Fix required user attributes, webauthn registration + login #1

Merged

b12f merged 6 commits from fix/required-user-attrs-webauthn into main

2023-07-20 17:48:31 +00:00

teutat3s commented

2023-07-14 21:27:01 +00:00

Owner

Required user attributes

With the Keycloak preview feature declarative-user-profile, we can customize which user attributes are required.
Steps required to configure this:

Enable preview feature with startup flag --features="declarative-user-profile"
Go to Administration Console, pub.solar realm, Realm Settings, there enable: "User Profile Enabled", Click "Save"
Go to new Tab "User profile", edit firstName and lastName and disable "Required", Click "Save"

It might be necessary to change the Realm Settings via kc.sh, because pub.solar is now considered an invalid realm name.

Via CLI

sudo --user keycloak kcadm.sh update --config /tmp/kcadm.config realms/pub.solar -s attributes.userProfileEnabled=true

Webauthn

WebAuthN login and registration works with these changes (tested locally using a YubiKey).

### Required user attributes With the [Keycloak preview feature](https://www.keycloak.org/server/features#_preview_features) `declarative-user-profile`, we can customize which user attributes are required. Steps required to configure this: - Enable preview feature with startup flag `--features="declarative-user-profile"` - Go to Administration Console, pub.solar realm, Realm Settings, there enable: "User Profile Enabled", Click "Save" - Go to new Tab "User profile", edit `firstName` and `lastName` and disable "Required", Click "Save" It might be necessary to change the Realm Settings via `kc.sh`, because pub.solar is now considered an invalid realm name. Via CLI ``` sudo --user keycloak kcadm.sh update --config /tmp/kcadm.config realms/pub.solar -s attributes.userProfileEnabled=true ``` ### Webauthn WebAuthN login and registration works with these changes (tested locally using a YubiKey).

teutat3s added 5 commits 2023-07-14 21:27:02 +00:00

c7617bda4f

Fix missing jquery dependency

Loading failed for the <script> with source “https://auth.pub.solar/resources/nywxw/common/pub.solar/node_modules/jquery/dist/jquery.min.js”.

Uncaught (in promise) ReferenceError: $ is not defined

77e15657d3

flake: bump lockfile

Remove flake-utils from devshell inputs

Fix devshell overlay reference

64d4ca1751

account: do not mark firstName, lastName as required

c0abc24aa2

Fix required action: register webauthn

Without this change, when trying to register a new WebAuthn device, the
following error appears:
2023-07-14 20:53:41,831 ERROR [freemarker.runtime] (executor-thread-5) Error executing FreeMarker template: freemarker.core.InvalidReferenceException: The following has evaluated to null or missing:
==> properties.kcWebAuthnKeyIcon  [in template "webauthn-register.ftl" at line 6, column 24]

8fabcc79ee

Update README

teutat3s requested review from b12f 2023-07-14 21:30:35 +00:00

teutat3s added 1 commit 2023-07-14 21:56:24 +00:00

4aa04e2ea4

Fix missing buttons in list of available authenticators

teutat3s commented

2023-07-14 22:00:38 +00:00

Poster

Owner

Before 4aa04e2ea4

After

**Before** https://git.pub.solar/pub-solar/keycloak-theme/commit/4aa04e2ea4971c87e040f5c3dd2e4586c7cb78d6 ![20230714_23h57m05s_grim.png](/attachments/ed826a4d-4531-4d40-b3df-234ca5cafbc8) **After** ![20230714_23h57m37s_grim.png](/attachments/94a271eb-1f92-45e3-8ce3-247bf7f2be01)

20230714_23h57m37s_grim.png

366 KiB

20230714_23h57m05s_grim.png

181 KiB