From 23e4b5f0f5bee86e256d3fa40087de16f46599cb Mon Sep 17 00:00:00 2001 From: Hans Keeler Date: Tue, 1 Aug 2017 18:32:03 -0400 Subject: [PATCH 1/4] Upgrade to mod_auth_openidc:2.3.1, cjose:0.5.1 --- auth-proxy/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/auth-proxy/Dockerfile b/auth-proxy/Dockerfile index de91edb..b1258fe 100644 --- a/auth-proxy/Dockerfile +++ b/auth-proxy/Dockerfile @@ -1,12 +1,12 @@ FROM centos:7 -ENV OIDC_VER 2.2.0 +ENV OIDC_VER 2.3.1 ENV OIDC_PATCH 1 ENV OIDC_PKG mod_auth_openidc-${OIDC_VER}-${OIDC_PATCH}.el7.centos.x86_64.rpm # Cisco's cjose lib is _usually_ on the same release as mod_auth_openidc -ENV CJOSE_OIDC_VER 2.2.0 -ENV CJOSE_PKG cjose-0.4.1-1.el7.centos.x86_64.rpm +ENV CJOSE_OIDC_VER 2.3.0 +ENV CJOSE_PKG cjose-0.5.1-1.el7.centos.x86_64.rpm ENV DL_SITE https://github.com/pingidentity/mod_auth_openidc/releases/download/ From b82d1fc7ce243ad29ebbff41b6fea209c008a87f Mon Sep 17 00:00:00 2001 From: Hans Keeler Date: Tue, 1 Aug 2017 18:35:33 -0400 Subject: [PATCH 2/4] Upgrade Keycloak to 3.2.1.Final - Upgrades to latest version of Maven - Uses 3.2.0 Keycloak libs to build auth provider since 3.2.1 not (yet?) available - Re-adds 'providers' directory to Keycloak. Docs now mention a 'modules' dir for deploying custom code, but setup is more complex. We'll investigate further later. - Fixes institution search ajax call, broken by Keycloaks jquery 3.x upgrade. - Fixes reference to jquery lib, which moved to node_modules directory. - Removes unused select2 lib - Adds new settings to standalone.xml, mostly related to registration sessions. --- keycloak/Dockerfile | 7 ++++--- keycloak/providers/authenticator/hmda/pom.xml | 3 ++- keycloak/standalone.xml | 7 ++++++- keycloak/themes/hmda/login/register.ftl | 4 ++-- keycloak/themes/hmda/login/theme.properties | 2 +- 5 files changed, 15 insertions(+), 8 deletions(-) diff --git a/keycloak/Dockerfile b/keycloak/Dockerfile index c8dd4d1..e62e9d6 100644 --- a/keycloak/Dockerfile +++ b/keycloak/Dockerfile @@ -1,12 +1,12 @@ -FROM jboss/keycloak-postgres:3.1.0.Final +FROM jboss/keycloak-postgres:3.2.1.Final -ENV MAVEN_VER=3.3.9 +ENV MAVEN_VER=3.5.0 ENV MAVEN_DIST=apache-maven-$MAVEN_VER ENV MAVEN_FILE=$MAVEN_DIST-bin.tar.gz ENV PATH=$PATH:/tmp/$MAVEN_DIST/bin ENV KC_SPI_SRC=providers ENV KC_SPI_DEST=/usr/src/keycloak -ENV KC_LIB_VER=3.1.0.Final +ENV KC_LIB_VER=3.2.0.Final # Install Maven (YUM version is too old) RUN curl -s -o /tmp/${MAVEN_FILE} http://www-us.apache.org/dist/maven/maven-3/${MAVEN_VER}/binaries/${MAVEN_FILE} && \ @@ -41,6 +41,7 @@ USER jboss RUN echo 'Keycloak SPI build starting...' && \ cd ${KC_SPI_DEST}/${KC_SPI_SRC}/authenticator/hmda && \ mvn --quiet clean install && \ + mkdir /opt/jboss/keycloak/providers && \ cp target/keycloak-authenticator-hmda-${KC_LIB_VER}.jar /opt/jboss/keycloak/providers && \ echo 'Keycloak SPIs build successful!' diff --git a/keycloak/providers/authenticator/hmda/pom.xml b/keycloak/providers/authenticator/hmda/pom.xml index e417c6f..d836a23 100644 --- a/keycloak/providers/authenticator/hmda/pom.xml +++ b/keycloak/providers/authenticator/hmda/pom.xml @@ -4,7 +4,8 @@ keycloak-parent org.keycloak - 3.1.0.Final + + 3.2.0.Final 4.0.0 diff --git a/keycloak/standalone.xml b/keycloak/standalone.xml index 1e4f984..2ec32c9 100644 --- a/keycloak/standalone.xml +++ b/keycloak/standalone.xml @@ -244,11 +244,16 @@ + - + + + + + diff --git a/keycloak/themes/hmda/login/register.ftl b/keycloak/themes/hmda/login/register.ftl index 368cb91..ac43114 100644 --- a/keycloak/themes/hmda/login/register.ftl +++ b/keycloak/themes/hmda/login/register.ftl @@ -134,8 +134,8 @@ function getInstitutions(domain) { }, data: { domain: domain } }) - .success(function(response) { - buildList(response.institutions); + .done(function(data, status, xhr) { + buildList(data.institutions); }) .fail(function(request, status, error) { $('#institutions').html('Sorry, something went wrong. Please contact ${properties.supportEmailTo!} for help getting registered or try again in a few minutes.'); diff --git a/keycloak/themes/hmda/login/theme.properties b/keycloak/themes/hmda/login/theme.properties index 1eaa22f..4200434 100644 --- a/keycloak/themes/hmda/login/theme.properties +++ b/keycloak/themes/hmda/login/theme.properties @@ -1,5 +1,5 @@ parent=keycloak -scripts=lib/jquery/jquery-1.10.2.js lib/select2-3.4.1/select2.min.js +scripts=node_modules/jquery/dist/jquery.min.js styles=css/uswds.min.css css/hmda.css # WARNING: These placeholders are overridden on container startup. Do not commit overridden values. From 1d671a2c9443a1f4b0a478df88cc62b8a7ba3b3f Mon Sep 17 00:00:00 2001 From: Hans Keeler Date: Wed, 2 Aug 2017 17:51:35 -0400 Subject: [PATCH 3/4] Bump keycloak lib to latest now that it's available --- keycloak/Dockerfile | 2 +- keycloak/providers/authenticator/hmda/pom.xml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/keycloak/Dockerfile b/keycloak/Dockerfile index e62e9d6..9b0b6d5 100644 --- a/keycloak/Dockerfile +++ b/keycloak/Dockerfile @@ -6,7 +6,7 @@ ENV MAVEN_FILE=$MAVEN_DIST-bin.tar.gz ENV PATH=$PATH:/tmp/$MAVEN_DIST/bin ENV KC_SPI_SRC=providers ENV KC_SPI_DEST=/usr/src/keycloak -ENV KC_LIB_VER=3.2.0.Final +ENV KC_LIB_VER=3.2.1.Final # Install Maven (YUM version is too old) RUN curl -s -o /tmp/${MAVEN_FILE} http://www-us.apache.org/dist/maven/maven-3/${MAVEN_VER}/binaries/${MAVEN_FILE} && \ diff --git a/keycloak/providers/authenticator/hmda/pom.xml