keycloak-memoizeit
Changes
examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionCredentialProvider.java 4(+2 -2)
examples/providers/federation-provider/src/main/java/org/keycloak/examples/federation/properties/WritableUserModelProxy.java 65(+0 -65)
examples/providers/federation-provider/src/main/resources/META-INF/services/org.keycloak.models.UserFederationProviderFactory 19(+0 -19)
examples/providers/pom.xml 2(+1 -1)
examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/BasePropertiesStorageFactory.java 115(+16 -99)
examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/BasePropertiesStorageProvider.java 122(+38 -84)
examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/ClasspathPropertiesStorageFactory.java 26(+22 -4)
examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/ClasspathPropertiesStorageProvider.java 64(+18 -46)
examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/FilePropertiesStorageFactory.java 28(+23 -5)
examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/FilePropertiesStorageProvider.java 110(+63 -47)
examples/providers/user-storage-simple/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory 2(+2 -0)
federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java 4(+0 -4)
federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProviderFactory.java 9(+0 -9)
federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProviderFactory.java 8(+0 -8)
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java 3(+0 -3)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedRealm.java 22(+0 -22)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java 15(+3 -12)
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java 14(+0 -14)
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java 309(+0 -309)
model/mongo/src/main/java/org/keycloak/storage/mongo/MongoUserFederatedStorageProvider.java 14(+0 -14)
pom.xml 2(+1 -1)
server-spi-private/src/main/java/org/keycloak/mappers/FederationConfigValidationException.java 47(+0 -47)
server-spi-private/src/main/java/org/keycloak/models/UserFederationEventAwareProviderFactory.java 50(+0 -50)
server-spi-private/src/main/java/org/keycloak/models/UserFederationProviderCreationEventImpl.java 42(+0 -42)
server-spi-private/src/main/java/org/keycloak/models/UserFederationValidatingProviderFactory.java 37(+0 -37)
services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java 459(+0 -459)
services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java 344(+0 -344)
testsuite/integration/pom.xml 2(+1 -1)
testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractKeycloakIdentityProviderTest.java 14(+10 -4)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/AbstractKerberosTest.java 8(+3 -5)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/KerberosStandaloneTest.java 2(+0 -2)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java 4(+2 -2)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/KerberosLdapTest.java 4(+0 -4)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java 8(+4 -4)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java 8(+4 -4)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java 10(+5 -5)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java 14(+7 -7)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java 4(+2 -2)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java 4(+2 -2)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java 20(+10 -10)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java 36(+22 -14)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncFederationTest.java 50(+31 -19)
testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserFederationModelTest.java 175(+0 -175)
testsuite/integration/src/test/java/org/keycloak/testsuite/util/cli/SyncDummyFederationProviderCommand.java 32(+19 -13)
testsuite/integration/src/test/resources/META-INF/services/org.keycloak.models.UserFederationProviderFactory 18(+0 -18)
testsuite/integration/src/test/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory 1(+1 -0)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyConfigurableUserFederationProviderFactory.java 62(+0 -62)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationMapper.java 140(+0 -140)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java 88(+33 -55)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProviderFactory.java 42(+20 -22)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java 12(+4 -8)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/resources/META-INF/services/org.keycloak.mappers.UserFederationMapperFactory 52(+0 -52)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/resources/META-INF/services/org.keycloak.models.UserFederationProviderFactory 36(+0 -36)
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory 1(+1 -0)
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/LDAPTestConfiguration.java 4(+2 -2)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/federation/AbstractKerberosAdapterTest.java 373(+0 -373)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/federation/AbstractKerberosStandaloneAdapterTest.java 122(+0 -122)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageMapperTest.java 1(+0 -1)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageRestTest.java 2(+1 -1)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java 2(+1 -1)
Details
diff --git a/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionCredentialProvider.java b/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionCredentialProvider.java
index 77f3083..9156be1 100644
--- a/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionCredentialProvider.java
+++ b/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionCredentialProvider.java
@@ -78,7 +78,7 @@ public class SecretQuestionCredentialProvider implements CredentialProvider, Cre
creds.get(0).setValue(credInput.getValue());
session.userCredentialManager().updateCredential(realm, user, creds.get(0));
}
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
return true;
}
@@ -86,7 +86,7 @@ public class SecretQuestionCredentialProvider implements CredentialProvider, Cre
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
if (!SECRET_QUESTION.equals(credentialType)) return;
session.userCredentialManager().disableCredentialType(realm, user, credentialType);
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
}
examples/providers/pom.xml 2(+1 -1)
diff --git a/examples/providers/pom.xml b/examples/providers/pom.xml
index 9310fe1..c9be81d 100755
--- a/examples/providers/pom.xml
+++ b/examples/providers/pom.xml
@@ -33,10 +33,10 @@
<modules>
<module>event-listener-sysout</module>
<module>event-store-mem</module>
- <module>federation-provider</module>
<module>authenticator</module>
<module>rest</module>
<module>domain-extension</module>
+ <module>user-storage-simple</module>
<module>user-storage-jpa</module>
</modules>
</project>
diff --git a/examples/providers/user-storage-simple/README.md b/examples/providers/user-storage-simple/README.md
new file mode 100755
index 0000000..6549f8e
--- /dev/null
+++ b/examples/providers/user-storage-simple/README.md
@@ -0,0 +1,19 @@
+Example User Federation Provider
+===================================================
+
+This is an example of user storage backed by a simple properties file. This properties file only contains username/password
+key pairs. To deploy this provider you must have Keycloak running in standalone or standalone-ha mode. Then type the follow maven command:
+
+ mvn clean install wildfly:deploy
+
+
+
+The ClasspathPropertiesStorageProvider is an example of a readonly provider. If you go to the Users/Federation
+ page of the admin console you will see this provider listed under "classpath-properties. To configure this provider you
+specify a classpath to a properties file in the "path" field of the admin page for this plugin. This example includes
+a "test-users.properties" within the JAR that you can use as the variable.
+
+The FilePropertiesStorageProvider is an example of a writable provider. It synchronizes changes made to
+username and password with the properties file. If you go to the Users/Federation page of the admin console you will
+see this provider listed under "file-properties". To configure this provider you specify a fully qualified file path to
+a properties file in the "path" field of the admin page for this plugin.
diff --git a/examples/providers/user-storage-simple/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory b/examples/providers/user-storage-simple/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
new file mode 100644
index 0000000..f203c13
--- /dev/null
+++ b/examples/providers/user-storage-simple/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
@@ -0,0 +1,2 @@
+org.keycloak.examples.federation.properties.ClasspathPropertiesStorageFactory
+org.keycloak.examples.federation.properties.FilePropertiesStorageFactory
\ No newline at end of file
diff --git a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosConfig.java b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosConfig.java
index 83b9837..26badf9 100644
--- a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosConfig.java
+++ b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosConfig.java
@@ -20,9 +20,6 @@ package org.keycloak.federation.kerberos;
import org.keycloak.common.constants.KerberosConstants;
import org.keycloak.component.ComponentModel;
import org.keycloak.models.LDAPConstants;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProvider.EditMode;
/**
diff --git a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java
index c0ce941..fd9a4ab 100755
--- a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java
+++ b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProvider.java
@@ -33,8 +33,6 @@ import org.keycloak.models.ModelReadOnlyException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserManager;
import org.keycloak.storage.UserStorageProvider;
@@ -44,8 +42,6 @@ import org.keycloak.storage.user.UserLookupProvider;
import java.util.Collections;
import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
import java.util.Map;
import java.util.Set;
diff --git a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProviderFactory.java b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProviderFactory.java
index e7aa027..a33a0f1 100755
--- a/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProviderFactory.java
+++ b/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/KerberosFederationProviderFactory.java
@@ -21,28 +21,19 @@ import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.common.constants.KerberosConstants;
import org.keycloak.component.ComponentModel;
-import org.keycloak.component.ComponentValidationException;
import org.keycloak.federation.kerberos.impl.KerberosServerSubjectAuthenticator;
import org.keycloak.federation.kerberos.impl.KerberosUsernamePasswordAuthenticator;
import org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.LDAPConstants;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderConfigurationBuilder;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderFactory;
import org.keycloak.storage.UserStorageProviderModel;
-import java.util.Collections;
-import java.util.Date;
import java.util.List;
-import java.util.Set;
/**
* Factory for standalone Kerberos federation provider. Standalone means that it's not backed by LDAP. For Kerberos backed by LDAP (like MS AD or ApacheDS environment)
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
index 4d91efb..3fd8340 100755
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
@@ -596,7 +596,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
logger.warnf("User with username [%s] aready exists and is linked to provider [%s] but is not valid. Stale LDAP_ID on local user is: %s",
username, model.getName(), user.getFirstAttribute(LDAPConstants.LDAP_ID));
logger.warn("Will re-create user");
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
new UserManager(session).removeUser(realm, user, session.userLocalStorage());
}
}
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java
index 86db2d9..6d4ceb6 100755
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java
@@ -495,7 +495,7 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
if (username != null) {
UserModel existing = session.userLocalStorage().getUserByUsername(username, currentRealm);
if (existing != null) {
- session.getUserCache().evict(currentRealm, existing);
+ session.userCache().evict(currentRealm, existing);
session.userLocalStorage().removeUser(currentRealm, existing);
}
}
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPUtils.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPUtils.java
index 08f00a8..567f15e 100755
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPUtils.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPUtils.java
@@ -19,7 +19,6 @@ package org.keycloak.storage.ldap;
import org.keycloak.component.ComponentModel;
import org.keycloak.component.ComponentValidationException;
-import org.keycloak.mappers.FederationConfigValidationException;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.ModelException;
import org.keycloak.models.RealmModel;
@@ -268,7 +267,7 @@ public class LDAPUtils {
* Validate configured customFilter matches the requested format
*
* @param customFilter
- * @throws FederationConfigValidationException
+ * @throws ComponentValidationException
*/
public static void validateCustomLdapFilter(String customFilter) throws ComponentValidationException {
if (customFilter != null) {
diff --git a/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProvider.java b/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProvider.java
index fcfc97f..a7a05f2 100755
--- a/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProvider.java
+++ b/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProvider.java
@@ -24,15 +24,11 @@ import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.credential.CredentialModel;
import org.keycloak.federation.sssd.api.Sssd;
import org.keycloak.federation.sssd.impl.PAMAuthenticator;
-import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.ModelReadOnlyException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.UserManager;
@@ -40,9 +36,7 @@ import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.user.UserLookupProvider;
-import java.util.Collections;
import java.util.HashSet;
-import java.util.List;
import java.util.Map;
import java.util.Set;
diff --git a/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProviderFactory.java b/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProviderFactory.java
index 6a0fc05..21d8737 100755
--- a/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProviderFactory.java
+++ b/federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProviderFactory.java
@@ -24,18 +24,10 @@ import org.keycloak.federation.sssd.api.Sssd;
import org.keycloak.federation.sssd.impl.PAMAuthenticator;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.storage.UserStorageProviderFactory;
import org.keycloak.storage.UserStorageProviderModel;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Set;
-
/**
* @author <a href="mailto:bruno@abstractj.org">Bruno Oliveira</a>
* @version $Revision: 1 $
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
index b2594ae..85e6689 100644
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RealmResource.java
@@ -172,9 +172,6 @@ public interface RealmResource {
@Path("attack-detection")
AttackDetectionResource attackDetection();
- @Path("user-federation")
- UserFederationProvidersResource userFederation();
-
@Path("testLDAPConnection")
@GET
@NoCache
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedRealm.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedRealm.java
index 5dd4bac..48689e6 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedRealm.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedRealm.java
@@ -33,8 +33,6 @@ import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RequiredCredentialModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderModel;
import java.security.PrivateKey;
import java.security.PublicKey;
@@ -96,12 +94,9 @@ public class CachedRealm extends AbstractExtendableRevisioned {
protected String masterAdminClient;
protected List<RequiredCredentialModel> requiredCredentials;
- protected List<UserFederationProviderModel> userFederationProviders;
protected MultivaluedHashMap<String, ComponentModel> componentsByParent = new MultivaluedHashMap<>();
protected MultivaluedHashMap<String, ComponentModel> componentsByParentAndType = new MultivaluedHashMap<>();
protected Map<String, ComponentModel> components = new HashMap<>();
- protected MultivaluedHashMap<String, UserFederationMapperModel> userFederationMappers = new MultivaluedHashMap<String, UserFederationMapperModel>();
- protected Set<UserFederationMapperModel> userFederationMapperSet;
protected List<IdentityProviderModel> identityProviders;
protected Map<String, String> browserSecurityHeaders;
@@ -187,11 +182,6 @@ public class CachedRealm extends AbstractExtendableRevisioned {
emailTheme = model.getEmailTheme();
requiredCredentials = model.getRequiredCredentials();
- userFederationProviders = model.getUserFederationProviders();
- userFederationMapperSet = model.getUserFederationMappers();
- for (UserFederationMapperModel mapper : userFederationMapperSet) {
- this.userFederationMappers.add(mapper.getFederationProviderId(), mapper);
- }
this.identityProviders = new ArrayList<>();
@@ -462,14 +452,6 @@ public class CachedRealm extends AbstractExtendableRevisioned {
return adminEventsDetailsEnabled;
}
- public List<UserFederationProviderModel> getUserFederationProviders() {
- return userFederationProviders;
- }
-
- public MultivaluedHashMap<String, UserFederationMapperModel> getUserFederationMappers() {
- return userFederationMappers;
- }
-
public List<IdentityProviderModel> getIdentityProviders() {
return identityProviders;
}
@@ -546,10 +528,6 @@ public class CachedRealm extends AbstractExtendableRevisioned {
return clientTemplates;
}
- public Set<UserFederationMapperModel> getUserFederationMapperSet() {
- return userFederationMapperSet;
- }
-
public List<AuthenticationFlowModel> getAuthenticationFlowList() {
return authenticationFlowList;
}
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmAdapter.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmAdapter.java
index 1748e3c..2cca447 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmAdapter.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmAdapter.java
@@ -35,8 +35,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.cache.CachedRealmModel;
import org.keycloak.models.cache.infinispan.entities.CachedRealm;
import org.keycloak.storage.UserStorageProvider;
@@ -635,38 +633,6 @@ public class RealmAdapter implements CachedRealmModel {
}
@Override
- public List<UserFederationProviderModel> getUserFederationProviders() {
- if (isUpdated()) return updated.getUserFederationProviders();
- return cached.getUserFederationProviders();
- }
-
- @Override
- public void setUserFederationProviders(List<UserFederationProviderModel> providers) {
- getDelegateForUpdate();
- updated.setUserFederationProviders(providers);
- }
-
- @Override
- public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync) {
- getDelegateForUpdate();
- return updated.addUserFederationProvider(providerName, config, priority, displayName, fullSyncPeriod, changedSyncPeriod, lastSync);
- }
-
- @Override
- public void removeUserFederationProvider(UserFederationProviderModel provider) {
- getDelegateForUpdate();
- updated.removeUserFederationProvider(provider);
-
- }
-
- @Override
- public void updateUserFederationProvider(UserFederationProviderModel provider) {
- getDelegateForUpdate();
- updated.updateUserFederationProvider(provider);
-
- }
-
- @Override
public String getLoginTheme() {
if (isUpdated()) return updated.getLoginTheme();
return cached.getLoginTheme();
@@ -953,63 +919,6 @@ public class RealmAdapter implements CachedRealmModel {
}
@Override
- public Set<UserFederationMapperModel> getUserFederationMappers() {
- if (isUpdated()) return updated.getUserFederationMappers();
- return cached.getUserFederationMapperSet();
- }
-
- @Override
- public Set<UserFederationMapperModel> getUserFederationMappersByFederationProvider(String federationProviderId) {
- if (isUpdated()) return updated.getUserFederationMappersByFederationProvider(federationProviderId);
- Set<UserFederationMapperModel> mappers = new HashSet<>();
- List<UserFederationMapperModel> list = cached.getUserFederationMappers().getList(federationProviderId);
- for (UserFederationMapperModel entity : list) {
- mappers.add(entity);
- }
- return Collections.unmodifiableSet(mappers);
- }
-
- @Override
- public UserFederationMapperModel addUserFederationMapper(UserFederationMapperModel mapper) {
- getDelegateForUpdate();
- return updated.addUserFederationMapper(mapper);
- }
-
- @Override
- public void removeUserFederationMapper(UserFederationMapperModel mapper) {
- getDelegateForUpdate();
- updated.removeUserFederationMapper(mapper);
- }
-
- @Override
- public void updateUserFederationMapper(UserFederationMapperModel mapper) {
- getDelegateForUpdate();
- updated.updateUserFederationMapper(mapper);
- }
-
- @Override
- public UserFederationMapperModel getUserFederationMapperById(String id) {
- if (isUpdated()) return updated.getUserFederationMapperById(id);
