keycloak-uncached
Changes
services/src/main/java/org/keycloak/authorization/protection/policy/UserManagedPermissionService.java 10(+5 -5)
services/src/main/java/org/keycloak/authorization/protection/resource/ResourceService.java 17(+10 -7)
services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java 5(+1 -4)
services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java 57(+26 -31)
services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java 6(+2 -4)
services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java 12(+4 -8)
services/src/main/java/org/keycloak/services/resources/admin/ClientRegistrationPolicyResource.java 21(+8 -13)
services/src/main/java/org/keycloak/services/resources/admin/ClientStorageProviderResource.java 15(+0 -15)
services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java 19(+8 -11)
services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java 15(+5 -10)
Details
diff --git a/services/src/main/java/org/keycloak/authorization/admin/PolicyResourceService.java b/services/src/main/java/org/keycloak/authorization/admin/PolicyResourceService.java
index c89c340..d896a8f 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/PolicyResourceService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/PolicyResourceService.java
@@ -40,6 +40,7 @@ import org.keycloak.authorization.store.PolicyStore;
import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
+import org.keycloak.models.KeycloakSession;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
@@ -55,6 +56,8 @@ import org.keycloak.util.JsonSerialization;
*/
public class PolicyResourceService {
+ @Context
+ private KeycloakSession session;
private final Policy policy;
protected final ResourceServer resourceServer;
protected final AuthorizationProvider authorization;
@@ -73,7 +76,7 @@ public class PolicyResourceService {
@Consumes("application/json")
@Produces("application/json")
@NoCache
- public Response update(@Context UriInfo uriInfo, String payload) {
+ public Response update(String payload) {
if (auth != null) {
this.auth.realm().requireManageAuthorization();
}
@@ -89,13 +92,13 @@ public class PolicyResourceService {
RepresentationToModel.toModel(representation, authorization, policy);
- audit(uriInfo, representation, OperationType.UPDATE);
+ audit(representation, OperationType.UPDATE);
return Response.status(Status.CREATED).build();
}
@DELETE
- public Response delete(@Context UriInfo uriInfo) {
+ public Response delete() {
if (auth != null) {
this.auth.realm().requireManageAuthorization();
}
@@ -113,7 +116,7 @@ public class PolicyResourceService {
policyStore.delete(policy.getId());
if (authorization.getRealm().isAdminEventsEnabled()) {
- audit(uriInfo, toRepresentation(policy, authorization), OperationType.DELETE);
+ audit(toRepresentation(policy, authorization), OperationType.DELETE);
}
return Response.noContent().build();
@@ -255,9 +258,9 @@ public class PolicyResourceService {
return policy;
}
- private void audit(@Context UriInfo uriInfo, AbstractPolicyRepresentation policy, OperationType operation) {
+ private void audit(AbstractPolicyRepresentation policy, OperationType operation) {
if (authorization.getRealm().isAdminEventsEnabled()) {
- adminEvent.operation(operation).resourcePath(uriInfo).representation(policy).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri()).representation(policy).success();
}
}
}
diff --git a/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java b/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java
index 20a3e69..49f1e0d 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java
@@ -57,6 +57,7 @@ import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.Constants;
+import org.keycloak.models.KeycloakSession;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
import org.keycloak.representations.idm.authorization.PolicyProviderRepresentation;
@@ -71,6 +72,8 @@ import org.keycloak.util.JsonSerialization;
*/
public class PolicyService {
+ @Context
+ private KeycloakSession session;
protected final ResourceServer resourceServer;
protected final AuthorizationProvider authorization;
protected final AdminPermissionEvaluator auth;
@@ -108,7 +111,7 @@ public class PolicyService {
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@NoCache
- public Response create(@Context UriInfo uriInfo, String payload) {
+ public Response create(String payload) {
if (auth != null) {
this.auth.realm().requireManageAuthorization();
}
@@ -118,7 +121,7 @@ public class PolicyService {
representation.setId(policy.getId());
- audit(uriInfo, representation, representation.getId(), OperationType.CREATE);
+ audit(representation, representation.getId(), OperationType.CREATE);
return Response.status(Status.CREATED).entity(representation).build();
}
@@ -325,12 +328,12 @@ public class PolicyService {
});
}
- private void audit(@Context UriInfo uriInfo, AbstractPolicyRepresentation resource, String id, OperationType operation) {
+ private void audit(AbstractPolicyRepresentation resource, String id, OperationType operation) {
if (authorization.getRealm().isAdminEventsEnabled()) {
if (id != null) {
- adminEvent.operation(operation).resourcePath(uriInfo, id).representation(resource).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri(), id).representation(resource).success();
} else {
- adminEvent.operation(operation).resourcePath(uriInfo).representation(resource).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri()).representation(resource).success();
}
}
}
diff --git a/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java b/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java
index 85b7804..9bdb352 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java
@@ -27,7 +27,6 @@ import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
@@ -68,9 +67,6 @@ public class ResourceServerService {
private ResourceServer resourceServer;
private final ClientModel client;
- @Context
- private UriInfo uriInfo;
-
public ResourceServerService(AuthorizationProvider authorization, ResourceServer resourceServer, ClientModel client, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
this.authorization = authorization;
this.session = authorization.getKeycloakSession();
@@ -96,7 +92,7 @@ public class ResourceServerService {
this.resourceServer = this.authorization.getStoreFactory().getResourceServerStore().create(this.client.getId());
createDefaultRoles(serviceAccount);
createDefaultPermission(createDefaultResource(), createDefaultPolicy());
- audit(OperationType.CREATE, uriInfo, newClient);
+ audit(OperationType.CREATE, session.getContext().getUri(), newClient);
return resourceServer;
}
@@ -108,14 +104,14 @@ public class ResourceServerService {
this.auth.realm().requireManageAuthorization();
