22 | 23 |
24 | disabled="disabled" value="${(account.username!'')?html}"/> 25 |
26 |
27 | 28 | 29 |
30 |
31 | * 32 |
33 | 34 |
35 | 36 |
37 |
38 | 39 |
40 |
41 | * 42 |
43 | 44 |
45 | 46 |
47 |
48 | 49 |
50 |
51 | * 52 |
53 | 54 |
55 | 56 |
57 |
58 | 59 |
60 |
61 | 62 |
63 | 64 |
65 | 66 |
67 |
68 | 69 |
70 |
71 | 72 |
73 | 74 |
75 | 76 |
77 |
78 | 79 |
80 | 87 |
88 | 89 | 90 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/applications.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='applications' bodyClass='applications'; section> 3 | 4 |
5 |
6 |

${msg("applicationsHtmlTitle")}

7 |
8 |
9 | 10 |
11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | <#list applications.applications as application> 28 | 29 | 34 | 35 | 49 | 50 | 68 | 69 | 78 | 79 | 84 | 85 | 90 | 91 | 92 | 93 |
${msg("application")}${msg("availablePermissions")}${msg("grantedPermissions")}${msg("grantedPersonalInfo")}${msg("additionalGrants")}${msg("action")}
30 | <#if application.client.baseUrl??> 31 | <#if application.client.name??>${advancedMsg(application.client.name)}<#else>${application.client.clientId} 32 | <#if application.client.baseUrl??> 33 | 36 | <#list application.realmRolesAvailable as role> 37 | <#if role.description??>${advancedMsg(role.description)}<#else>${advancedMsg(role.name)} 38 | <#if role_has_next>, 39 | 40 | <#list application.resourceRolesAvailable?keys as resource> 41 | <#if application.realmRolesAvailable?has_content>, 42 | <#list application.resourceRolesAvailable[resource] as clientRole> 43 | <#if clientRole.roleDescription??>${advancedMsg(clientRole.roleDescription)}<#else>${advancedMsg(clientRole.roleName)} 44 | ${msg("inResource")} <#if clientRole.clientName??>${advancedMsg(clientRole.clientName)}<#else>${clientRole.clientId} 45 | <#if clientRole_has_next>, 46 | 47 | 48 | 51 | <#if application.client.consentRequired> 52 | <#list application.realmRolesGranted as role> 53 | <#if role.description??>${advancedMsg(role.description)}<#else>${advancedMsg(role.name)} 54 | <#if role_has_next>, 55 | 56 | <#list application.resourceRolesGranted?keys as resource> 57 | <#if application.realmRolesGranted?has_content>, 58 | <#list application.resourceRolesGranted[resource] as clientRole> 59 | <#if clientRole.roleDescription??>${advancedMsg(clientRole.roleDescription)}<#else>${advancedMsg(clientRole.roleName)} 60 | ${msg("inResource")} <#if clientRole.clientName??>${advancedMsg(clientRole.clientName)}<#else>${clientRole.clientId} 61 | <#if clientRole_has_next>, 62 | 63 | 64 | <#else> 65 | ${msg("fullAccess")} 66 | 67 | 70 | <#if application.client.consentRequired> 71 | <#list application.claimsGranted as claim> 72 | ${advancedMsg(claim)}<#if claim_has_next>, 73 | 74 | <#else> 75 | ${msg("fullAccess")} 76 | 77 | 80 | <#list application.additionalGrants as grant> 81 | ${advancedMsg(grant)}<#if grant_has_next>, 82 | 83 | 86 | <#if (application.client.consentRequired && application.claimsGranted?has_content) || application.additionalGrants?has_content> 87 | 88 | 89 |
94 |
95 | 96 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/federatedIdentity.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='social' bodyClass='social'; section> 3 | 4 |
5 |
6 |

${msg("federatedIdentitiesHtmlTitle")}

7 |
8 |
9 | 10 |
11 | <#list federatedIdentity.identities as identity> 12 |
13 |
14 | 15 |
16 |
17 | 18 |
19 |
20 | <#if identity.connected> 21 | <#if federatedIdentity.removeLinkPossible> 22 | ${msg("doRemove")} 23 | 24 | <#else> 25 | ${msg("doAdd")} 26 | 27 |
28 |
29 | 30 |
31 | 32 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/log.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='log' bodyClass='log'; section> 3 | 4 |
5 |
6 |

