Enable and Fix keycloak User Registration Config along with defaultin…

…g to 'User' group for newly registered users (#24765) * Fix keycloak User Registration Config along with defaulting to 'User' group for newly registered users. * Enable User Registration in Keycloak by default
jhipster · May 9, 2024 · bef1c4d · bef1c4d
1 parent f56c6a7
commit bef1c4d
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 20 deletions.
diff --git a/generators/docker-compose/templates/realm-config/jhipster-realm.json.ejs b/generators/docker-compose/templates/realm-config/jhipster-realm.json.ejs
@@ -29,7 +29,7 @@
   "oauth2DevicePollingInterval": 5,
   "enabled": true,
   "sslRequired": "external",
-  "registrationAllowed": false,
+  "registrationAllowed": true,
   "registrationEmailAsUsername": false,
   "rememberMe": false,
   "verifyEmail": false,
@@ -463,6 +463,9 @@
   "requiredCredentials": [
     "password"
   ],
+  "defaultGroups": [
+    "/Users"
+  ],
   "otpPolicyType": "totp",
   "otpPolicyAlgorithm": "HmacSHA1",
   "otpPolicyInitialCounter": 0,
@@ -2364,6 +2367,14 @@
           "priority": 60,
           "userSetupAllowed": false,
           "autheticatorFlow": false
+        },
+        {
+          "authenticator": "registration-terms-and-conditions",
+          "authenticatorFlow": false,
+          "requirement": "DISABLED",
+          "priority": 70,
+          "autheticatorFlow": false,
+          "userSetupAllowed": false
         }
       ]
     },
@@ -2455,9 +2466,9 @@
       "config": {}
     },
     {
-      "alias": "terms_and_conditions",
+      "alias": "TERMS_AND_CONDITIONS",
       "name": "Terms and Conditions",
-      "providerId": "terms_and_conditions",
+      "providerId": "TERMS_AND_CONDITIONS",
       "enabled": false,
       "defaultAction": false,
       "priority": 20,

diff --git a/generators/docker/templates/docker/realm-config/jhipster-realm.json.ejs b/generators/docker/templates/docker/realm-config/jhipster-realm.json.ejs
@@ -29,7 +29,7 @@
   "oauth2DevicePollingInterval": 5,
   "enabled": true,
   "sslRequired": "external",
-  "registrationAllowed": false,
+  "registrationAllowed": true,
   "registrationEmailAsUsername": false,
   "rememberMe": false,
   "verifyEmail": false,
@@ -463,6 +463,9 @@
   "requiredCredentials": [
     "password"
   ],
+  "defaultGroups": [
+    "/Users"
+  ],
   "otpPolicyType": "totp",
   "otpPolicyAlgorithm": "HmacSHA1",
   "otpPolicyInitialCounter": 0,
@@ -2362,6 +2365,14 @@
           "priority": 60,
           "userSetupAllowed": false,
           "autheticatorFlow": false
+        },
+        {
+          "authenticator": "registration-terms-and-conditions",
+          "authenticatorFlow": false,
+          "requirement": "DISABLED",
+          "priority": 70,
+          "autheticatorFlow": false,
+          "userSetupAllowed": false
         }
       ]
     },
@@ -2453,9 +2464,9 @@
       "config": {}
     },
     {
-      "alias": "terms_and_conditions",
+      "alias": "TERMS_AND_CONDITIONS",
       "name": "Terms and Conditions",
-      "providerId": "terms_and_conditions",
+      "providerId": "TERMS_AND_CONDITIONS",
       "enabled": false,
       "defaultAction": false,
       "priority": 20,