this.resourceServer.setAllowRemoteResourceManagement(server.isAllowRemoteResourceManagement());
this.resourceServer.setPolicyEnforcementMode(server.getPolicyEnforcementMode());
- audit(OperationType.UPDATE, uriInfo, false);
+ audit(OperationType.UPDATE, session.getContext().getUri(), false);
return Response.noContent().build();
}
public void delete() {
this.auth.realm().requireManageAuthorization();
authorization.getStoreFactory().getResourceServerStore().delete(resourceServer.getId());
- audit(OperationType.DELETE, uriInfo, false);
+ audit(OperationType.DELETE, session.getContext().getUri(), false);
}
@GET
@@ -136,21 +132,21 @@ public class ResourceServerService {
@Path("/import")
@POST
@Consumes(MediaType.APPLICATION_JSON)
- public Response importSettings(@Context final UriInfo uriInfo, ResourceServerRepresentation rep) {
+ public Response importSettings(ResourceServerRepresentation rep) {
this.auth.realm().requireManageAuthorization();
rep.setClientId(client.getId());
RepresentationToModel.toModel(rep, authorization);
- audit(OperationType.UPDATE, uriInfo, false);
+ audit(OperationType.UPDATE, session.getContext().getUri(), false);
return Response.noContent().build();
}
@Path("/resource")
public ResourceSetService getResourceSetResource() {
- ResourceSetService resource = new ResourceSetService(this.resourceServer, this.authorization, this.auth, adminEvent);
+ ResourceSetService resource = new ResourceSetService(this.session, this.resourceServer, this.authorization, this.auth, adminEvent);
ResteasyProviderFactory.getInstance().injectProperties(resource);
@@ -159,7 +155,7 @@ public class ResourceServerService {
@Path("/scope")
public ScopeService getScopeResource() {
- ScopeService resource = new ScopeService(this.resourceServer, this.authorization, this.auth, adminEvent);
+ ScopeService resource = new ScopeService(this.session, this.resourceServer, this.authorization, this.auth, adminEvent);
ResteasyProviderFactory.getInstance().injectProperties(resource);
diff --git a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
index 3fded6b..78dff9e 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
@@ -61,6 +61,7 @@ import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
+import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
@@ -79,9 +80,11 @@ public class ResourceSetService {
private final AuthorizationProvider authorization;
private final AdminPermissionEvaluator auth;
private final AdminEventBuilder adminEvent;
+ private KeycloakSession session;
private ResourceServer resourceServer;
- public ResourceSetService(ResourceServer resourceServer, AuthorizationProvider authorization, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
+ public ResourceSetService(KeycloakSession session, ResourceServer resourceServer, AuthorizationProvider authorization, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
+ this.session = session;
this.resourceServer = resourceServer;
this.authorization = authorization;
this.auth = auth;
@@ -92,14 +95,14 @@ public class ResourceSetService {
@NoCache
@Consumes("application/json")
@Produces("application/json")
- public Response create(@Context UriInfo uriInfo, ResourceRepresentation resource) {
+ public Response createPost(ResourceRepresentation resource) {
if (resource == null) {
return Response.status(Status.BAD_REQUEST).build();
}
ResourceRepresentation newResource = create(resource);
- audit(uriInfo, resource, resource.getId(), OperationType.CREATE);
+ audit(resource, resource.getId(), OperationType.CREATE);
return Response.status(Status.CREATED).entity(newResource).build();
}
@@ -134,7 +137,7 @@ public class ResourceSetService {
@PUT
@Consumes("application/json")
@Produces("application/json")
- public Response update(@Context UriInfo uriInfo, @PathParam("id") String id, ResourceRepresentation resource) {
+ public Response update(@PathParam("id") String id, ResourceRepresentation resource) {
requireManage();
resource.setId(id);
StoreFactory storeFactory = this.authorization.getStoreFactory();
@@ -147,14 +150,14 @@ public class ResourceSetService {
toModel(resource, resourceServer, authorization);
- audit(uriInfo, resource, OperationType.UPDATE);
+ audit(resource, OperationType.UPDATE);
return Response.noContent().build();
}
@Path("{id}")
@DELETE
- public Response delete(@Context UriInfo uriInfo, @PathParam("id") String id) {
+ public Response delete(@PathParam("id") String id) {
requireManage();
StoreFactory storeFactory = authorization.getStoreFactory();
Resource resource = storeFactory.getResourceStore().findById(id, resourceServer.getId());
@@ -166,7 +169,7 @@ public class ResourceSetService {
storeFactory.getResourceStore().delete(id);
if (authorization.getRealm().isAdminEventsEnabled()) {
- audit(uriInfo, toRepresentation(resource, resourceServer, authorization), OperationType.DELETE);
+ audit(toRepresentation(resource, resourceServer, authorization), OperationType.DELETE);
}
return Response.noContent().build();
@@ -465,16 +468,16 @@ public class ResourceSetService {
}
}
- private void audit(@Context UriInfo uriInfo, ResourceRepresentation resource, OperationType operation) {
- audit(uriInfo, resource, null, operation);
+ private void audit(ResourceRepresentation resource, OperationType operation) {
+ audit(resource, null, operation);
}
- public void audit(@Context UriInfo uriInfo, ResourceRepresentation resource, String id, OperationType operation) {
+ public void audit(ResourceRepresentation resource, String id, OperationType operation) {
if (authorization.getRealm().isAdminEventsEnabled()) {
if (id != null) {
- adminEvent.operation(operation).resourcePath(uriInfo, id).representation(resource).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri(), id).representation(resource).success();
} else {
- adminEvent.operation(operation).resourcePath(uriInfo).representation(resource).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri()).representation(resource).success();
}
}
}
diff --git a/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java b/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java
index 294951c..5e4dd6f 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java
@@ -28,6 +28,7 @@ import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.Constants;
+import org.keycloak.models.KeycloakSession;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
@@ -67,9 +68,11 @@ public class ScopeService {
private final AuthorizationProvider authorization;
private final AdminPermissionEvaluator auth;
private final AdminEventBuilder adminEvent;
+ private KeycloakSession session;
private ResourceServer resourceServer;
- public ScopeService(ResourceServer resourceServer, AuthorizationProvider authorization, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