- for (List<UserFederationMapperModel> models : cached.getUserFederationMappers().values()) {
- for (UserFederationMapperModel model : models) {
- if (model.getId().equals(id)) return model;
- }
- }
- return null;
- }
-
- @Override
- public UserFederationMapperModel getUserFederationMapperByName(String federationProviderId, String name) {
- if (isUpdated()) return updated.getUserFederationMapperByName(federationProviderId, name);
- List<UserFederationMapperModel> models = cached.getUserFederationMappers().getList(federationProviderId);
- if (models == null) return null;
- for (UserFederationMapperModel model : models) {
- if (model.getName().equals(name)) return model;
- }
- return null;
- }
-
- @Override
public AuthenticationFlowModel getBrowserFlow() {
if (isUpdated()) return updated.getBrowserFlow();
return cached.getBrowserFlow();
@@ -1333,7 +1242,7 @@ public class RealmAdapter implements CachedRealmModel {
if (parentId != null && !parentId.equals(getId())) {
ComponentModel parent = getComponent(parentId);
if (parent != null && UserStorageProvider.class.getName().equals(parent.getProviderType())) {
- session.getUserCache().evict(this);
+ session.userCache().evict(this);
}
}
}
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
index cb8c0a8..c40ac8c 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
@@ -32,7 +32,6 @@ import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.cache.CachedUserModel;
@@ -53,9 +52,7 @@ import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
-import java.text.DateFormat;
import java.util.Calendar;
-import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
@@ -300,7 +297,7 @@ public class UserCacheSession implements UserCache {
// its also hard to test stuff
boolean invalidate = false;
if (policy != null) {
- String currentTime = DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.FULL).format(new Date(Time.currentTimeMillis()));
+ //String currentTime = DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.FULL).format(new Date(Time.currentTimeMillis()));
if (policy == UserStorageProviderModel.CachePolicy.NO_CACHE) {
invalidate = true;
} else if (cached.getCacheTimestamp() < model.getCacheInvalidBefore()) {
@@ -317,8 +314,8 @@ public class UserCacheSession implements UserCache {
int oneWeek = 7 * 24 * 60 * 60 * 1000;
long weeklyTimeout = weeklyTimeout(model.getEvictionDay(), model.getEvictionHour(), model.getEvictionMinute());
long lastTimeout = weeklyTimeout - oneWeek;
- String timeout = DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.FULL).format(new Date(weeklyTimeout));
- String stamp = DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.FULL).format(new Date(cached.getCacheTimestamp()));
+ //String timeout = DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.FULL).format(new Date(weeklyTimeout));
+ //String stamp = DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.FULL).format(new Date(cached.getCacheTimestamp()));
if (cached.getCacheTimestamp() <= lastTimeout) {
invalidate = true;
}
@@ -853,12 +850,6 @@ public class UserCacheSession implements UserCache {
@Override
- public void preRemove(RealmModel realm, UserFederationProviderModel link) {
- addRealmInvalidation(realm.getId()); // easier to just invalidate whole realm
- getDelegate().preRemove(realm, link);
- }
-
- @Override
public void preRemove(RealmModel realm, ClientModel client) {
addRealmInvalidation(realm.getId()); // easier to just invalidate whole realm
getDelegate().preRemove(realm, client);
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
index 9633f84..d69e021 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
@@ -23,7 +23,6 @@ import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialModel;
import org.keycloak.credential.UserCredentialStore;
import org.keycloak.models.ClientModel;
-import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
@@ -34,8 +33,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.jpa.entities.CredentialAttributeEntity;
@@ -383,12 +380,6 @@ public class JpaUserProvider implements UserProvider, UserCredentialStore {
.setParameter("realmId", realm.getId()).executeUpdate();
}
- @Override
- public void preRemove(RealmModel realm, UserFederationProviderModel link) {
- String linkId = link.getId();
- removeUserDataByLink(realm, linkId);
- }
-
public void removeUserDataByLink(RealmModel realm, String linkId) {
int num = em.createNamedQuery("deleteUserRoleMappingsByRealmAndLink")
.setParameter("realmId", realm.getId())
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index f5b9d7d..b3f58b4 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -31,7 +31,6 @@ import org.keycloak.models.GroupModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ModelException;
import org.keycloak.models.OTPPolicy;
import org.keycloak.models.PasswordPolicy;
@@ -39,9 +38,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderCreationEventImpl;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.jpa.entities.AuthenticationExecutionEntity;
import org.keycloak.models.jpa.entities.AuthenticationFlowEntity;
import org.keycloak.models.jpa.entities.AuthenticatorConfigEntity;
@@ -58,8 +54,6 @@ import org.keycloak.models.jpa.entities.RealmEntity;
import org.keycloak.models.jpa.entities.RequiredActionProviderEntity;
import org.keycloak.models.jpa.entities.RequiredCredentialEntity;
import org.keycloak.models.jpa.entities.RoleEntity;
-import org.keycloak.models.jpa.entities.UserFederationMapperEntity;
-import org.keycloak.models.jpa.entities.UserFederationProviderEntity;
import org.keycloak.models.utils.ComponentUtil;
import org.keycloak.models.utils.KeycloakModelUtils;
@@ -68,7 +62,6 @@ import javax.persistence.TypedQuery;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
-import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -734,194 +727,6 @@ public class RealmAdapter implements RealmModel, JpaModel<RealmEntity> {
}
- private void removeFederationMappersForProvider(String federationProviderId) {
- Set<UserFederationMapperEntity> mappers = getUserFederationMapperEntitiesByFederationProvider(federationProviderId);
- for (UserFederationMapperEntity mapper : mappers) {
- realm.getUserFederationMappers().remove(mapper);
- em.remove(mapper);
- }
- }
-
- @Override
- public List<UserFederationProviderModel> getUserFederationProviders() {
- List<UserFederationProviderEntity> entities = realm.getUserFederationProviders();
- if (entities.isEmpty()) return Collections.EMPTY_LIST;
- List<UserFederationProviderEntity> copy = new ArrayList<UserFederationProviderEntity>();
- for (UserFederationProviderEntity entity : entities) {
- copy.add(entity);
-
- }
- Collections.sort(copy, new Comparator<UserFederationProviderEntity>() {
-
- @Override
- public int compare(UserFederationProviderEntity o1, UserFederationProviderEntity o2) {
- return o1.getPriority() - o2.getPriority();
- }
-
- });
- List<UserFederationProviderModel> result = new ArrayList<UserFederationProviderModel>();
- for (UserFederationProviderEntity entity : copy) {
- result.add(new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority(), entity.getDisplayName(),
- entity.getFullSyncPeriod(), entity.getChangedSyncPeriod(), entity.getLastSync()));
- }
-
- return Collections.unmodifiableList(result);
- }
-
- @Override
- public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync) {
- KeycloakModelUtils.ensureUniqueDisplayName(displayName, null, getUserFederationProviders());
-
- String id = KeycloakModelUtils.generateId();
- UserFederationProviderEntity entity = new UserFederationProviderEntity();
- entity.setId(id);
- entity.setRealm(realm);
- entity.setProviderName(providerName);
- entity.setConfig(config);
- entity.setPriority(priority);
- if (displayName == null) {
- displayName = id;
- }
- entity.setDisplayName(displayName);
- entity.setFullSyncPeriod(fullSyncPeriod);
- entity.setChangedSyncPeriod(changedSyncPeriod);
- entity.setLastSync(lastSync);
- em.persist(entity);
- realm.getUserFederationProviders().add(entity);
- em.flush();
- UserFederationProviderModel providerModel = new UserFederationProviderModel(entity.getId(), providerName, config, priority, displayName, fullSyncPeriod, changedSyncPeriod, lastSync);
-
- session.getKeycloakSessionFactory().publish(new UserFederationProviderCreationEventImpl(this, providerModel));
-
- return providerModel;
- }
-
- @Override
- public void removeUserFederationProvider(UserFederationProviderModel provider) {
- Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
- while (it.hasNext()) {
- UserFederationProviderEntity entity = it.next();
- if (entity.getId().equals(provider.getId())) {
-
- session.users().preRemove(this, provider);
- removeFederationMappersForProvider(provider.getId());
-
- it.remove();
- em.remove(entity);
- return;
- }
- }
- }
- @Override
- public void updateUserFederationProvider(UserFederationProviderModel model) {
- KeycloakModelUtils.ensureUniqueDisplayName(model.getDisplayName(), model, getUserFederationProviders());
-
- Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
- while (it.hasNext()) {
- UserFederationProviderEntity entity = it.next();
- if (entity.getId().equals(model.getId())) {
- String displayName = model.getDisplayName();
- if (displayName != null) {
- entity.setDisplayName(model.getDisplayName());
- }
- entity.setConfig(model.getConfig());
- entity.setPriority(model.getPriority());
- entity.setProviderName(model.getProviderName());
- entity.setPriority(model.getPriority());
- entity.setFullSyncPeriod(model.getFullSyncPeriod());
- entity.setChangedSyncPeriod(model.getChangedSyncPeriod());
- entity.setLastSync(model.getLastSync());
- break;
- }
- }
- }
-
- @Override
- public void setUserFederationProviders(List<UserFederationProviderModel> providers) {
- for (UserFederationProviderModel currentProvider : providers) {
- KeycloakModelUtils.ensureUniqueDisplayName(currentProvider.getDisplayName(), currentProvider, providers);
- }
-
- Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
- while (it.hasNext()) {
- UserFederationProviderEntity entity = it.next();
- boolean found = false;
- for (UserFederationProviderModel model : providers) {
- if (entity.getId().equals(model.getId())) {
- entity.setConfig(model.getConfig());
- entity.setPriority(model.getPriority());
- entity.setProviderName(model.getProviderName());
- String displayName = model.getDisplayName();
- if (displayName != null) {
- entity.setDisplayName(displayName);
- }
- entity.setFullSyncPeriod(model.getFullSyncPeriod());
- entity.setChangedSyncPeriod(model.getChangedSyncPeriod());
- entity.setLastSync(model.getLastSync());
- found = true;
- break;
- }
-
- }
- if (found) continue;
- session.users().preRemove(this, new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority(), entity.getDisplayName(),
- entity.getFullSyncPeriod(), entity.getChangedSyncPeriod(), entity.getLastSync()));
- removeFederationMappersForProvider(entity.getId());
-
- it.remove();
- em.remove(entity);
- }
-
- List<UserFederationProviderModel> add = new LinkedList<>();
- for (UserFederationProviderModel model : providers) {
- boolean found = false;
- for (UserFederationProviderEntity entity : realm.getUserFederationProviders()) {
- if (entity.getId().equals(model.getId())) {
- found = true;
- break;
- }
- }
- if (!found) add.add(model);
- }
-
- for (UserFederationProviderModel model : add) {
- UserFederationProviderEntity entity = new UserFederationProviderEntity();
- if (model.getId() != null) {
- entity.setId(model.getId());
- } else {
- String id = KeycloakModelUtils.generateId();
- entity.setId(id);
- model.setId(id);
- }
- entity.setConfig(model.getConfig());
- entity.setPriority(model.getPriority());
- entity.setProviderName(model.getProviderName());
- entity.setPriority(model.getPriority());
- String displayName = model.getDisplayName();
- if (displayName == null) {
- displayName = entity.getId();
- }
- entity.setDisplayName(displayName);
- entity.setFullSyncPeriod(model.getFullSyncPeriod());
- entity.setChangedSyncPeriod(model.getChangedSyncPeriod());
- entity.setLastSync(model.getLastSync());
- entity.setRealm(realm);
- em.persist(entity);
- realm.getUserFederationProviders().add(entity);
-
- session.getKeycloakSessionFactory().publish(new UserFederationProviderCreationEventImpl(this, model));
- }
- }
-
- protected UserFederationProviderEntity getUserFederationProviderEntityById(String federationProviderId) {
- for (UserFederationProviderEntity entity : realm.getUserFederationProviders()) {
- if (entity.getId().equals(federationProviderId)) {
- return entity;
- }
- }
- return null;
- }
-
@Override
public RoleModel getRole(String name) {
return session.realms().getRealmRole(this, name);
@@ -1403,130 +1208,6 @@ public class RealmAdapter implements RealmModel, JpaModel<RealmEntity> {
}
@Override
- public Set<UserFederationMapperModel> getUserFederationMappers() {
- Collection<UserFederationMapperEntity> entities = this.realm.getUserFederationMappers();
- if (entities.isEmpty()) return Collections.EMPTY_SET;
- Set<UserFederationMapperModel> mappers = new HashSet<>();
- for (UserFederationMapperEntity entity : entities) {
- UserFederationMapperModel mapper = entityToModel(entity);
- mappers.add(mapper);
- }
- return Collections.unmodifiableSet(mappers);
- }
-
- @Override
- public Set<UserFederationMapperModel> getUserFederationMappersByFederationProvider(String federationProviderId) {
- Set<UserFederationMapperEntity> mapperEntities = getUserFederationMapperEntitiesByFederationProvider(federationProviderId);
- if (mapperEntities.isEmpty()) return Collections.EMPTY_SET;
- Set<UserFederationMapperModel> mappers = new HashSet<UserFederationMapperModel>();
- for (UserFederationMapperEntity entity : mapperEntities) {
- UserFederationMapperModel mapper = entityToModel(entity);
- mappers.add(mapper);
- }
- return Collections.unmodifiableSet(mappers);
- }
-
- @Override
- public UserFederationMapperModel addUserFederationMapper(UserFederationMapperModel model) {
- if (getUserFederationMapperByName(model.getFederationProviderId(), model.getName()) != null) {
- throw new ModelDuplicateException("User federation mapper must be unique per federation provider. There is already: " + model.getName());
- }
- String id = KeycloakModelUtils.generateId();
- UserFederationMapperEntity entity = new UserFederationMapperEntity();
- entity.setId(id);
- entity.setName(model.getName());
- entity.setFederationProvider(getUserFederationProviderEntityById(model.getFederationProviderId()));
- entity.setFederationMapperType(model.getFederationMapperType());
- entity.setRealm(this.realm);
- entity.setConfig(model.getConfig());
-
- em.persist(entity);
- this.realm.getUserFederationMappers().add(entity);
- UserFederationMapperModel mapperModel = entityToModel(entity);
-
- return mapperModel;
- }
-
- @Override
- public void removeUserFederationMapper(UserFederationMapperModel mapper) {
- UserFederationMapperEntity toDelete = getUserFederationMapperEntity(mapper.getId());
- if (toDelete != null) {
- this.realm.getUserFederationMappers().remove(toDelete);
- em.remove(toDelete);
- }
- }
-
- protected UserFederationMapperEntity getUserFederationMapperEntity(String id) {
- for (UserFederationMapperEntity entity : this.realm.getUserFederationMappers()) {
- if (entity.getId().equals(id)) {
- return entity;
- }
- }
- return null;
-
- }
-
- protected UserFederationMapperEntity getUserFederationMapperEntityByName(String federationProviderId, String name) {
- for (UserFederationMapperEntity entity : this.realm.getUserFederationMappers()) {
- if (federationProviderId.equals(entity.getFederationProvider().getId()) && entity.getName().equals(name)) {
- return entity;
- }
- }
- return null;
-
- }
-
- protected Set<UserFederationMapperEntity> getUserFederationMapperEntitiesByFederationProvider(String federationProviderId) {
- Set<UserFederationMapperEntity> mappers = new HashSet<UserFederationMapperEntity>();
- for (UserFederationMapperEntity entity : this.realm.getUserFederationMappers()) {
- if (federationProviderId.equals(entity.getFederationProvider().getId())) {
- mappers.add(entity);
- }
- }
- return mappers;
- }
-
- @Override
- public void updateUserFederationMapper(UserFederationMapperModel mapper) {
- UserFederationMapperEntity entity = getUserFederationMapperEntity(mapper.getId());
- entity.setFederationProvider(getUserFederationProviderEntityById(mapper.getFederationProviderId()));
- entity.setFederationMapperType(mapper.getFederationMapperType());
- if (entity.getConfig() == null) {
- entity.setConfig(mapper.getConfig());
- } else {
- entity.getConfig().clear();
- entity.getConfig().putAll(mapper.getConfig());
- }
- em.flush();
- }
-
- @Override
- public UserFederationMapperModel getUserFederationMapperById(String id) {
- UserFederationMapperEntity entity = getUserFederationMapperEntity(id);
- if (entity == null) return null;
- return entityToModel(entity);
- }
-
- @Override
- public UserFederationMapperModel getUserFederationMapperByName(String federationProviderId, String name) {
- UserFederationMapperEntity entity = getUserFederationMapperEntityByName(federationProviderId, name);
- if (entity == null) return null;
- return entityToModel(entity);
- }
-
- protected UserFederationMapperModel entityToModel(UserFederationMapperEntity entity) {
- UserFederationMapperModel mapper = new UserFederationMapperModel();
- mapper.setId(entity.getId());
- mapper.setName(entity.getName());
- mapper.setFederationProviderId(entity.getFederationProvider().getId());
- mapper.setFederationMapperType(entity.getFederationMapperType());
- Map<String, String> config = new HashMap<String, String>();
- if (entity.getConfig() != null) config.putAll(entity.getConfig());
- mapper.setConfig(config);
- return mapper;
- }
-
- @Override
public AuthenticationFlowModel getBrowserFlow() {
String flowId = realm.getBrowserFlow();
if (flowId == null) return null;
diff --git a/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java b/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java
index e1f2bd4..1222872 100644
--- a/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java
@@ -30,18 +30,11 @@ import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider;
-import org.keycloak.storage.federated.UserAttributeFederatedStorage;
-import org.keycloak.storage.federated.UserBrokerLinkFederatedStorage;
-import org.keycloak.storage.federated.UserConsentFederatedStorage;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
-import org.keycloak.storage.federated.UserGroupMembershipFederatedStorage;
-import org.keycloak.storage.federated.UserRequiredActionsFederatedStorage;
-import org.keycloak.storage.federated.UserRoleMappingsFederatedStorage;
import org.keycloak.storage.jpa.entity.BrokerLinkEntity;
import org.keycloak.storage.jpa.entity.FederatedUser;
import org.keycloak.storage.jpa.entity.FederatedUserAttributeEntity;
@@ -795,38 +788,6 @@ public class JpaUserFederatedStorageProvider implements
}
@Override
- public void preRemove(RealmModel realm, UserFederationProviderModel link) {
- int num = em.createNamedQuery("deleteFederatedUserRoleMappingsByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- num = em.createNamedQuery("deleteFederatedUserRequiredActionsByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- num = em.createNamedQuery("deleteBrokerLinkByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- num = em.createNamedQuery("deleteFederatedCredentialAttributeByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- num = em.createNamedQuery("deleteFederatedUserCredentialsByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- num = em.createNamedQuery("deleteUserFederatedAttributesByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- num = em.createNamedQuery("deleteFederatedUsersByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
- }
-
- @Override
public void preRemove(RealmModel realm, RoleModel role) {
em.createNamedQuery("deleteFederatedUserRoleMappingsByRole").setParameter("roleId", role.getId()).executeUpdate();
em.createNamedQuery("deleteFederatedUserRoleMappingsByRole").setParameter("roleId", role.getId()).executeUpdate();
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
index 6ef597e..dd4d7a6 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
@@ -28,7 +28,6 @@ import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext;
import org.keycloak.credential.CredentialModel;
import org.keycloak.credential.UserCredentialStore;
import org.keycloak.models.ClientModel;
-import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
@@ -39,8 +38,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserManager;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
@@ -458,17 +455,6 @@ public class MongoUserProvider implements UserProvider, UserCredentialStore {
}
@Override
- public void preRemove(RealmModel realm, UserFederationProviderModel link) {
- // Remove all users linked with federationProvider and their consents
- DBObject query = new QueryBuilder()
- .and("realmId").is(realm.getId())
- .and("federationLink").is(link.getId())
- .get();
- getMongoStore().removeEntities(MongoUserEntity.class, query, true, invocationContext);
-
- }
-
- @Override
public void preRemove(RealmModel realm, ClientModel client) {
// Remove all role mappings and consents mapped to all roles of this client
for (RoleModel role : client.getRoles()) {
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