${msg("accountLogHtmlTitle")}

7 |
8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | <#list log.events as event> 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 |
${msg("date")}${msg("event")}${msg("ip")}${msg("client")}${msg("details")}
${event.date?datetime}${event.event}${event.ipAddress}${event.client!}<#list event.details as detail>${detail.key} = ${detail.value} <#if detail_has_next>,
34 | 35 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_ca.properties: -------------------------------------------------------------------------------- 1 | doSave=Desa 2 | doCancel=Cancel\u00B7la 3 | doLogOutAllSessions=Desconnecta de totes les sessions 4 | doRemove=Elimina 5 | doAdd=Afegeix 6 | doSignOut=Desconnectar 7 | 8 | editAccountHtmlTitle=Edita compte 9 | federatedIdentitiesHtmlTitle=Identitats federades 10 | accountLogHtmlTitle=Registre del compte 11 | changePasswordHtmlTitle=Canvia contrasenya 12 | sessionsHtmlTitle=Sessions 13 | accountManagementTitle=Gesti\u00F3 de Compte Keycloak 14 | authenticatorTitle=Autenticador 15 | applicationsHtmlTitle=Aplicacions 16 | 17 | authenticatorCode=Codi d''un sol \u00FAs 18 | email=Email 19 | firstName=Nom 20 | givenName=Nom de pila 21 | fullName=Nom complet 22 | lastName=Cognoms 23 | familyName=Cognom 24 | password=Contrasenya 25 | passwordConfirm=Confirma la contrasenya 26 | passwordNew=Nova contrasenya 27 | username=Usuari 28 | address=Adre\u00E7a 29 | street=Carrer 30 | locality=Ciutat o Municipi 31 | region=Estat, Prov\u00EDncia, o Regi\u00F3 32 | postal_code=Postal code 33 | country=Pa\u00EDs 34 | emailVerified=Email verificat 35 | gssDelegationCredential=GSS Delegation Credential 36 | 37 | role_admin=Administrador 38 | role_realm-admin=Administrador del domini 39 | role_create-realm=Crear domini 40 | role_view-realm=Veure domini 41 | role_view-users=Veure usuaris 42 | role_view-applications=Veure aplicacions 43 | role_view-clients=Veure clients 44 | role_view-events=Veure events 45 | role_view-identity-providers=Veure prove\u00EFdors d''identitat 46 | role_manage-realm=Gestionar domini 47 | role_manage-users=Gestinar usuaris 48 | role_manage-applications=Gestionar aplicacions 49 | role_manage-identity-providers=Gestionar prove\u00EFdors d''identitat 50 | role_manage-clients=Gestionar clients 51 | role_manage-events=Gestionar events 52 | role_view-profile=Veure perfil 53 | role_manage-account=Gestionar compte 54 | role_read-token=Llegir token 55 | role_offline-access=Acc\u00E9s sense connexi\u00F3 56 | client_account=Compte 57 | client_security-admin-console=Consola d''Administraci\u00F3 de Seguretat 58 | client_realm-management=Gesti\u00F3 de domini 59 | client_broker=Broker 60 | 61 | 62 | requiredFields=Camps obligatoris 63 | allFieldsRequired=Tots els camps obligatoris 64 | 65 | backToApplication=« Torna a l''aplicaci\u00F3 66 | backTo=Torna a {0} 67 | 68 | date=Data 69 | event=Event 70 | ip=IP 71 | client=Client 72 | clients=Clients 73 | details=Detalls 74 | started=Iniciat 75 | lastAccess=\u00DAltim acc\u00E9s 76 | expires=Expira 77 | applications=Aplicacions 78 | 79 | account=Compte 80 | federatedIdentity=Identitat federada 81 | authenticator=Autenticador 82 | sessions=Sessions 83 | log=Registre 84 | 85 | application=Aplicaci\u00F3 86 | availablePermissions=Permisos disponibles 87 | grantedPermissions=Permisos concedits 88 | grantedPersonalInfo=Informaci\u00F3 personal concedida 89 | additionalGrants=Permisos addicionals 90 | action=Acci\u00F3 91 | inResource=a 92 | fullAccess=Acc\u00E9s total 93 | offlineToken=Codi d''autoritzaci\u00F3 offline 94 | revoke=Revocar perm\u00EDs 95 | 96 | configureAuthenticators=Autenticadors configurats 97 | mobile=M\u00F2bil 98 | totpStep1=Instal\u00B7la FreeOTP o Google Authenticator al teu tel\u00E8fon m\u00F2bil. Les dues aplicacions estan disponibles a Google Play i en l''App Store d''Apple. 99 | totpStep2=Obre l''aplicaci\u00F3 i escaneja el codi o introdueix la clau. 100 | totpStep3=Introdueix el codi \u00FAnic que et mostra l''aplicaci\u00F3 d''autenticaci\u00F3 i fes clic a Envia per finalitzar la configuraci\u00F3 101 | 102 | missingUsernameMessage=Si us plau indica el teu usuari. 103 | missingFirstNameMessage=Si us plau indica el nom. 104 | invalidEmailMessage=Email no v\u00E0lid 105 | missingLastNameMessage=Si us plau indica els teus cognoms. 106 | missingEmailMessage=Si us plau indica l''email. 107 | missingPasswordMessage=Si us plau indica la contrasenya. 108 | notMatchPasswordMessage=Les contrasenyes no coincideixen. 109 | 110 | missingTotpMessage=Si us plau indica el teu codi d''autenticaci\u00F3 111 | invalidPasswordExistingMessage=La contrasenya actual no \u00E9s correcta. 112 | invalidPasswordConfirmMessage=La confirmaci\u00F3 de contrasenya no coincideix. 113 | invalidTotpMessage=El c\u00F3digo de autenticaci\u00F3n no es v\u00E1lido. 114 | 115 | usernameExistsMessage=L''usuari ja existeix 116 | emailExistsMessage=L''email ja existeix 117 | 118 | readOnlyUserMessage=No pots actualitzar el teu usuari perqu\u00E8 el teu compte \u00E9s de nom\u00E9s lectura. 119 | readOnlyPasswordMessage=No pots actualitzar la contrasenya perqu\u00E8 el teu compte \u00E9s de nom\u00E9s lectura. 120 | 121 | successTotpMessage=Aplicaci\u00F3 d''autenticaci\u00F3 m\u00F2bil configurada. 122 | successTotpRemovedMessage=Aplicaci\u00F3 d''autenticaci\u00F3 m\u00F2bil eliminada. 123 | 124 | successGrantRevokedMessage=Perm\u00EDs revocat correctament 125 | 126 | accountUpdatedMessage=El teu compte s''ha actualitzat. 127 | accountPasswordUpdatedMessage=La contrasenya s''ha actualitzat. 128 | 129 | missingIdentityProviderMessage=Prove\u00EFdor d''identitat no indicat. 130 | invalidFederatedIdentityActionMessage=Acci\u00F3 no v\u00E0lida o no indicada. 131 | identityProviderNotFoundMessage=No s''ha trobat un prove\u00EFdor d''identitat. 132 | federatedIdentityLinkNotActiveMessage=Aquesta identitat ja no est\u00E0 activa 133 | federatedIdentityRemovingLastProviderMessage=No pots eliminar l''\u00FAltima identitat federada perqu\u00E8 no tens fixada una contrasenya. 134 | identityProviderRedirectErrorMessage=Error en la redirecci\u00F3 al prove\u00EFdor d''identitat 135 | identityProviderRemovedMessage=Prove\u00EFdor d''identitat esborrat correctament. 136 | 137 | accountDisabledMessage=El compte est\u00E0 desactivada, contacteu amb l''administrador. 138 | 139 | accountTemporarilyDisabledMessage=El compte est\u00E0 temporalment desactivat, contacta amb l''administrador o intenta-ho de nou m\u00E9s tard. 140 | invalidPasswordMinLengthMessage=Contrasenya incorrecta: longitud m\u00EDnima {0}. 141 | invalidPasswordMinLowerCaseCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} lletres min\u00FAscules. 142 | invalidPasswordMinDigitsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres num\u00E9ricos. 143 | invalidPasswordMinUpperCaseCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} lletres maj\u00FAscules. 144 | invalidPasswordMinSpecialCharsMessage=Contrasenya incorrecta: ha de contenir almenys {0} car\u00E0cters especials. 145 | invalidPasswordNotUsernameMessage=Contrasenya incorrecta: no pot ser igual al nom d''usuari. 146 | invalidPasswordRegexPatternMessage=Contrasenya incorrecta: no compleix l''expressi\u00F3 regular. 147 | invalidPasswordHistoryMessage=Contrasenya incorrecta: no pot ser igual a cap de les \u00FAltimes {0} contrasenyes. -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_de.properties: -------------------------------------------------------------------------------- 1 | doLogOutAllSessions=Alle Sitzungen abmelden 2 | doSave=Speichern 3 | doCancel=Abbrechen 4 | doRemove=Entfernen 5 | doAdd=Hinzuf\u00FCgen 6 | doSignOut=Abmelden 7 | 8 | editAccountHtmlTitle=Benutzerkonto bearbeiten 9 | federatedIdentitiesHtmlTitle=F\u00F6derierte Identit\u00E4ten 10 | accountLogHtmlTitle=Benutzerkonto Log 11 | changePasswordHtmlTitle=Passwort \u00C4ndern 12 | sessionsHtmlTitle=Sitzungen 13 | accountManagementTitle=Keycloak Benutzerkontoverwaltung 14 | authenticatorTitle=Authenticator 15 | applicationsHtmlTitle=Applikationen 16 | 17 | authenticatorCode=One-time Code 18 | email=E-Mail 19 | firstName=Vorname 20 | givenName=Vorname 21 | fullName=Voller Name 22 | lastName=Nachname 23 | familyName=Nachname 24 | password=Passwort 25 | passwordConfirm=Passwortbest\u00E4tigung 26 | passwordNew=Neues Passwort 27 | username=Benutzernamen 28 | address=Adresse 29 | street=Stra\u00DFe 30 | region=Staat, Provinz, Region 31 | postal_code=PLZ 32 | locality=Stadt oder Ortschaft 33 | country=Land 34 | emailVerified=E-Mail verifiziert 35 | gssDelegationCredential=GSS delegierte Berechtigung 36 | 37 | role_admin=Admin 38 | role_realm-admin=Realm Admin 39 | role_create-realm=Realm erstellen 40 | role_view-realm=Realm ansehen 41 | role_view-users=Benutzer ansehen 42 | role_view-applications=Applikationen ansehen 43 | role_view-clients=Clients ansehen 44 | role_view-events=Events ansehen 45 | role_view-identity-providers=Identity Provider ansehen 46 | role_manage-realm=Realm verwalten 47 | role_manage-users=Benutzer verwalten 48 | role_manage-applications=Applikationen verwalten 49 | role_manage-identity-providers=Identity Provider verwalten 50 | role_manage-clients=Clients verwalten 51 | role_manage-events=Events verwalten 52 | role_view-profile=Profile ansehen 53 | role_manage-account=Profile verwalten 54 | role_read-token=Token lesen 55 | role_offline-access=Offline-Zugriff 56 | client_account=Konto 57 | client_realm-management=Realm-Management 58 | client_broker=Broker 59 | 60 | 61 | requiredFields=Erforderliche Felder 62 | allFieldsRequired=Alle Felder sind erforderlich 63 | 64 | backToApplication=« Zur\u00FCck zur Applikation 65 | backTo=Zur\u00FCck zu {0} 66 | 67 | date=Datum 68 | event=Ereignis 69 | ip=IP 70 | client=Client 71 | clients=Clients 72 | details=Details 73 | started=Startdatum 74 | lastAccess=Letzter Zugriff 75 | expires=Ablaufdatum 76 | applications=Applikationen 77 | 78 | account=Benutzerkonto 79 | federatedIdentity=F\u00F6derierte Identit\u00E4t 80 | authenticator=Authenticator 81 | sessions=Sitzungen 82 | log=Log 83 | 84 | application=Applikation 85 | availablePermissions=verf\u00FCgbare Berechtigungen 86 | grantedPermissions=gew\u00E4hrte Berechtigungen 87 | grantedPersonalInfo=gew\u00E4hrte pers\u00F6nliche Informationen 88 | additionalGrants=zus\u00E4tzliche Berechtigungen 89 | action=Aktion 90 | inResource=in 91 | fullAccess=Vollzugriff 92 | offlineToken=Offline-Token 93 | revoke=Berechtigung widerrufen 94 | 95 | configureAuthenticators=Authenticatoren konfigurieren 96 | mobile=Mobile 97 | totpStep1=Installieren Sie FreeOTP oder Google Authenticator auf Ihrem Smartphone. 98 | totpStep2=\u00D6ffnen Sie die Applikation und scannen Sie den Barcode oder geben Sie den Code ein. 99 | totpStep3=Geben Sie den von der Applikation generierten One-time Code ein und klicken Sie auf Speichern. 100 | 101 | missingUsernameMessage=Bitte geben Sie einen Benutzernamen ein. 102 | missingFirstNameMessage=Bitte geben Sie einen Vornamen ein. 103 | missingEmailMessage=Bitte geben Sie eine E-Mail Adresse ein. 104 | missingLastNameMessage=Bitte geben Sie einen Nachnamen ein. 105 | missingPasswordMessage=Bitte geben Sie ein Passwort ein. 106 | notMatchPasswordMessage=Passw\u00F6rter sind nicht identisch. 107 | 108 | missingTotpMessage=Bitte geben Sie den One-time Code ein. 109 | invalidPasswordExistingMessage=Das aktuelle Passwort is ung\u00FCltig. 110 | invalidPasswordConfirmMessage=Die Passwortbest\u00E4tigung ist nicht identisch. 111 | invalidTotpMessage=Ung\u00FCltiger One-time Code. 112 | invalidEmailMessage=Ung\u00FCltige E-Mail Adresse. 113 | 114 | usernameExistsMessage=Der Benutzername existiert bereits. 115 | emailExistsMessage=Die E-Mail-Adresse existiert bereits. 116 | 117 | readOnlyUserMessage=Sie k\u00F6nnen dieses Benutzerkonto nicht \u00E4ndern, da es schreibgesch\u00FCtzt ist. 118 | readOnlyPasswordMessage=Sie k\u00F6nnen dieses Passwort nicht \u00E4ndern, da es schreibgesch\u00FCtzt ist. 119 | 120 | successTotpMessage=Mobile Authentifizierung eingerichtet. 121 | successTotpRemovedMessage=Mobile Authentifizierung entfernt. 122 | 123 | successGrantRevokedMessage=Berechtigung erfolgreich widerrufen. 124 | 125 | accountUpdatedMessage=Ihr Benutzerkonto wurde aktualisiert. 126 | accountPasswordUpdatedMessage=Ihr Passwort wurde aktualisiert. 127 | 128 | missingIdentityProviderMessage=Identity Provider nicht angegeben. 129 | invalidFederatedIdentityActionMessage=Ung\u00FCltige oder fehlende Aktion. 130 | identityProviderNotFoundMessage=Angegebener Identity Provider nicht gefunden. 131 | federatedIdentityLinkNotActiveMessage=Diese Identit\u00E4t ist nicht mehr aktiv. 132 | federatedIdentityRemovingLastProviderMessage=Sie k\u00F6nnen den letzten Eintrag nicht entfernen, da Sie kein Passwort haben. 133 | identityProviderRedirectErrorMessage=Fehler bei der Weiterleitung zum Identity Provider. 134 | identityProviderRemovedMessage=Identity Provider erfolgreich entfernt. 135 | 136 | accountDisabledMessage=Benutzerkonto ist gesperrt, bitte kontaktieren Sie den Admin. 137 | 138 | accountTemporarilyDisabledMessage=Benutzerkonto ist tempor\u00E4r gesperrt, bitte kontaktieren Sie den Admin oder versuchen Sie es sp\u00E4ter noch einmal. 139 | invalidPasswordMinLengthMessage=Ung\u00FCltiges Passwort\: Minimall\u00E4nge {0}. 140 | invalidPasswordMinDigitsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Zahl(en) beinhalten. 141 | invalidPasswordMinLowerCaseCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Kleinbuchstaben beinhalten. 142 | invalidPasswordMinUpperCaseCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Grossbuchstaben beinhalten. 143 | invalidPasswordMinSpecialCharsMessage=Ung\u00FCltiges Passwort\: muss mindestens {0} Spezialzeichen beinhalten. 