+ public ScopeService(KeycloakSession session, ResourceServer resourceServer, AuthorizationProvider authorization, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
+ this.session = session;
this.resourceServer = resourceServer;
this.authorization = authorization;
this.auth = auth;
@@ -80,13 +83,13 @@ public class ScopeService {
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- public Response create(@Context UriInfo uriInfo, ScopeRepresentation scope) {
+ public Response create(ScopeRepresentation scope) {
this.auth.realm().requireManageAuthorization();
Scope model = toModel(scope, this.resourceServer, authorization);
scope.setId(model.getId());
- audit(uriInfo, scope, scope.getId(), OperationType.CREATE);
+ audit(scope, scope.getId(), OperationType.CREATE);
return Response.status(Status.CREATED).entity(scope).build();
}
@@ -95,7 +98,7 @@ public class ScopeService {
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- public Response update(@Context UriInfo uriInfo, @PathParam("id") String id, ScopeRepresentation scope) {
+ public Response update(@PathParam("id") String id, ScopeRepresentation scope) {
this.auth.realm().requireManageAuthorization();
scope.setId(id);
StoreFactory storeFactory = authorization.getStoreFactory();
@@ -107,14 +110,14 @@ public class ScopeService {
toModel(scope, resourceServer, authorization);
- audit(uriInfo, scope, OperationType.UPDATE);
+ audit(scope, OperationType.UPDATE);
return Response.noContent().build();
}
@Path("{id}")
@DELETE
- public Response delete(@Context UriInfo uriInfo, @PathParam("id") String id) {
+ public Response delete(@PathParam("id") String id) {
this.auth.realm().requireManageAuthorization();
StoreFactory storeFactory = authorization.getStoreFactory();
List<Resource> resources = storeFactory.getResourceStore().findByScope(Arrays.asList(id), resourceServer.getId());
@@ -143,7 +146,7 @@ public class ScopeService {
storeFactory.getScopeStore().delete(id);
if (authorization.getRealm().isAdminEventsEnabled()) {
- audit(uriInfo, toRepresentation(scope), OperationType.DELETE);
+ audit(toRepresentation(scope), OperationType.DELETE);
}
return Response.noContent().build();
@@ -260,16 +263,16 @@ public class ScopeService {
.build();
}
- private void audit(@Context UriInfo uriInfo, ScopeRepresentation resource, OperationType operation) {
- audit(uriInfo, resource, null, operation);
+ private void audit(ScopeRepresentation resource, OperationType operation) {
+ audit(resource, null, operation);
}
- private void audit(@Context UriInfo uriInfo, ScopeRepresentation resource, String id, OperationType operation) {
+ private void audit(ScopeRepresentation resource, String id, OperationType operation) {
if (authorization.getRealm().isAdminEventsEnabled()) {
if (id != null) {
- adminEvent.operation(operation).resourcePath(uriInfo, id).representation(resource).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri(), id).representation(resource).success();
} else {
- adminEvent.operation(operation).resourcePath(uriInfo).representation(resource).success();
+ adminEvent.operation(operation).resourcePath(session.getContext().getUri()).representation(resource).success();
}
}
}
diff --git a/services/src/main/java/org/keycloak/authorization/protection/policy/UserManagedPermissionService.java b/services/src/main/java/org/keycloak/authorization/protection/policy/UserManagedPermissionService.java
index d9663a4..d0e2a17 100644
--- a/services/src/main/java/org/keycloak/authorization/protection/policy/UserManagedPermissionService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/policy/UserManagedPermissionService.java
@@ -74,7 +74,7 @@ public class UserManagedPermissionService {
@Path("{resourceId}")
@Consumes("application/json")
@Produces("application/json")
- public Response create(@Context UriInfo uriInfo, @PathParam("resourceId") String resourceId, UmaPermissionRepresentation representation) {
+ public Response create(@PathParam("resourceId") String resourceId, UmaPermissionRepresentation representation) {
if (representation.getId() != null) {
throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Newly created uma policies should not have an id", Response.Status.BAD_REQUEST);
}
@@ -91,7 +91,7 @@ public class UserManagedPermissionService {
@PUT
@Consumes("application/json")
@Produces("application/json")
- public Response update(@Context UriInfo uriInfo, @PathParam("policyId") String policyId, String payload) {
+ public Response update(@PathParam("policyId") String policyId, String payload) {
UmaPermissionRepresentation representation;
try {
@@ -102,14 +102,14 @@ public class UserManagedPermissionService {
checkRequest(getAssociatedResourceId(policyId), representation);
- return PolicyTypeResourceService.class.cast(delegate.getResource(policyId)).update(uriInfo, payload);
+ return PolicyTypeResourceService.class.cast(delegate.getResource(policyId)).update(payload);
}
@Path("{policyId}")
@DELETE
- public Response delete(@Context UriInfo uriInfo, @PathParam("policyId") String policyId) {
+ public Response delete(@PathParam("policyId") String policyId) {
checkRequest(getAssociatedResourceId(policyId), null);
- PolicyTypeResourceService.class.cast(delegate.getResource(policyId)).delete(uriInfo);
+ PolicyTypeResourceService.class.cast(delegate.getResource(policyId)).delete();
return Response.noContent().build();
}
diff --git a/services/src/main/java/org/keycloak/authorization/protection/ProtectionService.java b/services/src/main/java/org/keycloak/authorization/protection/ProtectionService.java
index f4bbba6..6301e0c 100644
--- a/services/src/main/java/org/keycloak/authorization/protection/ProtectionService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/ProtectionService.java
@@ -45,6 +45,8 @@ import org.keycloak.authorization.protection.policy.UserManagedPermissionService
*/
public class ProtectionService {
+ @Context
+ private KeycloakSession session;
private final AuthorizationProvider authorization;
@Context
@@ -58,11 +60,11 @@ public class ProtectionService {
public Object resource() {
KeycloakIdentity identity = createIdentity(true);
ResourceServer resourceServer = getResourceServer(identity);
- ResourceSetService resourceManager = new ResourceSetService(resourceServer, this.authorization, null, createAdminEventBuilder(identity, resourceServer));
+ ResourceSetService resourceManager = new ResourceSetService(this.session, resourceServer, this.authorization, null, createAdminEventBuilder(identity, resourceServer));
ResteasyProviderFactory.getInstance().injectProperties(resourceManager);
- ResourceService resource = new ResourceService(resourceServer, identity, resourceManager);