index 119c7df..d581710 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@@ -32,7 +32,6 @@ import org.keycloak.models.GroupModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ModelException;
import org.keycloak.models.OTPPolicy;
import org.keycloak.models.PasswordPolicy;
@@ -41,9 +40,6 @@ import org.keycloak.models.RealmProvider;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderCreationEventImpl;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.mongo.keycloak.entities.AuthenticationExecutionEntity;
import org.keycloak.models.mongo.keycloak.entities.AuthenticationFlowEntity;
import org.keycloak.models.mongo.keycloak.entities.AuthenticatorConfigEntity;
@@ -56,15 +52,12 @@ import org.keycloak.models.mongo.keycloak.entities.MongoRealmEntity;
import org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity;
import org.keycloak.models.mongo.keycloak.entities.RequiredActionProviderEntity;
import org.keycloak.models.mongo.keycloak.entities.RequiredCredentialEntity;
-import org.keycloak.models.mongo.keycloak.entities.UserFederationMapperEntity;
-import org.keycloak.models.mongo.keycloak.entities.UserFederationProviderEntity;
import org.keycloak.models.utils.ComponentUtil;
import org.keycloak.models.utils.KeycloakModelUtils;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
-import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -869,183 +862,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
updateRealm();
}
-
- private void removeFederationMappersForProvider(String federationProviderId) {
- Set<UserFederationMapperEntity> mappers = getUserFederationMapperEntitiesByFederationProvider(federationProviderId);
- for (UserFederationMapperEntity mapper : mappers) {
- getMongoEntity().getUserFederationMappers().remove(mapper);
- }
- }
-
- @Override
- public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync) {
- KeycloakModelUtils.ensureUniqueDisplayName(displayName, null, getUserFederationProviders());
-
- UserFederationProviderEntity entity = new UserFederationProviderEntity();
- entity.setId(KeycloakModelUtils.generateId());
- entity.setPriority(priority);
- entity.setProviderName(providerName);
- entity.setConfig(config);
- if (displayName == null) {
- displayName = entity.getId();
- }
- entity.setDisplayName(displayName);
- entity.setFullSyncPeriod(fullSyncPeriod);
- entity.setChangedSyncPeriod(changedSyncPeriod);
- entity.setLastSync(lastSync);
- realm.getUserFederationProviders().add(entity);
- updateRealm();
-
- UserFederationProviderModel providerModel = new UserFederationProviderModel(entity.getId(), providerName, config, priority, displayName, fullSyncPeriod, changedSyncPeriod, lastSync);
-
- session.getKeycloakSessionFactory().publish(new UserFederationProviderCreationEventImpl(this, providerModel));
-
- return providerModel;
- }
-
- @Override
- public void removeUserFederationProvider(UserFederationProviderModel provider) {
- Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
- while (it.hasNext()) {
- UserFederationProviderEntity entity = it.next();
- if (entity.getId().equals(provider.getId())) {
- session.users().preRemove(this, new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority(), entity.getDisplayName(),
- entity.getFullSyncPeriod(), entity.getChangedSyncPeriod(), entity.getLastSync()));
- removeFederationMappersForProvider(provider.getId());
-
- it.remove();
- }
- }
- updateRealm();
- }
- @Override
- public void updateUserFederationProvider(UserFederationProviderModel model) {
- KeycloakModelUtils.ensureUniqueDisplayName(model.getDisplayName(), model, getUserFederationProviders());
-
- Iterator<UserFederationProviderEntity> it = realm.getUserFederationProviders().iterator();
- while (it.hasNext()) {
- UserFederationProviderEntity entity = it.next();
- if (entity.getId().equals(model.getId())) {
- entity.setProviderName(model.getProviderName());
- entity.setConfig(model.getConfig());
- entity.setPriority(model.getPriority());
- String displayName = model.getDisplayName();
- if (displayName != null) {
- entity.setDisplayName(model.getDisplayName());
- }
- entity.setFullSyncPeriod(model.getFullSyncPeriod());
- entity.setChangedSyncPeriod(model.getChangedSyncPeriod());
- entity.setLastSync(model.getLastSync());
- }
- }
- updateRealm();
- }
-
- @Override
- public List<UserFederationProviderModel> getUserFederationProviders() {
- List<UserFederationProviderEntity> entities = realm.getUserFederationProviders();
- if (entities.isEmpty()) return Collections.EMPTY_LIST;
- List<UserFederationProviderEntity> copy = new LinkedList<UserFederationProviderEntity>();
- for (UserFederationProviderEntity entity : entities) {
- copy.add(entity);
-
- }
- Collections.sort(copy, new Comparator<UserFederationProviderEntity>() {
-
- @Override
- public int compare(UserFederationProviderEntity o1, UserFederationProviderEntity o2) {
- return o1.getPriority() - o2.getPriority();
- }
-
- });
- List<UserFederationProviderModel> result = new LinkedList<UserFederationProviderModel>();
- for (UserFederationProviderEntity entity : copy) {
- result.add(new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority(), entity.getDisplayName(),
- entity.getFullSyncPeriod(), entity.getChangedSyncPeriod(), entity.getLastSync()));
- }
-
- return Collections.unmodifiableList(result);
- }
-
- @Override
- public void setUserFederationProviders(List<UserFederationProviderModel> providers) {
- for (UserFederationProviderModel currentProvider : providers) {
- KeycloakModelUtils.ensureUniqueDisplayName(currentProvider.getDisplayName(), currentProvider, providers);
- }
-
- List<UserFederationProviderEntity> existingProviders = realm.getUserFederationProviders();
- List<UserFederationProviderEntity> toRemove = new LinkedList<>();
- for (UserFederationProviderEntity entity : existingProviders) {
- boolean found = false;
- for (UserFederationProviderModel model : providers) {
- if (entity.getId().equals(model.getId())) {
- entity.setConfig(model.getConfig());
- entity.setPriority(model.getPriority());
- entity.setProviderName(model.getProviderName());
- String displayName = model.getDisplayName();
- if (displayName != null) {
- entity.setDisplayName(displayName);
- }
- entity.setFullSyncPeriod(model.getFullSyncPeriod());
- entity.setChangedSyncPeriod(model.getChangedSyncPeriod());
- entity.setLastSync(model.getLastSync());
- found = true;
- break;
- }
-
- }
- if (found) continue;
- session.users().preRemove(this, new UserFederationProviderModel(entity.getId(), entity.getProviderName(), entity.getConfig(), entity.getPriority(), entity.getDisplayName(),
- entity.getFullSyncPeriod(), entity.getChangedSyncPeriod(), entity.getLastSync()));
- removeFederationMappersForProvider(entity.getId());
-
- toRemove.add(entity);
- }
-
- for (UserFederationProviderEntity entity : toRemove) {
- realm.getUserFederationProviders().remove(entity);
- }
-
- List<UserFederationProviderModel> add = new LinkedList<UserFederationProviderModel>();
- for (UserFederationProviderModel model : providers) {
- boolean found = false;
- for (UserFederationProviderEntity entity : realm.getUserFederationProviders()) {
- if (entity.getId().equals(model.getId())) {
- found = true;
- break;
- }
- }
- if (!found) add.add(model);
- }
-
- for (UserFederationProviderModel model : add) {
- UserFederationProviderEntity entity = new UserFederationProviderEntity();
- if (model.getId() != null) {
- entity.setId(model.getId());
- } else {
- String id = KeycloakModelUtils.generateId();
- entity.setId(id);
- model.setId(id);
- }
- entity.setProviderName(model.getProviderName());
- entity.setConfig(model.getConfig());
- entity.setPriority(model.getPriority());
- String displayName = model.getDisplayName();
- if (displayName == null) {
- displayName = entity.getId();
- }
- entity.setDisplayName(displayName);
- entity.setFullSyncPeriod(model.getFullSyncPeriod());
- entity.setChangedSyncPeriod(model.getChangedSyncPeriod());
- entity.setLastSync(model.getLastSync());
- realm.getUserFederationProviders().add(entity);
-
- session.getKeycloakSessionFactory().publish(new UserFederationProviderCreationEventImpl(this, model));
- }
-
- updateRealm();
- }
-
@Override
public boolean isEventsEnabled() {
return realm.isEventsEnabled();
@@ -1760,131 +1576,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
return null;
}
-
-
-
-
- @Override
- public Set<UserFederationMapperModel> getUserFederationMappers() {
- List<UserFederationMapperEntity> entities = getMongoEntity().getUserFederationMappers();
- if (entities.isEmpty()) return Collections.EMPTY_SET;
- Set<UserFederationMapperModel> mappers = new HashSet<UserFederationMapperModel>();
- for (UserFederationMapperEntity entity : entities) {
- UserFederationMapperModel mapper = entityToModel(entity);
- mappers.add(mapper);
- }
- return Collections.unmodifiableSet(mappers);
- }
-
- @Override
- public Set<UserFederationMapperModel> getUserFederationMappersByFederationProvider(String federationProviderId) {
- Set<UserFederationMapperModel> mappers = new HashSet<UserFederationMapperModel>();
- Set<UserFederationMapperEntity> mapperEntities = getUserFederationMapperEntitiesByFederationProvider(federationProviderId);
- for (UserFederationMapperEntity entity : mapperEntities) {
- mappers.add(entityToModel(entity));
- }
- return mappers;
- }
-
- @Override
- public UserFederationMapperModel addUserFederationMapper(UserFederationMapperModel model) {
- if (getUserFederationMapperByName(model.getFederationProviderId(), model.getName()) != null) {
- throw new ModelDuplicateException("User federation mapper must be unique per federation provider. There is already: " + model.getName());
- }
- String id = KeycloakModelUtils.generateId();
- UserFederationMapperEntity entity = new UserFederationMapperEntity();
- entity.setId(id);
- entity.setName(model.getName());
- entity.setFederationProviderId(model.getFederationProviderId());
- entity.setFederationMapperType(model.getFederationMapperType());
- entity.setConfig(model.getConfig());
-
- getMongoEntity().getUserFederationMappers().add(entity);
- updateMongoEntity();
- UserFederationMapperModel mapperModel = entityToModel(entity);
-
- return mapperModel;
- }
-
- protected UserFederationMapperEntity getUserFederationMapperEntity(String id) {
- for (UserFederationMapperEntity entity : getMongoEntity().getUserFederationMappers()) {
- if (entity.getId().equals(id)) {
- return entity;
- }
- }
- return null;
-
- }
-
- protected UserFederationMapperEntity getUserFederationMapperEntityByName(String federationProviderId, String name) {
- for (UserFederationMapperEntity entity : getMongoEntity().getUserFederationMappers()) {
- if (entity.getFederationProviderId().equals(federationProviderId) && entity.getName().equals(name)) {
- return entity;
- }
- }
- return null;
-
- }
-
- protected Set<UserFederationMapperEntity> getUserFederationMapperEntitiesByFederationProvider(String federationProviderId) {
- Set<UserFederationMapperEntity> mappers = new HashSet<UserFederationMapperEntity>();
- for (UserFederationMapperEntity entity : getMongoEntity().getUserFederationMappers()) {
- if (federationProviderId.equals(entity.getFederationProviderId())) {
- mappers.add(entity);
- }
- }
- return mappers;
- }
-
- @Override
- public void removeUserFederationMapper(UserFederationMapperModel mapper) {
- UserFederationMapperEntity toDelete = getUserFederationMapperEntity(mapper.getId());
- if (toDelete != null) {
- this.realm.getUserFederationMappers().remove(toDelete);
- updateMongoEntity();
- }
- }
-
- @Override
- public void updateUserFederationMapper(UserFederationMapperModel mapper) {
- UserFederationMapperEntity entity = getUserFederationMapperEntity(mapper.getId());
- entity.setFederationProviderId(mapper.getFederationProviderId());
- entity.setFederationMapperType(mapper.getFederationMapperType());
- if (entity.getConfig() == null) {
- entity.setConfig(mapper.getConfig());
- } else {
- entity.getConfig().clear();
- entity.getConfig().putAll(mapper.getConfig());
- }
- updateMongoEntity();
- }
-
- @Override
- public UserFederationMapperModel getUserFederationMapperById(String id) {
- UserFederationMapperEntity entity = getUserFederationMapperEntity(id);
- if (entity == null) return null;
- return entityToModel(entity);
- }
-
- @Override
- public UserFederationMapperModel getUserFederationMapperByName(String federationProviderId, String name) {
- UserFederationMapperEntity entity = getUserFederationMapperEntityByName(federationProviderId, name);
- if (entity == null) return null;
- return entityToModel(entity);
- }
-
- protected UserFederationMapperModel entityToModel(UserFederationMapperEntity entity) {
- UserFederationMapperModel mapper = new UserFederationMapperModel();
- mapper.setId(entity.getId());
- mapper.setName(entity.getName());
- mapper.setFederationProviderId(entity.getFederationProviderId());
- mapper.setFederationMapperType(entity.getFederationMapperType());
- Map<String, String> config = new HashMap<String, String>();
- if (entity.getConfig() != null) config.putAll(entity.getConfig());
- mapper.setConfig(config);
- return mapper;
- }
-
@Override
public List<ClientTemplateModel> getClientTemplates() {
DBObject query = new QueryBuilder()
diff --git a/model/mongo/src/main/java/org/keycloak/storage/mongo/MongoUserFederatedStorageProvider.java b/model/mongo/src/main/java/org/keycloak/storage/mongo/MongoUserFederatedStorageProvider.java
index adc681e..a5f66ef 100644
--- a/model/mongo/src/main/java/org/keycloak/storage/mongo/MongoUserFederatedStorageProvider.java
+++ b/model/mongo/src/main/java/org/keycloak/storage/mongo/MongoUserFederatedStorageProvider.java
@@ -33,27 +33,18 @@ import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.mongo.keycloak.entities.CredentialEntity;
import org.keycloak.models.mongo.keycloak.entities.FederatedIdentityEntity;
-import org.keycloak.models.mongo.keycloak.entities.MongoUserEntity;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider;
-import org.keycloak.storage.federated.UserAttributeFederatedStorage;
-import org.keycloak.storage.federated.UserBrokerLinkFederatedStorage;
-import org.keycloak.storage.federated.UserConsentFederatedStorage;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
-import org.keycloak.storage.federated.UserGroupMembershipFederatedStorage;
-import org.keycloak.storage.federated.UserRequiredActionsFederatedStorage;
-import org.keycloak.storage.federated.UserRoleMappingsFederatedStorage;
import org.keycloak.storage.mongo.entity.FederatedUser;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
@@ -221,11 +212,6 @@ public class MongoUserFederatedStorageProvider implements
}
@Override
- public void preRemove(RealmModel realm, UserFederationProviderModel link) {
-
- }
-
- @Override
public void preRemove(RealmModel realm, GroupModel group) {
DBObject query = new QueryBuilder()
.and("groupIds").is(group.getId())
pom.xml 2(+1 -1)
diff --git a/pom.xml b/pom.xml
index 4b84840..277f016 100755
--- a/pom.xml
+++ b/pom.xml
@@ -1296,7 +1296,7 @@
<dependency>
<groupId>org.keycloak</groupId>
- <artifactId>federation-properties-example</artifactId>
+ <artifactId>user-storage-properties-example</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
diff --git a/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java b/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java
index f3242eb..766078d 100755
--- a/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java
+++ b/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java
@@ -110,29 +110,29 @@ public interface KeycloakSession {
*
* @return may be null if cache is disabled
*/
- UserCache getUserCache();
+ UserCache userCache();
/**
- * A cached view of all users in system including deprecated UserFederationProvider SPI
+ * A cached view of all users in system including users loaded by UserStorageProviders
*
* @return
*/
- UserFederationManager users();
+ UserProvider users();
/**
- * Un-cached view of all users in system that does NOT include users available from the deprecated UserFederationProvider SPI.
+ * Un-cached view of all users in system including users loaded by UserStorageProviders
*
* @return
*/
UserProvider userStorageManager();
- UserCredentialManager userCredentialManager();
-
/**
- * A cached view of all users in system that does NOT include users available from the deprecated UserFederationProvider SPI.
+ * Service that allows you to valid and update credentials for a user
+ *
+ * @return
*/
- UserProvider userStorage();
+ UserCredentialManager userCredentialManager();
/**
* Keycloak specific local storage for users. No cache in front, this api talks directly to database configured for Keycloak
diff --git a/server-spi/src/main/java/org/keycloak/models/RealmModel.java b/server-spi/src/main/java/org/keycloak/models/RealmModel.java
index 09720a7..4409b9d 100755
--- a/server-spi/src/main/java/org/keycloak/models/RealmModel.java
+++ b/server-spi/src/main/java/org/keycloak/models/RealmModel.java
@@ -67,11 +67,6 @@ public interface RealmModel extends RoleContainerModel {
KeycloakSession getKeycloakSession();
}
- interface UserFederationProviderCreationEvent extends ProviderEvent {
- UserFederationProviderModel getCreatedFederationProvider();
- RealmModel getRealm();
- }
-
String getId();
String getName();
@@ -310,21 +305,6 @@ public interface RealmModel extends RoleContainerModel {
return list;
}
- // Should return list sorted by UserFederationProviderModel.priority
- List<UserFederationProviderModel> getUserFederationProviders();
- UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync);
- void updateUserFederationProvider(UserFederationProviderModel provider);
- void removeUserFederationProvider(UserFederationProviderModel provider);
- void setUserFederationProviders(List<UserFederationProviderModel> providers);
-
- Set<UserFederationMapperModel> getUserFederationMappers();
- Set<UserFederationMapperModel> getUserFederationMappersByFederationProvider(String federationProviderId);
- UserFederationMapperModel addUserFederationMapper(UserFederationMapperModel mapper);
- void removeUserFederationMapper(UserFederationMapperModel mapper);
- void updateUserFederationMapper(UserFederationMapperModel mapper);
- UserFederationMapperModel getUserFederationMapperById(String id);
- UserFederationMapperModel getUserFederationMapperByName(String federationProviderId, String name);
-
String getLoginTheme();
void setLoginTheme(String name);
diff --git a/server-spi/src/main/java/org/keycloak/models/UserProvider.java b/server-spi/src/main/java/org/keycloak/models/UserProvider.java
index b8b240e..924470d 100755
--- a/server-spi/src/main/java/org/keycloak/models/UserProvider.java
+++ b/server-spi/src/main/java/org/keycloak/models/UserProvider.java
@@ -67,8 +67,6 @@ public interface UserProvider extends Provider,
UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions);
void preRemove(RealmModel realm);
- void preRemove(RealmModel realm, UserFederationProviderModel link);
-
void preRemove(RealmModel realm, RoleModel role);
void preRemove(RealmModel realm, GroupModel group);
diff --git a/server-spi/src/main/java/org/keycloak/storage/adapter/AbstractUserAdapter.java b/server-spi/src/main/java/org/keycloak/storage/adapter/AbstractUserAdapter.java
index c159020..b0d7ca3 100644
--- a/server-spi/src/main/java/org/keycloak/storage/adapter/AbstractUserAdapter.java
+++ b/server-spi/src/main/java/org/keycloak/storage/adapter/AbstractUserAdapter.java
@@ -27,6 +27,7 @@ import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.DefaultRoles;
import org.keycloak.models.utils.RoleUtils;
+import org.keycloak.storage.ReadOnlyException;
import org.keycloak.storage.StorageId;
import java.util.Collections;
@@ -49,11 +50,6 @@ import java.util.Set;
* @version $Revision: 1 $
*/
public abstract class AbstractUserAdapter implements UserModel {
- public static class ReadOnlyException extends RuntimeException {
- public ReadOnlyException(String message) {
- super(message);
- }
- }
protected KeycloakSession session;
protected RealmModel realm;
protected ComponentModel storageProviderModel;
diff --git a/server-spi/src/main/java/org/keycloak/storage/federated/UserFederatedStorageProvider.java b/server-spi/src/main/java/org/keycloak/storage/federated/UserFederatedStorageProvider.java
index 12847bc..1d12d36 100755
--- a/server-spi/src/main/java/org/keycloak/storage/federated/UserFederatedStorageProvider.java
+++ b/server-spi/src/main/java/org/keycloak/storage/federated/UserFederatedStorageProvider.java
@@ -23,7 +23,6 @@ import org.keycloak.models.GroupModel;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.provider.Provider;
@@ -47,8 +46,6 @@ public interface UserFederatedStorageProvider extends Provider,
void preRemove(RealmModel realm);
- void preRemove(RealmModel realm, UserFederationProviderModel link);
-
void preRemove(RealmModel realm, GroupModel group);
void preRemove(RealmModel realm, RoleModel role);
diff --git a/server-spi/src/main/java/org/keycloak/storage/user/ImportedUserValidation.java b/server-spi/src/main/java/org/keycloak/storage/user/ImportedUserValidation.java
index d4d29cb..0ceec66 100644
--- a/server-spi/src/main/java/org/keycloak/storage/user/ImportedUserValidation.java
+++ b/server-spi/src/main/java/org/keycloak/storage/user/ImportedUserValidation.java
@@ -20,9 +20,19 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
/**
+ * If your UserStorageProvider is importing users into local storage, you can validate that import whenever the
+ * user is queried from local storage.
