Details
diff --git a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
index 14e3a1e..c9ba3dd 100755
--- a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
+++ b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
@@ -45,7 +45,7 @@ import java.util.Set;
public class ExportUtils {
public static RealmRepresentation exportRealm(KeycloakSession session, RealmModel realm, boolean includeUsers) {
- RealmRepresentation rep = ModelToRepresentation.toRepresentation(realm);
+ RealmRepresentation rep = ModelToRepresentation.toRepresentation(realm, true);
// Audit
rep.setEventsEnabled(realm.isEventsEnabled());
diff --git a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
index 7d431c3..0be1dc7 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -75,7 +75,7 @@ public class ModelToRepresentation {
return rep;
}
- public static RealmRepresentation toRepresentation(RealmModel realm) {
+ public static RealmRepresentation toRepresentation(RealmModel realm, boolean internal) {
RealmRepresentation rep = new RealmRepresentation();
rep.setId(realm.getId());
rep.setRealm(realm.getName());
@@ -85,13 +85,15 @@ public class ModelToRepresentation {
rep.setUpdateProfileOnInitialSocialLogin(realm.isUpdateProfileOnInitialSocialLogin());
rep.setSslRequired(realm.getSslRequired().name().toLowerCase());
rep.setPublicKey(realm.getPublicKeyPem());
- rep.setPrivateKey(realm.getPrivateKeyPem());
- String privateKeyPem = realm.getPrivateKeyPem();
- if (realm.getCertificatePem() == null && privateKeyPem != null) {
- KeycloakModelUtils.generateRealmCertificate(realm);
+ if (internal) {
+ rep.setPrivateKey(realm.getPrivateKeyPem());
+ String privateKeyPem = realm.getPrivateKeyPem();
+ if (realm.getCertificatePem() == null && privateKeyPem != null) {
+ KeycloakModelUtils.generateRealmCertificate(realm);
+ }
+ rep.setCodeSecret(realm.getCodeSecret());
}
rep.setCertificate(realm.getCertificatePem());
- rep.setCodeSecret(realm.getCodeSecret());
rep.setPasswordCredentialGrantAllowed(realm.isPasswordCredentialGrantAllowed());
rep.setRegistrationAllowed(realm.isRegistrationAllowed());
rep.setRememberMe(realm.isRememberMe());
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index a8f3707..b2766bb 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -158,7 +158,7 @@ public class RealmAdminResource {
@Produces("application/json")
public RealmRepresentation getRealm() {
if (auth.hasView()) {
- RealmRepresentation rep = ModelToRepresentation.toRepresentation(realm);
+ RealmRepresentation rep = ModelToRepresentation.toRepresentation(realm, false);
if (session.realms() instanceof CacheRealmProvider) {
CacheRealmProvider cacheRealmProvider = (CacheRealmProvider)session.realms();
rep.setRealmCacheEnabled(cacheRealmProvider.isEnabled());
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
index 0eab7ef..e434738 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@@ -100,7 +100,7 @@ public class RealmsAdminResource {
protected void addRealmRep(List<RealmRepresentation> reps, RealmModel realm, ApplicationModel realmManagementApplication) {
if (auth.hasAppRole(realmManagementApplication, AdminRoles.MANAGE_REALM)) {
- reps.add(ModelToRepresentation.toRepresentation(realm));
+ reps.add(ModelToRepresentation.toRepresentation(realm, false));
} else if (auth.hasOneOfAppRole(realmManagementApplication, AdminRoles.ALL_REALM_ROLES)) {
RealmRepresentation rep = new RealmRepresentation();
rep.setRealm(realm.getName());
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
index 9a57d39..e0d29e9 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AbstractClientTest.java
@@ -7,6 +7,7 @@ import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.models.Constants;
import org.keycloak.models.RealmModel;
+import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
@@ -42,6 +43,7 @@ public abstract class AbstractClientTest {
RealmModel testRealm = manager.createRealm(REALM_NAME);
testRealm.setEnabled(true);
+ KeycloakModelUtils.generateRealmKeys(testRealm);
}
});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/RealmTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/RealmTest.java
index d3bbca9..6626b60 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/RealmTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/RealmTest.java
@@ -6,7 +6,11 @@ import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
+import java.util.List;
+
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
/**
@@ -16,7 +20,15 @@ public class RealmTest extends AbstractClientTest {
@Test
public void getRealms() {
- assertNames(keycloak.realms().findAll(), "master", "test", REALM_NAME);
+ List<RealmRepresentation> realms = keycloak.realms().findAll();
+ assertNames(realms, "master", "test", REALM_NAME);
+
+ for (RealmRepresentation rep : realms) {
+ assertNull(rep.getPrivateKey());
+ assertNull(rep.getCodeSecret());
+ assertNotNull(rep.getPublicKey());
+ assertNotNull(rep.getCertificate());
+ }
}
@Test
@@ -65,6 +77,11 @@ public class RealmTest extends AbstractClientTest {
RealmRepresentation rep = realm.toRepresentation();
assertEquals(REALM_NAME, rep.getRealm());
assertTrue(rep.isEnabled());
+
+ assertNull(rep.getPrivateKey());
+ assertNull(rep.getCodeSecret());
+ assertNotNull(rep.getPublicKey());
+ assertNotNull(rep.getCertificate());
}
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ModelTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ModelTest.java
index 2346bd8..eb64196 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ModelTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ModelTest.java
@@ -67,7 +67,7 @@ public class ModelTest extends AbstractModelTest {
}
private RealmModel importExport(RealmModel src, String copyName) {
- RealmRepresentation representation = ModelToRepresentation.toRepresentation(src);
+ RealmRepresentation representation = ModelToRepresentation.toRepresentation(src, true);
representation.setRealm(copyName);
representation.setId(copyName);
RealmModel copy = realmManager.importRealm(representation);