144 | invalidPasswordNotUsernameMessage=Ung\u00FCltiges Passwort\: darf nicht gleich sein wie Benutzername. 145 | invalidPasswordRegexPatternMessage=Ung\u00FCltiges Passwort\: nicht Regex-Muster (n) entsprechen. 146 | invalidPasswordHistoryMessage=Ung\u00FCltiges Passwort: darf nicht einem der letzten {0} Passw\u00F6rter entsprechen. -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_en.properties: -------------------------------------------------------------------------------- 1 | doSave=Save 2 | doCancel=Cancel 3 | doLogOutAllSessions=Log out all sessions 4 | doRemove=Remove 5 | doAdd=Add 6 | doSignOut=Sign Out 7 | 8 | editAccountHtmlTitle=Edit Account 9 | federatedIdentitiesHtmlTitle=Federated Identities 10 | accountLogHtmlTitle=Account Log 11 | changePasswordHtmlTitle=Change Password 12 | sessionsHtmlTitle=Sessions 13 | accountManagementTitle=Keycloak Account Management 14 | authenticatorTitle=Authenticator 15 | applicationsHtmlTitle=Applications 16 | 17 | authenticatorCode=One-time code 18 | email=Email 19 | firstName=First name 20 | givenName=Given name 21 | fullName=Full name 22 | lastName=Last name 23 | familyName=Family name 24 | password=Password 25 | passwordConfirm=Confirmation 26 | passwordNew=New Password 27 | username=Username 28 | address=Address 29 | street=Street 30 | locality=City or Locality 31 | region=State, Province, or Region 32 | postal_code=Zip or Postal code 33 | country=Country 34 | emailVerified=Email verified 35 | gssDelegationCredential=GSS Delegation Credential 36 | 37 | role_admin=Admin 38 | role_realm-admin=Realm Admin 39 | role_create-realm=Create realm 40 | role_view-realm=View realm 41 | role_view-users=View users 42 | role_view-applications=View applications 43 | role_view-clients=View clients 44 | role_view-events=View events 45 | role_view-identity-providers=View identity providers 46 | role_manage-realm=Manage realm 47 | role_manage-users=Manage users 48 | role_manage-applications=Manage applications 49 | role_manage-identity-providers=Manage identity providers 50 | role_manage-clients=Manage clients 51 | role_manage-events=Manage events 52 | role_view-profile=View profile 53 | role_manage-account=Manage account 54 | role_manage-account-links=Manage account links 55 | role_read-token=Read token 56 | role_offline-access=Offline access 57 | role_uma_authorization=Obtain permissions 58 | client_account=Account 59 | client_security-admin-console=Security Admin Console 60 | client_admin-cli=Admin CLI 61 | client_realm-management=Realm Management 62 | client_broker=Broker 63 | 64 | 65 | requiredFields=Required fields 66 | allFieldsRequired=All fields required 67 | 68 | backToApplication=« Back to application 69 | backTo=Back to {0} 70 | 71 | date=Date 72 | event=Event 73 | ip=IP 74 | client=Client 75 | clients=Clients 76 | details=Details 77 | started=Started 78 | lastAccess=Last Access 79 | expires=Expires 80 | applications=Applications 81 | 82 | account=Account 83 | federatedIdentity=Federated Identity 84 | authenticator=Authenticator 85 | sessions=Sessions 86 | log=Log 87 | 88 | application=Application 89 | availablePermissions=Available Permissions 90 | grantedPermissions=Granted Permissions 91 | grantedPersonalInfo=Granted Personal Info 92 | additionalGrants=Additional Grants 93 | action=Action 94 | inResource=in 95 | fullAccess=Full Access 96 | offlineToken=Offline Token 97 | revoke=Revoke Grant 98 | 99 | configureAuthenticators=Configured Authenticators 100 | mobile=Mobile 101 | totpStep1=Install FreeOTP or Google Authenticator on your device. Both applications are available in Google Play and Apple App Store. 102 | totpStep2=Open the application and scan the barcode or enter the key. 103 | totpStep3=Enter the one-time code provided by the application and click Save to finish the setup. 104 | 105 | missingUsernameMessage=Please specify username. 106 | missingFirstNameMessage=Please specify first name. 107 | invalidEmailMessage=Invalid email address. 108 | missingLastNameMessage=Please specify last name. 109 | missingEmailMessage=Please specify email. 110 | missingPasswordMessage=Please specify password. 111 | notMatchPasswordMessage=Passwords don''t match. 112 | 113 | missingTotpMessage=Please specify authenticator code. 114 | invalidPasswordExistingMessage=Invalid existing password. 115 | invalidPasswordConfirmMessage=Password confirmation doesn''t match. 116 | invalidTotpMessage=Invalid authenticator code. 117 | 118 | usernameExistsMessage=Username already exists. 119 | emailExistsMessage=Email already exists. 120 | 121 | readOnlyUserMessage=You can''t update your account as it is read only. 122 | readOnlyPasswordMessage=You can''t update your password as your account is read only. 123 | 124 | successTotpMessage=Mobile authenticator configured. 125 | successTotpRemovedMessage=Mobile authenticator removed. 126 | 127 | successGrantRevokedMessage=Grant revoked successfully. 128 | 129 | accountUpdatedMessage=Your account has been updated. 130 | accountPasswordUpdatedMessage=Your password has been updated. 131 | 132 | missingIdentityProviderMessage=Identity provider not specified. 133 | invalidFederatedIdentityActionMessage=Invalid or missing action. 134 | identityProviderNotFoundMessage=Specified identity provider not found. 135 | federatedIdentityLinkNotActiveMessage=This identity is not active anymore. 136 | federatedIdentityRemovingLastProviderMessage=You can''t remove last federated identity as you don''t have password. 137 | identityProviderRedirectErrorMessage=Failed to redirect to identity provider. 138 | identityProviderRemovedMessage=Identity provider removed successfully. 139 | identityProviderAlreadyLinkedMessage=Federated identity returned by {0} is already linked to another user. 140 | staleCodeAccountMessage=The page expired. Please try one more time. 141 | consentDenied=Consent denied. 142 | 143 | accountDisabledMessage=Account is disabled, contact admin. 144 | 145 | accountTemporarilyDisabledMessage=Account is temporarily disabled, contact admin or try again later. 146 | invalidPasswordMinLengthMessage=Invalid password: minimum length {0}. 147 | invalidPasswordMinLowerCaseCharsMessage=Invalid password: must contain at least {0} lower case characters. 148 | invalidPasswordMinDigitsMessage=Invalid password: must contain at least {0} numerical digits. 149 | invalidPasswordMinUpperCaseCharsMessage=Invalid password: must contain at least {0} upper case characters. 150 | invalidPasswordMinSpecialCharsMessage=Invalid password: must contain at least {0} special characters. 151 | invalidPasswordNotUsernameMessage=Invalid password: must not be equal to the username. 152 | invalidPasswordRegexPatternMessage=Invalid password: fails to match regex pattern(s). 153 | invalidPasswordHistoryMessage=Invalid password: must not be equal to any of last {0} passwords. 154 | invalidPasswordGenericMessage=Invalid password: new password doesn''t match password policies. 155 | 156 | locale_ca=Catal\u00E0 157 | locale_de=Deutsch 158 | locale_en=English 159 | locale_es=Espa\u00F1ol 160 | locale_fr=Fran\u00e7ais 161 | locale_it=Italian 162 | locale_ja=\u65E5\u672C\u8A9E 163 | locale_no=Norsk 164 | locale_lt=Lietuvi\u0173 165 | locale_pt-BR=Portugu\u00EAs (Brasil) 166 | locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439 -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_es.properties: -------------------------------------------------------------------------------- 1 | doSave=Guardar 2 | doCancel=Cancelar 3 | doLogOutAllSessions=Desconectar de todas las sesiones 4 | doRemove=Eliminar 5 | doAdd=A\u00F1adir 6 | doSignOut=Desconectar 7 | 8 | editAccountHtmlTitle=Editar cuenta 9 | federatedIdentitiesHtmlTitle=Identidades federadas 10 | accountLogHtmlTitle=Registro de la cuenta 11 | changePasswordHtmlTitle=Cambiar contrase\u00F1a 12 | sessionsHtmlTitle=Sesiones 13 | accountManagementTitle=Gesti\u00F3n de Cuenta Keycloak 14 | authenticatorTitle=Autenticador 15 | applicationsHtmlTitle=Aplicaciones 16 | 17 | authenticatorCode=C\u00F3digo de un solo uso 18 | email=Email 19 | firstName=Nombre 20 | givenName=Nombre de pila 21 | fullName=Nombre completo 22 | lastName=Apellidos 23 | familyName=Apellido 24 | password=Contrase\u00F1a 25 | passwordConfirm=Confirma la contrase\u00F1a 26 | passwordNew=Nueva contrase\u00F1a 27 | username=Usuario 28 | address=Direcci\u00F3n 29 | street=Calle 30 | locality=Ciudad o Municipio 31 | region=Estado, Provincia, o Regi\u00F3n 32 | postal_code=C\u00F3digo Postal 33 | country=Pa\u00EDs 34 | emailVerified=Email verificado 35 | gssDelegationCredential=GSS Delegation Credential 36 | 37 | role_admin=Administrador 38 | role_realm-admin=Administrador del dominio 39 | role_create-realm=Crear dominio 40 | role_view-realm=Ver dominio 41 | role_view-users=Ver usuarios 42 | role_view-applications=Ver aplicaciones 43 | role_view-clients=Ver clientes 44 | role_view-events=Ver eventos 45 | role_view-identity-providers=Ver proveedores de identidad 46 | role_manage-realm=Gestionar dominio 47 | role_manage-users=Gestionar usuarios 48 | role_manage-applications=Gestionar aplicaciones 49 | role_manage-identity-providers=Gestionar proveedores de identidad 50 | role_manage-clients=Gestionar clientes 51 | role_manage-events=Gestionar eventos 52 | role_view-profile=Ver perfil 53 | role_manage-account=Gestionar cuenta 54 | role_read-token=Leer token 55 | role_offline-access=Acceso sin conexi\u00F3n 56 | client_account=Cuenta 57 | client_security-admin-console=Consola de Administraci\u00F3n de Seguridad 58 | client_realm-management=Gesti\u00F3n de dominio 59 | client_broker=Broker 60 | 61 | 62 | requiredFields=Campos obligatorios 63 | allFieldsRequired=Todos los campos obligatorios 64 | 65 | backToApplication=« Volver a la aplicaci\u00F3n 66 | backTo=Volver a {0} 67 | 68 | date=Fecha 69 | event=Evento 70 | ip=IP 71 | client=Cliente 72 | clients=Clientes 73 | details=Detalles 74 | started=Iniciado 75 | lastAccess=\u00DAltimo acceso 76 | expires=Expira 77 | applications=Aplicaciones 78 | 79 | account=Cuenta 80 | federatedIdentity=Identidad federada 81 | authenticator=Autenticador 82 | sessions=Sesiones 83 | log=Regisro 84 | 85 | application=Aplicaci\u00F3n 86 | availablePermissions=Permisos disponibles 87 | grantedPermissions=Permisos concedidos 88 | grantedPersonalInfo=Informaci\u00F3n personal concedida 89 | additionalGrants=Permisos adicionales 90 | action=Acci\u00F3n 91 | inResource=en 92 | fullAccess=Acceso total 93 | offlineToken=C\u00F3digo de autorizaci\u00F3n offline 94 | revoke=Revocar permiso 95 | 96 | configureAuthenticators=Autenticadores configurados 97 | mobile=M\u00F3vil 98 | totpStep1=Instala FreeOTP o Google Authenticator en tu tel\u00E9fono m\u00F3vil. Ambas aplicaciones est\u00E1n disponibles en Google Play y en la App Store de Apple. 99 | totpStep2=Abre la aplicaci\u00F3n y escanea el c\u00F3digo o introduce la clave. 100 | totpStep3=Introduce el c\u00F3digo \u00FAnico que te muestra la aplicaci\u00F3n de autenticaci\u00F3n y haz clic en Enviar para finalizar la configuraci\u00F3n 101 | 102 | missingUsernameMessage=Por favor indica tu usuario. 103 | missingFirstNameMessage=Por favor indica el nombre. 104 | invalidEmailMessage=Email no v\u00E1lido 105 | missingLastNameMessage=Por favor indica tus apellidos. 106 | missingEmailMessage=Por favor indica el email. 107 | missingPasswordMessage=Por favor indica tu contrase\u00F1a. 108 | notMatchPasswordMessage=Las contrase\u00F1as no coinciden. 109 | 110 | missingTotpMessage=Por favor indica tu c\u00F3digo de autenticaci\u00F3n 111 | invalidPasswordExistingMessage=La contrase\u00F1a actual no es correcta. 112 | invalidPasswordConfirmMessage=La confirmaci\u00F3n de contrase\u00F1a no coincide. 113 | invalidTotpMessage=El c\u00F3digo de autenticaci\u00F3n no es v\u00E1lido. 114 | 115 | usernameExistsMessage=El usuario ya existe 116 | emailExistsMessage=El email ya existe 117 | 118 | readOnlyUserMessage=No puedes actualizar tu usuario porque tu cuenta es de solo lectura. 119 | readOnlyPasswordMessage=No puedes actualizar tu contrase\u00F1a porque tu cuenta es de solo lectura. 120 | 121 | successTotpMessage=Aplicaci\u00F3n de autenticaci\u00F3n m\u00F3vil configurada. 122 | successTotpRemovedMessage=Aplicaci\u00F3n de autenticaci\u00F3n m\u00F3vil eliminada. 123 | 124 | successGrantRevokedMessage=Permiso revocado correctamente 125 | 126 | accountUpdatedMessage=Tu cuenta se ha actualizado. 127 | accountPasswordUpdatedMessage=Tu contrase\u00F1a se ha actualizado. 128 | 129 | missingIdentityProviderMessage=Proveedor de identidad no indicado. 130 | invalidFederatedIdentityActionMessage=Acci\u00F3n no v\u00E1lida o no indicada. 131 | identityProviderNotFoundMessage=No se encontr\u00F3 un proveedor de identidad. 132 | federatedIdentityLinkNotActiveMessage=Esta identidad ya no est\u00E1 activa 133 | federatedIdentityRemovingLastProviderMessage=No puedes eliminar la \u00FAltima identidad federada porque no tienes fijada una contrase\u00F1a. 134 | identityProviderRedirectErrorMessage=Error en la redirecci\u00F3n al proveedor de identidad 135 | identityProviderRemovedMessage=Proveedor de identidad borrado correctamente. 136 | 137 | accountDisabledMessage=La cuenta est\u00E1 desactivada, contacta con el administrador. 138 | 139 | accountTemporarilyDisabledMessage=La cuenta est\u00E1 temporalmente desactivada, contacta con el administrador o int\u00E9ntalo de nuevo m\u00E1s tarde. 140 | invalidPasswordMinLengthMessage=Contrase\u00F1a incorrecta: longitud m\u00EDnima {0}. 141 | invalidPasswordMinLowerCaseCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} letras min\u00FAsculas. 142 | invalidPasswordMinDigitsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres num\u00E9ricos. 143 | invalidPasswordMinUpperCaseCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} letras may\u00FAsculas. 144 | invalidPasswordMinSpecialCharsMessage=Contrase\u00F1a incorrecta: debe contener al menos {0} caracteres especiales. 145 | invalidPasswordNotUsernameMessage=Contrase\u00F1a incorrecta: no puede ser igual al nombre de usuario. 146 | invalidPasswordRegexPatternMessage=Contrase\u00F1a incorrecta: no cumple la expresi\u00F3n regular. 147 | invalidPasswordHistoryMessage=Contrase\u00F1a incorrecta: no puede ser igual a ninguna de las \u00FAltimas {0} contrase\u00F1as. -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_it.properties: -------------------------------------------------------------------------------- 1 | doSave=Salva 2 | doCancel=Annulla 3 | doLogOutAllSessions=Effettua il blog out da tutte le sessioni 4 | doRemove=Elimina 5 | doAdd=Aggiungi 6 | doSignOut=Esci 7 | 8 | editAccountHtmlTitle=Modifica Account 9 | federatedIdentitiesHtmlTitle=Federated Identities 10 | accountLogHtmlTitle=Account Log 11 | changePasswordHtmlTitle=Cambia Password 12 | sessionsHtmlTitle=Sessioni 13 | accountManagementTitle=Keycloak Account Management 14 | authenticatorTitle=Authenticator 15 | applicationsHtmlTitle=Applicazioni 16 | 17 | authenticatorCode=Codice One-time 18 | email=Email 19 | firstName=Nome 20 | givenName=Nome 21 | fullName=Nome Completo 22 | lastName=Cognome 23 | familyName=Cognome 24 | password=Password 25 | passwordConfirm=Conferma Password 26 | passwordNew=Nuova Password 27 | username=Username 28 | address=Indirizzo 29 | street=Via 30 | locality=Citt\u00e0 o Localit\u00e0 31 | region=Stato, Provincia, o Regione 32 | postal_code=CAP 33 | country=Paese 34 | emailVerified=Email verificata 35 | gssDelegationCredential=Credenziali GSS Delegation 36 | 37 | role_admin=Admin 38 | role_realm-admin=Realm Admin 39 | role_create-realm=Crea realm 40 | role_view-realm=Visualizza realm 41 | role_view-users=Visualizza utenti 42 | role_view-applications=Visualizza applicazioni 43 | role_view-clients=Visualizza client 44 | role_view-events=Visualizza eventi 45 | role_view-identity-providers=Visualizza identity provider 46 | role_manage-realm=Gestisci realm 47 | role_manage-users=Gestisci utenti 48 | role_manage-applications=Gestisci applicazioni 49 | role_manage-identity-providers=Gestisci identity provider 50 | role_manage-clients=Gestisci i client 51 | role_manage-events=Gestisci eventi 52 | role_view-profile=Visualizza profilo 53 | role_manage-account=Gestisci account 54 | role_read-token=Leggi token 55 | role_offline-access=Accesso offline 56 | role_uma_authorization=Ottieni permessi 57 | client_account=Account 58 | client_security-admin-console=Security Admin Console 59 | client_admin-cli=Admin CLI 60 | client_realm-management=Gestione Realm 61 | client_broker=Broker 62 | 63 | 64 | requiredFields=Campi obbligatori 65 | allFieldsRequired=Tutti campi obbligatori 66 | 67 | backToApplication=« Torna all''applicazione 68 | backTo=Torna a {0} 69 | 70 | date=Data 71 | event=Evento 72 | ip=IP 73 | client=Client 74 | clients=Clients 75 | details=Dettagli 76 | started=Iniziato 77 | lastAccess=Ultimo accesso 78 | expires=Scade 79 | applications=Applicazioni 80 | 81 | account=Account 82 | federatedIdentity=Federated Identity 83 | authenticator=Authenticator 84 | sessions=Sessioni 85 | log=Log 86 | 87 | application=Applicazione 88 | availablePermissions=Permessi disponibili 89 | grantedPermissions=Permessi concessi 90 | grantedPersonalInfo=Informazioni Personali concesse 91 | additionalGrants=Concessioni addizionali 92 | action=Azione 93 | inResource=in 94 | fullAccess=Accesso completo 95 | offlineToken=Token offline 96 | revoke=Revoca concessione 97 | 98 | configureAuthenticators=Configura Authenticators 99 | mobile=Mobile 100 | totpStep1=Installa FreeOTP o Google Authenticator sul tuo dispositivo mobile. 101 | totpStep2=Apri l''applicazione e scansiona il barcode o scrivi la chiave. 102 | totpStep3=Scrivi il codice one-time fornito dall''applicazione e clicca Salva per completare il setup. 103 | 104 | missingUsernameMessage=Inserisci la username. 105 | missingFirstNameMessage=Inserisci il nome. 106 | invalidEmailMessage=Indirizzo email non valido. 107 | missingLastNameMessage=Inserisci il cognome. 108 | missingEmailMessage=Inserisci l''indirizzo email. 109 | missingPasswordMessage=Inserisci la password. 110 | notMatchPasswordMessage=Le password non corrispondono. 111 | 112 | missingTotpMessage=Inserisci il codice di autenticazione. 113 | invalidPasswordExistingMessage=Password esistente non valida. 114 | invalidPasswordConfirmMessage=La password di conferma non coincide. 115 | invalidTotpMessage=Codice di autenticazione non valido. 116 | 117 | usernameExistsMessage=Username gi\u00e0 esistente. 118 | emailExistsMessage=Email gi\u00e0 esistente. 119 | 120 | readOnlyUserMessage=Non puoi aggiornare il tuo account dal momento che \u00e8 in modalit\u00e0 sola lettura. 121 | readOnlyPasswordMessage=Non puoi aggiornare il tuo account dal momento che \u00e8 in modalit\u00e0 sola lettura. 122 | 123 | successTotpMessage=Mobile authenticator configurato. 124 | successTotpRemovedMessage=Mobile authenticator eliminato. 125 | 126 | successGrantRevokedMessage=Concessione revocata correttamente. 127 | 128 | accountUpdatedMessage=Il tuo account \u00e8 stato aggiornato. 129 | accountPasswordUpdatedMessage=La tua password \u00e8 stata aggiornata. 130 | 131 | missingIdentityProviderMessage=Identity provider non specificata. 132 | invalidFederatedIdentityActionMessage=Azione non valida o mancante. 133 | identityProviderNotFoundMessage=L''identity provider specificato non \u00e8 stato trovato. 134 | federatedIdentityLinkNotActiveMessage=Questo identity non \u00e8 pi\u00f9 attivo. 135 | federatedIdentityRemovingLastProviderMessage=Non puoi rimuovere l''ultimo federated identity dal momento che non hai pi\u00f9 la password. 136 | identityProviderRedirectErrorMessage=Il reindirizzamento all''identity provider \u00e8 fallito. 137 | identityProviderRemovedMessage=Identity provider eliminato correttamente. 138 | identityProviderAlreadyLinkedMessage=Federated identity ritornata da {0} \u00e8 gi\u00e0 collegata ad un altro utente. 139 | staleCodeAccountMessage=La pagina \u00e8 scaduta. Riprova di nuovo. 140 | consentDenied=Permesso negato. 141 | 142 | accountDisabledMessage=Account disabilitato, contatta l''amministratore. 143 | 144 | accountTemporarilyDisabledMessage=L''account \u00e8 temporaneamente disabilitato, contatta l''amministratore o riprova pi\u00f9 tardi. 145 | invalidPasswordMinLengthMessage=Password non valida: lunghezza minima {0}. 146 | invalidPasswordMinLowerCaseCharsMessage=Password non valida: deve contenere almeno {0} caratteri minuscoli. 147 | invalidPasswordMinDigitsMessage=Password non valida: deve contenere almeno {0} numeri. 148 | invalidPasswordMinUpperCaseCharsMessage=Password non valida: deve contenere almeno {0} caratteri maiuscoli. 149 | invalidPasswordMinSpecialCharsMessage=Password non valida: deve contenere almeno {0} caratteri speciali. 150 | invalidPasswordNotUsernameMessage=Password non valida: non deve essere uguale alla username. 151 | invalidPasswordRegexPatternMessage=Password non valida: fallito il match con una o pi\u00f9 espressioni regolari. 152 | invalidPasswordHistoryMessage=Password non valida: non deve essere uguale a nessuna delle ultime {0} password. 153 | invalidPasswordGenericMessage=Password non valida: la nuova password non rispetta le indicazioni previste. 154 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_ja.properties: -------------------------------------------------------------------------------- 1 | # encoding: utf-8 2 | doSave=保存 3 | doCancel=キャンセル 4 | doLogOutAllSessions=全セッションからログアウト 5 | doRemove=削除 6 | doAdd=追加 7 | doSignOut=サインアウト 8 | 9 | editAccountHtmlTitle=アカウントの編集 10 | federatedIdentitiesHtmlTitle=Federated Identities 11 | accountLogHtmlTitle=アカウントログ 12 | changePasswordHtmlTitle=パスワード変更 13 | sessionsHtmlTitle=セッション 14 | accountManagementTitle=Keycloak アカウント管理 15 | authenticatorTitle=Authenticator 16 | applicationsHtmlTitle=アプリケーション 17 | 18 | authenticatorCode=ワンタイムコード 19 | email=Eメール 20 | firstName=名 21 | givenName=名 22 | fullName=氏名 23 | lastName=姓 24 | familyName=姓 25 | password=パスワード 26 | passwordConfirm=新しいパスワード (確認) 27 | passwordNew=新しいパスワード 28 | username=ユーザー名 29 | address=住所 30 | street=番地 31 | locality=市区町村 32 | region=都道府県 33 | postal_code=郵便番号 34 | country=国 35 | emailVerified=確認済みEメール 36 | gssDelegationCredential=GSS 代行クレデンシャル 37 | 38 | role_admin=管理者 39 | role_realm-admin=レルムの管理 40 | role_create-realm=レルムの作成 41 | role_view-realm=レルムの参照 42 | role_view-users=ユーザーの参照 43 | role_view-applications=アプリケーションの参照 44 | role_view-clients=クライアントの参照 45 | role_view-events=イベントの参照 46 | role_view-identity-providers=アイデンティティ プロバイダーの参照 47 | role_manage-realm=レルムの管理 48 | role_manage-users=ユーザーの管理 49 | role_manage-applications=アプリケーションの管理 50 | role_manage-identity-providers=アイデンティティ プロバイダーの管理 51 | role_manage-clients=クライアントの管理 52 | role_manage-events=イベントの管理 53 | role_view-profile=プロフィールの参照 54 | role_manage-account=アカウントの管理 55 | role_read-token=トークンの参照 56 | role_offline-access=オフラインアクセス 57 | role_uma_authorization=アクセス権の取得 58 | client_account=アカウント 59 | client_security-admin-console=セキュリティ管理コンソール 60 | client_admin-cli=管理 CLI 61 | client_realm-management=レルム管理 62 | client_broker=ブローカー 63 | 64 | 65 | requiredFields=必須 66 | allFieldsRequired=全ての入力項目が必須 67 | 68 | backToApplication=« アプリケーションに戻る 69 | backTo={0} に戻る 70 | 71 | date=日付 72 | event=イベント 73 | ip=IP 74 | client=クライアント 75 | clients=クライアント 76 | details=詳細 77 | started=開始 78 | lastAccess=最終アクセス 79 | expires=有効期限 80 | applications=アプリケーション 81 | 82 | account=アカウント 83 | federatedIdentity=Federated Identity 84 | authenticator=Authenticator 85 | sessions=セッション 86 | log=ログ 87 | 88 | application=アプリケーション 89 | availablePermissions=使用可能なアクセス権 90 | grantedPermissions=許可されたアクセス権 91 | grantedPersonalInfo=許可された個人情報 92 | additionalGrants=追加の許可 93 | action=アクション 94 | inResource=in 95 | fullAccess=フルアクセス 96 | offlineToken=オフライントークン 97 | revoke=許可の取り消し 98 | 99 | configureAuthenticators=設定済みの Authenticator 100 | mobile=モバイル 101 | totpStep1=FreeOTP または Google Authenticator (Google認証システム) をご自身のデバイスにインストールしてください。これらのアプリケーションは Google Play と Apple App Store で入手できます。 102 | totpStep2=アプリケーションを開きバーコードをスキャンするかキーを入力してください。 103 | totpStep3=アプリケーションで提供されたワンタイムコードを入力して保存をクリックし、セットアップを完了してください。 104 | 105 | missingUsernameMessage=ユーザー名を入力してください。 106 | missingFirstNameMessage=名を入力してください。 107 | invalidEmailMessage=無効なメールアドレスです。 108 | missingLastNameMessage=姓を入力してください。 109 | missingEmailMessage=Eメールを入力してください。 110 | missingPasswordMessage=パスワードを入力してください。 111 | notMatchPasswordMessage=パスワードが一致していません。 112 | 113 | missingTotpMessage=Authenticator コードを入力してください。 114 | invalidPasswordExistingMessage=無効な既存のパスワードです。 115 | invalidPasswordConfirmMessage=新しいパスワード (確認) と一致していません。 116 | invalidTotpMessage=無効な Authenticator コードです。 117 | 118 | usernameExistsMessage=既に存在するユーザー名です。 119 | emailExistsMessage=既に存在するEメールです。 120 | 121 | readOnlyUserMessage=リードオンリーのためアカウントを更新することはできません。 122 | readOnlyPasswordMessage=リードオンリーのためパスワードを更新することはできません。 123 | 124 | successTotpMessage=モバイル Authenticator が設定されました。 125 | successTotpRemovedMessage=モバイル Authenticator が削除されました。 126 | 127 | successGrantRevokedMessage=許可が正常に取り消しされました。 128 | 129 | accountUpdatedMessage=アカウントが更新されました。 130 | accountPasswordUpdatedMessage=パスワードが更新されました。 131 | 132 | missingIdentityProviderMessage=アイデンティティ プロバイダーが指定されていません。 133 | invalidFederatedIdentityActionMessage=無効または存在しないアクションです。 134 | identityProviderNotFoundMessage=指定されたアイデンティティ プロバイダーが見つかりません。 135 | federatedIdentityLinkNotActiveMessage=このアイデンティティは有効ではありません。 136 | federatedIdentityRemovingLastProviderMessage=パスワードがないため最後の Federated Identity を削除できません。 137 | identityProviderRedirectErrorMessage=アイデンティティ プロバイダーへのリダイレクトに失敗しました。 138 | identityProviderRemovedMessage=アイデンティティ プロバイダーが正常に削除されました。 139 | identityProviderAlreadyLinkedMessage={0}から返された Federated Identity は既に他のユーザーに関連付けされています。 140 | staleCodeAccountMessage=有効期限切れです。再度お試しください。 141 | consentDenied=同意が拒否されました。 142 | 143 | accountDisabledMessage=アカウントが無効です。管理者に連絡してください。 144 | 145 | accountTemporarilyDisabledMessage=アカウントが一時的に無効です。管理者に連絡、またはしばらく時間をおいてから再度お試しください。 146 | invalidPasswordMinLengthMessage=無効なパスワード: 最小 {0} の長さが必要です。 147 | invalidPasswordMinLowerCaseCharsMessage=無効なパスワード: 少なくとも {0} 文字の小文字を含む必要があります。 148 | invalidPasswordMinDigitsMessage=無効なパスワード: 少なくとも {0} 文字の数字を含む必要があります。 149 | invalidPasswordMinUpperCaseCharsMessage=無効なパスワード: 少なくとも {0} 文字の大文字を含む必要があります。 150 | invalidPasswordMinSpecialCharsMessage=無効なパスワード: 少なくとも {0} 文字の特殊文字を含む必要があります。 151 | invalidPasswordNotUsernameMessage=無効なパスワード: ユーザー名と同じパスワードは禁止されています。 152 | invalidPasswordRegexPatternMessage=無効なパスワード: 正規表現パターンと一致しません。 153 | invalidPasswordHistoryMessage=無効なパスワード: 最近の {0} パスワードのいずれかと同じパスワードは禁止されています。 -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_no.properties: -------------------------------------------------------------------------------- 1 | doSave=Lagre 2 | doCancel=Avbryt 3 | doLogOutAllSessions=Logg ut av alle sesjoner 4 | doRemove=Fjern 5 | doAdd=Legg til 6 | doSignOut=Logg ut 7 | 8 | editAccountHtmlTitle=Rediger konto 9 | federatedIdentitiesHtmlTitle=Federerte identiteter 10 | accountLogHtmlTitle=Kontologg 11 | changePasswordHtmlTitle=Endre passord 12 | sessionsHtmlTitle=Sesjoner 13 | accountManagementTitle=Keycloak kontoadministrasjon 14 | authenticatorTitle=Autentikator 15 | applicationsHtmlTitle=Applikasjoner 16 | 17 | authenticatorCode=Engangskode 18 | email=E-post 19 | firstName=Fornavn 20 | givenName=Fornavn 21 | fullName=Fullt navn 22 | lastName=Etternavn 23 | familyName=Etternavn 24 | password=Passord 25 | passwordConfirm=Bekreftelse 26 | passwordNew=Nytt passord 27 | username=Brukernavn 28 | address=Adresse 29 | street=Gate-/veinavn + husnummer 30 | locality=By 31 | region=Fylke 32 | postal_code=Postnummer 33 | country=Land 34 | emailVerified=E-post bekreftet 35 | gssDelegationCredential=GSS legitimasjonsdelegering 36 | 37 | role_admin=Administrator 38 | role_realm-admin=Administrator for sikkerhetsdomene 39 | role_create-realm=Opprette sikkerhetsdomene 40 | role_view-realm=Se sikkerhetsdomene 41 | role_view-users=Se brukere 42 | role_view-applications=Se applikasjoner 43 | role_view-clients=Se klienter 44 | role_view-events=Se hendelser 45 | role_view-identity-providers=Se identitetsleverand\u00F8rer 46 | role_manage-realm=Administrere sikkerhetsdomene 47 | role_manage-users=Administrere brukere 48 | role_manage-applications=Administrere applikasjoner 49 | role_manage-identity-providers=Administrere identitetsleverand\u00F8rer 50 | role_manage-clients=Administrere klienter 51 | role_manage-events=Administrere hendelser 52 | role_view-profile=Se profil 53 | role_manage-account=Administrere konto 54 | role_read-token=Lese token 55 | role_offline-access=Frakoblet tilgang 56 | role_uma_authorization=Skaffe tillatelser 57 | client_account=Konto 58 | client_security-admin-console=Sikkerhetsadministrasjonskonsoll 59 | client_admin-cli=Kommandolinje-grensesnitt for administrator 60 | client_realm-management=Sikkerhetsdomene-administrasjon 61 | client_broker=Broker 62 | 63 | 64 | requiredFields=Obligatoriske felt 65 | allFieldsRequired=Alle felt m\u00E5 fylles ut 66 | 67 | backToApplication=« Tilbake til applikasjonen 68 | backTo=Tilbake til {0} 69 | 70 | date=Dato 71 | event=Hendelse 72 | ip=IP 73 | client=Klient 74 | clients=Klienter 75 | details=Detaljer 76 | started=Startet 77 | lastAccess=Sist benyttet 78 | expires=Utl\u00F8per 79 | applications=Applikasjoner 80 | 81 | account=Konto 82 | federatedIdentity=Federert identitet 83 | authenticator=Autentikator 84 | sessions=Sesjoner 85 | log=Logg 86 | 87 | application=Applikasjon 88 | availablePermissions=Tilgjengelige rettigheter 89 | grantedPermissions=Innvilgede rettigheter 90 | grantedPersonalInfo=Innvilget personlig informasjon 91 | additionalGrants=Ekstra rettigheter 92 | action=Handling 93 | inResource=i 94 | fullAccess=Full tilgang 95 | offlineToken=Offline token 96 | revoke=Opphev rettighet 97 | 98 | configureAuthenticators=Konfigurerte autentikatorer 99 | mobile=Mobiltelefon 100 | totpStep1=Installer FreeOTP eller Google Authenticator p\u00E5 din enhet. Begge applikasjoner er tilgjengelige p\u00E5 Google Play og Apple App Store. 101 | totpStep2=\u00C5pne applikasjonen og skann strekkoden eller skriv inn koden. 102 | totpStep3=Skriv inn engangskoden gitt av applikasjonen og klikk Lagre for \u00E5 fullf\u00F8re. 103 | 104 | missingUsernameMessage=Vennligst oppgi brukernavn. 105 | missingFirstNameMessage=Vennligst oppgi fornavn. 106 | invalidEmailMessage=Ugyldig e-postadresse. 107 | missingLastNameMessage=Vennligst oppgi etternavn. 108 | missingEmailMessage=Vennligst oppgi e-postadresse. 109 | missingPasswordMessage=Vennligst oppgi passord. 110 | notMatchPasswordMessage=Passordene er ikke like. 111 | 112 | missingTotpMessage=Vennligst oppgi engangskode. 113 | invalidPasswordExistingMessage=Ugyldig eksisterende passord. 114 | invalidPasswordConfirmMessage=Passordene er ikke like. 115 | invalidTotpMessage=Ugyldig engangskode. 116 | 117 | usernameExistsMessage=Brukernavnet finnes allerede. 118 | emailExistsMessage=E-postadressen finnes allerede. 119 | 120 | readOnlyUserMessage=Du kan ikke oppdatere kontoen din ettersom den er skrivebeskyttet. 121 | readOnlyPasswordMessage=Du kan ikke oppdatere passordet ditt ettersom kontoen din er skrivebeskyttet. 122 | 123 | successTotpMessage=Autentikator for mobiltelefon er konfigurert. 124 | successTotpRemovedMessage=Autentikator for mobiltelefon er fjernet. 125 | 126 | successGrantRevokedMessage=Vellykket oppheving av rettighet. 127 | 128 | accountUpdatedMessage=Kontoen din har blitt oppdatert. 129 | accountPasswordUpdatedMessage=Ditt passord har blitt oppdatert. 130 | 131 | missingIdentityProviderMessage=Identitetsleverand\u00F8r er ikke spesifisert. 132 | invalidFederatedIdentityActionMessage=Ugyldig eller manglende handling. 133 | identityProviderNotFoundMessage=Spesifisert identitetsleverand\u00F8r ikke funnet. 134 | federatedIdentityLinkNotActiveMessage=Denne identiteten er ikke lenger aktiv. 135 | federatedIdentityRemovingLastProviderMessage=Du kan ikke fjerne siste federerte identitet ettersom du ikke har et passord. 136 | identityProviderRedirectErrorMessage=Redirect til identitetsleverand\u00F8r feilet. 137 | identityProviderRemovedMessage=Fjerning av identitetsleverand\u00F8r var vellykket. 138 | identityProviderAlreadyLinkedMessage=Federert identitet returnert av {0} er allerede koblet til en annen bruker. 139 | staleCodeAccountMessage=Siden har utl\u00F8pt. Vennligst pr\u00F8v en gang til. 140 | consentDenied=Samtykke avsl\u00E5tt. 141 | 142 | accountDisabledMessage=Konto er deaktivert, kontakt administrator. 143 | 144 | accountTemporarilyDisabledMessage=Konto er midlertidig deaktivert, kontakt administrator eller pr\u00F8v igjen senere. 145 | invalidPasswordMinLengthMessage=Ugyldig passord: minimum lengde {0}. 146 | invalidPasswordMinLowerCaseCharsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} sm\u00E5 bokstaver. 147 | invalidPasswordMinDigitsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} sifre. 148 | invalidPasswordMinUpperCaseCharsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} store bokstaver. 149 | invalidPasswordMinSpecialCharsMessage=Ugyldig passord: m\u00E5 inneholde minimum {0} spesialtegn. 150 | invalidPasswordNotUsernameMessage=Ugyldig passord: kan ikke v\u00E6re likt brukernavn. 151 | invalidPasswordRegexPatternMessage=Ugyldig passord: tilfredsstiller ikke kravene for passord-m\u00F8nster. 152 | invalidPasswordHistoryMessage=Ugyldig passord: kan ikke v\u00E6re likt noen av de {0} foreg\u00E5ende passordene. 153 | 154 | locale_ca=Catal\u00E0 155 | locale_de=Deutsch 156 | locale_en=English 157 | locale_es=Espa\u00F1ol 158 | locale_fr=Fran\u00e7ais 159 | locale_it=Italian 160 | locale_ja=\u65E5\u672C\u8A9E 161 | locale_no=Norsk 162 | locale_pt-BR=Portugu\u00EAs (Brasil) 163 | locale_ru=\u0420\u0443\u0441\u0441\u043A\u0438\u0439 164 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_pt_BR.properties: -------------------------------------------------------------------------------- 1 | doSave=Salvar 2 | doCancel=Cancelar 3 | doLogOutAllSessions=Sair de todas as sess\u00F5es 4 | doRemove=Remover 5 | doAdd=Adicionar 6 | doSignOut=Sair 7 | 8 | editAccountHtmlTitle=Editar Conta 9 | federatedIdentitiesHtmlTitle=Identidades Federadas 10 | accountLogHtmlTitle=Log da conta 11 | changePasswordHtmlTitle=Alterar senha 12 | sessionsHtmlTitle=Sess\u00F5es 13 | accountManagementTitle=Gerenciamento de Conta 14 | authenticatorTitle=Autenticator 15 | applicationsHtmlTitle=Aplicativos 16 | 17 | authenticatorCode=C\u00F3digo autenticador 18 | email=E-mail 19 | firstName=Primeiro nome 20 | givenName=Primeiro nome 21 | fullName=Nome completo 22 | lastName=Sobrenome 23 | familyName=Sobrenome 24 | password=Senha 25 | passwordConfirm=Confirma\u00E7\u00E3o 26 | passwordNew=Nova senha 27 | username=Nome de us\u00FAario 28 | address=Endere\u00E7o 29 | street=Logradouro 30 | locality=Cidade ou Localidade 31 | region=Estado 32 | postal_code=CEP 33 | country=Pa\u00EDs 34 | emailVerified=E-mail verificado 35 | gssDelegationCredential=GSS Delega\u00E7\u00E3o de Credencial 36 | 37 | role_admin=Admin 38 | role_realm-admin=Realm Admin 39 | role_create-realm=Cria realm 40 | role_view-realm=Visualiza realm 41 | role_view-users=Visualiza usu\u00E1rios 42 | role_view-applications=Visualiza aplica\u00E7\u00F5es 43 | role_view-clients=Visualiza clientes 44 | role_view-events=Visualiza eventos 45 | role_view-identity-providers=Visualiza provedores de identidade 46 | role_manage-realm=Gerencia realm 47 | role_manage-users=Gerencia usu\u00E1rios 48 | role_manage-applications=Gerencia aplica\u00E7\u00F5es 49 | role_manage-identity-providers=Gerencia provedores de identidade 50 | role_manage-clients=Gerencia clientes 51 | role_manage-events=Gerencia eventos 52 | role_view-profile=Visualiza perfil 53 | role_manage-account=Gerencia conta 54 | role_read-token=L\u00EA token 55 | role_offline-access=Acesso Offline 56 | role_uma_authorization=Obter permiss\u00F5es 57 | client_account=Conta 58 | client_security-admin-console=Console de Administra\u00E7\u00E3o de Seguran\u00E7a 59 | client_admin-cli=Admin CLI 60 | client_realm-management=Gerenciamento de Realm 61 | client_broker=Broker 62 | 63 | requiredFields=Campos obrigat\u00F3rios 64 | allFieldsRequired=Todos os campos s\u00E3o obrigat\u00F3rios 65 | 66 | backToApplication=« Voltar para aplica\u00E7\u00E3o 67 | backTo=Voltar para {0} 68 | 69 | date=Data 70 | event=Evento 71 | ip=IP 72 | client=Cliente 73 | clients=Clientes 74 | details=Detalhes 75 | started=Iniciado 76 | lastAccess=\u00DAltimo acesso 77 | expires=Expira 78 | applications=Aplicativos 79 | 80 | account=Conta 81 | federatedIdentity=Identidade Federada 82 | authenticator=Autenticador 83 | sessions=Sess\u00F5es 84 | log=Log 85 | 86 | application=Aplicativo 87 | availablePermissions=Permiss\u00F5es Dispon\u00EDveis 88 | grantedPermissions=Permiss\u00F5es Concedidas 89 | grantedPersonalInfo=Informa\u00E7\u00F5es Pessoais Concedidas 90 | additionalGrants=Concess\u00F5es Adicionais 91 | action=A\u00E7\u00E3o 92 | inResource=em 93 | fullAccess=Acesso Completo 94 | offlineToken=Offline Token 95 | revoke=Revogar Concess\u00F5es 96 | 97 | configureAuthenticators=Autenticadores Configurados 98 | mobile=Mobile 99 | totpStep1=Instalar FreeOTP ou Google Authenticator em seu dispositivo. Ambas aplica\u00E7\u00F5es est\u00E3o dispon\u00EDveis no Google Play e na Apple App Store. 100 | totpStep2=Abra o aplicativo e escaneie o c\u00F3digo de barras ou entre com o c\u00F3digo. 101 | totpStep3=Digite o c\u00F3digo fornecido pelo aplicativo e clique em Salvar para concluir a configura\u00E7\u00E3o. 102 | 103 | missingUsernameMessage=Por favor, especifique o nome de usu\u00E1rio. 104 | missingFirstNameMessage=Por favor, informe o primeiro nome. 105 | invalidEmailMessage=E-mail inv\u00E1lido. 106 | missingLastNameMessage=Por favor, informe o sobrenome. 107 | missingEmailMessage=Por favor, informe o e-mail. 108 | missingPasswordMessage=Por favor, informe a senha. 109 | notMatchPasswordMessage=As senhas n\u00E3o coincidem. 110 | 111 | missingTotpMessage=Por favor, informe o c\u00F3digo autenticador. 112 | invalidPasswordExistingMessage=Senha atual inv\u00E1lida. 113 | invalidPasswordConfirmMessage=A senha de confirma\u00E7\u00E3o n\u00E3o coincide. 114 | invalidTotpMessage=C\u00F3digo autenticador inv\u00E1lido. 115 | 116 | usernameExistsMessage=Este nome de usu\u00E1rio j\u00E1 existe. 117 | emailExistsMessage=Este e-mail j\u00E1 existe. 118 | 119 | readOnlyUserMessage=Voc\u00EA n\u00E3o pode atualizar sua conta, uma vez que \u00E9 apenas de leitura 120 | readOnlyPasswordMessage=Voc\u00EA n\u00E3o pode atualizar sua senha, sua conta \u00E9 somente leitura 121 | 122 | successTotpMessage=Autenticador mobile configurado. 123 | successTotpRemovedMessage=Autenticador mobile removido. 124 | 125 | successGrantRevokedMessage=Concess\u00F5es revogadas com sucesso. 126 | 127 | accountUpdatedMessage=Sua conta foi atualizada 128 | accountPasswordUpdatedMessage=Sua senha foi atualizada 129 | 130 | missingIdentityProviderMessage=Provedor de identidade n\u00E3o especificado 131 | invalidFederatedIdentityActionMessage=A\u00E7\u00E3o inv\u00E1lida ou ausente 132 | identityProviderNotFoundMessage=O provedor de identidade especificado n\u00E3o foi encontrado 133 | federatedIdentityLinkNotActiveMessage=Esta identidade n\u00E3o est\u00E1 mais em atividade 134 | federatedIdentityRemovingLastProviderMessage=Voc\u00EA n\u00E3o pode remover a \u00FAltima identidade federada como voc\u00EA n\u00E3o tem senha 135 | identityProviderRedirectErrorMessage=Falha ao redirecionar para o provedor de identidade 136 | identityProviderRemovedMessage=Provedor de identidade removido com sucesso 137 | identityProviderAlreadyLinkedMessage=Identidade federada retornado por {0} j\u00E1 est\u00E1 ligado a outro usu\u00E1rio. 138 | 139 | accountDisabledMessage=Conta desativada, contate o administrador 140 | 141 | accountTemporarilyDisabledMessage=A conta est\u00E1 temporariamente indispon\u00EDvel, contate o administrador ou tente novamente mais tarde 142 | invalidPasswordMinLengthMessage=Senha inv\u00E1lida\: comprimento m\u00EDnimo {0} 143 | invalidPasswordMinLowerCaseCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caractere(s) min\u00FAsculo 144 | invalidPasswordMinDigitsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} n\u00FAmero(s) 145 | invalidPasswordMinUpperCaseCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caractere(s) mai\u00FAsculo 146 | invalidPasswordMinSpecialCharsMessage=Senha inv\u00E1lida\: deve conter pelo menos {0} caractere(s) especial 147 | invalidPasswordNotUsernameMessage=Senha inv\u00E1lida\: n\u00E3o deve ser igual ao nome de usu\u00E1rio 148 | invalidPasswordRegexPatternMessage=Senha inv\u00E1lida\: n\u00E3o corresponde ao padr\u00E3o da express\u00E3o regular. 