+ *
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface ImportedUserValidation {
- UserModel validate(RealmModel realmm, UserModel user);
+ /**
+ * If this method returns null, then the user storage in local storage will be removed
+ *
+ * @param realm
+ * @param user
+ * @return null if user no longer valid
+ */
+ UserModel validate(RealmModel realm, UserModel user);
}
diff --git a/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java b/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java
index a21aa65..205d17c 100755
--- a/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java
+++ b/server-spi-private/src/main/java/org/keycloak/migration/MigrationModelManager.java
@@ -42,14 +42,14 @@ public class MigrationModelManager {
private static Logger logger = Logger.getLogger(MigrationModelManager.class);
private static final Migration[] migrations = {
- new MigrateTo1_2_0(),
- new MigrateTo1_3_0(),
- new MigrateTo1_4_0(),
- new MigrateTo1_5_0(),
- new MigrateTo1_6_0(),
- new MigrateTo1_7_0(),
- new MigrateTo1_8_0(),
- new MigrateTo1_9_0(),
+ new MigrateTo1_2_0(),
+ new MigrateTo1_3_0(),
+ new MigrateTo1_4_0(),
+ new MigrateTo1_5_0(),
+ new MigrateTo1_6_0(),
+ new MigrateTo1_7_0(),
+ new MigrateTo1_8_0(),
+ new MigrateTo1_9_0(),
new MigrateTo1_9_2(),
new MigrateTo2_0_0(),
new MigrateTo2_1_0(),
diff --git a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java
index 2b03f6e..cda91a4 100755
--- a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java
+++ b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_3_0.java
@@ -17,15 +17,16 @@
package org.keycloak.migration.migrators;
+import org.keycloak.common.util.MultivaluedHashMap;
+import org.keycloak.component.ComponentFactory;
+import org.keycloak.component.ComponentModel;
import org.keycloak.migration.ModelVersion;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationEventAwareProviderFactory;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
-import org.keycloak.models.UserFederationProviderModel;
+import org.keycloak.provider.ProviderFactory;
+import org.keycloak.storage.UserStorageProvider;
+import org.keycloak.storage.UserStorageProviderModel;
import javax.naming.directory.SearchControls;
import java.util.List;
@@ -37,7 +38,6 @@ import java.util.Set;
* @version $Revision: 1 $
*/
public class MigrateTo1_3_0 implements Migration {
-
public static final ModelVersion VERSION = new ModelVersion("1.3.0");
public ModelVersion getVersion() {
@@ -53,44 +53,45 @@ public class MigrateTo1_3_0 implements Migration {
}
private void migrateLDAPProviders(KeycloakSession session, RealmModel realm) {
- List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
- for (UserFederationProviderModel fedProvider : federationProviders) {
+ List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
+ for (UserStorageProviderModel fedProvider : federationProviders) {
- if (fedProvider.getProviderName().equals(LDAPConstants.LDAP_PROVIDER)) {
- Map<String, String> config = fedProvider.getConfig();
+ if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
+ fedProvider = new UserStorageProviderModel(fedProvider); // copy don't want to muck with cache
+ MultivaluedHashMap<String, String> config = fedProvider.getConfig();
- // Update config properties for LDAP federated provider
+ // Update config properties for LDAP federation provider
if (config.get(LDAPConstants.SEARCH_SCOPE) == null) {
- config.put(LDAPConstants.SEARCH_SCOPE, String.valueOf(SearchControls.SUBTREE_SCOPE));
+ config.putSingle(LDAPConstants.SEARCH_SCOPE, String.valueOf(SearchControls.SUBTREE_SCOPE));
}
- String usersDn = config.remove("userDnSuffix");
- if (usersDn != null && config.get(LDAPConstants.USERS_DN) == null) {
+ List<String> usersDn = config.remove("userDnSuffix");
+ if (usersDn != null && !usersDn.isEmpty() && config.getFirst(LDAPConstants.USERS_DN) == null) {
config.put(LDAPConstants.USERS_DN, usersDn);
}
- String usernameLdapAttribute = config.get(LDAPConstants.USERNAME_LDAP_ATTRIBUTE);
- if (usernameLdapAttribute != null && config.get(LDAPConstants.RDN_LDAP_ATTRIBUTE) == null) {
+ String usernameLdapAttribute = config.getFirst(LDAPConstants.USERNAME_LDAP_ATTRIBUTE);
+ if (usernameLdapAttribute != null && config.getFirst(LDAPConstants.RDN_LDAP_ATTRIBUTE) == null) {
if (usernameLdapAttribute.equalsIgnoreCase(LDAPConstants.SAM_ACCOUNT_NAME)) {
- config.put(LDAPConstants.RDN_LDAP_ATTRIBUTE, LDAPConstants.CN);
+ config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, LDAPConstants.CN);
} else {
- config.put(LDAPConstants.RDN_LDAP_ATTRIBUTE, usernameLdapAttribute);
+ config.putSingle(LDAPConstants.RDN_LDAP_ATTRIBUTE, usernameLdapAttribute);
}
}
- if (config.get(LDAPConstants.UUID_LDAP_ATTRIBUTE) == null) {
- String uuidAttrName = LDAPConstants.getUuidAttributeName(config.get(LDAPConstants.VENDOR));
- config.put(LDAPConstants.UUID_LDAP_ATTRIBUTE, uuidAttrName);
+ if (config.getFirst(LDAPConstants.UUID_LDAP_ATTRIBUTE) == null) {
+ String uuidAttrName = LDAPConstants.getUuidAttributeName(config.getFirst(LDAPConstants.VENDOR));
+ config.putSingle(LDAPConstants.UUID_LDAP_ATTRIBUTE, uuidAttrName);
}
- realm.updateUserFederationProvider(fedProvider);
+ realm.updateComponent(fedProvider);
// Create default mappers for LDAP
- Set<UserFederationMapperModel> mappers = realm.getUserFederationMappersByFederationProvider(fedProvider.getId());
+ List<ComponentModel> mappers = realm.getComponents(fedProvider.getId());
if (mappers.isEmpty()) {
- UserFederationProviderFactory ldapFactory = (UserFederationProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, LDAPConstants.LDAP_PROVIDER);
+ ProviderFactory ldapFactory = session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, LDAPConstants.LDAP_PROVIDER);
if (ldapFactory != null) {
- ((UserFederationEventAwareProviderFactory) ldapFactory).onProviderModelCreated(realm, fedProvider);
+ ((ComponentFactory) ldapFactory).onCreate(session, realm, fedProvider);
}
}
}
diff --git a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java
index 9f28f91..766540d 100755
--- a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java
+++ b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_4_0.java
@@ -17,15 +17,17 @@
package org.keycloak.migration.migrators;
+import org.keycloak.component.ComponentModel;
import org.keycloak.migration.ModelVersion;
import org.keycloak.models.ImpersonationConstants;
import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.LDAPConstants;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationMapperModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.DefaultAuthenticationFlows;
import org.keycloak.models.utils.DefaultRequiredActions;
import org.keycloak.models.utils.KeycloakModelUtils;
+import org.keycloak.storage.UserStorageProviderModel;
import java.util.Arrays;
import java.util.List;
@@ -36,7 +38,6 @@ import java.util.List;
*/
public class MigrateTo1_4_0 implements Migration {
public static final ModelVersion VERSION = new ModelVersion("1.4.0");
-
public ModelVersion getVersion() {
return VERSION;
}
@@ -58,21 +59,29 @@ public class MigrateTo1_4_0 implements Migration {
private void migrateLDAPMappers(KeycloakSession session, RealmModel realm) {
List<String> mandatoryInLdap = Arrays.asList("username", "username-cn", "first name", "last name");
- for (UserFederationMapperModel ldapMapper : realm.getUserFederationMappers()) {
- if (mandatoryInLdap.contains(ldapMapper.getName())) {
- ldapMapper.getConfig().put("is.mandatory.in.ldap", "true");
- realm.updateUserFederationMapper(ldapMapper);
+ for (UserStorageProviderModel providerModel : realm.getUserStorageProviders()) {
+ if (providerModel.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
+ List<ComponentModel> mappers = realm.getComponents(providerModel.getId());
+ for (ComponentModel mapper : mappers) {
+ if (mandatoryInLdap.contains(mapper.getName())) {
+ mapper = new ComponentModel(mapper); // don't want to modify cache
+ mapper.getConfig().putSingle("is.mandatory.in.ldap", "true");
+ realm.updateComponent(mapper);
+ }
+
+ }
}
}
}
private void migrateUsers(KeycloakSession session, RealmModel realm) {
- List<UserModel> users = session.userStorage().getUsers(realm, false);
+ List<UserModel> users = session.userLocalStorage().getUsers(realm, false);
for (UserModel user : users) {
String email = user.getEmail();
email = KeycloakModelUtils.toLowerCaseSafe(email);
if (email != null && !email.equals(user.getEmail())) {
user.setEmail(email);
+ session.userCache().evict(realm, user);
}
}
}
diff --git a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java
index 79fb02c..3c5d4d9 100644
--- a/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java
+++ b/server-spi-private/src/main/java/org/keycloak/migration/migrators/MigrateTo1_8_0.java
@@ -17,13 +17,14 @@
package org.keycloak.migration.migrators;
+import org.keycloak.common.util.MultivaluedHashMap;
+import org.keycloak.component.ComponentModel;
import org.keycloak.migration.ModelVersion;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.utils.KeycloakModelUtils;
+import org.keycloak.storage.UserStorageProviderModel;
import java.util.List;
import java.util.Map;
@@ -39,22 +40,21 @@ public class MigrateTo1_8_0 implements Migration {
return VERSION;
}
+
public void migrate(KeycloakSession session) {
List<RealmModel> realms = session.realms().getRealms();
for (RealmModel realm : realms) {
- List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
- for (UserFederationProviderModel fedProvider : federationProviders) {
-
- if (fedProvider.getProviderName().equals(LDAPConstants.LDAP_PROVIDER)) {
- Map<String, String> config = fedProvider.getConfig();
+ List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
+ for (UserStorageProviderModel fedProvider : federationProviders) {
- if (isActiveDirectory(config)) {
+ if (fedProvider.getProviderId().equals(LDAPConstants.LDAP_PROVIDER)) {
+ if (isActiveDirectory(fedProvider)) {
// Create mapper for MSAD account controls
- if (realm.getUserFederationMapperByName(fedProvider.getId(), "MSAD account controls") == null) {
- UserFederationMapperModel mapperModel = KeycloakModelUtils.createUserFederationMapperModel("MSAD account controls", fedProvider.getId(), LDAPConstants.MSAD_USER_ACCOUNT_CONTROL_MAPPER);
- realm.addUserFederationMapper(mapperModel);
+ if (getMapperByName(realm, fedProvider, "MSAD account controls") == null) {
+ ComponentModel mapperModel = KeycloakModelUtils.createComponentModel("MSAD account controls", fedProvider.getId(), LDAPConstants.MSAD_USER_ACCOUNT_CONTROL_MAPPER, "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
+ realm.addComponentModel(mapperModel);
}
}
}
@@ -63,8 +63,19 @@ public class MigrateTo1_8_0 implements Migration {
}
}
- private boolean isActiveDirectory(Map<String, String> ldapConfig) {
- String vendor = ldapConfig.get(LDAPConstants.VENDOR);
+ public static ComponentModel getMapperByName(RealmModel realm, ComponentModel providerModel, String name) {
+ List<ComponentModel> components = realm.getComponents(providerModel.getId(), "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
+ for (ComponentModel component : components) {
+ if (component.getName().equals(name)) {
+ return component;
+ }
+ }
+ return null;
+ }
+
+
+ private boolean isActiveDirectory(UserStorageProviderModel provider) {
+ String vendor = provider.getConfig().getFirst(LDAPConstants.VENDOR);
return vendor != null && vendor.equals(LDAPConstants.VENDOR_ACTIVE_DIRECTORY);
}
}
diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java b/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
index e265233..c0f28db 100755
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
@@ -22,11 +22,8 @@ import org.keycloak.broker.social.SocialIdentityProviderFactory;
import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.CertificateUtils;
import org.keycloak.common.util.KeyUtils;
-import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.PemUtils;
-import org.keycloak.component.ComponentFactory;
import org.keycloak.component.ComponentModel;
-import org.keycloak.keys.KeyProvider;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.ClientModel;
@@ -38,19 +35,12 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.KeycloakTransaction;
-import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
-import org.keycloak.provider.Provider;
-import org.keycloak.provider.ProviderFactory;
import org.keycloak.representations.idm.CertificateRepresentation;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.transaction.JtaTransactionManagerLookup;
@@ -61,20 +51,15 @@ import javax.transaction.SystemException;
import javax.transaction.Transaction;
import java.security.Key;
import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Collections;
-import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
-import java.util.Map;
import java.util.Set;
import java.util.UUID;
-import java.util.stream.StreamSupport;
/**
* Set of helper methods, which are useful in various model implementations.
@@ -259,51 +244,6 @@ public final class KeycloakModelUtils {
// USER FEDERATION RELATED STUFF
- /**
- * Ensure that displayName of myProvider (if not null) is unique and there is no other provider with same displayName in the list.
