add note on how to get an example keycloak setup for the example setup

README.md

@@ -5,10 +5,10 @@ For this it will provide API endpoints for every configured attribute-group.
 The configuration of the provider is possible via an admin page.
 
 Every endpoint responds with a list of all attribute values, that:
-- are in the attribute group matching `attribute-group`
+ - is in the attribute group matching `attribute-group`
-- match an optional RegEx Pattern `attribute-regex`
+ - matches an optional RegEx Pattern `attribute-regex`
-- belong to a user with a role matching `match-role`
+ - belongs to a user with a role matching `match-role`
-- are non-empty
+ - is non-empty
 
 Multivalue attributes are flattened in the response.
 
@@ -61,7 +61,7 @@ We assume an unconfigured, fresh Keycloak installation running under `http://loc
     - After creating:
       - give it the role `myattribute-export`
       - set a password in the users settings `Creadentials > Set password`. For Example `"password"`
-8. Under `Attribute Endpoints > Create item`, add a new endpoint to the provider  
+8. Under `🪪 Attribute Endpoints 🚀 > Create item`, add a new endpoint to the provider  
    Example:
    - `Slug` = `"ssh_keys"`
    - `Attribute Group` = `"my-attributes-group"`

attribute-endpoints-provider/src/main/java/de/ccc/hamburg/keycloak/attribute_endpoints/AdminUiPage.java

@@ -24,7 +24,7 @@ import com.google.auto.service.AutoService;
  */
 @AutoService(UiPageProviderFactory.class)
 public class AdminUiPage implements UiPageProvider, UiPageProviderFactory<ComponentModel> {
-    public static final String PROVIDER_ID = "Attribute Endpoints";
+    public static final String PROVIDER_ID = "🪪 Attribute Endpoints 🚀";
 
     @Override
     public void init(Config.Scope config) {
@@ -54,28 +54,22 @@ public class AdminUiPage implements UiPageProvider, UiPageProviderFactory<Compon
 
         Pattern slugPattern = Pattern.compile("^[a-zA-Z0-9_-]*$");
         String configAttributeSlug = model.getConfig().getFirst("slug");
-        if (configAttributeSlug == null) {
+
-            hasError = true;
+        if (!slugPattern.matcher(configAttributeSlug).matches()) {
-            errorString += " • [Slug] can not be empty\n";
-        } else if (!slugPattern.matcher(configAttributeSlug).matches()) {
             hasError = true;
             errorString += " • [Slug] can only contain anlphanumeric characters, dash and underscore (a-z A-Z 0-9 _ - )\n";
         }
 
         String configAuthRole = model.getConfig().getFirst("auth-role");
-        if (configAuthRole == null) {
+        RoleModel authRole = realm.getRole(configAuthRole);
-            hasError = true;
+        if (authRole == null) {
-            errorString += " • [Auth Role] can not be empty\n";
-        } else if (realm.getRole(configAuthRole) == null) {
             hasError = true;
             errorString += " • [Auth Role] does not exist\n";
         }
 
         String configMatchRole = model.getConfig().getFirst("match-role");
-        if (configMatchRole == null) {
+        RoleModel matchRole = realm.getRole(configMatchRole);
-            hasError = true;
+        if (matchRole == null) {
-            errorString += " • [Match Role] can not be empty\n";
-        } else if (realm.getRole(configMatchRole) == null) {
             hasError = true;
             errorString += " • [Match Role] does not exist\n";
         }
@@ -83,10 +77,7 @@ public class AdminUiPage implements UiPageProvider, UiPageProviderFactory<Compon
         UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
         UPConfig upconfig = profileProvider.getConfiguration();
         String configAttributeGroup = model.getConfig().getFirst("attribute-group");
-        if (configAttributeGroup == null) {
+        if (!upconfig.getGroups().stream().anyMatch(g -> g.getName().equals(configAttributeGroup))) {
-            hasError = true;
-            errorString += " • [Attribute Group] can not be empty\n";
-        } else if (!upconfig.getGroups().stream().anyMatch(g -> g.getName().equals(configAttributeGroup))) {
             hasError = true;
             errorString += " • [Attribute Group] does not exist\n";
         }

attribute-endpoints-provider/src/main/java/de/ccc/hamburg/keycloak/attribute_endpoints/AttributeEndpointsResourceProvider.java

@@ -53,7 +53,7 @@ public class AttributeEndpointsResourceProvider implements RealmResourceProvider
     @GET
     @Path("export/{slug}")
     @Produces(MediaType.APPLICATION_JSON)
-    public Response exportAttributeValues(@PathParam("slug") String slug) {
+    public Response exportKeys(@PathParam("slug") String slug) {
         KeycloakContext context = session.getContext();
         RealmModel realm = context.getRealm();
 
@@ -62,16 +62,11 @@ public class AttributeEndpointsResourceProvider implements RealmResourceProvider
                 .filter(c -> c.getConfig().getFirst("slug").equals(slug))
                 .toList();
 
-        Auth auth = AttributeEndpointsResourceProvider.getAuth(session);
-
         if (componentList.isEmpty()) {
             throw new NotFoundException("Endpoint not found.");
         }
 
-        if (componentList.size() > 1) {
+        Auth auth = AttributeEndpointsResourceProvider.getAuth(session);
-            throw new NotFoundException(
-                    "Endpoint Configuration Error - Multiple configurations exist for this endpoint.");
-        }
 
         ComponentModel component = componentList.get(0);
 
@@ -111,6 +106,11 @@ public class AttributeEndpointsResourceProvider implements RealmResourceProvider
             throw new ForbiddenException("User does not have required auth role.");
         }
 
+        if (componentList.size() > 1) {
+            throw new NotFoundException(
+                    "Endpoint Configuration Error - Multiple configurations exist for this endpoint.");
+        }
+
         List<String> attributeNames = upconfig.getAttributes()
                 .stream()
                 .filter(a -> a.getGroup() != null && a.getGroup().equals(configAttributeGroup))