+ ResourceService resource = new ResourceService(this.session, resourceServer, identity, resourceManager);
ResteasyProviderFactory.getInstance().injectProperties(resource);
diff --git a/services/src/main/java/org/keycloak/authorization/protection/resource/ResourceService.java b/services/src/main/java/org/keycloak/authorization/protection/resource/ResourceService.java
index 1fbe5f9..4368a9a 100644
--- a/services/src/main/java/org/keycloak/authorization/protection/resource/ResourceService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/resource/ResourceService.java
@@ -39,6 +39,7 @@ import org.keycloak.authorization.identity.Identity;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.events.admin.OperationType;
+import org.keycloak.models.KeycloakSession;
import org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.services.ErrorResponseException;
@@ -50,9 +51,11 @@ public class ResourceService {
private final ResourceServer resourceServer;
private final ResourceSetService resourceManager;
+ private final KeycloakSession session;
private final Identity identity;
- public ResourceService(ResourceServer resourceServer, Identity identity, ResourceSetService resourceManager) {
+ public ResourceService(KeycloakSession session, ResourceServer resourceServer, Identity identity, ResourceSetService resourceManager) {
+ this.session = session;
this.identity = identity;
this.resourceServer = resourceServer;
this.resourceManager = resourceManager;
@@ -61,7 +64,7 @@ public class ResourceService {
@POST
@Consumes("application/json")
@Produces("application/json")
- public Response create(@Context UriInfo uriInfo, UmaResourceRepresentation resource) {
+ public Response create(UmaResourceRepresentation resource) {
checkResourceServerSettings();
if (resource == null) {
@@ -85,7 +88,7 @@ public class ResourceService {
ResourceRepresentation newResource = resourceManager.create(resource);
- resourceManager.audit(uriInfo, resource, resource.getId(), OperationType.CREATE);
+ resourceManager.audit(resource, resource.getId(), OperationType.CREATE);
return Response.status(Status.CREATED).entity(new UmaResourceRepresentation(newResource)).build();
}
@@ -94,15 +97,15 @@ public class ResourceService {
@PUT
@Consumes("application/json")
@Produces("application/json")
- public Response update(@Context UriInfo uriInfo, @PathParam("id") String id, ResourceRepresentation resource) {
- return this.resourceManager.update(uriInfo, id, resource);
+ public Response update(@PathParam("id") String id, ResourceRepresentation resource) {
+ return this.resourceManager.update(id, resource);
}
@Path("/{id}")
@DELETE
- public Response delete(@Context UriInfo uriInfo, @PathParam("id") String id) {
+ public Response delete(@PathParam("id") String id) {
checkResourceServerSettings();
- return this.resourceManager.delete(uriInfo, id);
+ return this.resourceManager.delete(id);
}
@Path("/{id}")
diff --git a/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java b/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java
index 18e6243..790fd99 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java
@@ -389,9 +389,6 @@ public abstract class AbstractOAuth2IdentityProvider<C extends OAuth2IdentityPro
@Context
protected HttpHeaders headers;
- @Context
- protected UriInfo uriInfo;
-
public Endpoint(AuthenticationCallback callback, RealmModel realm, EventBuilder event) {
this.callback = callback;
this.realm = realm;
@@ -447,7 +444,7 @@ public abstract class AbstractOAuth2IdentityProvider<C extends OAuth2IdentityPro
.param(OAUTH2_PARAMETER_CODE, authorizationCode)
.param(OAUTH2_PARAMETER_CLIENT_ID, getConfig().getClientId())
.param(OAUTH2_PARAMETER_CLIENT_SECRET, getConfig().getClientSecret())
- .param(OAUTH2_PARAMETER_REDIRECT_URI, uriInfo.getAbsolutePath().toString())
+ .param(OAUTH2_PARAMETER_REDIRECT_URI, session.getContext().getUri().getAbsolutePath().toString())
.param(OAUTH2_PARAMETER_GRANT_TYPE, OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE);
}
}
diff --git a/services/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java b/services/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java
index 4e3d160..13bc812 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/KeycloakOIDCIdentityProvider.java
@@ -104,7 +104,7 @@ public class KeycloakOIDCIdentityProvider extends OIDCIdentityProvider {
&& userSession.getState() != UserSessionModel.State.LOGGING_OUT
&& userSession.getState() != UserSessionModel.State.LOGGED_OUT
) {
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, false);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, false);
}
}
diff --git a/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java b/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java
index 5251522..804ac23 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java
@@ -101,8 +101,7 @@ public class OIDCIdentityProvider extends AbstractOAuth2IdentityProvider<OIDCIde
@GET
@Path("logout_response")
- public Response logoutResponse(@Context UriInfo uriInfo,
- @QueryParam("state") String state) {
+ public Response logoutResponse(@QueryParam("state") String state) {
UserSessionModel userSession = session.sessions().getUserSession(realm, state);
if (userSession == null) {
logger.error("no valid user session");
@@ -118,7 +117,7 @@ public class OIDCIdentityProvider extends AbstractOAuth2IdentityProvider<OIDCIde
event.error(Errors.USER_SESSION_NOT_FOUND);
return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.SESSION_NOT_ACTIVE);
}
- return AuthenticationManager.finishBrowserLogout(session, realm, userSession, uriInfo, clientConnection, headers);
+ return AuthenticationManager.finishBrowserLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers);
}
}
diff --git a/services/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java b/services/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java
index c8b8cd4..f6cb9f1 100755
--- a/services/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java
+++ b/services/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java
@@ -113,9 +113,6 @@ public class SAMLEndpoint {
protected SAMLIdentityProvider provider;
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
@Context
@@ -136,7 +133,7 @@ public class SAMLEndpoint {
@NoCache
@Path("descriptor")
public Response getSPDescriptor() {
- return provider.export(uriInfo, realm, null);
+ return provider.export(session.getContext().getUri(), realm, null);
}
@GET
@@ -181,7 +178,7 @@ public class SAMLEndpoint {
protected abstract class Binding {
private boolean checkSsl() {
- if (uriInfo.getBaseUri().getScheme().equals("https")) {
+ if (session.getContext().getUri().getBaseUri().getScheme().equals("https")) {
return true;
} else {
return !realm.getSslRequired().isRequired(clientConnection);