- *
- * @param displayName to check for duplications
- * @param myProvider provider, which is excluded from the list (if present)
- * @param federationProviders
- * @throws ModelDuplicateException if there is other provider with same displayName
- */
- public static void ensureUniqueDisplayName(String displayName, UserFederationProviderModel myProvider, List<UserFederationProviderModel> federationProviders) throws ModelDuplicateException {
- if (displayName != null) {
-
- for (UserFederationProviderModel federationProvider : federationProviders) {
- if (myProvider != null && (myProvider.equals(federationProvider) || (myProvider.getId() != null && myProvider.getId().equals(federationProvider.getId())))) {
- continue;
- }
-
- if (displayName.equals(federationProvider.getDisplayName())) {
- throw new ModelDuplicateException("There is already existing federation provider with display name: " + displayName);
- }
- }
- }
- }
-
-
- public static UserFederationProviderModel findUserFederationProviderByDisplayName(String displayName, RealmModel realm) {
- if (displayName == null) {
- return null;
- }
-
- for (UserFederationProviderModel fedProvider : realm.getUserFederationProviders()) {
- if (displayName.equals(fedProvider.getDisplayName())) {
- return fedProvider;
- }
- }
- return null;
- }
-
- public static UserFederationProviderModel findUserFederationProviderById(String fedProviderId, RealmModel realm) {
- for (UserFederationProviderModel fedProvider : realm.getUserFederationProviders()) {
- if (fedProviderId.equals(fedProvider.getId())) {
- return fedProvider;
- }
- }
- return null;
- }
public static UserStorageProviderModel findUserStorageProviderByName(String displayName, RealmModel realm) {
if (displayName == null) {
@@ -351,41 +291,6 @@ public final class KeycloakModelUtils {
}
-
- public static UserFederationMapperModel createUserFederationMapperModel(String name, String federationProviderId, String mapperType, String... config) {
- UserFederationMapperModel mapperModel = new UserFederationMapperModel();
- mapperModel.setName(name);
- mapperModel.setFederationProviderId(federationProviderId);
- mapperModel.setFederationMapperType(mapperType);
-
- Map<String, String> configMap = new HashMap<>();
- String key = null;
- for (String configEntry : config) {
- if (key == null) {
- key = configEntry;
- } else {
- configMap.put(key, configEntry);
- key = null;
- }
- }
- if (key != null) {
- throw new IllegalStateException("Invalid count of arguments for config. Maybe mistake?");
- }
- mapperModel.setConfig(configMap);
-
- return mapperModel;
- }
-
- public static UserFederationProviderFactory getFederationProviderFactory(KeycloakSession session, UserFederationProviderModel model) {
- return (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, model.getProviderName());
- }
-
- public static UserFederationProvider getFederationProviderInstance(KeycloakSession session, UserFederationProviderModel model) {
- UserFederationProviderFactory factory = getFederationProviderFactory(session, model);
- return factory.getInstance(session, model);
-
- }
-
// END USER FEDERATION RELATED STUFF
public static String toLowerCaseSafe(String str) {
diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
index bf4a6dc..26a30b4 100755
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -52,8 +52,6 @@ import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.provider.ProviderConfigProperty;
@@ -78,8 +76,6 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserConsentRepresentation;
-import org.keycloak.representations.idm.UserFederationMapperRepresentation;
-import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
@@ -352,8 +348,6 @@ public class ModelToRepresentation {
}
}
- exportUserFederationProvidersAndMappers(realm, rep);
-
for (IdentityProviderModel provider : realm.getIdentityProviders()) {
rep.addIdentityProvider(toRepresentation(realm, provider));
}
@@ -384,23 +378,7 @@ public class ModelToRepresentation {
return rep;
}
- public static void exportUserFederationProvidersAndMappers(RealmModel realm, RealmRepresentation rep) {
- List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders();
- if (fedProviderModels.size() > 0) {
- List<UserFederationProviderRepresentation> fedProviderReps = new ArrayList<UserFederationProviderRepresentation>();
- for (UserFederationProviderModel model : fedProviderModels) {
- UserFederationProviderRepresentation fedProvRep = toRepresentation(model);
- fedProviderReps.add(fedProvRep);
- }
- rep.setUserFederationProviders(fedProviderReps);
- }
-
- for (UserFederationMapperModel mapper : realm.getUserFederationMappers()) {
- rep.addUserFederationMapper(toRepresentation(realm, mapper));
- }
- }
-
- public static void exportGroups(RealmModel realm, RealmRepresentation rep) {
+ public static void exportGroups(RealmModel realm, RealmRepresentation rep) {
List<GroupRepresentation> groups = toGroupHierarchy(realm, true);
rep.setGroups(groups);
}
@@ -592,37 +570,6 @@ public class ModelToRepresentation {
return rep;
}
- public static UserFederationProviderRepresentation toRepresentation(UserFederationProviderModel model) {
- UserFederationProviderRepresentation rep = new UserFederationProviderRepresentation();
- rep.setId(model.getId());
- rep.setConfig(model.getConfig());
- rep.setProviderName(model.getProviderName());
- rep.setPriority(model.getPriority());
- rep.setDisplayName(model.getDisplayName());
- rep.setFullSyncPeriod(model.getFullSyncPeriod());
- rep.setChangedSyncPeriod(model.getChangedSyncPeriod());
- rep.setLastSync(model.getLastSync());
- return rep;
- }
-
- public static UserFederationMapperRepresentation toRepresentation(RealmModel realm, UserFederationMapperModel model) {
- UserFederationMapperRepresentation rep = new UserFederationMapperRepresentation();
- rep.setId(model.getId());
- rep.setName(model.getName());
- rep.setFederationMapperType(model.getFederationMapperType());
- Map<String, String> config = new HashMap<String, String>();
- config.putAll(model.getConfig());
- rep.setConfig(config);
-
- UserFederationProviderModel fedProvider = KeycloakModelUtils.findUserFederationProviderById(model.getFederationProviderId(), realm);
- if (fedProvider == null) {
- throw new ModelException("Couldn't find federation provider with ID " + model.getId());
- }
- rep.setFederationProviderDisplayName(fedProvider.getDisplayName());
-
- return rep;
- }
-
public static IdentityProviderRepresentation toRepresentation(RealmModel realm, IdentityProviderModel identityProviderModel) {
IdentityProviderRepresentation providerRep = new IdentityProviderRepresentation();
diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java b/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
index 262503f..75f46f5 100755
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
@@ -62,8 +62,6 @@ import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.idm.ApplicationRepresentation;
@@ -113,7 +111,6 @@ import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import java.util.Set;
-import java.util.TreeSet;
import java.util.function.Function;
import java.util.stream.Collectors;
@@ -367,46 +364,21 @@ public class RepresentationToModel {
mapperConvertSet.put(LDAPConstants.LDAP_PROVIDER, "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
- List<UserFederationProviderModel> providerModels = null;
Map<String, ComponentModel> userStorageModels = new HashMap<>();
if (rep.getUserFederationProviders() != null) {
- providerModels = new LinkedList<>();
for (UserFederationProviderRepresentation fedRep : rep.getUserFederationProviders()) {
if (convertSet.contains(fedRep.getProviderName())) {
ComponentModel component = convertFedProviderToComponent(newRealm.getId(), fedRep);
userStorageModels.put(fedRep.getDisplayName(), newRealm.importComponentModel(component));
- } else {
- providerModels.add(convertFederationProvider(fedRep));
}
-
}
- newRealm.setUserFederationProviders(providerModels);
}
// This is for case, when you have hand-written JSON file with LDAP userFederationProvider, but WITHOUT any userFederationMappers configured. Default LDAP mappers need to be created in that case.
Set<String> storageProvidersWhichShouldImportDefaultMappers = new HashSet<>(userStorageModels.keySet());
if (rep.getUserFederationMappers() != null) {
-
- // Remove builtin mappers for federation providers, which have some mappers already provided in JSON (likely due to previous export)
- if (rep.getUserFederationProviders() != null) {
- Set<String> providerNames = new TreeSet<String>();
- for (UserFederationMapperRepresentation representation : rep.getUserFederationMappers()) {
- providerNames.add(representation.getFederationProviderDisplayName());
- }
- for (String providerName : providerNames) {
- for (UserFederationProviderModel providerModel : providerModels) {
- if (providerName.equals(providerModel.getDisplayName())) {
- Set<UserFederationMapperModel> toDelete = newRealm.getUserFederationMappersByFederationProvider(providerModel.getId());
- for (UserFederationMapperModel mapperModel : toDelete) {
- newRealm.removeUserFederationMapper(mapperModel);
- }
- }
- }
- }
- }
-
for (UserFederationMapperRepresentation representation : rep.getUserFederationMappers()) {
if (userStorageModels.containsKey(representation.getFederationProviderDisplayName())) {
ComponentModel parent = userStorageModels.get(representation.getFederationProviderDisplayName());
@@ -417,8 +389,6 @@ public class RepresentationToModel {
storageProvidersWhichShouldImportDefaultMappers.remove(representation.getFederationProviderDisplayName());
- } else {
- newRealm.addUserFederationMapper(toModel(newRealm, representation));
}
}
}
@@ -865,11 +835,6 @@ public class RepresentationToModel {
realm.setBrowserSecurityHeaders(rep.getBrowserSecurityHeaders());
}
- if (rep.getUserFederationProviders() != null) {
- List<UserFederationProviderModel> providerModels = convertFederationProviders(rep.getUserFederationProviders());
- realm.setUserFederationProviders(providerModels);
- }
-
if(rep.isInternationalizationEnabled() != null){
realm.setInternationalizationEnabled(rep.isInternationalizationEnabled());
}
@@ -899,22 +864,6 @@ public class RepresentationToModel {
// Basic realm stuff
- private static List<UserFederationProviderModel> convertFederationProviders(List<UserFederationProviderRepresentation> providers) {
- List<UserFederationProviderModel> result = new ArrayList<UserFederationProviderModel>();
-
- for (UserFederationProviderRepresentation representation : providers) {
- UserFederationProviderModel model = convertFederationProvider(representation);
- result.add(model);
- }
- return result;
- }
-
- private static UserFederationProviderModel convertFederationProvider(UserFederationProviderRepresentation representation) {
- return new UserFederationProviderModel(representation.getId(), representation.getProviderName(),
- representation.getConfig(), representation.getPriority(), representation.getDisplayName(),
- representation.getFullSyncPeriod(), representation.getChangedSyncPeriod(), representation.getLastSync());
- }
-
public static ComponentModel convertFedProviderToComponent(String realmId, UserFederationProviderRepresentation fedModel) {
UserStorageProviderModel model = new UserStorageProviderModel();
model.setId(fedModel.getId());
@@ -950,23 +899,6 @@ public class RepresentationToModel {
}
- public static UserFederationMapperModel toModel(RealmModel realm, UserFederationMapperRepresentation rep) {
- UserFederationMapperModel model = new UserFederationMapperModel();
- model.setId(rep.getId());
- model.setName(rep.getName());
- model.setFederationMapperType(rep.getFederationMapperType());
- model.setConfig(rep.getConfig());
-
- UserFederationProviderModel fedProvider = KeycloakModelUtils.findUserFederationProviderByDisplayName(rep.getFederationProviderDisplayName(), realm);
- if (fedProvider == null) {
- throw new ModelException("Couldn't find federation provider with display name [" + rep.getFederationProviderDisplayName() + "] referenced from mapper ["
- + rep.getName());
- }
- model.setFederationProviderId(fedProvider.getId());
-
- return model;
- }
-
// Roles
public static void createRole(RealmModel newRealm, RoleRepresentation roleRep) {
@@ -1415,7 +1347,7 @@ public class RepresentationToModel {
convertDeprecatedSocialProviders(userRep);
// Import users just to user storage. Don't federate
- UserModel user = session.userStorage().addUser(newRealm, userRep.getId(), userRep.getUsername(), false, false);
+ UserModel user = session.userLocalStorage().addUser(newRealm, userRep.getId(), userRep.getUsername(), false, false);
user.setEnabled(userRep.isEnabled() != null && userRep.isEnabled());
user.setCreatedTimestamp(userRep.getCreatedTimestamp());
user.setEmail(userRep.getEmail());
@@ -1447,7 +1379,7 @@ public class RepresentationToModel {
if (userRep.getClientConsents() != null) {
for (UserConsentRepresentation consentRep : userRep.getClientConsents()) {
UserConsentModel consentModel = toModel(newRealm, consentRep);
- session.userStorage().addConsent(newRealm, user.getId(), consentModel);
+ session.users().addConsent(newRealm, user.getId(), consentModel);
}
}
if (userRep.getServiceAccountClientId() != null) {
diff --git a/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index bbd588e..0ddc9da 100755
--- a/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -15,10 +15,8 @@
# limitations under the License.
#
-org.keycloak.models.UserFederationSpi
org.keycloak.storage.UserStorageProviderSpi
org.keycloak.storage.federated.UserFederatedStorageProviderSpi
-org.keycloak.mappers.UserFederationMapperSpi
org.keycloak.models.RealmSpi
org.keycloak.models.UserSessionSpi
org.keycloak.models.UserSpi
diff --git a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
index 49eab24..c1cb821 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
@@ -30,8 +30,8 @@ import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationManager;
import org.keycloak.models.UserModel;
+import org.keycloak.models.UserProvider;
import org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.services.ErrorResponse;
@@ -93,7 +93,7 @@ public class ResourceSetService {
if (!resourceServer.getClientId().equals(ownerId)) {
RealmModel realm = authorization.getRealm();
KeycloakSession keycloakSession = authorization.getKeycloakSession();
- UserFederationManager users = keycloakSession.users();
+ UserProvider users = keycloakSession.users();
UserModel ownerModel = users.getUserById(ownerId, realm);
if (ownerModel == null) {
diff --git a/services/src/main/java/org/keycloak/credential/OTPCredentialProvider.java b/services/src/main/java/org/keycloak/credential/OTPCredentialProvider.java
index 9635146..4bae7ee 100644
--- a/services/src/main/java/org/keycloak/credential/OTPCredentialProvider.java
+++ b/services/src/main/java/org/keycloak/credential/OTPCredentialProvider.java
@@ -102,7 +102,7 @@ public class OTPCredentialProvider implements CredentialProvider, CredentialInpu
} else {
getCredentialStore().updateCredential(realm, user, model);
}
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
return true;
@@ -138,7 +138,7 @@ public class OTPCredentialProvider implements CredentialProvider, CredentialInpu
}
if (disableTOTP || disableHOTP) {
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
}
}
diff --git a/services/src/main/java/org/keycloak/credential/PasswordCredentialProvider.java b/services/src/main/java/org/keycloak/credential/PasswordCredentialProvider.java
index bdc32e7..0a6fe8c 100644
--- a/services/src/main/java/org/keycloak/credential/PasswordCredentialProvider.java
+++ b/services/src/main/java/org/keycloak/credential/PasswordCredentialProvider.java
@@ -27,7 +27,6 @@ import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.cache.CachedUserModel;
import org.keycloak.models.cache.OnUserCache;
-import org.keycloak.policy.HashAlgorithmPasswordPolicyProviderFactory;
import org.keycloak.policy.PasswordPolicyManagerProvider;
import org.keycloak.policy.PolicyError;
@@ -99,7 +98,7 @@ public class PasswordCredentialProvider implements CredentialProvider, Credentia
newPassword.setCreatedDate(createdDate);
hash.encode(cred.getValue(), policy, newPassword);
getCredentialStore().createCredential(realm, user, newPassword);
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
return true;
}
@@ -213,7 +212,7 @@ public class PasswordCredentialProvider implements CredentialProvider, Credentia
hash.encode(cred.getValue(), policy, password);
getCredentialStore().updateCredential(realm, user, password);
- session.getUserCache().evict(realm, user);
+ session.userCache().evict(realm, user);
return true;
}
diff --git a/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java b/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java
index a8b4110..0fabb1f 100644
--- a/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java
+++ b/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java
@@ -21,19 +21,14 @@ import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialManager;
-import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.cache.CachedUserModel;
import org.keycloak.models.cache.OnUserCache;
-import org.keycloak.models.utils.CredentialValidation;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageManager;
import org.keycloak.storage.UserStorageProvider;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
@@ -120,13 +115,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
} else {
- // <deprecate>
- UserFederationProvider link = session.users().getFederationLink(realm, user);
- if (link != null) {
- session.users().validateUser(realm, user);
- validate(realm, user, toValidate, link);
- } // </deprecate>
- else if (user.getFederationLink() != null) {
+ if (user.getFederationLink() != null) {
UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
if (provider != null && provider instanceof CredentialInputValidator) {
validate(realm, user, toValidate, ((CredentialInputValidator)provider));
@@ -176,13 +165,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
} else {
- // <deprecated>
- UserFederationProvider link = session.users().getFederationLink(realm, user);
- if (link != null) {
- if (link.updateCredential(realm, user, input)) return;
- }
- // </deprecated>
- else if (user.getFederationLink() != null) {
+ if (user.getFederationLink() != null) {
UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
if (provider != null && provider instanceof CredentialInputUpdater) {
if (((CredentialInputUpdater)provider).updateCredential(realm, user, input)) return;
@@ -209,11 +192,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
} else {
- UserFederationProvider link = session.users().getFederationLink(realm, user);
- if (link != null && link.getSupportedCredentialTypes().contains(credentialType)) {
- link.disableCredentialType(realm, user, credentialType);
- }
- else if (user.getFederationLink() != null) {
+ if (user.getFederationLink() != null) {
UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
if (provider != null && provider instanceof CredentialInputUpdater) {
((CredentialInputUpdater)provider).disableCredentialType(realm, user, credentialType);
@@ -243,11 +222,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
types.addAll(updater.getDisableableCredentialTypes(realm, user));
}
} else {
- UserFederationProvider link = session.users().getFederationLink(realm, user);
- if (link != null) {
- types.addAll(link.getDisableableCredentialTypes(realm, user));
- }
- else if (user.getFederationLink() != null) {
+ if (user.getFederationLink() != null) {
UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
if (provider != null && provider instanceof CredentialInputUpdater) {
types.addAll(((CredentialInputUpdater)provider).getDisableableCredentialTypes(realm, user));
@@ -275,13 +250,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
} else {
- // <deprecate>
- UserFederationProvider link = session.users().getFederationLink(realm, user);
- if (link != null) {
- if (link.isConfiguredFor(realm, user, type)) return true;
- }
- // </deprecate>
- else if (user.getFederationLink() != null) {
+ if (user.getFederationLink() != null) {
UserStorageProvider provider = UserStorageManager.getStorageProvider(session, realm, user.getFederationLink());
if (provider != null && provider instanceof CredentialInputValidator) {
if (((CredentialInputValidator)provider).isConfiguredFor(realm, user, type)) return true;
@@ -307,16 +276,6 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
@Override
public CredentialValidationOutput authenticate(KeycloakSession session, RealmModel realm, CredentialInput input) {
- List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders();
- List<UserFederationProvider> fedProviders = new ArrayList<UserFederationProvider>();
- for (UserFederationProviderModel fedProviderModel : fedProviderModels) {
- UserFederationProvider provider = session.users().getFederationProvider(fedProviderModel);
- if (input instanceof UserCredentialModel && provider != null && provider.supportsCredentialType(input.getType())) {
- CredentialValidationOutput output = provider.validCredentials(realm, (UserCredentialModel)input);
- if (output != null) return output;
- }
- }
-
List<CredentialAuthentication> list = UserStorageManager.getStorageProviders(session, realm, CredentialAuthentication.class);
for (CredentialAuthentication auth : list) {
if (auth.supportsCredentialAuthenticationFor(input.getType())) {
diff --git a/services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java b/services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
index 62c3157..df7f8d3 100755