149 | invalidPasswordHistoryMessage=Senha inv\u00E1lida\: n\u00E3o pode ser igual a qualquer uma das {0} \u00FAltimas senhas. -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_ru.properties: -------------------------------------------------------------------------------- 1 | # encoding: utf-8 2 | doSave=Сохранить 3 | doCancel=Отмена 4 | doLogOutAllSessions=Выйти из всех сессий 5 | doRemove=Удалить 6 | doAdd=Добавить 7 | doSignOut=Выход 8 | 9 | editAccountHtmlTitle=Изменение учетной записи 10 | federatedIdentitiesHtmlTitle=Федеративные идентификаторы 11 | accountLogHtmlTitle=Лог учетной записи 12 | changePasswordHtmlTitle=Смена пароля 13 | sessionsHtmlTitle=Сессии 14 | accountManagementTitle=Управление учетной записью 15 | authenticatorTitle=Аутентификатор 16 | applicationsHtmlTitle=Приложения 17 | 18 | authenticatorCode=Одноразовый код 19 | email=E-mail 20 | firstName=Имя 21 | givenName=Имя 22 | fullName=Полное имя 23 | lastName=Фамилия 24 | familyName=Фамилия 25 | password=Пароль 26 | passwordConfirm=Подтверждение пароля 27 | passwordNew=Новый пароль 28 | username=Имя пользователя 29 | address=Адрес 30 | street=Улица 31 | locality=Город 32 | region=Регион 33 | postal_code=Почтовый индекс 34 | country=Страна 35 | emailVerified=E-mail подтвержден 36 | gssDelegationCredential=Делегирование учетных данных через GSS 37 | 38 | role_admin=Администратор 39 | role_realm-admin=Администратор realm 40 | role_create-realm=Создать realm 41 | role_view-realm=Просмотр realm 42 | role_view-users=Просмотр пользователей 43 | role_view-applications=Просмотр приложений 44 | role_view-clients=Просмотр клиентов 45 | role_view-events=Просмотр событий 46 | role_view-identity-providers=Просмотр провайдеров учетных записей 47 | role_manage-realm=Управление realm 48 | role_manage-users=Управление пользователями 49 | role_manage-applications=Управление приложениями 50 | role_manage-identity-providers=Управление провайдерами учетных записей 51 | role_manage-clients=Управление клиентами 52 | role_manage-events=Управление событиями 53 | role_view-profile=Просмотр профиля 54 | role_manage-account=Управление учетной записью 55 | role_read-token=Чтение токена 56 | role_offline-access=Доступ оффлайн 57 | role_uma_authorization=Получение разрешений 58 | client_account=Учетная запись 59 | client_security-admin-console=Консоль администратора безопасности 60 | client_admin-cli=Командный интерфейс администратора 61 | client_realm-management=Управление Realm 62 | client_broker=Брокер 63 | 64 | 65 | requiredFields=Обязательные поля 66 | allFieldsRequired=Все поля обязательны 67 | 68 | backToApplication=« Назад в приложение 69 | backTo=Назад в {0} 70 | 71 | date=Дата 72 | event=Событие 73 | ip=IP 74 | client=Клиент 75 | clients=Клиенты 76 | details=Детали 77 | started=Начата 78 | lastAccess=Последний доступ 79 | expires=Истекает 80 | applications=Приложения 81 | 82 | account=Учетная запись 83 | federatedIdentity=Федеративный идентификатор 84 | authenticator=Аутентификатор 85 | sessions=Сессии 86 | log=Журнал 87 | 88 | application=Приложение 89 | availablePermissions=Доступные разрешения 90 | grantedPermissions=Согласованные разрешения 91 | grantedPersonalInfo=Согласованная персональная информация 92 | additionalGrants=Дополнительные согласования 93 | action=Действие 94 | inResource=в 95 | fullAccess=Полный доступ 96 | offlineToken=Оффлайн токен 97 | revoke=Отозвать согласование 98 | 99 | configureAuthenticators=Сконфигурированные аутентификаторы 100 | mobile=Мобильное приложение 101 | totpStep1=Установите FreeOTP или Google Authenticator. Оба приложения доступны на Google Play и в Apple App Store. 102 | totpStep2=Откройте приложение и просканируйте баркод, либо введите ключ. 103 | totpStep3=Введите одноразовый код, выданный приложением, и нажмите сохранить для завершения установки. 104 | 105 | missingUsernameMessage=Введите имя пользователя. 106 | missingFirstNameMessage=Введите имя. 107 | invalidEmailMessage=Введите корректный E-mail. 108 | missingLastNameMessage=Введите фамилию. 109 | missingEmailMessage=Введите E-mail. 110 | missingPasswordMessage=Введите пароль. 111 | notMatchPasswordMessage=Пароли не совпадают. 112 | 113 | missingTotpMessage=Введите код аутентификатора. 114 | invalidPasswordExistingMessage=Существующий пароль неверный. 115 | invalidPasswordConfirmMessage=Подтверждение пароля не совпадает. 116 | invalidTotpMessage=Неверный код аутентификатора. 117 | 118 | usernameExistsMessage=Имя пользователя уже существует. 119 | emailExistsMessage=E-mail уже существует. 120 | 121 | readOnlyUserMessage=Вы не можете обновить информацию вашей учетной записи, т.к. она доступна только для чтения. 122 | readOnlyPasswordMessage=Вы не можете обновить пароль вашей учетной записи, т.к. он доступен только для чтения. 123 | 124 | successTotpMessage=Аутентификатор в мобильном приложении сконфигурирован. 125 | successTotpRemovedMessage=Аутентификатор в мобильном приложении удален. 126 | 127 | successGrantRevokedMessage=Согласование отозвано успешно. 128 | 129 | accountUpdatedMessage=Ваша учетная запись обновлена. 130 | accountPasswordUpdatedMessage=Ваша пароль обновлен. 131 | 132 | missingIdentityProviderMessage=Провайдер учетных записей не задан. 133 | invalidFederatedIdentityActionMessage=Некорректное или недопустимое действие. 134 | identityProviderNotFoundMessage=Заданный провайдер учетных записей не найден. 135 | federatedIdentityLinkNotActiveMessage=Идентификатор больше не активен. 136 | federatedIdentityRemovingLastProviderMessage=Вы не можете удалить последний федеративный идентификатор, т.к. Вы не имеете пароля. 137 | identityProviderRedirectErrorMessage=Ошибка перенаправления в провайдер учетных записей. 138 | identityProviderRemovedMessage=Провайдер учетных записей успешно удален. 139 | identityProviderAlreadyLinkedMessage=Федеративный идентификатор, возвращенный {0} уже используется другим пользователем. 140 | staleCodeAccountMessage=Страница устарела. Попробуйте еще раз. 141 | consentDenied=В согласовании отказано. 142 | 143 | accountDisabledMessage=Учетная запись заблокирована, обратитесь к администратору. 144 | 145 | accountTemporarilyDisabledMessage=Учетная запись временно заблокирована, обратитесь к администратору или попробуйте позже. 146 | invalidPasswordMinLengthMessage=Некорректный пароль: длина пароля должна быть не менее {0} символа(ов). 147 | invalidPasswordMinLowerCaseCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} символа(ов) в нижнем регистре. 148 | invalidPasswordMinDigitsMessage=Некорректный пароль: пароль должен содержать не менее {0} цифр(ы). 149 | invalidPasswordMinUpperCaseCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} символа(ов) в верхнем регистре. 150 | invalidPasswordMinSpecialCharsMessage=Некорректный пароль: пароль должен содержать не менее {0} спецсимвола(ов). 151 | invalidPasswordNotUsernameMessage=Некорректный пароль: пароль не должен совпадать с именем пользователя. 152 | invalidPasswordRegexPatternMessage=Некорректный пароль: пароль не удовлетворяет регулярному выражению. 153 | invalidPasswordHistoryMessage=Некорректный пароль: пароль не должен совпадать с последним(и) {0} паролями. 154 | invalidPasswordGenericMessage=Некорректный пароль: новый пароль не соответствует правилам пароля. 155 | 156 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/messages/messages_sv.properties: -------------------------------------------------------------------------------- 1 | # encoding: utf-8 2 | doSave=Spara 3 | doCancel=Avbryt 4 | doLogOutAllSessions=Logga ut från samtliga sessioner 5 | doRemove=Ta Bort 6 | doAdd=Lägg Till 7 | doSignOut=Logga Ut 8 | 9 | editAccountHtmlTitle=Redigera Konto 10 | federatedIdentitiesHtmlTitle=Federerade identiteter 11 | accountLogHtmlTitle=Kontoslogg 12 | changePasswordHtmlTitle=Byt Lösenord 13 | sessionsHtmlTitle=Sessioner 14 | accountManagementTitle=Kontohantering för Keycloak 15 | authenticatorTitle=Autentiserare 16 | applicationsHtmlTitle=Applikationer 17 | 18 | authenticatorCode=Engångskod 19 | email=E-post 20 | firstName=Förnamn 21 | lastName=Efternamn 22 | password=Lösenord 23 | passwordConfirm=Bekräftelse 24 | passwordNew=Nytt Lösenord 25 | username=Användarnamn 26 | address=Adress 27 | street=Gata 28 | locality=Postort 29 | region=Stat, Provins, eller Region 30 | postal_code=Postnummer 31 | country=Land 32 | emailVerified=E-post verifierad 33 | gssDelegationCredential=GSS Delegation Credential 34 | 35 | role_admin=Administratör 36 | role_realm-admin=Realm Administratör 37 | role_create-realm=Skapa realm 38 | role_view-realm=Visa realm 39 | role_view-users=Visa användare 40 | role_view-applications=Visa applikationer 41 | role_view-clients=Visa klienter 42 | role_view-events=Visa event 43 | role_view-identity-providers=Visa identity providers 44 | role_manage-realm=Hantera realm 45 | role_manage-users=Hantera användare 46 | role_manage-applications=Hantera applikationer 47 | role_manage-identity-providers=Hantera identity providers 48 | role_manage-clients=Hantera klienter 49 | role_manage-events=Hantera event 50 | role_view-profile=Visa profil 51 | role_manage-account=Hantera konto 52 | role_read-token=Läs element 53 | role_offline-access=Åtkomst Offline 54 | role_uma_authorization=Erhåll tillstånd 55 | client_account=Konto 56 | client_security-admin-console=Säkerhetsadministratörskonsol 57 | client_admin-cli=Administratörs CLI 58 | client_realm-management=Realmhantering 59 | 60 | 61 | requiredFields=Obligatoriska fält 62 | allFieldsRequired=Samtliga fält krävs 63 | 64 | backToApplication=« Tillbaka till applikationen 65 | backTo=Tillbaka till {0} 66 | 67 | date=Datum 68 | event=Event 69 | ip=IP 70 | client=Klient 71 | clients=Klienter 72 | details=Detaljer 73 | started=Startade 74 | lastAccess=Senast Åtkomst 75 | expires=Upphör 76 | applications=Applikationer 77 | 78 | account=Konto 79 | federatedIdentity=Federerad identitet 80 | authenticator=Autentiserare 81 | sessions=Sessioner 82 | log=Logg 83 | 84 | application=Applikation 85 | availablePermissions=Tillgängliga Tillstånd 86 | grantedPermissions=Beviljade Tillstånd 87 | grantedPersonalInfo=Medgiven Personlig Information 88 | additionalGrants=Ytterligare Medgivanden 89 | action=Åtgärd 90 | inResource=in 91 | fullAccess=Fullständig Åtkomst 92 | offlineToken=Offline Token 93 | revoke=Upphäv Tillstånd 94 | 95 | configureAuthenticators=Ändrade Autentiserare 96 | mobile=Mobil 97 | totpStep1=Installera FreeOTP eller Google Authenticator på din enhet. Båda applikationerna finns tillgängliga på Google Play och Apple App Store. 98 | totpStep2=Öppna applikationen och skanna streckkoden eller skriv i nyckeLn. 99 | totpStep3=Fyll i engångskoden som tillhandahålls av applikationen och klicka på Spara för att avsluta inställningarna. 100 | 101 | missingUsernameMessage=Vänligen ange användarnamn. 102 | missingFirstNameMessage=Vänligen ange förnamn. 103 | invalidEmailMessage=Ogiltig e-postadress. 104 | missingLastNameMessage=Vänligen ange efternamn. 105 | missingEmailMessage=Vänligen ange e-post. 106 | missingPasswordMessage=Vänligen ange lösenord. 107 | notMatchPasswordMessage=Lösenorden matchar inte. 108 | 109 | missingTotpMessage=Vänligen ange autentiserarekoden. 110 | invalidPasswordExistingMessage=Det nuvarande lösenordet är ogiltigt. 111 | invalidPasswordConfirmMessage=Lösenordsbekräftelsen matchar inte. 112 | invalidTotpMessage=Autentiserarekoden är ogiltig. 113 | 114 | usernameExistsMessage=Användarnamnet finns redan. 115 | emailExistsMessage=E-posten finns redan. 116 | 117 | readOnlyUserMessage=Du kan inte uppdatera ditt konto eftersom det är skrivskyddat. 118 | readOnlyPasswordMessage=Du kan inte uppdatera ditt lösenord eftersom ditt konto är skrivskyddat. 119 | 120 | successTotpMessage=Mobilautentiseraren är inställd. 121 | successTotpRemovedMessage=Mobilautentiseraren är borttagen. 122 | 123 | successGrantRevokedMessage=Upphävandet av tillståndet lyckades. 124 | 125 | accountUpdatedMessage=Ditt konto har uppdaterats. 126 | accountPasswordUpdatedMessage=Ditt lösenord har uppdaterats. 127 | 128 | missingIdentityProviderMessage=Identity provider är inte angiven. 129 | invalidFederatedIdentityActionMessage=Åtgärden är ogiltig eller saknas. 130 | identityProviderNotFoundMessage=Angiven identity provider hittas inte. 131 | federatedIdentityLinkNotActiveMessage=Den här identiteten är inte längre aktiv. 132 | federatedIdentityRemovingLastProviderMessage=Du kan inte ta bort senaste federerade identiteten eftersom du inte har lösenordet. 133 | identityProviderRedirectErrorMessage=Misslyckades med att omdirigera till identity provider. 134 | identityProviderRemovedMessage=Borttaginingen av Identity provider lyckades. 135 | identityProviderAlreadyLinkedMessage=Den federerade identiteten som returnerades av {0} är redan länkad till en annan användare. 136 | staleCodeAccountMessage=Sidan har redan upphört. Vänligen försök igen. 137 | consentDenied=Samtycket förnekades. 138 | 139 | accountDisabledMessage=Kontot är inaktiverat, kontakta administratör. 140 | 141 | accountTemporarilyDisabledMessage=Kontot är tillfälligt inaktiverat, kontakta administratör eller försök igen senare. 142 | invalidPasswordMinLengthMessage=Ogiltigt lösenord. Minsta längd är {0}. 143 | invalidPasswordMinLowerCaseCharsMessage=Ogiltigt lösenord: måste innehålla minst {0} små bokstäver. 144 | invalidPasswordMinDigitsMessage=Ogiltigt lösenord: måste innehålla minst {0} siffror. 145 | invalidPasswordMinUpperCaseCharsMessage=Ogiltigt lösenord: måste innehålla minst {0} stora bokstäver. 146 | invalidPasswordMinSpecialCharsMessage=Ogiltigt lösenord: måste innehålla minst {0} specialtecken. 147 | invalidPasswordNotUsernameMessage=Ogiltigt lösenord: Får inte vara samma som användarnamnet. 148 | invalidPasswordRegexPatternMessage=Ogiltigt lösenord: matchar inte regex mönstret(en). 149 | invalidPasswordHistoryMessage=Ogiltigt lösenord: Får inte vara samma som de senaste {0} lösenorden. 150 | invalidPasswordGenericMessage=Ogiltigt lösenord: Det nya lösenordet stämmer inte med lösenordspolicyn. -------------------------------------------------------------------------------- /keycloak/themes/core/account/password.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='password' bodyClass='password'; section> 3 | 4 |
5 |
6 |