@@ -213,7 +210,7 @@ public class SAMLEndpoint {
protected abstract void verifySignature(String key, SAMLDocumentHolder documentHolder) throws VerificationException;
protected abstract SAMLDocumentHolder extractRequestDocument(String samlRequest);
protected abstract SAMLDocumentHolder extractResponseDocument(String response);
-
+
protected KeyLocator getIDPKeyLocator() {
List<Key> keys = new LinkedList<>();
@@ -241,7 +238,7 @@ public class SAMLEndpoint {
SAMLDocumentHolder holder = extractRequestDocument(samlRequest);
RequestAbstractType requestAbstractType = (RequestAbstractType) holder.getSamlObject();
// validate destination
- if (requestAbstractType.getDestination() != null && !uriInfo.getAbsolutePath().equals(requestAbstractType.getDestination())) {
+ if (requestAbstractType.getDestination() != null && !session.getContext().getUri().getAbsolutePath().equals(requestAbstractType.getDestination())) {
event.event(EventType.IDENTITY_PROVIDER_RESPONSE);
event.detail(Details.REASON, "invalid_destination");
event.error(Errors.INVALID_SAML_RESPONSE);
@@ -280,7 +277,7 @@ public class SAMLEndpoint {
continue;
}
try {
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, false);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, false);
} catch (Exception e) {
logger.warn("failed to do backchannel logout for userSession", e);
}
@@ -295,7 +292,7 @@ public class SAMLEndpoint {
continue;
}
try {
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, false);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, false);
} catch (Exception e) {
logger.warn("failed to do backchannel logout for userSession", e);
}
@@ -303,7 +300,7 @@ public class SAMLEndpoint {
}
}
- String issuerURL = getEntityId(uriInfo, realm);
+ String issuerURL = getEntityId(session.getContext().getUri(), realm);
SAML2LogoutResponseBuilder builder = new SAML2LogoutResponseBuilder();
builder.logoutRequestID(request.getID());
builder.destination(config.getSingleLogoutServiceUrl());
@@ -340,7 +337,7 @@ public class SAMLEndpoint {
private String getEntityId(UriInfo uriInfo, RealmModel realm) {
return UriBuilder.fromUri(uriInfo.getBaseUri()).path("realms").path(realm.getName()).build().toString();
}
-
+
protected Response handleLoginResponse(String samlResponse, SAMLDocumentHolder holder, ResponseType responseType, String relayState, String clientId) {
try {
@@ -459,7 +456,7 @@ public class SAMLEndpoint {
SAMLDocumentHolder holder = extractResponseDocument(samlResponse);
StatusResponseType statusResponse = (StatusResponseType)holder.getSamlObject();
// validate destination
- if (statusResponse.getDestination() != null && !uriInfo.getAbsolutePath().toString().equals(statusResponse.getDestination())) {
+ if (statusResponse.getDestination() != null && !session.getContext().getUri().getAbsolutePath().toString().equals(statusResponse.getDestination())) {
event.event(EventType.IDENTITY_PROVIDER_RESPONSE);
event.detail(Details.REASON, "invalid_destination");
event.error(Errors.INVALID_SAML_RESPONSE);
@@ -506,7 +503,7 @@ public class SAMLEndpoint {
event.error(Errors.USER_SESSION_NOT_FOUND);
return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.SESSION_NOT_ACTIVE);
}
- return AuthenticationManager.finishBrowserLogout(session, realm, userSession, uriInfo, clientConnection, headers);
+ return AuthenticationManager.finishBrowserLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers);
}
@@ -552,7 +549,7 @@ public class SAMLEndpoint {
@Override
protected void verifySignature(String key, SAMLDocumentHolder documentHolder) throws VerificationException {
KeyLocator locator = getIDPKeyLocator();
- SamlProtocolUtils.verifyRedirectSignature(documentHolder, locator, uriInfo, key);
+ SamlProtocolUtils.verifyRedirectSignature(documentHolder, locator, session.getContext().getUri(), key);
}
diff --git a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
index 518d487..3b3a769 100755
--- a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
+++ b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
@@ -62,8 +62,6 @@ public abstract class AuthorizationEndpointBase {
protected AuthenticationManager authManager;
@Context
- protected UriInfo uriInfo;
- @Context
protected HttpHeaders headers;
@Context
protected HttpRequest httpRequest;
@@ -87,7 +85,7 @@ public abstract class AuthorizationEndpointBase {
.setEventBuilder(event)
.setRealm(realm)
.setSession(session)
- .setUriInfo(uriInfo)
+ .setUriInfo(session.getContext().getUri())
.setRequest(httpRequest);
authSession.setAuthNote(AuthenticationProcessor.CURRENT_FLOW_PATH, flowPath);
@@ -136,7 +134,7 @@ public abstract class AuthorizationEndpointBase {
return processor.finishAuthentication(protocol);
} else {
try {
- RestartLoginCookie.setRestartCookie(session, realm, clientConnection, uriInfo, authSession);
+ RestartLoginCookie.setRestartCookie(session, realm, clientConnection, session.getContext().getUri(), authSession);
if (redirectToAuthentication) {
return processor.redirectToFlow();
}
@@ -152,7 +150,7 @@ public abstract class AuthorizationEndpointBase {
}
protected void checkSsl() {
- if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
+ if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
event.error(Errors.SSL_REQUIRED);
throw new ErrorPageException(session, Response.Status.BAD_REQUEST, Messages.HTTPS_REQUIRED);
}
diff --git a/services/src/main/java/org/keycloak/protocol/docker/DockerEndpoint.java b/services/src/main/java/org/keycloak/protocol/docker/DockerEndpoint.java
index 6ed777d..ec86d78 100644
--- a/services/src/main/java/org/keycloak/protocol/docker/DockerEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/docker/DockerEndpoint.java
@@ -43,7 +43,7 @@ public class DockerEndpoint extends AuthorizationEndpointBase {
public Response build() {
ProfileHelper.requireFeature(Profile.Feature.DOCKER);
- final MultivaluedMap<String, String> params = uriInfo.getQueryParameters();
+ final MultivaluedMap<String, String> params = session.getContext().getUri().getQueryParameters();
account = params.getFirst(DockerAuthV2Protocol.ACCOUNT_PARAM);
if (account == null) {
@@ -72,7 +72,7 @@ public class DockerEndpoint extends AuthorizationEndpointBase {
// So back button doesn't work
CacheControlUtil.noBackButtonCacheControlHeader();
- return handleBrowserAuthenticationRequest(authenticationSession, new DockerAuthV2Protocol(session, realm, uriInfo, headers, event.event(login)), false, false);
+ return handleBrowserAuthenticationRequest(authenticationSession, new DockerAuthV2Protocol(session, realm, session.getContext().getUri(), headers, event.event(login)), false, false);
}
private void updateAuthenticationSession() {
@@ -83,7 +83,7 @@ public class DockerEndpoint extends AuthorizationEndpointBase {
