keycloak-memoizeit
Changes
.gitignore 3(+3 -0)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java 2(+1 -1)
adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/RequestAuthenticatorFactory.java 13(+13 -0)
Details
.gitignore 3(+3 -0)
diff --git a/.gitignore b/.gitignore
index 443e12a..359d76d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,9 @@
.project
.settings
.classpath
+bin
+.factorypath
+
# NetBeans #
############
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
index fbe01aa..6e7c885 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
@@ -85,7 +85,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
return authenticateToken(exchange, atr.getToken());
}
- private AccessTokenResponse getToken(String username, String password) throws Exception {
+ protected AccessTokenResponse getToken(String username, String password) throws Exception {
AccessTokenResponse tokenResponse=null;
HttpClient client = deployment.getClient();
diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/RequestAuthenticatorFactory.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/RequestAuthenticatorFactory.java
new file mode 100644
index 0000000..e6af389
--- /dev/null
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/RequestAuthenticatorFactory.java
@@ -0,0 +1,13 @@
+package org.keycloak.adapters.springsecurity.authentication;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.keycloak.adapters.AdapterTokenStore;
+import org.keycloak.adapters.KeycloakDeployment;
+import org.keycloak.adapters.RequestAuthenticator;
+import org.keycloak.adapters.spi.HttpFacade;
+
+public interface RequestAuthenticatorFactory {
+ RequestAuthenticator createRequestAuthenticator(HttpFacade facade, HttpServletRequest request,
+ KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort);
+}
\ No newline at end of file
diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/SpringSecurityRequestAuthenticatorFactor.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/SpringSecurityRequestAuthenticatorFactor.java
new file mode 100644
index 0000000..9c634d5
--- /dev/null
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/SpringSecurityRequestAuthenticatorFactor.java
@@ -0,0 +1,17 @@
+package org.keycloak.adapters.springsecurity.authentication;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.keycloak.adapters.AdapterTokenStore;
+import org.keycloak.adapters.KeycloakDeployment;
+import org.keycloak.adapters.RequestAuthenticator;
+import org.keycloak.adapters.spi.HttpFacade;
+
+public class SpringSecurityRequestAuthenticatorFactor implements RequestAuthenticatorFactory {
+ @Override
+ public RequestAuthenticator createRequestAuthenticator(HttpFacade facade,
+ HttpServletRequest request, KeycloakDeployment deployment, AdapterTokenStore tokenStore,
+ int sslRedirectPort) {
+ return new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, sslRedirectPort);
+ }
+}
\ No newline at end of file
diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
index fc0e888..d8605e3 100644
--- a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
@@ -27,16 +27,15 @@ import javax.servlet.http.HttpServletResponse;
import org.keycloak.OAuth2Constants;
import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.AdapterTokenStore;
-import org.keycloak.adapters.AuthenticatedActionsHandler;
import org.keycloak.adapters.KeycloakDeployment;
-import org.keycloak.adapters.OIDCHttpFacade;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.AuthChallenge;
import org.keycloak.adapters.spi.AuthOutcome;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationFailureHandler;
-import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticator;
+import org.keycloak.adapters.springsecurity.authentication.RequestAuthenticatorFactory;
+import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticatorFactor;
import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
import org.keycloak.adapters.springsecurity.token.AdapterTokenStoreFactory;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
@@ -85,6 +84,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
private AdapterDeploymentContext adapterDeploymentContext;
private AdapterTokenStoreFactory adapterTokenStoreFactory = new SpringSecurityAdapterTokenStoreFactory();
private AuthenticationManager authenticationManager;
+ private RequestAuthenticatorFactory requestAuthenticatorFactory = new SpringSecurityRequestAuthenticatorFactor();
/**
* Creates a new Keycloak authentication processing filter with given {@link AuthenticationManager} and the
@@ -144,7 +144,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
AdapterTokenStore tokenStore = adapterTokenStoreFactory.createAdapterTokenStore(deployment, request);
RequestAuthenticator authenticator
- = new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, -1);
+ = requestAuthenticatorFactory.createRequestAuthenticator(facade, request, deployment, tokenStore, -1);
AuthOutcome result = authenticator.authenticate();
log.debug("Auth outcome: {}", result);
@@ -251,4 +251,14 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
public final void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication) {
throw new UnsupportedOperationException("This filter does not support explicitly setting a continue chain before success policy");
}
-}
\ No newline at end of file
+
+ /**
+ * Sets the request authenticator factory to use when creating per-request authenticators.
+ *
+ * @param requestAuthenticatorFactory the <code>RequestAuthenticatorFactory</code> to use
+ */
+ public void setRequestAuthenticatorFactory(RequestAuthenticatorFactory requestAuthenticatorFactory) {
+ Assert.notNull(requestAuthenticatorFactory, "RequestAuthenticatorFactory cannot be null");
+ this.requestAuthenticatorFactory = requestAuthenticatorFactory;
+ }
+}