Details
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 4767558..afd2406 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -122,13 +122,13 @@ public class RealmManager {
}
if (rep.getRequiredApplicationCredentials() != null) {
- for (String requiredCred : rep.getRequiredCredentials()) {
+ for (String requiredCred : rep.getRequiredApplicationCredentials()) {
addResourceRequiredCredential(newRealm, requiredCred);
}
}
if (rep.getRequiredOAuthClientCredentials() != null) {
- for (String requiredCred : rep.getRequiredCredentials()) {
+ for (String requiredCred : rep.getRequiredOAuthClientCredentials()) {
addOAuthClientRequiredCredential(newRealm, requiredCred);
}
}
diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java b/services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java
index 24fcce4..d58ede8 100755
--- a/services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java
+++ b/services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java
@@ -154,6 +154,7 @@ public class ApplicationAdapter implements ApplicationModel {
ScopeRelationship scope = new ScopeRelationship();
scope.setClient(((UserAdapter)agent).getUser());
scope.setScope(((RoleAdapter)role).getRole());
+ getRelationshipManager().add(scope);
}
@Override
diff --git a/services/src/test/java/org/keycloak/test/ImportTest.java b/services/src/test/java/org/keycloak/test/ImportTest.java
index dce085f..68cd9ed 100755
--- a/services/src/test/java/org/keycloak/test/ImportTest.java
+++ b/services/src/test/java/org/keycloak/test/ImportTest.java
@@ -87,6 +87,13 @@ public class ImportTest {
List<RealmModel> realms = identitySession.getRealms(admin);
Assert.assertEquals(1, realms.size());
+ // Test scope relationship
+ ApplicationModel application = realm.getResourceNameMap().get("Application");
+ UserModel oauthClient = realm.getUser("oauthclient");
+ Assert.assertNotNull(application);
+ Assert.assertNotNull(oauthClient);
+ Set<String> appScopes = application.getScope(oauthClient);
+ Assert.assertTrue(appScopes.contains("user"));
}
@Test
@@ -109,10 +116,15 @@ public class ImportTest {
RealmModel realm = manager.createRealm("demo", rep.getRealm());
manager.importRealm(rep, realm);
realm.addRealmAdmin(admin);
- }
-
-
+ verifyRequiredCredentials(realm.getRequiredCredentials(), "password");
+ verifyRequiredCredentials(realm.getRequiredApplicationCredentials(), "totp");
+ verifyRequiredCredentials(realm.getRequiredOAuthClientCredentials(), "cert");
+ }
+ private void verifyRequiredCredentials(List<RequiredCredentialModel> requiredCreds, String expectedType) {
+ Assert.assertEquals(1, requiredCreds.size());
+ Assert.assertEquals(expectedType, requiredCreds.get(0).getType());
+ }
}
diff --git a/services/src/test/resources/testrealm-demo.json b/services/src/test/resources/testrealm-demo.json
index d8497a8..75007a3 100755
--- a/services/src/test/resources/testrealm-demo.json
+++ b/services/src/test/resources/testrealm-demo.json
@@ -8,8 +8,8 @@
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"requiredCredentials": [ "password" ],
- "requiredApplicationCredentials": [ "password" ],
- "requiredOAuthClientCredentials": [ "password" ],
+ "requiredApplicationCredentials": [ "totp" ],
+ "requiredOAuthClientCredentials": [ "cert" ],
"users" : [
{
"username" : "bburke@redhat.com",
@@ -65,8 +65,9 @@
"useRealmMappings": true,
"credentials": [
{
- "type": "password",
- "value": "password"
+ "type": "totp",
+ "value": "12345",
+ "device": "67890"
}
]
},
@@ -77,8 +78,9 @@
"useRealmMappings": true,
"credentials": [
{
- "type": "password",
- "value": "password"
+ "type": "totp",
+ "value": "12345",
+ "device": "67890"
}
]
}
diff --git a/social/core/src/main/java/org/keycloak/social/SocialRequestManager.java b/social/core/src/main/java/org/keycloak/social/SocialRequestManager.java
index 684254a..2993a9a 100644
--- a/social/core/src/main/java/org/keycloak/social/SocialRequestManager.java
+++ b/social/core/src/main/java/org/keycloak/social/SocialRequestManager.java
@@ -59,10 +59,11 @@ public class SocialRequestManager {
}
private void pruneExpired() {
+ long currentTime = System.currentTimeMillis();
Iterator<Entry<String, Long>> itr = expires.entrySet().iterator();
while (itr.hasNext()) {
Entry<String, Long> e = itr.next();
- if (e.getValue() < System.currentTimeMillis()) {
+ if (e.getValue() < currentTime) {
itr.remove();
map.remove(e.getKey());
} else {