diff --git a/generators/kubernetes/__snapshots__/kubernetes.spec.ts.snap b/generators/kubernetes/__snapshots__/kubernetes.spec.ts.snap
@@ -2605,7 +2605,7 @@ data:
       "oauth2DevicePollingInterval": 5,
       "enabled": true,
       "sslRequired": "external",
-      "registrationAllowed": false,
+      "registrationAllowed": true,
       "registrationEmailAsUsername": false,
       "rememberMe": false,
       "verifyEmail": false,
@@ -3027,6 +3027,9 @@ data:
       "requiredCredentials": [
         "password"
       ],
+      "defaultGroups": [
+        "/Users"
+      ],
       "otpPolicyType": "totp",
       "otpPolicyAlgorithm": "HmacSHA1",
       "otpPolicyInitialCounter": 0,
@@ -3541,7 +3544,7 @@ data:
           "redirectUris": [
             "http://jhgate.default.example.com/*",
             "https://jhgate.default.example.com/*", "http://localhost:8080/*",
-            "https://localhost:8080/*", 
+            "https://localhost:8080/*",
             "http://localhost:8100/*",
             "http://127.0.0.1:8761/*",
             "http://localhost:9000/*",
@@ -3550,7 +3553,7 @@ data:
           "webOrigins": [
             "http://jhgate.default.example.com",
             "https://jhgate.default.example.com", "http://localhost:8080",
-            "https://localhost:8080", 
+            "https://localhost:8080",
             "http://localhost:8100",
             "http://127.0.0.1:8761",
             "http://localhost:9000"
@@ -4816,6 +4819,14 @@ data:
               "priority": 60,
               "userSetupAllowed": false,
               "autheticatorFlow": false
+            },
+            {
+              "authenticator": "registration-terms-and-conditions",
+              "authenticatorFlow": false,
+              "requirement": "DISABLED",
+              "priority": 70,
+              "autheticatorFlow": false,
+              "userSetupAllowed": false
             }
           ]
         },
@@ -4907,9 +4918,9 @@ data:
           "config": {}
         },
         {
-          "alias": "terms_and_conditions",
+          "alias": "TERMS_AND_CONDITIONS",
           "name": "Terms and Conditions",
-          "providerId": "terms_and_conditions",
+          "providerId": "TERMS_AND_CONDITIONS",
           "enabled": false,
           "defaultAction": false,
           "priority": 20,
@@ -6019,7 +6030,7 @@ data:
       "oauth2DevicePollingInterval": 5,
       "enabled": true,
       "sslRequired": "external",
-      "registrationAllowed": false,
+      "registrationAllowed": true,
       "registrationEmailAsUsername": false,
       "rememberMe": false,
       "verifyEmail": false,
@@ -6441,6 +6452,9 @@ data:
       "requiredCredentials": [
         "password"
       ],
+      "defaultGroups": [
+        "/Users"
+      ],
       "otpPolicyType": "totp",
       "otpPolicyAlgorithm": "HmacSHA1",
       "otpPolicyInitialCounter": 0,
@@ -6955,7 +6969,7 @@ data:
           "redirectUris": [
             "http://jhgate.default.example.com/*",
             "https://jhgate.default.example.com/*", "http://localhost:8080/*",
-            "https://localhost:8080/*", 
+            "https://localhost:8080/*",
             "http://localhost:8100/*",
             "http://127.0.0.1:8761/*",
             "http://localhost:9000/*",
@@ -6964,7 +6978,7 @@ data:
           "webOrigins": [
             "http://jhgate.default.example.com",
             "https://jhgate.default.example.com", "http://localhost:8080",
-            "https://localhost:8080", 
+            "https://localhost:8080",
             "http://localhost:8100",
             "http://127.0.0.1:8761",
             "http://localhost:9000"
@@ -8230,6 +8244,14 @@ data:
               "priority": 60,
               "userSetupAllowed": false,
               "autheticatorFlow": false
+            },
+            {
+              "authenticator": "registration-terms-and-conditions",
+              "authenticatorFlow": false,
+              "requirement": "DISABLED",
+              "priority": 70,
+              "autheticatorFlow": false,
+              "userSetupAllowed": false
             }
           ]
         },
@@ -8321,9 +8343,9 @@ data:
           "config": {}
         },
         {
-          "alias": "terms_and_conditions",
+          "alias": "TERMS_AND_CONDITIONS",
           "name": "Terms and Conditions",
-          "providerId": "terms_and_conditions",
+          "providerId": "TERMS_AND_CONDITIONS",
           "enabled": false,
           "defaultAction": false,
           "priority": 20,

diff --git a/generators/kubernetes/files.js b/generators/kubernetes/files.js
@@ -115,7 +115,7 @@ export function writeFiles() {
           }
 
           this.keycloakRedirectUris += `"http://localhost:${appConfig.composePort}/*",
-            "https://localhost:${appConfig.composePort}/*", `;
+            "https://localhost:${appConfig.composePort}/*",`;
 
           if (appConfig.devServerPort !== undefined) {
             this.keycloakRedirectUris += `"http://localhost:${appConfig.devServerPort}/*", `;

diff --git a/generators/kubernetes/templates/keycloak/keycloak-configmap.yml.ejs b/generators/kubernetes/templates/keycloak/keycloak-configmap.yml.ejs
@@ -36,7 +36,7 @@ data:
       "oauth2DevicePollingInterval": 5,
       "enabled": true,
       "sslRequired": "external",
-      "registrationAllowed": false,
+      "registrationAllowed": true,
       "registrationEmailAsUsername": false,
       "rememberMe": false,
       "verifyEmail": false,
@@ -459,6 +459,9 @@ data:
       "requiredCredentials": [
         "password"
       ],
+      "defaultGroups": [
+        "/Users"
+      ],
       "otpPolicyType": "totp",
       "otpPolicyAlgorithm": "HmacSHA1",
       "otpPolicyInitialCounter": 0,
@@ -2305,6 +2308,14 @@ data:
               "priority": 60,
               "userSetupAllowed": false,
               "autheticatorFlow": false
+            },
+            {
+              "authenticator": "registration-terms-and-conditions",
+              "authenticatorFlow": false,
+              "requirement": "DISABLED",
+              "priority": 70,
+              "autheticatorFlow": false,
+              "userSetupAllowed": false
             }
           ]
         },
@@ -2396,9 +2407,9 @@ data:
           "config": {}
         },
         {
-          "alias": "terms_and_conditions",
+          "alias": "TERMS_AND_CONDITIONS",
           "name": "Terms and Conditions",
-          "providerId": "terms_and_conditions",
+          "providerId": "TERMS_AND_CONDITIONS",
           "enabled": false,
           "defaultAction": false,
           "priority": 20,