CCCHH/keycloak-attribute-endpoints-provider
0
0
Fork 0
Code Issues Pull requests 2 Projects Releases Packages Wiki Activity Actions

Configure Extension with UiPageProvider #1

Open
kritzl wants to merge 6 commits from addUiPageProvider into main
pull from: addUiPageProvider
merge into: CCCHH:main
Conversation 4 Commits 6 Files changed 11 +5593 -128
kritzl commented 2026-02-21 15:49:36 +01:00
Member
Copy link
No description provided. 
Co-authored-by: kritzl <kritzl@kritzl.dev>
Dynamically get a list of attributes to get the keys from, get their
values, ensure they are in a valid format using a regex and finally
return the list of keys as a JSON list.

Co-authored-by: kritzl <kritzl@kritzl.dev>
Co-authored-by: June <june@jsts.xyz>
Co-authored-by: June june@jsts.xyz
- fetch configuration of AdminUiPage Component
- validate config
- use configuration to get attributes
kritzl self-assigned this 2026-02-21 15:49:50 +01:00
kritzl requested review from june 2026-02-21 15:49:59 +01:00
june requested changes 2026-03-24 17:32:54 +01:00
june left a comment
Owner
Copy link

Tested by following the README and using the compose file and it works great. Generally looks good, just a few small things here and there.

Tested by following the README and using the compose file and it works great. Generally looks good, just a few small things here and there.
README.md
@ -0,0 +8,4 @@
- is in the attribute group matching `attribute-group`
- matches an optional RegEx Pattern `attribute-regex`
- belongs to a user with a role matching `match-role`
- is non-empty
june commented 2026-03-24 15:27:34 +01:00
Owner
Copy link

Should use plural, like:

Every endpoint responds with a list of all attribute values, that: 
- are in the attribute group matching `attribute-group`
- match an optional RegEx Pattern `attribute-regex`
- belong to a user with a role matching `match-role`
- are non-empty
Should use plural, like: ``` Every endpoint responds with a list of all attribute values, that: - are in the attribute group matching `attribute-group` - match an optional RegEx Pattern `attribute-regex` - belong to a user with a role matching `match-role` - are non-empty ```
attribute-endpoints-provider/src/main/java/de/ccc/hamburg/keycloak/attribute_endpoints/AdminUiPage.java
@ -0,0 +24,4 @@
*/
@AutoService(UiPageProviderFactory.class)
public class AdminUiPage implements UiPageProvider, UiPageProviderFactory<ComponentModel> {
public static final String PROVIDER_ID = "🪪 Attribute Endpoints 🚀";
june commented 2026-03-24 17:31:47 +01:00
Owner
Copy link

I think getting rid of the emojis, while they are fun, might be a good idea.

I think getting rid of the emojis, while they are fun, might be a good idea.
attribute-endpoints-provider/src/main/java/de/ccc/hamburg/keycloak/attribute_endpoints/AttributeEndpointsResourceProvider.java
@ -0,0 +53,4 @@
@GET
@Path("export/{slug}")
@Produces(MediaType.APPLICATION_JSON)
public Response exportKeys(@PathParam("slug") String slug) {
june commented 2026-03-24 17:14:19 +01:00
Owner
Copy link

I guess this should be called something like exportAttributeValues now that this is not just about SSH Keys anymore.

I guess this should be called something like `exportAttributeValues` now that this is not just about SSH Keys anymore.
attribute-endpoints-provider/src/main/java/de/ccc/hamburg/keycloak/attribute_endpoints/AttributeEndpointsResourceProvider.java
@ -0,0 +106,4 @@
throw new ForbiddenException("User does not have required auth role.");
}
if (componentList.size() > 1) {
june commented 2026-03-24 17:17:54 +01:00
Owner
Copy link

Moving this before line 71, where we get the component to work with might make a bit more sense flow-wise.

Moving this before line 71, where we get the component to work with might make a bit more sense flow-wise.
june commented 2026-03-24 17:33:39 +01:00
Owner
Copy link

Oh, and we have both a test.json and a realm-export.json. Do we want to keep them both, one or none?

Oh, and we have both a `test.json` and a `realm-export.json`. Do we want to keep them both, one or none?
june commented 2026-03-24 17:36:59 +01:00
Owner
Copy link

Reading through the code, I noticed that we are duplicating the validation logic for the AdminUiPage and the AttributeEndpointsResourceProvider. I think this is fine, as it's just refactoring and they do both cater to slightly different use-cases, so a refactor needs some thought, but we might want to look into abstracting that into one place in the future.

Reading through the code, I noticed that we are duplicating the validation logic for the `AdminUiPage` and the `AttributeEndpointsResourceProvider`. I think this is fine, as it's just refactoring and they do both cater to slightly different use-cases, so a refactor needs some thought, but we might want to look into abstracting that into one place in the future.
june reviewed 2026-03-24 17:53:54 +01:00
attribute-endpoints-provider/src/main/java/de/ccc/hamburg/keycloak/attribute_endpoints/AdminUiPage.java
@ -0,0 +55,4 @@
Pattern slugPattern = Pattern.compile("^[a-zA-Z0-9_-]*$");
String configAttributeSlug = model.getConfig().getFirst("slug");
if (!slugPattern.matcher(configAttributeSlug).matches()) {
june commented 2026-03-24 17:53:54 +01:00
Owner
Copy link

Currently this gives us an ugly exception in the Keycloak logs for an empty slug, as configAttributeSlug is then null. Not critical as it still just errors, but we should probably check, if configAttributeSlug is null. I guess then adding a null check to all the other config$things is probably a good idea as well.

Currently this gives us an ugly exception in the Keycloak logs for an empty slug, as `configAttributeSlug` is then `null`. Not critical as it still just errors, but we should probably check, if `configAttributeSlug` is `null`. I guess then adding a null check to all the other `config$thing`s is probably a good idea as well.
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin addUiPageProvider:addUiPageProvider
git switch addUiPageProvider

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main
git merge --no-ff addUiPageProvider
git switch addUiPageProvider
git rebase main
git switch main
git merge --ff-only addUiPageProvider
git switch addUiPageProvider
git rebase main
git switch main
git merge --no-ff addUiPageProvider
git switch main
git merge --squash addUiPageProvider
git switch main
git merge --ff-only addUiPageProvider
git switch main
git merge addUiPageProvider
git push origin main
Sign in to join this conversation.
Reviewers
No reviewers
june
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
kritzl
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
CCCHH/keycloak-attribute-endpoints-provider!1
No description provided.