mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-02 13:11:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update bootstrap admin client to use lightweight access token, and disable standard flow (#33014)

Browse Source 
Closes #33010, closes #33011

Signed-off-by: stianst <stianst@gmail.com>
This commit is contained in:
Stian Thorgersen
2024-09-17 14:23:19 +02:00
committed by GitHub
parent 93b00cf271
commit 76307872f6
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+2
View File
@@ -169,6 +169,7 @@ public class ApplianceBootstrap {
adminClient.setClientId(clientId);
adminClient.setEnabled(true);
adminClient.setServiceAccountsEnabled(true);
adminClient.setStandardFlowEnabled(false);
adminClient.setPublicClient(false);
adminClient.setSecret(clientSecret);
@@ -180,6 +181,7 @@ public class ApplianceBootstrap {
RoleModel adminRole = realm.getRole(AdminRoles.ADMIN);
serviceAccount.grantRole(adminRole);
adminClientModel.setAttribute(Constants.USE_LIGHTWEIGHT_ACCESS_TOKEN_ENABLED, Boolean.TRUE.toString());
adminClientModel.setAttribute(IS_TEMP_ADMIN_ATTR_NAME, Boolean.TRUE.toString());
// also set the expiration - could be relative to a creation timestamp, or computed