--- a/services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
+++ b/services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
@@ -44,8 +44,8 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserFederationManager;
import org.keycloak.models.UserModel;
+import org.keycloak.models.UserProvider;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientTemplateRepresentation;
@@ -358,7 +358,7 @@ public class ExportUtils {
String users = config.get("users");
if (users != null && !users.isEmpty()) {
- UserFederationManager userManager = session.users();
+ UserProvider userManager = session.users();
List<String> userIds = JsonSerialization.readValue(users, List.class);
config.put("users", JsonSerialization.writeValueAsString(userIds.stream().map(userId -> userManager.getUserById(userId, realm).getUsername()).collect(Collectors.toList())));
}
diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
index 4cc77a2..13b3bda 100644
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
@@ -27,14 +27,12 @@ import org.keycloak.models.KeycloakTransactionManager;
import org.keycloak.models.KeyManager;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.UserCredentialManager;
-import org.keycloak.models.UserFederationManager;
import org.keycloak.models.UserProvider;
import org.keycloak.models.UserSessionProvider;
import org.keycloak.models.cache.CacheRealmProvider;
import org.keycloak.models.cache.UserCache;
import org.keycloak.provider.Provider;
import org.keycloak.provider.ProviderFactory;
-import org.keycloak.scripting.ScriptingProvider;
import org.keycloak.storage.UserStorageManager;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
@@ -60,7 +58,6 @@ public class DefaultKeycloakSession implements KeycloakSession {
private UserStorageManager userStorageManager;
private UserCredentialStoreManager userCredentialStorageManager;
private UserSessionProvider sessionProvider;
- private UserFederationManager federationManager;
private UserFederatedStorageProvider userFederatedStorageProvider;
private KeycloakContext context;
private KeyManager keyManager;
@@ -68,7 +65,6 @@ public class DefaultKeycloakSession implements KeycloakSession {
public DefaultKeycloakSession(DefaultKeycloakSessionFactory factory) {
this.factory = factory;
this.transactionManager = new DefaultKeycloakTransactionManager(this);
- federationManager = new UserFederationManager(this);
context = new DefaultKeycloakContext(this);
}
@@ -86,17 +82,8 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
}
- private UserProvider getUserProvider() {
- UserCache cache = getProvider(UserCache.class);
- if (cache != null) {
- return cache;
- } else {
- return getProvider(UserProvider.class);
- }
- }
-
@Override
- public UserCache getUserCache() {
+ public UserCache userCache() {
return getProvider(UserCache.class);
}
@@ -151,17 +138,19 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
@Override
- public UserCredentialManager userCredentialManager() {
- if (userCredentialStorageManager == null) userCredentialStorageManager = new UserCredentialStoreManager(this);
- return userCredentialStorageManager;
+ public UserProvider users() {
+ UserCache cache = getProvider(UserCache.class);
+ if (cache != null) {
+ return cache;
+ } else {
+ return userStorageManager();
+ }
}
@Override
- public UserProvider userStorage() {
- if (userModel == null) {
- userModel = getUserProvider();
- }
- return userModel;
+ public UserCredentialManager userCredentialManager() {
+ if (userCredentialStorageManager == null) userCredentialStorageManager = new UserCredentialStoreManager(this);
+ return userCredentialStorageManager;
}
public <T extends Provider> T getProvider(Class<T> clazz) {
@@ -240,11 +229,6 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
@Override
- public UserFederationManager users() {
- return federationManager;
- }
-
- @Override
public UserSessionProvider sessions() {
if (sessionProvider == null) {
sessionProvider = getProvider(UserSessionProvider.class);
diff --git a/services/src/main/java/org/keycloak/services/managers/ClientManager.java b/services/src/main/java/org/keycloak/services/managers/ClientManager.java
index eb6fba6..1aa9b7f 100644
--- a/services/src/main/java/org/keycloak/services/managers/ClientManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ClientManager.java
@@ -156,7 +156,7 @@ public class ClientManager {
logger.debugf("Creating service account user '%s'", username);
// Don't use federation for service account user
- UserModel user = realmManager.getSession().userStorage().addUser(client.getRealm(), username);
+ UserModel user = realmManager.getSession().userLocalStorage().addUser(client.getRealm(), username);
user.setEnabled(true);
user.setEmail(username + "@placeholder.org");
user.setServiceAccountClientLink(client.getId());
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index d13dab6..93aafd6 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -31,7 +31,6 @@ import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionProvider;
import org.keycloak.models.session.UserSessionPersisterProvider;
@@ -228,7 +227,6 @@ public class RealmManager implements RealmImporter {
}
public boolean removeRealm(RealmModel realm) {
- List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
ClientModel masterAdminClient = realm.getMasterAdminClient();
boolean removed = model.removeRealm(realm.getId());
@@ -247,11 +245,13 @@ public class RealmManager implements RealmImporter {
sessionsPersister.onRealmRemoved(realm);
}
- // Remove all periodic syncs for configured federation providers
- UsersSyncManager usersSyncManager = new UsersSyncManager();
- for (final UserFederationProviderModel fedProvider : federationProviders) {
- usersSyncManager.notifyToRefreshPeriodicSync(session, realm, fedProvider, true);
+ // Refresh periodic sync tasks for configured storageProviders
+ List<UserStorageProviderModel> storageProviders = realm.getUserStorageProviders();
+ UserStorageSyncManager storageSync = new UserStorageSyncManager();
+ for (UserStorageProviderModel provider : storageProviders) {
+ storageSync.notifyToRefreshPeriodicSync(session, realm, provider, true);
}
+
}
return removed;
}
@@ -487,13 +487,6 @@ public class RealmManager implements RealmImporter {
setupAuthenticationFlows(realm);
setupRequiredActions(realm);
- // Refresh periodic sync tasks for configured federationProviders
- List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
- UsersSyncManager usersSyncManager = new UsersSyncManager();
- for (final UserFederationProviderModel fedProvider : federationProviders) {
- usersSyncManager.notifyToRefreshPeriodicSync(session, realm, fedProvider, false);
- }
-
// Refresh periodic sync tasks for configured storageProviders
List<UserStorageProviderModel> storageProviders = realm.getUserStorageProviders();
UserStorageSyncManager storageSync = new UserStorageSyncManager();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index fb5241c..f71c6af 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -42,7 +42,6 @@ import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.cache.CacheRealmProvider;
import org.keycloak.models.cache.UserCache;
@@ -66,8 +65,9 @@ import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.LDAPConnectionTestManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.ResourceAdminManager;
-import org.keycloak.services.managers.UsersSyncManager;
+import org.keycloak.services.managers.UserStorageSyncManager;
import org.keycloak.services.resources.admin.RealmAuth.Resource;
+import org.keycloak.storage.UserStorageProviderModel;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -304,9 +304,9 @@ public class RealmAdminResource {
RepresentationToModel.updateRealm(rep, realm, session);
// Refresh periodic sync tasks for configured federationProviders
- List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
- UsersSyncManager usersSyncManager = new UsersSyncManager();
- for (final UserFederationProviderModel fedProvider : federationProviders) {
+ List<UserStorageProviderModel> federationProviders = realm.getUserStorageProviders();
+ UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
+ for (final UserStorageProviderModel fedProvider : federationProviders) {
usersSyncManager.notifyToRefreshPeriodicSync(session, realm, fedProvider, false);
}
@@ -348,14 +348,6 @@ public class RealmAdminResource {
return users;
}
- @Path("user-federation")
- public UserFederationProvidersResource userFederation() {
- UserFederationProvidersResource fed = new UserFederationProvidersResource(realm, auth, adminEvent);
- ResteasyProviderFactory.getInstance().injectProperties(fed);
- //resourceContext.initResource(fed);
- return fed;
- }
-
@Path("user-storage")
public UserStorageProviderResource userStorage() {
UserStorageProviderResource fed = new UserStorageProviderResource(realm, auth, adminEvent);
diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
index 2ea9992..15315d6 100644
--- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
+++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
@@ -46,7 +46,6 @@ import org.keycloak.services.filters.KeycloakTransactionCommitter;
import org.keycloak.services.managers.ApplianceBootstrap;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.UserStorageSyncManager;
-import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.services.resources.admin.AdminRoot;
import org.keycloak.services.scheduled.ClearExpiredEvents;
import org.keycloak.services.scheduled.ClearExpiredUserSessions;
@@ -323,7 +322,6 @@ public class KeycloakApplication extends Application {
TimerProvider timer = session.getProvider(TimerProvider.class);
timer.schedule(new ClusterAwareScheduledTaskRunner(sessionFactory, new ClearExpiredEvents(), interval), interval, "ClearExpiredEvents");
timer.schedule(new ScheduledTaskRunner(sessionFactory, new ClearExpiredUserSessions()), interval, "ClearExpiredUserSessions");
- new UsersSyncManager().bootstrapPeriodic(sessionFactory, timer);
new UserStorageSyncManager().bootstrapPeriodic(sessionFactory, timer);
} finally {
session.close();
diff --git a/services/src/main/java/org/keycloak/storage/UserStorageManager.java b/services/src/main/java/org/keycloak/storage/UserStorageManager.java
index e3eeaec..2562470 100755
--- a/services/src/main/java/org/keycloak/storage/UserStorageManager.java
+++ b/services/src/main/java/org/keycloak/storage/UserStorageManager.java
@@ -21,24 +21,21 @@ import org.jboss.logging.Logger;
import org.keycloak.common.util.reflections.Types;
import org.keycloak.component.ComponentModel;
import org.keycloak.models.ClientModel;
-import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.ModelException;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProviderModel;
+import org.keycloak.models.UserManager;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.cache.CachedUserModel;
import org.keycloak.models.cache.OnUserCache;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
-import org.keycloak.credential.CredentialAuthentication;
-import org.keycloak.storage.user.ImportSynchronization;
import org.keycloak.storage.user.ImportedUserValidation;
import org.keycloak.storage.user.UserLookupProvider;
import org.keycloak.storage.user.UserQueryProvider;
@@ -52,6 +49,8 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import static org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction;
+
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
@@ -244,13 +243,44 @@ public class UserStorageManager implements UserProvider, OnUserCache {
if (user == null || user.getFederationLink() == null) return user;
UserStorageProvider provider = getStorageProvider(session, realm, user.getFederationLink());
if (provider != null && provider instanceof ImportedUserValidation) {
- return ((ImportedUserValidation)provider).validate(realm, user);
+ UserModel validated = ((ImportedUserValidation) provider).validate(realm, user);
+ if (validated == null) {
+ deleteInvalidUser(realm, user);
+ return null;
+ } else {
+ return validated;
+ }
+
+ } else if (provider == null) {
+ // remove linked user with unknown storage provider.
+ logger.debugf("Removed user with federation link of unknown storage provider '%s'", user.getUsername());
+ deleteInvalidUser(realm, user);
+ return null;
} else {
return user;
}
}
+ protected void deleteInvalidUser(final RealmModel realm, final UserModel user) {
+ String userId = user.getId();
+ String userName = user.getUsername();
+ session.userCache().evict(realm, user);
+ runJobInTransaction(session.getKeycloakSessionFactory(), new KeycloakSessionTask() {
+
+ @Override
+ public void run(KeycloakSession session) {
+ RealmModel realmModel = session.realms().getRealm(realm.getId());
+ if (realmModel == null) return;
+ UserModel deletedUser = session.userLocalStorage().getUserById(userId, realmModel);
+ new UserManager(session).removeUser(realmModel, deletedUser, session.userLocalStorage());
+ logger.debugf("Removed invalid user '%s'", userName);
+ }
+
+ });
+ }
+
+
protected List<UserModel> importValidation(RealmModel realm, List<UserModel> users) {
List<UserModel> tmp = new LinkedList<>();
for (UserModel user : users) {
@@ -291,11 +321,13 @@ public class UserStorageManager implements UserProvider, OnUserCache {
@Override
public UserModel getUserByEmail(String email, RealmModel realm) {
UserModel user = localStorage().getUserByEmail(email, realm);
- if (user != null) return user;
+ if (user != null) {
+ return importValidation(realm, user);
+ }
for (UserLookupProvider provider : getStorageProviders(session, realm, UserLookupProvider.class)) {
user = provider.getUserByEmail(email, realm);
if (user != null) {
- return importValidation(realm, user);
+ return user;
}
}
return null;
@@ -533,12 +565,6 @@ public class UserStorageManager implements UserProvider, OnUserCache {
}
@Override
- public void preRemove(RealmModel realm, UserFederationProviderModel model) {
- if (getFederatedStorage() != null) getFederatedStorage().preRemove(realm, model);
- localStorage().preRemove(realm, model);
- }
-
- @Override
public void preRemove(RealmModel realm, GroupModel group) {
localStorage().preRemove(realm, group);
if (getFederatedStorage() != null) {
testsuite/integration/pom.xml 2(+1 -1)
diff --git a/testsuite/integration/pom.xml b/testsuite/integration/pom.xml
index a7f0b9a..94283a9 100755
--- a/testsuite/integration/pom.xml
+++ b/testsuite/integration/pom.xml
@@ -164,7 +164,7 @@
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
- <artifactId>federation-properties-example</artifactId>
+ <artifactId>user-storage-properties-example</artifactId>
</dependency>
<!-- Dependency on services from integration-arquillian -->
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractKeycloakIdentityProviderTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractKeycloakIdentityProviderTest.java
index ed1e757..0977d2d 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractKeycloakIdentityProviderTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractKeycloakIdentityProviderTest.java
@@ -26,10 +26,10 @@ import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.services.Urls;
+import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.testsuite.broker.util.UserSessionStatusServlet;
import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory;
import org.openqa.selenium.By;
@@ -46,7 +46,6 @@ import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import java.io.IOException;
import java.net.URI;
-import java.util.HashMap;
import java.util.Set;
import static org.junit.Assert.assertEquals;
@@ -634,7 +633,14 @@ public abstract class AbstractKeycloakIdentityProviderTest extends AbstractIdent
// Add federationProvider to realm. It's configured with sync registrations
RealmModel realm = getRealm();
- UserFederationProviderModel dummyModel = realm.addUserFederationProvider(DummyUserFederationProviderFactory.PROVIDER_NAME, new HashMap<String, String>(), 1, "test-dummy", -1, -1, 0);
+ UserStorageProviderModel model = new UserStorageProviderModel();
+ model.setProviderId(DummyUserFederationProviderFactory.PROVIDER_NAME);
+ model.setPriority(1);
+ model.setName("test-sync-dummy");
+ model.setFullSyncPeriod(-1);
+ model.setChangedSyncPeriod(-1);
+ model.setLastSync(0);
+ UserStorageProviderModel dummyModel = new UserStorageProviderModel(realm.addComponentModel(model));
brokerServerRule.stopSession(session, true);
session = brokerServerRule.startSession();
@@ -682,7 +688,7 @@ public abstract class AbstractKeycloakIdentityProviderTest extends AbstractIdent
// remove dummy federation provider for this realm
realm = getRealm();
- realm.removeUserFederationProvider(dummyModel);
+ realm.removeComponent(dummyModel);
brokerServerRule.stopSession(session, true);
session = brokerServerRule.startSession();
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/AbstractKerberosTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/AbstractKerberosTest.java
index 10841b5..78266b8 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/AbstractKerberosTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/AbstractKerberosTest.java
@@ -39,8 +39,6 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper;
@@ -345,14 +343,14 @@ public abstract class AbstractKerberosTest {
RealmManager manager = new RealmManager(session);
RealmModel appRealm = manager.getRealm("test");
- List<UserModel> users = session.userStorage().getUsers(appRealm, true);
+ List<UserModel> users = session.users().getUsers(appRealm, true);
for (UserModel user : users) {
if (!user.getUsername().equals(AssertEvents.DEFAULT_USERNAME)) {
- session.userStorage().removeUser(appRealm, user);
+ session.users().removeUser(appRealm, user);
}
}
- Assert.assertEquals(1, session.userStorage().getUsers(appRealm, true).size());
+ Assert.assertEquals(1, session.users().getUsers(appRealm, true).size());
} finally {
keycloakRule.stopSession(session, true);
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/KerberosStandaloneTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/KerberosStandaloneTest.java
index 26b11cc..aeb58b2 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/KerberosStandaloneTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/KerberosStandaloneTest.java
@@ -32,11 +32,9 @@ import org.keycloak.federation.kerberos.KerberosConfig;
import org.keycloak.federation.kerberos.KerberosFederationProviderFactory;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.storage.UserStorageProviderModel;
-import org.keycloak.storage.ldap.LDAPStorageProviderFactory;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.federation.storage.ldap.LDAPTestUtils;
import org.keycloak.testsuite.rule.KerberosRule;
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java
index 4a5adb0..b254a1a 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java
@@ -20,7 +20,7 @@ package org.keycloak.testsuite.federation.ldap;
import org.jboss.logging.Logger;
import org.keycloak.common.constants.KerberosConstants;
import org.keycloak.models.LDAPConstants;
-import org.keycloak.models.UserFederationProvider;
+import org.keycloak.storage.UserStorageProvider;
import java.io.File;
import java.io.InputStream;
@@ -79,7 +79,7 @@ public class LDAPTestConfiguration {
DEFAULT_VALUES.put(LDAPConstants.BATCH_SIZE_FOR_SYNC, String.valueOf(LDAPConstants.DEFAULT_BATCH_SIZE_FOR_SYNC));
DEFAULT_VALUES.put(LDAPConstants.USERNAME_LDAP_ATTRIBUTE, null);
DEFAULT_VALUES.put(LDAPConstants.USER_OBJECT_CLASSES, null);
- DEFAULT_VALUES.put(LDAPConstants.EDIT_MODE, UserFederationProvider.EditMode.READ_ONLY.toString());
+ DEFAULT_VALUES.put(LDAPConstants.EDIT_MODE, UserStorageProvider.EditMode.READ_ONLY.toString());
DEFAULT_VALUES.put(KerberosConstants.ALLOW_KERBEROS_AUTHENTICATION, "false");
DEFAULT_VALUES.put(KerberosConstants.KERBEROS_REALM, "KEYCLOAK.ORG");
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/KerberosLdapTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/KerberosLdapTest.java
index 1e21192..ea48ff7 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/KerberosLdapTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/KerberosLdapTest.java
@@ -24,12 +24,8 @@ import org.junit.Test;
import org.junit.rules.RuleChain;
import org.junit.rules.TestRule;
import org.keycloak.common.util.MultivaluedHashMap;
-import org.keycloak.component.ComponentModel;
import org.keycloak.events.Details;
import org.keycloak.federation.kerberos.CommonKerberosConfig;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.LDAPConstants;
-import org.keycloak.models.UserFederationProvider;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.ldap.LDAPStorageProviderFactory;
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java
index 47bd2bb..78e6907 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapper2WaySyncTest.java
@@ -107,7 +107,7 @@ public class LDAPGroupMapper2WaySyncTest {
KeycloakSession session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
// Update group mapper to skip preserve inheritance and check it will pass now
@@ -139,7 +139,7 @@ public class LDAPGroupMapper2WaySyncTest {
session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
// Sync from LDAP back into Keycloak
@@ -171,7 +171,7 @@ public class LDAPGroupMapper2WaySyncTest {
KeycloakSession session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
// Update group mapper to skip preserve inheritance and check it will pass now
@@ -203,7 +203,7 @@ public class LDAPGroupMapper2WaySyncTest {
session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
// Sync from LDAP back into Keycloak
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java
index 91075ae..e5a9ff3 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperSyncTest.java