${msg("changePasswordHtmlTitle")}

7 |
8 |
9 | ${msg("allFieldsRequired")} 10 |
11 |
12 | 13 |
14 | 15 | 16 | 17 | <#if password.passwordSet> 18 |
19 |
20 | 21 |
22 | 23 |
24 | 25 |
26 |
27 | 28 | 29 | 30 | 31 |
32 |
33 | 34 |
35 | 36 |
37 | 38 |
39 |
40 | 41 |
42 |
43 | 44 |
45 | 46 |
47 | 48 |
49 |
50 | 51 |
52 |
53 |
54 | 55 |
56 |
57 |
58 |
59 | 60 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/resources/css/style.css: -------------------------------------------------------------------------------- 1 | html { 2 | height: 100%; 3 | } 4 | 5 | body { 6 | background-color: #F9F9F9; 7 | margin: 0; 8 | padding: 0; 9 | height: 100%; 10 | } 11 | 12 | header .navbar { 13 | margin-bottom: 0; 14 | min-height: inherit; 15 | } 16 | 17 | .header .container { 18 | position: relative; 19 | } 20 | 21 | .navbar-title { 22 | background-image: url('../img/tw-logo.png'); 23 | height: 25px; 24 | background-repeat: no-repeat; 25 | width: 123px; 26 | margin: 3px 10px 5px; 27 | text-indent: -99999px; 28 | background-size: 100%; 29 | background-position: center; 30 | } 31 | .navbar-pf { 32 | background-color: white; 33 | } 34 | .navbar-pf .navbar-utility { 35 | right: 20px; 36 | top: -34px; 37 | font-size: 12px; 38 | } 39 | 40 | .navbar-pf .navbar-utility > li > a { 41 | color: black !important; 42 | padding-bottom: 12px; 43 | padding-top: 8px; 44 | border-left: medium none; 45 | } 46 | .navbar-pf .navbar-utility > li > a:hover { 47 | font-size: 13px; 48 | background-color: white; 49 | font-weight: 700; 50 | } 51 | 52 | .container { 53 | height: 100%; 54 | } 55 | 56 | .content-area { 57 | background-color: #fff; 58 | border-color: #CECECE; 59 | border-style: solid; 60 | border-width: 0 1px; 61 | height: 100%; 62 | padding: 0 30px; 63 | } 64 | 65 | /* Sidebar */ 66 | 67 | .bs-sidebar { 68 | background-color: #f9f9f9; 69 | padding-top: 44px; 70 | padding-right: 0; 71 | padding-left: 0; 72 | z-index: 20; 73 | } 74 | .bs-sidebar ul { 75 | list-style: none; 76 | padding-left: 12px; 77 | } 78 | 79 | .bs-sidebar ul li { 80 | margin-bottom: 0.5em; 81 | margin-left: -1em; 82 | } 83 | .bs-sidebar ul li a { 84 | font-size: 14px; 85 | padding-left: 25px; 86 | color: #4d5258; 87 | line-height: 28px; 88 | display: block; 89 | border-width: 1px 0 1px 1px; 90 | border-style: solid; 91 | border-color: #f9f9f9; 92 | } 93 | .bs-sidebar ul li a:hover, 94 | .bs-sidebar ul li a:focus { 95 | text-decoration: none; 96 | color: #777777; 97 | border-right: 2px solid #aaa; 98 | } 99 | .bs-sidebar ul li.active a { 100 | background-color: #c7e5f0; 101 | border-color: #56bae0; 102 | font-weight: bold; 103 | background-image: url(../img/icon-sidebar-active.png); 104 | background-repeat: no-repeat; 105 | background-position: right center; 106 | } 107 | 108 | .bs-sidebar ul li.active a:hover { 109 | border-right: none; 110 | } 111 | 112 | 113 | .content-area h2 { 114 | font-family: "Open Sans", sans-serif; 115 | font-weight: 100; 116 | font-size: 24px; 117 | margin-bottom: 25px; 118 | margin-top: 25px; 119 | } 120 | 121 | .subtitle { 122 | text-align: right; 123 | margin-top: 30px; 124 | color: #909090; 125 | } 126 | 127 | .required { 128 | color: #CB2915; 129 | } 130 | 131 | 132 | .alert { 133 | margin-top: 30px; 134 | margin-bottom: 0; 135 | } 136 | 137 | .feedback-aligner .alert { 138 | background-position: 1.27273em center; 139 | background-repeat: no-repeat; 140 | border-radius: 2px; 141 | border-width: 1px; 142 | color: #4D5258; 143 | display: inline-block; 144 | font-size: 1.1em; 145 | line-height: 1.4em; 146 | margin: 0; 147 | padding: 0.909091em 3.63636em; 148 | position: relative; 149 | text-align: left; 150 | } 151 | .alert.alert-success { 152 | background-color: #E4F1E1; 153 | border-color: #4B9E39; 154 | } 155 | .alert.alert-error { 156 | background-color: #F8E7E7; 157 | border-color: #B91415; 158 | } 159 | .alert.alert-warning { 160 | background-color: #FEF1E9; 161 | border-color: #F17528; 162 | } 163 | .alert.alert-info { 164 | background-color: #E4F3FA; 165 | border-color: #5994B2; 166 | } 167 | 168 | .form-horizontal { 169 | border-top: 1px solid #E9E8E8; 170 | padding-top: 23px; 171 | } 172 | 173 | .form-horizontal .control-label { 174 | color: #909090; 175 | line-height: 1.4em; 176 | padding-top: 5px; 177 | position: relative; 178 | text-align: right; 179 | width: 100%; 180 | } 181 | 182 | .form-group { 183 | position: relative; 184 | } 185 | 186 | .control-label + .required { 187 | position: absolute; 188 | right: -2px; 189 | top: 0; 190 | } 191 | 192 | #kc-form-buttons { 193 | text-align: right; 194 | margin-top: 10px; 195 | } 196 | 197 | #kc-form-buttons .btn-primary { 198 | float: right; 199 | margin-left: 8px; 200 | } 201 | 202 | /* Authenticator page */ 203 | 204 | ol { 205 | padding-left: 40px; 206 | } 207 | 208 | ol li { 209 | font-size: 13px; 210 | margin-bottom: 10px; 211 | position: relative; 212 | } 213 | 214 | ol li img { 215 | margin-top: 15px; 216 | margin-bottom: 5px; 217 | border: 1px solid #eee; 218 | } 219 | 220 | hr + .form-horizontal { 221 | border: none; 222 | padding-top: 0; 223 | } 224 | 225 | .kc-dropdown{ 226 | position: relative; 227 | } 228 | .kc-dropdown > a{ 229 | display:block; 230 | padding: 11px 10px 12px; 231 | line-height: 12px; 232 | font-size: 12px; 233 | color: #fff !important; 234 | text-decoration: none; 235 | } 236 | .kc-dropdown > a::after{ 237 | content: "\2c5"; 238 | margin-left: 4px; 239 | } 240 | .kc-dropdown:hover > a{ 241 | background-color: rgba(0,0,0,0.2); 242 | } 243 | .kc-dropdown ul li a{ 244 | padding: 1px 11px; 245 | font-size: 12px; 246 | color: #000 !important; 247 | border: 1px solid #fff; 248 | text-decoration: none; 249 | display:block; 250 | line-height: 20px; 251 | } 252 | .kc-dropdown ul li a:hover{ 253 | color: #4d5258; 254 | background-color: #d4edfa; 255 | border-color: #b3d3e7; 256 | } 257 | .kc-dropdown ul{ 258 | position: absolute; 259 | z-index: 2000; 260 | list-style:none; 261 | display:none; 262 | padding: 5px 0px; 263 | margin: 0px; 264 | background-color: #fff !important; 265 | border: 1px solid #b6b6b6; 266 | border-radius: 1px; 267 | -webkit-box-shadow: 0 6px 12px rgba(0, 0, 0, 0.175); 268 | box-shadow: 0 6px 12px rgba(0, 0, 0, 0.175); 269 | background-clip: padding-box; 270 | min-width: 100px; 271 | } 272 | .kc-dropdown:hover ul{ 273 | display:block; 274 | } -------------------------------------------------------------------------------- /keycloak/themes/core/account/resources/img/icon-sidebar-active.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yourwafer/keycloak-sso/f2154d6eb6a1552e811cb25f007b5ef66e9bd453/keycloak/themes/core/account/resources/img/icon-sidebar-active.png -------------------------------------------------------------------------------- /keycloak/themes/core/account/resources/img/tw-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yourwafer/keycloak-sso/f2154d6eb6a1552e811cb25f007b5ef66e9bd453/keycloak/themes/core/account/resources/img/tw-logo.png -------------------------------------------------------------------------------- /keycloak/themes/core/account/sessions.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='sessions' bodyClass='sessions'; section> 3 | 4 |
5 |
6 |