authenticationSession.setClientNote(DockerAuthV2Protocol.ACCOUNT_PARAM, account);
authenticationSession.setClientNote(DockerAuthV2Protocol.SERVICE_PARAM, service);
authenticationSession.setClientNote(DockerAuthV2Protocol.SCOPE_PARAM, scope);
- authenticationSession.setClientNote(DockerAuthV2Protocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ authenticationSession.setClientNote(DockerAuthV2Protocol.ISSUER, Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
}
diff --git a/services/src/main/java/org/keycloak/protocol/docker/DockerV2LoginProtocolService.java b/services/src/main/java/org/keycloak/protocol/docker/DockerV2LoginProtocolService.java
index a0dad58..8bbcb0a 100644
--- a/services/src/main/java/org/keycloak/protocol/docker/DockerV2LoginProtocolService.java
+++ b/services/src/main/java/org/keycloak/protocol/docker/DockerV2LoginProtocolService.java
@@ -23,9 +23,6 @@ public class DockerV2LoginProtocolService {
private final EventBuilder event;
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
@Context
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
index c7fc511..4313b7b 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
@@ -105,7 +105,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
@GET
public Response buildGet() {
logger.trace("Processing @GET request");
- return process(uriInfo.getQueryParameters());
+ return process(session.getContext().getUri().getQueryParameters());
}
private Response process(MultivaluedMap<String, String> params) {
@@ -358,7 +358,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
event.detail(Details.REDIRECT_URI, redirectUriParam);
// redirect_uri parameter is required per OpenID Connect, but optional per OAuth2
- redirectUri = RedirectUtils.verifyRedirectUri(uriInfo, redirectUriParam, realm, client, isOIDCRequest);
+ redirectUri = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), redirectUriParam, realm, client, isOIDCRequest);
if (redirectUri == null) {
event.error(Errors.INVALID_REDIRECT_URI);
throw new ErrorPageException(session, authenticationSession, Response.Status.BAD_REQUEST, Messages.INVALID_PARAMETER, OIDCLoginProtocol.REDIRECT_URI_PARAM);
@@ -372,7 +372,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
authenticationSession.setAction(AuthenticationSessionModel.Action.AUTHENTICATE.name());
authenticationSession.setClientNote(OIDCLoginProtocol.RESPONSE_TYPE_PARAM, request.getResponseType());
authenticationSession.setClientNote(OIDCLoginProtocol.REDIRECT_URI_PARAM, request.getRedirectUriParam());
- authenticationSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ authenticationSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
if (request.getState() != null) authenticationSession.setClientNote(OIDCLoginProtocol.STATE_PARAM, request.getState());
if (request.getNonce() != null) authenticationSession.setClientNote(OIDCLoginProtocol.NONCE_PARAM, request.getNonce());
@@ -406,11 +406,11 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
this.event.event(EventType.LOGIN);
authenticationSession.setAuthNote(Details.AUTH_TYPE, CODE_AUTH_TYPE);
- return handleBrowserAuthenticationRequest(authenticationSession, new OIDCLoginProtocol(session, realm, uriInfo, headers, event), TokenUtil.hasPrompt(request.getPrompt(), OIDCLoginProtocol.PROMPT_VALUE_NONE), false);
+ return handleBrowserAuthenticationRequest(authenticationSession, new OIDCLoginProtocol(session, realm, session.getContext().getUri(), headers, event), TokenUtil.hasPrompt(request.getPrompt(), OIDCLoginProtocol.PROMPT_VALUE_NONE), false);
}
private Response buildRegister() {
- authManager.expireIdentityCookie(realm, uriInfo, clientConnection);
+ authManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
AuthenticationFlowModel flow = realm.getRegistrationFlow();
String flowId = flow.getId();
@@ -422,7 +422,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
}
private Response buildForgotCredential() {
- authManager.expireIdentityCookie(realm, uriInfo, clientConnection);
+ authManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
AuthenticationFlowModel flow = realm.getResetCredentialsFlow();
String flowId = flow.getId();
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
index 643eaeb..9dbb54f 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
@@ -48,7 +48,6 @@ import org.keycloak.util.TokenUtil;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
-import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
@@ -57,7 +56,6 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.core.UriInfo;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -77,9 +75,6 @@ public class LogoutEndpoint {
@Context
private HttpHeaders headers;
- @Context
- private UriInfo uriInfo;
-
private TokenManager tokenManager;
private RealmModel realm;
private EventBuilder event;
@@ -105,7 +100,7 @@ public class LogoutEndpoint {
String redirect = postLogoutRedirectUri != null ? postLogoutRedirectUri : redirectUri;
if (redirect != null) {
- String validatedUri = RedirectUtils.verifyRealmRedirectUri(uriInfo, redirect, realm);
+ String validatedUri = RedirectUtils.verifyRealmRedirectUri(session.getContext().getUri(), redirect, realm);
if (validatedUri == null) {
event.event(EventType.LOGOUT);
event.detail(Details.REDIRECT_URI, redirect);
@@ -135,12 +130,12 @@ public class LogoutEndpoint {
if (state != null) userSession.setNote(OIDCLoginProtocol.LOGOUT_STATE_PARAM, state);
userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, OIDCLoginProtocol.LOGIN_PROTOCOL);
logger.debug("Initiating OIDC browser logout");
- Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), uriInfo, clientConnection, headers);
+ Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers);
logger.debug("finishing OIDC browser logout");
return response;
} else if (userSession != null) { // non browser logout
event.event(EventType.LOGOUT);
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, true);
event.user(userSession.getUser()).session(userSession).success();
}
@@ -211,11 +206,11 @@ public class LogoutEndpoint {
}
}
- return Cors.add(request, Response.noContent()).auth().allowedOrigins(uriInfo, client).allowedMethods("POST").exposedHeaders(Cors.ACCESS_CONTROL_ALLOW_METHODS).build();
+ return Cors.add(request, Response.noContent()).auth().allowedOrigins(session.getContext().getUri(), client).allowedMethods("POST").exposedHeaders(Cors.ACCESS_CONTROL_ALLOW_METHODS).build();
}
private void logout(UserSessionModel userSession, boolean offline) {
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true, offline);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, true, offline);
event.user(userSession.getUser()).session(userSession).success();
}
@@ -230,7 +225,7 @@ public class LogoutEndpoint {
}
private void checkSsl() {