@@ -125,7 +125,7 @@ public class LDAPGroupMapperSyncTest {
KeycloakSession session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm);
@@ -171,7 +171,7 @@ public class LDAPGroupMapperSyncTest {
KeycloakSession session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm);
@@ -220,7 +220,7 @@ public class LDAPGroupMapperSyncTest {
KeycloakSession session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
// Sync groups with inheritance
@@ -275,7 +275,7 @@ public class LDAPGroupMapperSyncTest {
KeycloakSession session = keycloakRule.startSession();
try {
RealmModel realm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(realm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm,ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
GroupLDAPStorageMapper groupMapper = LDAPTestUtils.getGroupMapper(mapperModel, ldapProvider, realm);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java
index 693b8ae..5157b1f 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPGroupMapperTest.java
@@ -102,7 +102,7 @@ public class LDAPGroupMapperTest {
LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, group1, group12, true);
// Sync LDAP groups to Keycloak DB
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromFederationProviderToKeycloak(mapperModel, ldapFedProvider, session, appRealm);
// Delete all LDAP users
@@ -135,7 +135,7 @@ public class LDAPGroupMapperTest {
try {
RealmModel appRealm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.LDAP_ONLY.toString());
appRealm.updateComponent(mapperModel);
@@ -205,7 +205,7 @@ public class LDAPGroupMapperTest {
System.out.println("starting test02_readOnlyGroupMappings");
RealmModel appRealm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.READ_ONLY.toString());
appRealm.updateComponent(mapperModel);
@@ -273,7 +273,7 @@ public class LDAPGroupMapperTest {
try {
RealmModel appRealm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.IMPORT.toString());
appRealm.updateComponent(mapperModel);
@@ -328,7 +328,7 @@ public class LDAPGroupMapperTest {
RealmModel appRealm = session.realms().getRealmByName("test");
- ComponentModel mapperModel = LDAPTestUtils.getComponentByName(appRealm,ldapModel, "groupsMapper");
+ ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm,ldapModel, "groupsMapper");
LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.MODE, LDAPGroupMapperMode.LDAP_ONLY.toString());
appRealm.updateComponent(mapperModel);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java
index def6639..8881e42 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPProvidersIntegrationTest.java
@@ -383,7 +383,7 @@ public class LDAPProvidersIntegrationTest {
LDAPObject johnZip = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnzip", "John", "Zip", "johnzip@email.org", null, "12398");
// Remove default zipcode mapper and add the mapper for "POstalCode" to test case sensitivity
- ComponentModel currentZipMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "zipCodeMapper");
+ ComponentModel currentZipMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "zipCodeMapper");
appRealm.removeComponent(currentZipMapper);
LDAPTestUtils.addUserAttributeMapper(appRealm, ldapModel, "zipCodeMapper-cs", "postal_code", "POstalCode");
@@ -480,12 +480,12 @@ public class LDAPProvidersIntegrationTest {
RealmModel appRealm = new RealmManager(session).getRealmByName("test");
// Update postalCode mapper to always read the value from LDAP
- ComponentModel zipMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "zipCodeMapper");
+ ComponentModel zipMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "zipCodeMapper");
zipMapper.getConfig().putSingle(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, "true");
appRealm.updateComponent(zipMapper);
// Update lastName mapper to read the value from Keycloak DB
- ComponentModel lastNameMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "last name");
+ ComponentModel lastNameMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "last name");
lastNameMapper.getConfig().putSingle(UserAttributeLDAPStorageMapper.ALWAYS_READ_VALUE_FROM_LDAP, "false");
appRealm.updateComponent(lastNameMapper);
@@ -527,7 +527,7 @@ public class LDAPProvidersIntegrationTest {
LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "fullname", "James Dee", "Dee", "fullname@email.org", null, "4578");
// add fullname mapper to the provider and remove "firstNameMapper". For this test, we will simply map full name to the LDAP attribute, which was before firstName ( "givenName" on active directory, "cn" on other LDAP servers)
- firstNameMapper = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "first name");
+ firstNameMapper = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "first name");
String ldapFirstNameAttributeName = firstNameMapper.getConfig().getFirst(UserAttributeLDAPStorageMapper.LDAP_ATTRIBUTE);
appRealm.removeComponent(firstNameMapper);
@@ -547,7 +547,7 @@ public class LDAPProvidersIntegrationTest {
LDAPTestUtils.assertUserImported(session.users(), appRealm, "fullname", "James", "Dee", "fullname@email.org", "4578");
// change mapper to writeOnly
- ComponentModel fullNameMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "full name");
+ ComponentModel fullNameMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "full name");
fullNameMapperModel.getConfig().putSingle(FullNameLDAPStorageMapper.WRITE_ONLY, "true");
appRealm.updateComponent(fullNameMapperModel);
} finally {
@@ -581,7 +581,7 @@ public class LDAPProvidersIntegrationTest {
session.users().removeUser(appRealm, fullnameUser);
// Revert mappers
- ComponentModel fullNameMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "full name");
+ ComponentModel fullNameMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "full name");
appRealm.removeComponent(fullNameMapperModel);
firstNameMapper.setId(null);
@@ -628,7 +628,7 @@ public class LDAPProvidersIntegrationTest {
}
// Revert mappers
- ComponentModel hardcodedMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "hardcoded role");
+ ComponentModel hardcodedMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "hardcoded role");
appRealm.removeComponent(hardcodedMapperModel);
} finally {
keycloakRule.stopSession(session, true);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java
index 3cb70fb..7329a02 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPRoleMappingsTest.java
@@ -247,7 +247,7 @@ public class LDAPRoleMappingsTest {
}
// Add some role mappings directly into LDAP
- ComponentModel roleMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "realmRolesMapper");
+ ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "realmRolesMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
@@ -309,7 +309,7 @@ public class LDAPRoleMappingsTest {
LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ldapModel, LDAPGroupMapperMode.IMPORT);
// Add some role mappings directly in LDAP
- ComponentModel roleMapperModel = LDAPTestUtils.getComponentByName(appRealm, ldapModel, "realmRolesMapper");
+ ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "realmRolesMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java
index 169d82f..32f6457 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPSyncTest.java
@@ -315,7 +315,7 @@ public class LDAPSyncTest {
// Remove all users from model
for (UserModel user : session.userLocalStorage().getUsers(testRealm, true)) {
System.out.println("trying to delete user: " + user.getUsername());
- session.getUserCache().evict(testRealm, user);
+ session.userCache().evict(testRealm, user);
session.userLocalStorage().removeUser(testRealm, user);
}
@@ -360,7 +360,7 @@ public class LDAPSyncTest {
UserStorageProviderModel providerModel = KeycloakModelUtils.findUserStorageProviderByName(ldapModel.getName(), testRealm);
providerModel.getConfig().putSingle(LDAPConstants.USERNAME_LDAP_ATTRIBUTE, origUsernameAttrName);
testRealm.updateComponent(providerModel);
- ComponentModel streetMapper = LDAPTestUtils.getComponentByName(testRealm, providerModel, "streetMapper");
+ ComponentModel streetMapper = LDAPTestUtils.getSubcomponentByName(testRealm, providerModel, "streetMapper");
testRealm.removeComponent(streetMapper);
} finally {
keycloakRule.stopSession(session, true);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java
index ae58321..df86f1f 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/ldap/LDAPTestUtils.java
@@ -167,7 +167,7 @@ public class LDAPTestUtils {
}
public static void addOrUpdateRoleLDAPMappers(RealmModel realm, ComponentModel providerModel, LDAPGroupMapperMode mode) {
- ComponentModel mapperModel = getComponentByName(realm, providerModel, "realmRolesMapper");
+ ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "realmRolesMapper");
if (mapperModel != null) {
mapperModel.getConfig().putSingle(RoleMapperConfig.MODE, mode.toString());
realm.updateComponent(mapperModel);
@@ -180,7 +180,7 @@ public class LDAPTestUtils {
realm.addComponentModel(mapperModel);
}
- mapperModel = getComponentByName(realm, providerModel, "financeRolesMapper");
+ mapperModel = getSubcomponentByName(realm, providerModel, "financeRolesMapper");
if (mapperModel != null) {
mapperModel.getConfig().putSingle(RoleMapperConfig.MODE, mode.toString());
realm.updateComponent(mapperModel);
@@ -195,7 +195,7 @@ public class LDAPTestUtils {
}
}
- public static ComponentModel getComponentByName(RealmModel realm, ComponentModel providerModel, String name) {
+ public static ComponentModel getSubcomponentByName(RealmModel realm, ComponentModel providerModel, String name) {
List<ComponentModel> components = realm.getComponents(providerModel.getId(), LDAPStorageMapper.class.getName());
for (ComponentModel component : components) {
if (component.getName().equals(name)) {
@@ -206,7 +206,7 @@ public class LDAPTestUtils {
}
public static void addOrUpdateGroupMapper(RealmModel realm, ComponentModel providerModel, LDAPGroupMapperMode mode, String descriptionAttrName, String... otherConfigOptions) {
- ComponentModel mapperModel = getComponentByName(realm, providerModel, "groupsMapper");
+ ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "groupsMapper");
if (mapperModel != null) {
mapperModel.getConfig().putSingle(GroupMapperConfig.MODE, mode.toString());
updateGroupMapperConfigOptions(mapperModel, otherConfigOptions);
@@ -234,12 +234,12 @@ public class LDAPTestUtils {
// End CRUD model mappers
public static void syncRolesFromLDAP(RealmModel realm, LDAPStorageProvider ldapProvider, ComponentModel providerModel) {
- ComponentModel mapperModel = getComponentByName(realm, providerModel, "realmRolesMapper");
+ ComponentModel mapperModel = getSubcomponentByName(realm, providerModel, "realmRolesMapper");
RoleLDAPStorageMapper roleMapper = getRoleMapper(mapperModel, ldapProvider, realm);
roleMapper.syncDataFromFederationProviderToKeycloak();
- mapperModel = getComponentByName(realm, providerModel, "financeRolesMapper");
+ mapperModel = getSubcomponentByName(realm, providerModel, "financeRolesMapper");
roleMapper = getRoleMapper(mapperModel, ldapProvider, realm);
roleMapper.syncDataFromFederationProviderToKeycloak();
}
@@ -255,7 +255,7 @@ public class LDAPTestUtils {
}
public static void removeAllLDAPRoles(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) {
- ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName);
+ ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
LDAPQuery roleQuery = getRoleMapper(mapperModel, ldapProvider, appRealm).createRoleQuery();
List<LDAPObject> ldapRoles = roleQuery.getResultList();
@@ -265,7 +265,7 @@ public class LDAPTestUtils {
}
public static void removeAllLDAPGroups(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName) {
- ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName);
+ ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
LDAPQuery roleQuery = getGroupMapper(mapperModel, ldapProvider, appRealm).createGroupQuery();
List<LDAPObject> ldapRoles = roleQuery.getResultList();
@@ -275,13 +275,13 @@ public class LDAPTestUtils {
}
public static void createLDAPRole(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String mapperName, String roleName) {
- ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, mapperName);
+ ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, mapperName);
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
getRoleMapper(mapperModel, ldapProvider, appRealm).createLDAPRole(roleName);
}
public static LDAPObject createLDAPGroup(KeycloakSession session, RealmModel appRealm, ComponentModel ldapModel, String groupName, String... additionalAttrs) {
- ComponentModel mapperModel = getComponentByName(appRealm, ldapModel, "groupsMapper");
+ ComponentModel mapperModel = getSubcomponentByName(appRealm, ldapModel, "groupsMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
Map<String, Set<String>> additAttrs = new HashMap<>();
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java
index a3e412d..e890dda 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncDummyUserFederationProviderFactory.java
@@ -22,14 +22,16 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
+import org.keycloak.provider.ProviderConfigProperty;
+import org.keycloak.provider.ProviderConfigurationBuilder;
+import org.keycloak.storage.UserStorageProviderModel;
+import org.keycloak.storage.user.SynchronizationResult;
import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory;
import java.util.Date;
-import java.util.Set;
+import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
@@ -59,21 +61,27 @@ public class SyncDummyUserFederationProviderFactory extends DummyUserFederationP
return SYNC_PROVIDER_ID;
}
- @Override
- public Set<String> getConfigurationOptions() {
- Set<String> list = super.getConfigurationOptions();
- list.add(WAIT_TIME);
- return list;
+
+ public List<ProviderConfigProperty> getConfigProperties() {
+ return ProviderConfigurationBuilder.create()
+ .property().name("important.config")
+ .type(ProviderConfigProperty.STRING_TYPE)
+ .add()
+ .property().name(WAIT_TIME)
+ .type(ProviderConfigProperty.STRING_TYPE)
+ .add()
+ .build();
}
+
@Override
- public UserFederationSyncResult syncChangedUsers(KeycloakSessionFactory sessionFactory, final String realmId, final UserFederationProviderModel model, Date lastSync) {
+ public SynchronizationResult syncSince(Date lastSync, KeycloakSessionFactory sessionFactory, String realmId, UserStorageProviderModel model) {
KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() {
@Override
public void run(KeycloakSession session) {
- int waitTime = Integer.parseInt(model.getConfig().get(WAIT_TIME));
+ int waitTime = Integer.parseInt(model.getConfig().getFirst(WAIT_TIME));
logger.infof("Starting sync of changed users. Wait time is: %s", waitTime);
@@ -82,13 +90,13 @@ public class SyncDummyUserFederationProviderFactory extends DummyUserFederationP
// KEYCLOAK-2412 : Just remove and add some users for testing purposes
for (int i = 0; i < 10; i++) {
String username = "dummyuser-" + i;
- UserModel user = session.userStorage().getUserByUsername(username, realm);
+ UserModel user = session.userLocalStorage().getUserByUsername(username, realm);
if (user != null) {
- session.userStorage().removeUser(realm, user);
+ session.userLocalStorage().removeUser(realm, user);
}
- user = session.userStorage().addUser(realm, username);
+ user = session.userLocalStorage().addUser(realm, username);
}
logger.infof("Finished sync of changed users. Waiting now for %d seconds", waitTime);
@@ -109,7 +117,7 @@ public class SyncDummyUserFederationProviderFactory extends DummyUserFederationP
// countDown, so the SyncFederationTest can continue
latch2.countDown();
- return new UserFederationSyncResult();
+ return new SynchronizationResult();
}
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncFederationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncFederationTest.java
index 1efc354..4967bcc 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncFederationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/sync/SyncFederationTest.java
@@ -27,21 +27,19 @@ import org.keycloak.common.util.Time;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.services.managers.RealmManager;
-import org.keycloak.services.managers.UsersSyncManager;
+import org.keycloak.services.managers.UserStorageSyncManager;
+import org.keycloak.storage.UserStorageProvider;
+import org.keycloak.storage.UserStorageProviderModel;
+import org.keycloak.storage.user.SynchronizationResult;
import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.timer.TimerProvider;
-import java.util.HashMap;
-import java.util.Map;
import java.util.concurrent.TimeUnit;
/**
- * Test with Dummy providers (For LDAP see {@link org.keycloak.testsuite.federation.ldap.base.LDAPSyncTest}
+ * Test with Dummy providers
*
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@@ -50,7 +48,7 @@ public class SyncFederationTest {
private static final Logger log = Logger.getLogger(SyncFederationTest.class);
- private static UserFederationProviderModel dummyModel = null;
+ private static UserStorageProviderModel dummyModel = null;
@ClassRule
public static KeycloakRule keycloakRule = new KeycloakRule(new KeycloakRule.KeycloakSetup() {
@@ -62,6 +60,7 @@ public class SyncFederationTest {
}
});
+
@Test
public void test01PeriodicSync() {
@@ -70,7 +69,14 @@ public class SyncFederationTest {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
- dummyModel = appRealm.addUserFederationProvider(DummyUserFederationProviderFactory.PROVIDER_NAME, new HashMap<String, String>(), 1, "test-sync-dummy", -1, 1, 0);
+ UserStorageProviderModel model = new UserStorageProviderModel();
+ model.setProviderId(DummyUserFederationProviderFactory.PROVIDER_NAME);
+ model.setPriority(1);
+ model.setName("test-sync-dummy");
+ model.setFullSyncPeriod(-1);
+ model.setChangedSyncPeriod(1);
+ model.setLastSync(0);
+ dummyModel = new UserStorageProviderModel(appRealm.addComponentModel(model));
}
});
@@ -78,12 +84,12 @@ public class SyncFederationTest {
KeycloakSession session = keycloakRule.startSession();
try {
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
- DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory)sessionFactory.getProviderFactory(UserFederationProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
+ DummyUserFederationProviderFactory dummyFedFactory = (DummyUserFederationProviderFactory)sessionFactory.getProviderFactory(UserStorageProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME);
int full = dummyFedFactory.getFullSyncCounter();
int changed = dummyFedFactory.getChangedSyncCounter();
// Assert that after some period was DummyUserFederationProvider triggered
- UsersSyncManager usersSyncManager = new UsersSyncManager();
+ UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
usersSyncManager.bootstrapPeriodic(sessionFactory, session.getProvider(TimerProvider.class));
sleep(1800);
@@ -94,7 +100,7 @@ public class SyncFederationTest {
// This sync is here just to ensure that we have lock (doublecheck that periodic sync, which was possibly triggered before canceling timer is finished too)
while (true) {
- UserFederationSyncResult result = usersSyncManager.syncChangedUsers(session.getKeycloakSessionFactory(), appRealm.getId(), dummyModel);
+ SynchronizationResult result = usersSyncManager.syncChangedUsers(session.getKeycloakSessionFactory(), appRealm.getId(), dummyModel);
if (result.isIgnored()) {
log.infof("Still waiting for lock before periodic sync is finished", result.toString());
sleep(1000);
@@ -122,7 +128,7 @@ public class SyncFederationTest {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
- appRealm.removeUserFederationProvider(dummyModel);
+ appRealm.removeComponent(dummyModel);
}
});
@@ -137,9 +143,15 @@ public class SyncFederationTest {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
- Map<String, String> config = new HashMap<>();
- config.put(SyncDummyUserFederationProviderFactory.WAIT_TIME, "2000");
- dummyModel = appRealm.addUserFederationProvider(SyncDummyUserFederationProviderFactory.SYNC_PROVIDER_ID, config, 1, "test-sync-dummy", -1, 1, 0);
+ UserStorageProviderModel model = new UserStorageProviderModel();
+ model.setProviderId(SyncDummyUserFederationProviderFactory.SYNC_PROVIDER_ID);
+ model.setPriority(1);
+ model.setName("test-sync-dummy");
+ model.setFullSyncPeriod(-1);
+ model.setChangedSyncPeriod(1);
+ model.setLastSync(0);
+ model.getConfig().putSingle(SyncDummyUserFederationProviderFactory.WAIT_TIME, "2000");
+ dummyModel = new UserStorageProviderModel(appRealm.addComponentModel(model));
}
});
@@ -149,13 +161,13 @@ public class SyncFederationTest {
KeycloakSessionFactory sessionFactory = session.getKeycloakSessionFactory();
// bootstrap periodic sync
- UsersSyncManager usersSyncManager = new UsersSyncManager();
+ UserStorageSyncManager usersSyncManager = new UserStorageSyncManager();
usersSyncManager.bootstrapPeriodic(sessionFactory, session.getProvider(TimerProvider.class));
// Wait and then trigger sync manually. Assert it will be ignored
sleep(1800);
RealmModel realm = session.realms().getRealm("test");
- UserFederationSyncResult syncResult = usersSyncManager.syncChangedUsers(sessionFactory, realm.getId(), dummyModel);
+ SynchronizationResult syncResult = usersSyncManager.syncChangedUsers(sessionFactory, realm.getId(), dummyModel);
Assert.assertTrue(syncResult.isIgnored());
// Cancel timer
@@ -175,7 +187,7 @@ public class SyncFederationTest {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
- appRealm.removeUserFederationProvider(dummyModel);
+ appRealm.removeComponent(dummyModel);
}
});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
index f193645..2e3f162 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