b/keycloak/providers/authenticator/hmda/pom.xml index d836a23..220e614 100644 --- a/keycloak/providers/authenticator/hmda/pom.xml +++ b/keycloak/providers/authenticator/hmda/pom.xml @@ -4,8 +4,7 @@ keycloak-parent org.keycloak - - 3.2.0.Final + 3.2.1.Final 4.0.0 From 716192e2eed1441d7613e54eed719995429d9f8d Mon Sep 17 00:00:00 2001 From: Hans Keeler Date: Wed, 2 Aug 2017 17:52:43 -0400 Subject: [PATCH 4/4] Remove unused image; Fix 404ing image with CSS --- .../themes/hmda/login/resources/css/hmda.css | 1 + .../themes/hmda/login/resources/img/select2.png | Bin 16883 -> 0 bytes 2 files changed, 1 insertion(+) delete mode 100644 keycloak/themes/hmda/login/resources/img/select2.png diff --git a/keycloak/themes/hmda/login/resources/css/hmda.css b/keycloak/themes/hmda/login/resources/css/hmda.css index 18dcaca..8a3e243 100644 --- a/keycloak/themes/hmda/login/resources/css/hmda.css +++ b/keycloak/themes/hmda/login/resources/css/hmda.css @@ -99,6 +99,7 @@ body { } .usa-alert-error, +.usa-alert-info, .usa-alert-warning { background-image: none; } diff --git a/keycloak/themes/hmda/login/resources/img/select2.png b/keycloak/themes/hmda/login/resources/img/select2.png deleted file mode 100644 index 0eb6c47445ca4a487c8eef4075cfe440385fe454..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 16883 zcmeI4du$ZP8Nk<%+QBK*D6yakkn8a%t+U?8?Y%a4NAU|Aajs)KjqOnIdT-8N`EK{P zUE619gI%Je1R^EQ1F+JdCRI^VmAXkQOwHp;OY;(KNE#?1Z5>r@A*D7Ilz>`?&ffW6 ztVf()M=KH>x-#7Ek>>tba`nol9i|!~Q2x4w+O=Sc8>w-TkZz+JkpC8?G z9sZdUs%cRP;?~>rpB!T7*@XnLs!D2V)|$QRcu@(K2|lGAltqFe*c&=n6$uGq7tl=Y zphJ?~=84gxW|QP|oA0-JX>X_kbV@aw!=Q0lu5@c|vsn+6{7lU&7)l0`)hTw6A{7xr z6jMf1*^GQ*(k9d$4#bA$6Dbe?K_F`?v}3Z`g*p{YQ9G3xLMGKS28KEDdXurUjyD+0 z8d}w=dLV)+q**Q1roIrM8i1;Fhec4;1E;by+w3*TpGr=KCtWk+*g-^^!A#f0&0QK(TW<0*fjQqX`0u1Fin zFrjlte_s|K7Ap_^rTIwfiTZ#$$R}vRth}W6P4nXu zdA|}43Ytd>3LSt7$sH~#)tJ^ZxvuyMC7^`iuz<(nqOvt-wQ2$pZJp2u!fIN6V3uNg zwp{4QY)vQvQf%*qgs=+qmE|@kmR54JCikLllNwGeR-F(8p3?MDrkYcuOnN}g^)Y8L zk2Ry_E=n&F0qMUu50j{b`b_N2GM$@c9`67CTLfHXB27Hot`wYz{yQG{@Q;7RK)L+Y%wNxS1BJMpEHP(wDi% zV->6sY|3o?q!lc7#`1!w-#a{_eslq!i^^zC4J%c-;vJ;v>6{&cY34J>=33FC=quFF3HAJyfkUN0S zLnS7bXh6sG|D3ql6~s80Pnx)lYu`ib3cs_{Mz=Z(8 ziv}({A4F^5LV(~!0~ekTqBU?KK=7i03(p798n_T3c+tRx=YwbsTnG@nXyC&0L9_-g z1PERdTZg-U0^gc9 zi8T#gg4n#AAo{lv#5MTlegAoa=%xwc!#0B8cN4?{WpLy1YJ$jJSzEcfDe~ThJ?^gC z@4fxuSC5r%nzN%dzoDx6w`&&_|Gb)Rf0TUt+P$3zwwhKJ%>Uv0YrN58$BuJfD_=XB zFZ}qx=BFCIB$ z8~W2Dxz9awxw_%RzlW~9Gk>6Tuyydgf|dgvXFn{Rzx2X)&mL}jL2{fR_B~-;uS)Ot zod5ccmxLdkIl1%um#nUHxjTt9g}>kbH`V>ZnYrH6_7Y)?59N*g<-!WOq4;Xa@W^A) z$)KzM)qeKM97hvzrq{Z+3q4g|~7yIJUGdd&4+lh(T z!FbLO#z(H@>@J$~*+blGRCMv!!Mvk)6fNA%4IlXU8}pvcdyx3!fcQlJUkB!eUVd}* z^LOriy(W5VbV7desU06TEgNgu_R>cq1>?j5bIxAd*nMM