- if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
+ if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
throw new ErrorResponseException("invalid_request", "HTTPS required", Response.Status.FORBIDDEN);
}
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
index 9054ce0..762dc55 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
@@ -99,7 +99,6 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import javax.ws.rs.core.UriInfo;
import java.util.List;
import java.util.Map;
@@ -139,9 +138,6 @@ public class TokenEndpoint {
private HttpHeaders headers;
@Context
- private UriInfo uriInfo;
-
- @Context
private ClientConnection clientConnection;
private final TokenManager tokenManager;
@@ -211,7 +207,7 @@ public class TokenEndpoint {
}
private void checkSsl() {
- if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
+ if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
throw new CorsErrorResponseException(cors.allowAllOrigins(), OAuthErrorException.INVALID_REQUEST, "HTTPS required", Response.Status.FORBIDDEN);
}
}
@@ -227,7 +223,7 @@ public class TokenEndpoint {
client = clientAuth.getClient();
clientAuthAttributes = clientAuth.getClientAuthAttributes();
- cors.allowedOrigins(uriInfo, client);
+ cors.allowedOrigins(session.getContext().getUri(), client);
if (client.isBearerOnly()) {
throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_CLIENT, "Bearer-only not allowed", Response.Status.BAD_REQUEST);
@@ -452,7 +448,7 @@ public class TokenEndpoint {
AccessTokenResponse res;
try {
// KEYCLOAK-6771 Certificate Bound Token
- TokenManager.RefreshResult result = tokenManager.refreshAccessToken(session, uriInfo, clientConnection, realm, client, refreshToken, event, headers, request);
+ TokenManager.RefreshResult result = tokenManager.refreshAccessToken(session, session.getContext().getUri(), clientConnection, realm, client, refreshToken, event, headers, request);
res = result.getResponse();
if (!result.isOfflineToken()) {
@@ -530,7 +526,7 @@ public class TokenEndpoint {
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
authSession.setAction(AuthenticatedClientSessionModel.Action.AUTHENTICATE.name());
- authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scope);
AuthenticationFlowModel flow = AuthenticationFlowResolver.resolveDirectGrantFlow(authSession);
@@ -542,7 +538,7 @@ public class TokenEndpoint {
.setEventBuilder(event)
.setRealm(realm)
.setSession(session)
- .setUriInfo(uriInfo)
+ .setUriInfo(session.getContext().getUri())
.setRequest(request);
Response challenge = processor.authenticateOnly();
if (challenge != null) {
@@ -619,7 +615,7 @@ public class TokenEndpoint {
authSession.setAuthenticatedUser(clientUser);
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
- authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scope);
UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, clientUser, clientUsername,
@@ -665,7 +661,7 @@ public class TokenEndpoint {
String subjectToken = formParams.getFirst(OAuth2Constants.SUBJECT_TOKEN);
if (subjectToken != null) {
String subjectTokenType = formParams.getFirst(OAuth2Constants.SUBJECT_TOKEN_TYPE);
- String realmIssuerUrl = Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName());
+ String realmIssuerUrl = Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName());
String subjectIssuer = formParams.getFirst(OAuth2Constants.SUBJECT_ISSUER);
if (subjectIssuer == null && OAuth2Constants.JWT_TOKEN_TYPE.equals(subjectTokenType)) {
@@ -694,7 +690,7 @@ public class TokenEndpoint {
}
- AuthenticationManager.AuthResult authResult = AuthenticationManager.verifyIdentityToken(session, realm, uriInfo, clientConnection, true, true, false, subjectToken, headers);
+ AuthenticationManager.AuthResult authResult = AuthenticationManager.verifyIdentityToken(session, realm, session.getContext().getUri(), clientConnection, true, true, false, subjectToken, headers);
if (authResult == null) {
event.detail(Details.REASON, "subject_token validation failure");
event.error(Errors.INVALID_TOKEN);
@@ -791,7 +787,7 @@ public class TokenEndpoint {
event.error(Errors.NOT_ALLOWED);
throw new CorsErrorResponseException(cors, OAuthErrorException.ACCESS_DENIED, "Client not allowed to exchange", Response.Status.FORBIDDEN);
}
- Response response = ((ExchangeTokenToIdentityProviderToken)provider).exchangeFromToken(uriInfo, event, client, targetUserSession, targetUser, formParams);
+ Response response = ((ExchangeTokenToIdentityProviderToken)provider).exchangeFromToken(session.getContext().getUri(), event, client, targetUserSession, targetUser, formParams);
return cors.builder(Response.fromResponse(response)).build();
}
@@ -838,7 +834,7 @@ public class TokenEndpoint {
authSession.setAuthenticatedUser(targetUser);
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
- authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scope);
event.session(targetUserSession);
@@ -1044,7 +1040,7 @@ public class TokenEndpoint {
session.getContext().setClient(client);
- cors.allowedOrigins(uriInfo, client);
+ cors.allowedOrigins(session.getContext().getUri(), client);
}
String claimToken = null;
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java
index f6c59c8..80d8ccd 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java
@@ -57,9 +57,6 @@ public class TokenIntrospectionEndpoint {
private HttpHeaders headers;
@Context
- private UriInfo uriInfo;
-
- @Context
private ClientConnection clientConnection;
private final RealmModel realm;
@@ -130,7 +127,7 @@ public class TokenIntrospectionEndpoint {
}
private void checkSsl() {
- if (!uriInfo.getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
+ if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(clientConnection)) {
throw new ErrorResponseException("invalid_request", "HTTPS required", Status.FORBIDDEN);
}
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java
index df4c685..d681b3b 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java
@@ -45,8 +45,8 @@ import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.UserSessionCrossDCManager;
import org.keycloak.services.resources.Cors;
-import org.keycloak.services.util.MtlsHoKTokenUtil;
import org.keycloak.services.util.DefaultClientSessionContext;
+import org.keycloak.services.util.MtlsHoKTokenUtil;
import org.keycloak.utils.MediaType;
import javax.ws.rs.GET;
@@ -56,11 +56,9 @@ import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.security.PrivateKey;
import java.util.HashMap;
import java.util.Map;
-import java.util.Set;
/**
* @author pedroigor
@@ -74,9 +72,6 @@ public class UserInfoEndpoint {
private HttpResponse response;
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
@Context
@@ -135,7 +130,7 @@ public class UserInfoEndpoint {
AccessToken token = null;