@@ -36,10 +36,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.DefaultAuthenticationFlows;
import org.keycloak.models.utils.KeycloakModelUtils;
@@ -48,9 +44,11 @@ import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
import org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
+import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapper;
import org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapperFactory;
+import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory;
import java.util.List;
import java.util.Map;
@@ -279,8 +277,6 @@ public class ImportTest extends AbstractModelTest {
Assert.assertEquals("googleSecret", google.getConfig().get("clientSecret"));
// Test federation providers
- List<UserFederationProviderModel> fedProviders = realm.getUserFederationProviders();
- Assert.assertTrue(fedProviders.size() == 0);
List<UserStorageProviderModel> storageProviders = realm.getUserStorageProviders();
Assert.assertTrue(storageProviders.size() == 2);
UserStorageProviderModel ldap1 = storageProviders.get(0);
@@ -294,8 +290,6 @@ public class ImportTest extends AbstractModelTest {
Assert.assertEquals("ldap://bar", ldap2.getConfig().getFirst(LDAPConstants.CONNECTION_URL));
// Test federation mappers
- Set<UserFederationMapperModel> userFedMappers1 = realm.getUserFederationMappers();
- Assert.assertTrue(userFedMappers1.size() == 0);
List<ComponentModel> fedMappers1 = realm.getComponents(ldap1.getId());
ComponentModel fullNameMapper = fedMappers1.iterator().next();
Assert.assertEquals("FullNameMapper", fullNameMapper.getName());
@@ -304,8 +298,8 @@ public class ImportTest extends AbstractModelTest {
Assert.assertEquals("cn", fullNameMapper.getConfig().getFirst(FullNameLDAPStorageMapper.LDAP_FULL_NAME_ATTRIBUTE));
// Assert that federation link wasn't created during import
- UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, "dummy");
- Assert.assertNull(factory.getInstance(session, null).getUserByUsername(realm, "wburke"));
+ DummyUserFederationProviderFactory factory = (DummyUserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, "dummy");
+ Assert.assertNull(factory.create(session, null).getUserByUsername("wburke", realm));
// Test builtin authentication flows
AuthenticationFlowModel clientFlow = realm.getClientAuthenticationFlow();
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/util/cli/SyncDummyFederationProviderCommand.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/util/cli/SyncDummyFederationProviderCommand.java
index af02312..fe53b82 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/util/cli/SyncDummyFederationProviderCommand.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/util/cli/SyncDummyFederationProviderCommand.java
@@ -17,16 +17,14 @@
package org.keycloak.testsuite.util.cli;
+import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.services.managers.UsersSyncManager;
+import org.keycloak.services.managers.UserStorageSyncManager;
+import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.testsuite.federation.sync.SyncDummyUserFederationProviderFactory;
-import java.util.HashMap;
-import java.util.Map;
-
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
@@ -38,25 +36,33 @@ public class SyncDummyFederationProviderCommand extends AbstractCommand {
int changedSyncPeriod = getIntArg(1);
RealmModel realm = session.realms().getRealmByName("master");
- UserFederationProviderModel fedProviderModel = KeycloakModelUtils.findUserFederationProviderByDisplayName("cluster-dummy", realm);
+ UserStorageProviderModel fedProviderModel = KeycloakModelUtils.findUserStorageProviderByName("cluster-dummy", realm);
if (fedProviderModel == null) {
- Map<String, String> cfg = new HashMap<>();
+ MultivaluedHashMap<String, String> cfg = fedProviderModel.getConfig();
updateConfig(cfg, waitTime);
- fedProviderModel = realm.addUserFederationProvider(SyncDummyUserFederationProviderFactory.SYNC_PROVIDER_ID, cfg, 1, "cluster-dummy", -1, changedSyncPeriod, -1);
+
+ UserStorageProviderModel model = new UserStorageProviderModel();
+ model.setProviderId(SyncDummyUserFederationProviderFactory.SYNC_PROVIDER_ID);
+ model.setPriority(1);
+ model.setName("cluster-dummy");
+ model.setFullSyncPeriod(-1);
+ model.setChangedSyncPeriod(changedSyncPeriod);
+ model.setLastSync(-1);
+ fedProviderModel = new UserStorageProviderModel(realm.addComponentModel(model));
} else {
- Map<String, String> cfg = fedProviderModel.getConfig();
+ MultivaluedHashMap<String, String> cfg = fedProviderModel.getConfig();
updateConfig(cfg, waitTime);
fedProviderModel.setChangedSyncPeriod(changedSyncPeriod);
- realm.updateUserFederationProvider(fedProviderModel);
+ realm.updateComponent(fedProviderModel);
}
- new UsersSyncManager().notifyToRefreshPeriodicSync(session, realm, fedProviderModel, false);
+ new UserStorageSyncManager().notifyToRefreshPeriodicSync(session, realm, fedProviderModel, false);
log.infof("User federation provider created and sync was started", waitTime);
}
- private void updateConfig(Map<String, String> cfg, int waitTime) {
- cfg.put(SyncDummyUserFederationProviderFactory.WAIT_TIME, String.valueOf(waitTime));
+ private void updateConfig(MultivaluedHashMap<String, String> cfg, int waitTime) {
+ cfg.putSingle(SyncDummyUserFederationProviderFactory.WAIT_TIME, String.valueOf(waitTime));
}
diff --git a/testsuite/integration/src/test/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory b/testsuite/integration/src/test/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
index efbed13..dcc5143 100644
--- a/testsuite/integration/src/test/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
+++ b/testsuite/integration/src/test/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
@@ -1,2 +1,3 @@
+org.keycloak.testsuite.federation.sync.SyncDummyUserFederationProviderFactory
org.keycloak.testsuite.federation.storage.UserPropertyFileStorageFactory
org.keycloak.testsuite.federation.storage.UserMapStorageFactory
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java
index c0dd8d5..ad6d16f 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java
@@ -17,18 +17,21 @@
package org.keycloak.testsuite.federation;
+import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialInput;
+import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.credential.CredentialModel;
-import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.GroupModel;
+import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserModel;
+import org.keycloak.storage.UserStorageProvider;
+import org.keycloak.storage.user.UserLookupProvider;
+import org.keycloak.storage.user.UserRegistrationProvider;
import java.util.Collections;
-import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -36,28 +39,32 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class DummyUserFederationProvider implements UserFederationProvider {
+public class DummyUserFederationProvider implements UserStorageProvider,
+ UserLookupProvider,
+ UserRegistrationProvider,
+ CredentialInputValidator {
private final Map<String, UserModel> users;
+ private KeycloakSession session;
+ private ComponentModel component;
- public DummyUserFederationProvider(Map<String, UserModel> users) {
+
+
+ public DummyUserFederationProvider(KeycloakSession session, ComponentModel component, Map<String, UserModel> users) {
this.users = users;
+ this.session = session;
+ this.component = component;
}
- @Override
- public UserModel validateAndProxy(RealmModel realm, UserModel local) {
- return local;
- }
- @Override
- public boolean synchronizeRegistrations() {
- return true;
- }
@Override
- public UserModel register(RealmModel realm, UserModel user) {
- users.put(user.getUsername(), user);
- return user;
+ public UserModel addUser(RealmModel realm, String username) {
+ UserModel local = session.userLocalStorage().addUser(realm, username);
+ local.setFederationLink(component.getId());
+
+ users.put(username, local);
+ return local;
}
@Override
@@ -66,26 +73,26 @@ public class DummyUserFederationProvider implements UserFederationProvider {
}
@Override
- public UserModel getUserByUsername(RealmModel realm, String username) {
- return users.get(username);
+ public UserModel getUserById(String id, RealmModel realm) {
+ return null;
}
@Override
- public UserModel getUserByEmail(RealmModel realm, String email) {
- return null;
+ public UserModel getUserByUsername(String username, RealmModel realm) {
+ return users.get(username);
}
@Override
- public List<UserModel> searchByAttributes(Map<String, String> attributes, RealmModel realm, int maxResults) {
- return Collections.emptyList();
+ public UserModel getUserByEmail(String email, RealmModel realm) {
+ return null;
}
@Override
- public List<UserModel> getGroupMembers(RealmModel realm, GroupModel group, int firstResult, int maxResults) {
- return Collections.emptyList();
+ public void grantToAllUsers(RealmModel realm, RoleModel role) {
+
}
- @Override
+ @Override
public void preRemove(RealmModel realm) {
}
@@ -100,35 +107,11 @@ public class DummyUserFederationProvider implements UserFederationProvider {
}
- @Override
- public boolean isValid(RealmModel realm, UserModel local) {
- String username = local.getUsername();
- return users.containsKey(username);
- }
-
- @Override
public Set<String> getSupportedCredentialTypes() {
return Collections.singleton(UserCredentialModel.PASSWORD);
}
@Override
- public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
- if (!(input instanceof UserCredentialModel) || !CredentialModel.PASSWORD.equals(input.getType())) return false;
-
- return false;
- }
-
- @Override
- public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
-
- }
-
- @Override
- public Set<String> getDisableableCredentialTypes(RealmModel realm, UserModel user) {
- return Collections.EMPTY_SET;
- }
-
- @Override
public boolean supportsCredentialType(String credentialType) {
return getSupportedCredentialTypes().contains(credentialType);
}
@@ -154,12 +137,7 @@ public class DummyUserFederationProvider implements UserFederationProvider {
}
return false; }
- @Override
- public CredentialValidationOutput validCredentials(RealmModel realm, UserCredentialModel credential) {
- return CredentialValidationOutput.failed();
- }
-
- @Override
+ @Override
public void close() {
}
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProviderFactory.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProviderFactory.java
index df339a9..0a672c1 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProviderFactory.java
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProviderFactory.java
@@ -19,26 +19,28 @@ package org.keycloak.testsuite.federation;
import org.jboss.logging.Logger;
import org.keycloak.Config;
+import org.keycloak.component.ComponentModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.models.UserModel;
+import org.keycloak.provider.ProviderConfigProperty;
+import org.keycloak.provider.ProviderConfigurationBuilder;
+import org.keycloak.storage.UserStorageProviderFactory;
+import org.keycloak.storage.UserStorageProviderModel;
+import org.keycloak.storage.user.ImportSynchronization;
+import org.keycloak.storage.user.SynchronizationResult;
import java.util.Date;
import java.util.HashMap;
-import java.util.HashSet;
+import java.util.List;
import java.util.Map;
-import java.util.Set;
import java.util.concurrent.atomic.AtomicInteger;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class DummyUserFederationProviderFactory implements UserFederationProviderFactory {
+public class DummyUserFederationProviderFactory implements UserStorageProviderFactory<DummyUserFederationProvider>, ImportSynchronization {
private static final Logger logger = Logger.getLogger(DummyUserFederationProviderFactory.class);
public static final String PROVIDER_NAME = "dummy";
@@ -49,20 +51,16 @@ public class DummyUserFederationProviderFactory implements UserFederationProvide
private Map<String, UserModel> users = new HashMap<String, UserModel>();
@Override
- public UserFederationProvider getInstance(KeycloakSession session, UserFederationProviderModel model) {
- return new DummyUserFederationProvider(users);
+ public DummyUserFederationProvider create(KeycloakSession session, ComponentModel model) {
+ return new DummyUserFederationProvider(session, model, users);
}
@Override
- public Set<String> getConfigurationOptions() {
- Set<String> list = new HashSet<String>();
- list.add("important.config");
- return list;
- }
-
- @Override
- public UserFederationProvider create(KeycloakSession session) {
- return new DummyUserFederationProvider(users);
+ public List<ProviderConfigProperty> getConfigProperties() {
+ return ProviderConfigurationBuilder.create()
+ .property().name("important.config")
+ .type(ProviderConfigProperty.STRING_TYPE)
+ .add().build();
}
@Override
@@ -86,17 +84,17 @@ public class DummyUserFederationProviderFactory implements UserFederationProvide
}
@Override
- public UserFederationSyncResult syncAllUsers(KeycloakSessionFactory sessionFactory, String realmId, UserFederationProviderModel model) {
+ public SynchronizationResult sync(KeycloakSessionFactory sessionFactory, String realmId, UserStorageProviderModel model) {
logger.info("syncAllUsers invoked");
fullSyncCounter.incrementAndGet();
- return UserFederationSyncResult.empty();
+ return SynchronizationResult.empty();
}
@Override
- public UserFederationSyncResult syncChangedUsers(KeycloakSessionFactory sessionFactory, String realmId, UserFederationProviderModel model, Date lastSync) {
+ public SynchronizationResult syncSince(Date lastSync, KeycloakSessionFactory sessionFactory, String realmId, UserStorageProviderModel model) {
logger.info("syncChangedUsers invoked");
changedSyncCounter.incrementAndGet();
- return UserFederationSyncResult.empty();
+ return SynchronizationResult.empty();
}
public int getFullSyncCounter() {
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java
index 24e8b83..f2b530a 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java
@@ -32,18 +32,13 @@ import org.keycloak.events.admin.AdminEventQuery;
import org.keycloak.events.admin.AuthDetails;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
-import org.keycloak.keys.KeyProvider;
-import org.keycloak.keys.KeyProviderFactory;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.FederatedIdentityModel;
-import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserFederationProvider;
-import org.keycloak.models.UserFederationProviderFactory;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.UserSessionModel;
@@ -54,12 +49,13 @@ import org.keycloak.representations.idm.AuthDetailsRepresentation;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
-import org.keycloak.services.managers.ClientSessionCode;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.resource.RealmResourceProvider;
+import org.keycloak.storage.UserStorageProvider;
import org.keycloak.testsuite.components.TestProvider;
import org.keycloak.testsuite.components.TestProviderFactory;
import org.keycloak.testsuite.events.EventsListenerProvider;
+import org.keycloak.testsuite.federation.DummyUserFederationProviderFactory;
import org.keycloak.testsuite.forms.PassThroughAuthenticator;
import org.keycloak.testsuite.forms.PassThroughClientAuthenticator;
import org.keycloak.testsuite.rest.representation.AuthenticatorState;
@@ -580,8 +576,8 @@ public class TestingResourceProvider implements RealmResourceProvider {
public UserRepresentation getUserByUsernameFromFedProviderFactory(@QueryParam("realmName") String realmName,
@QueryParam("userName") String userName) {
RealmModel realm = getRealmByName(realmName);
- UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, "dummy");
- UserModel user = factory.getInstance(session, null).getUserByUsername(realm, userName);
+ DummyUserFederationProviderFactory factory = (DummyUserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, "dummy");
+ UserModel user = factory.create(session, null).getUserByUsername(userName, realm);
if (user == null) return null;
return ModelToRepresentation.toRepresentation(session, realm, user);
}
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
new file mode 100644
index 0000000..a97dd1e
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/resources/META-INF/services/org.keycloak.storage.UserStorageProviderFactory
@@ -0,0 +1 @@
+org.keycloak.testsuite.federation.DummyUserFederationProviderFactory
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/LDAPTestConfiguration.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/LDAPTestConfiguration.java
index b8b7940..772ae2d 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/LDAPTestConfiguration.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/LDAPTestConfiguration.java
@@ -22,7 +22,7 @@ import org.jboss.logging.Logger;
import org.keycloak.common.constants.GenericConstants;
import org.keycloak.common.constants.KerberosConstants;
import org.keycloak.models.LDAPConstants;
-import org.keycloak.models.UserFederationProvider;
+import org.keycloak.storage.UserStorageProvider;
import java.io.File;
import java.io.FileInputStream;
@@ -83,7 +83,7 @@ public class LDAPTestConfiguration {
DEFAULT_VALUES.put(LDAPConstants.BATCH_SIZE_FOR_SYNC, String.valueOf(LDAPConstants.DEFAULT_BATCH_SIZE_FOR_SYNC));
DEFAULT_VALUES.put(LDAPConstants.USERNAME_LDAP_ATTRIBUTE, null);
DEFAULT_VALUES.put(LDAPConstants.USER_OBJECT_CLASSES, null);
- DEFAULT_VALUES.put(LDAPConstants.EDIT_MODE, UserFederationProvider.EditMode.READ_ONLY.toString());
+ DEFAULT_VALUES.put(LDAPConstants.EDIT_MODE, UserStorageProvider.EditMode.READ_ONLY.toString());
DEFAULT_VALUES.put(KerberosConstants.ALLOW_KERBEROS_AUTHENTICATION, "false");
DEFAULT_VALUES.put(KerberosConstants.KERBEROS_REALM, "KEYCLOAK.ORG");
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageMapperTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageMapperTest.java
index 63aacc0..fa7eb14 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageMapperTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageMapperTest.java
@@ -30,7 +30,6 @@ import org.keycloak.representations.idm.UserFederationMapperTypeRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserFederationSyncResultRepresentation;
import org.keycloak.testsuite.Assert;
-import org.keycloak.testsuite.federation.DummyUserFederationMapper;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.UserFederationProviderBuilder;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageRestTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageRestTest.java
index 1c4b3db..315bc8b 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageRestTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserStorageRestTest.java
@@ -82,7 +82,7 @@ public class UserStorageRestTest extends AbstractAdminTest {
}
private UserFederationProvidersResource userFederation() {
- return realm.userFederation();
+ return null;//realm.userFederation();
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java
index 1c232b6..50a0c28 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java
@@ -47,7 +47,7 @@ public class ClientRedirectTest extends TestRealmKeycloakTest {
*
* @throws Exception
*/
- @Test
+ //@Test
public void testClientRedirectEndpoint() throws Exception {
oauth.doLogin("test-user@localhost", "password");
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java
index 001ed86..3e16c4b 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java
@@ -25,11 +25,8 @@ import org.keycloak.admin.client.resource.ClientTemplateResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.common.constants.KerberosConstants;
-import org.keycloak.component.ComponentModel;
import org.keycloak.models.Constants;
import org.keycloak.models.LDAPConstants;
-import org.keycloak.models.UserFederationMapperModel;
-import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.utils.DefaultAuthenticationFlows;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
@@ -38,14 +35,12 @@ import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.ClientMappingsRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientTemplateRepresentation;
-import org.keycloak.representations.idm.ComponentExportRepresentation;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
-import org.keycloak.representations.idm.UserFederationMapperRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
@@ -53,7 +48,6 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.storage.UserStorageProvider;
-import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapper;
import org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapperFactory;
import org.keycloak.storage.ldap.mappers.LDAPStorageMapper;
diff --git a/testsuite/integration-arquillian/tests/other/sssd/src/test/java/org/keycloak/testsuite/sssd/SSSDTest.java b/testsuite/integration-arquillian/tests/other/sssd/src/test/java/org/keycloak/testsuite/sssd/SSSDTest.java
index a59adfc..48ba4b4 100644
--- a/testsuite/integration-arquillian/tests/other/sssd/src/test/java/org/keycloak/testsuite/sssd/SSSDTest.java
+++ b/testsuite/integration-arquillian/tests/other/sssd/src/test/java/org/keycloak/testsuite/sssd/SSSDTest.java
@@ -77,13 +77,6 @@ public class SSSDTest extends AbstractKeycloakTest {
adminClient.realm(REALM_NAME).components().add(userFederation);
}
- @Ignore
- @Test
- public void testProviderFactories() {
- List<UserFederationProviderFactoryRepresentation> providerFactories = adminClient.realm(REALM_NAME).userFederation().getProviderFactories();
- Assert.assertNames(providerFactories, "ldap", "kerberos", "dummy", "dummy-configurable", "sssd");
- }
-
@Test
public void testWrongUser() {
log.debug("Testing wrong password for user " + USERNAME);