${msg("sessionsHtmlTitle")}

7 |
8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | <#list sessions.sessions as session> 23 | 24 | 25 | 26 | 27 | 28 | 33 | 34 | 35 | 36 | 37 |
${msg("ip")}${msg("started")}${msg("lastAccess")}${msg("expires")}${msg("clients")}
${session.ipAddress}${session.started?datetime}${session.lastAccess?datetime}${session.expires?datetime} 29 | <#list session.clients as client> 30 | ${client}
31 | 32 |
38 | 39 | ${msg("doLogOutAllSessions")} 40 | 41 | 42 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/template.ftl: -------------------------------------------------------------------------------- 1 | <#macro mainLayout active bodyClass> 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ${msg("accountManagementTitle")} 10 | 11 | <#if properties.styles?has_content> 12 | <#list properties.styles?split(' ') as style> 13 | 14 | 15 | 16 | <#if properties.scripts?has_content> 17 | <#list properties.scripts?split(' ') as script> 18 | 19 | 20 | 21 | 22 | 23 | 24 |
25 | 52 |
53 | 54 |
55 |
56 | 65 |
66 | 67 |
68 | <#if message?has_content> 69 |
70 | <#if message.type=='success' > 71 | <#if message.type=='error' > 72 | ${message.summary} 73 |
74 | 75 | 76 | <#nested "content"> 77 |
78 |
79 | 80 | 81 | 82 | -------------------------------------------------------------------------------- /keycloak/themes/core/account/theme.properties: -------------------------------------------------------------------------------- 1 | parent=base 2 | import=common/keycloak 3 | styles=lib/patternfly/css/patternfly.css css/style.css 4 | locales=ca,de,en,es,fr,it,ja,lt,no,pt-BR,ru,sv -------------------------------------------------------------------------------- /keycloak/themes/core/account/totp.ftl: -------------------------------------------------------------------------------- 1 | <#import "template.ftl" as layout> 2 | <@layout.mainLayout active='totp' bodyClass='totp'; section> 3 | 4 | <#if totp.enabled> 5 |

${msg("authenticatorTitle")}

6 | 7 | 8 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 19 | 20 | 21 |
${msg("configureAuthenticators")}
${msg("mobile")} 17 | 18 |
22 | <#else> 23 |

${msg("authenticatorTitle")}

24 | 25 |
26 | 27 |
    28 |
  1. 29 |

    ${msg("totpStep1")}

    30 |
    2. 31 |
  2. 32 |

    ${msg("totpStep2")}

    33 |

    Figure: Barcode

    34 |

    ${totp.totpSecretEncoded}

    35 |
    3. 36 |
  3. 37 |

    ${msg("totpStep3")}

    38 |
    4. 39 |
40 | 41 |
42 | 43 |
44 | 45 |
46 |
47 | 48 |
49 | 50 |
51 | 52 | 53 |
54 |
55 | 56 |
57 |
58 |
59 | 60 | 61 |
62 |
63 |
64 |
65 | 66 | 67 | 68 | -------------------------------------------------------------------------------- /keycloak/themes/core/login/login-reset-password.ftl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | <#if properties.meta?has_content> 10 | <#list properties.meta?split(' ') as meta> 11 | 12 | 13 | 14 | Login 15 | 16 | 17 | 18 | <#if properties.styles?has_content> 19 | <#list properties.styles?split(' ') as style> 20 | 21 | 22 | 23 | 24 | 26 | <#if properties.scripts?has_content> 27 | <#list properties.scripts?split(' ') as script> 28 | 29 | 30 | 31 | <#if scripts??> 32 | <#list scripts as script> 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |

48 |

Forgot Password?

49 |

You can reset your password here.

50 |
51 | 52 |
53 | 54 |
55 |
56 | 57 | 58 |
59 |
60 |
61 | 62 |
63 |
64 | 65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 | 73 | 74 | -------------------------------------------------------------------------------- /keycloak/themes/core/login/login-update-profile.ftl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | <#if properties.meta?has_content> 10 | <#list properties.meta?split(' ') as meta> 11 | 12 | 13 | 14 | Login 15 | 16 | 17 | 18 | 19 | <#if properties.styles?has_content> 20 | <#list properties.styles?split(' ') as style> 21 | 22 | 23 | 24 | 25 | 27 | <#if properties.scripts?has_content> 28 | <#list properties.scripts?split(' ') as script> 29 | 30 | 31 | 32 | <#if scripts??> 33 | <#list scripts as script> 34 | 35 | 36 | 37 | 38 | 39 | 40 |
41 |
42 |
43 | Register 44 |
45 |
46 | 47 | 48 |
49 | 50 |

Username can contain any letters or numbers, without spaces

51 |
52 |
53 | 54 |
55 | 56 | 57 |
58 | 59 |
60 |
61 | 62 |
63 | 64 | 65 |
66 | 67 |
68 |
69 | 70 |
71 | 72 | 73 |
74 | 75 |

Please provide your E-mail

76 |
77 |
78 | 79 | <#if message?has_content> 80 |
81 |
82 | <#if message.type = 'success'> 83 | <#if message.type = 'warning'> 84 | <#if message.type = 'error'> 85 | <#if message.type = 'info'> 86 | 87 |
88 |
89 | 90 | 91 |
92 | 93 |
94 | 95 |
96 |
97 |
98 |
99 | -------------------------------------------------------------------------------- /keycloak/themes/core/login/login.ftl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | <#if properties.meta?has_content> 10 | <#list properties.meta?split(' ') as meta> 11 | 12 | 13 | 14 | Login 15 | 16 | 17 | 18 | <#if properties.styles?has_content> 19 | <#list properties.styles?split(' ') as style> 20 | 21 | 22 | 23 | 24 | 26 | <#if properties.scripts?has_content> 27 | <#list properties.scripts?split(' ') as script> 28 | 29 | 30 | 31 | <#if scripts??> 32 | <#list scripts as script> 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | <#if realm.password> 41 |
42 | 114 |
115 | 116 | 117 | -------------------------------------------------------------------------------- /keycloak/themes/core/login/register.ftl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | <#if properties.meta?has_content> 10 | <#list properties.meta?split(' ') as meta> 11 | 12 | 13 | 14 | Login 15 | 16 | 17 | 18 | 19 | <#if properties.styles?has_content> 20 | <#list properties.styles?split(' ') as style> 21 | 22 | 23 | 24 | 25 | 27 | <#if properties.scripts?has_content> 28 | <#list properties.scripts?split(' ') as script> 29 | 30 | 31 | 32 | <#if scripts??> 33 | <#list scripts as script> 34 | 35 | 36 | 37 | 38 | 39 | 40 |
41 |
42 |
43 | Register 44 |
45 |
46 | 47 | 48 |
49 | 50 |

Username can contain any letters or numbers, without spaces

51 |
52 |
53 | 54 |
55 | 56 | 57 |
58 | 59 |
60 |
61 | 62 |
63 | 64 | 65 |
66 | 67 |
68 |
69 | 70 |
71 | 72 | 73 |
74 | 75 |

Please provide your E-mail

76 |
77 |
78 | 79 |
80 | 81 | 82 |
83 | 84 |

Password should be at least 4 characters

85 |
86 |
87 | 88 |
89 | 90 | 91 |
92 | 93 |

Please confirm password

94 |
95 |
96 | 97 | <#if recaptchaRequired??> 98 |
99 |
100 |
101 |
102 |
103 | 104 | 105 | <#if message?has_content> 106 |
107 |
108 | <#if message.type = 'success'> 109 | <#if message.type = 'warning'> 110 | <#if message.type = 'error'> 111 | <#if message.type = 'info'> 112 | 113 |
114 |
115 | 116 | 117 |
118 | 119 |
120 | 121 |
122 |
123 |
124 |
125 | -------------------------------------------------------------------------------- /keycloak/themes/core/login/resources/css/login.css: -------------------------------------------------------------------------------- 1 | 2 | /* 3 | Note: It is best to use a less version of this file ( see http://css2less.cc 4 | For the media queries use @screen-sm-min instead of 768px. 5 | For .omb_spanOr use @body-bg instead of white. 6 | */ 7 | 8 | @media (min-width: 768px) { 9 | .omb_row-sm-offset-3 div:first-child[class*="col-"] { 10 | margin-left: 25%; 11 | } 12 | } 13 | 14 | .omb_login .omb_authTitle { 15 | text-align: center; 16 | line-height: 300%; 17 | } 18 | 19 | .omb_login .omb_socialButtons a { 20 | color: white; // In yourUse @body-bg 21 | opacity:0.9; 22 | } 23 | .omb_login .omb_socialButtons a:hover { 24 | color: white; 25 | opacity:1; 26 | } 27 | .omb_login .omb_socialButtons .omb_btn-facebook {background: #3b5998;} 28 | .omb_login .omb_socialButtons .omb_btn-twitter {background: #00aced;} 29 | .omb_login .omb_socialButtons .omb_btn-google {background: #c32f10;} 30 | 31 | 32 | .omb_login .omb_loginOr { 33 | position: relative; 34 | font-size: 1.5em; 35 | color: #aaa; 36 | margin-top: 1em; 37 | margin-bottom: 1em; 38 | padding-top: 0.5em; 39 | padding-bottom: 0.5em; 40 | } 41 | .omb_login .omb_loginOr .omb_hrOr { 42 | background-color: #cdcdcd; 43 | height: 1px; 44 | margin-top: 0px !important; 45 | margin-bottom: 0px !important; 46 | } 47 | .omb_login .omb_loginOr .omb_spanOr { 48 | display: block; 49 | position: absolute; 50 | left: 50%; 51 | top: -0.6em; 52 | margin-left: -1.5em; 53 | background-color: white; 54 | width: 3em; 55 | text-align: center; 56 | } 57 | 58 | .omb_login .omb_loginForm .input-group.i { 59 | width: 2em; 60 | } 61 | .omb_login .omb_loginForm .help-block { 62 | color: red; 63 | } 64 | .rememberme { 65 | margin-left: 20px; 66 | } 67 | .button { 68 | border-radius: 5px; 69 | display: inline-block; 70 | height: 30px; 71 | line-height: 30px; 72 | padding-right: 30px; 73 | padding-left: 70px; 74 | position: relative; 75 | background-color:rgb(0,0,0); 76 | color:rgb(255,255,255); 77 | text-decoration: none; 78 | text-transform: lowercase; 79 | letter-spacing: 1px; 80 | margin-bottom: 15px; 81 | text-shadow:0px 1px 0px rgba(0,0,0,0.5); 82 | -ms-filter:"progid:DXImageTransform.Microsoft.dropshadow(OffX=0,OffY=1,Color=#ff123852,Positive=true)";zoom:1; 83 | filter:progid:DXImageTransform.Microsoft.dropshadow(OffX=0,OffY=1,Color=#ff123852,Positive=true); 84 | 85 | -moz-box-shadow:0px 2px 2px rgba(0,0,0,0.2); 86 | -webkit-box-shadow:0px 2px 2px rgba(0,0,0,0.2); 87 | box-shadow:0px 2px 2px rgba(0,0,0,0.2); 88 | -ms-filter:"progid:DXImageTransform.Microsoft.dropshadow(OffX=0,OffY=2,Color=#33000000,Positive=true)"; 89 | filter:progid:DXImageTransform.Microsoft.dropshadow(OffX=0,OffY=2,Color=#33000000,Positive=true); 90 | } 91 | 92 | .button:hover{ 93 | text-decoration: none; 94 | color: #eeeaee; 95 | } 96 | 97 | .button p{font-size: 18px;} 98 | .button span { 99 | position: absolute; 100 | left: 10px; 101 | top: 4px; 102 | width: 50px; 103 | font-size:20px; 104 | -webkit-border-top-left-radius: 5px; 105 | -webkit-border-bottom-left-radius: 5px; 106 | -moz-border-radius-topleft: 5px; 107 | -moz-border-radius-bottomleft: 5px; 108 | border-top-left-radius: 5px; 109 | border-bottom-left-radius: 5px; 110 | border-right: 1px solid rgba(0,0,0,0.15); 111 | text-decoration: none; 112 | } 113 | .button.github{ 114 | background: #171515; 115 | } 116 | .button.google{ 117 | background: #db4a39; 118 | } 119 | 120 | @media (min-width: 768px) { 121 | .omb_login .omb_forgotPwd { 122 | text-align: right; 123 | margin-top:10px; 124 | } 125 | } 126 | .button-login { 127 | margin-top:10px; 128 | } 129 | 130 | .form-gap { 131 | padding-top: 70px; 132 | } 133 | 134 | .g-recaptcha { 135 | margin-left: 180px; 136 | } -------------------------------------------------------------------------------- /keycloak/themes/core/login/theme.properties: -------------------------------------------------------------------------------- 1 | parent=base 2 | styles=css/login.css -------------------------------------------------------------------------------- /settings.gradle: -------------------------------------------------------------------------------- 1 | include 'keycloak-saml' 2 | include 'keycloak-springbootsecurity' 3 | include 'keycloak-backend-springbootsecurity' --------------------------------------------------------------------------------