try {
RSATokenVerifier verifier = RSATokenVerifier.create(tokenString)
- .realmUrl(Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ .realmUrl(Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
String kid = verifier.getHeader().getKeyId();
verifier.publicKey(session.keys().getRsaPublicKey(realm, kid));
token = verifier.verify().getToken();
@@ -194,7 +189,7 @@ public class UserInfoEndpoint {
OIDCAdvancedConfigWrapper cfg = OIDCAdvancedConfigWrapper.fromClientModel(clientModel);
if (cfg.isUserInfoSignatureRequired()) {
- String issuerUrl = Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName());
+ String issuerUrl = Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName());
String audience = clientModel.getClientId();
claims.put("iss", issuerUrl);
claims.put("aud", audience);
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
index c1952a5..8e2784f 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
@@ -67,9 +67,6 @@ public class OIDCLoginProtocolService {
private EventBuilder event;
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
@Context
@@ -244,8 +241,8 @@ public class OIDCLoginProtocolService {
@GET
@Path("delegated")
public Response kcinitBrowserLoginComplete(@QueryParam("error") boolean error) {
- AuthenticationManager.expireIdentityCookie(realm, uriInfo, clientConnection);
- AuthenticationManager.expireRememberMeCookie(realm, uriInfo, clientConnection);
+ AuthenticationManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
+ AuthenticationManager.expireRememberMeCookie(realm, session.getContext().getUri(), clientConnection);
if (error) {
LoginFormsProvider forms = session.getProvider(LoginFormsProvider.class);
return forms
diff --git a/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java b/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java
index 56b804b..3a1ae98 100755
--- a/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java
+++ b/services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java
@@ -70,7 +70,7 @@ public class SamlEcpProfileService extends SamlService {
protected Response loginRequest(String relayState, AuthnRequestType requestAbstractType, ClientModel client) {
// force passive authentication when executing this profile
requestAbstractType.setIsPassive(true);
- requestAbstractType.setDestination(uriInfo.getAbsolutePath());
+ requestAbstractType.setDestination(session.getContext().getUri().getAbsolutePath());
return super.loginRequest(relayState, requestAbstractType, client);
}
}.execute(Soap.toSamlHttpPostMessage(inputStream), null, null);
@@ -143,7 +143,7 @@ public class SamlEcpProfileService extends SamlService {
protected Response buildLogoutResponse(UserSessionModel userSession, String logoutBindingUri, SAML2LogoutResponseBuilder builder, JaxrsSAML2BindingBuilder binding) throws ConfigurationException, ProcessingException, IOException {
return Soap.createFault().reason("Logout not supported.").build();
}
- }.setEventBuilder(event).setHttpHeaders(headers).setRealm(realm).setSession(session).setUriInfo(uriInfo);
+ }.setEventBuilder(event).setHttpHeaders(headers).setRealm(realm).setSession(session).setUriInfo(session.getContext().getUri());
}
@Override
diff --git a/services/src/main/java/org/keycloak/protocol/saml/SamlService.java b/services/src/main/java/org/keycloak/protocol/saml/SamlService.java
index b98727c..d3da176 100755
--- a/services/src/main/java/org/keycloak/protocol/saml/SamlService.java
+++ b/services/src/main/java/org/keycloak/protocol/saml/SamlService.java
@@ -147,7 +147,7 @@ public class SamlService extends AuthorizationEndpointBase {
StatusResponseType statusResponse = (StatusResponseType) holder.getSamlObject();
// validate destination
- if (statusResponse.getDestination() != null && !uriInfo.getAbsolutePath().toString().equals(statusResponse.getDestination())) {
+ if (statusResponse.getDestination() != null && !session.getContext().getUri().getAbsolutePath().toString().equals(statusResponse.getDestination())) {
event.detail(Details.REASON, "invalid_destination");
event.error(Errors.INVALID_SAML_LOGOUT_RESPONSE);
return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.INVALID_REQUEST);
@@ -179,7 +179,7 @@ public class SamlService extends AuthorizationEndpointBase {
}
session.getContext().setClient(client);
logger.debug("logout response");
- Response response = authManager.browserLogout(session, realm, userSession, uriInfo, clientConnection, headers);
+ Response response = authManager.browserLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers);
event.success();
return response;
}
@@ -283,7 +283,7 @@ public class SamlService extends AuthorizationEndpointBase {
String redirect;
URI redirectUri = requestAbstractType.getAssertionConsumerServiceURL();
if (redirectUri != null && ! "null".equals(redirectUri.toString())) { // "null" is for testing purposes
- redirect = RedirectUtils.verifyRedirectUri(uriInfo, redirectUri.toString(), realm, client);
+ redirect = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), redirectUri.toString(), realm, client);
} else {
if (bindingType.equals(SamlProtocol.SAML_POST_BINDING)) {
redirect = client.getAttribute(SamlProtocol.SAML_ASSERTION_CONSUMER_URL_POST_ATTRIBUTE);
@@ -386,12 +386,12 @@ public class SamlService extends AuthorizationEndpointBase {
AuthenticationManager.AuthResult authResult = authManager.authenticateIdentityCookie(session, realm, false);
if (authResult != null) {
String logoutBinding = getBindingType();
- String postBindingUri = SamlProtocol.getLogoutServiceUrl(uriInfo, client, SamlProtocol.SAML_POST_BINDING);
+ String postBindingUri = SamlProtocol.getLogoutServiceUrl(session.getContext().getUri(), client, SamlProtocol.SAML_POST_BINDING);
if (samlClient.forcePostBinding() && postBindingUri != null && ! postBindingUri.trim().isEmpty())
logoutBinding = SamlProtocol.SAML_POST_BINDING;
boolean postBinding = Objects.equals(SamlProtocol.SAML_POST_BINDING, logoutBinding);
- String bindingUri = SamlProtocol.getLogoutServiceUrl(uriInfo, client, logoutBinding);
+ String bindingUri = SamlProtocol.getLogoutServiceUrl(session.getContext().getUri(), client, logoutBinding);
UserSessionModel userSession = authResult.getSession();
userSession.setNote(SamlProtocol.SAML_LOGOUT_BINDING_URI, bindingUri);
if (samlClient.requiresRealmSignature()) {
@@ -412,7 +412,7 @@ public class SamlService extends AuthorizationEndpointBase {
clientSession.setAction(AuthenticationSessionModel.Action.LOGGED_OUT.name());
}
logger.debug("browser Logout");
- return authManager.browserLogout(session, realm, userSession, uriInfo, clientConnection, headers);
+ return authManager.browserLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers);
} else if (logoutRequest.getSessionIndex() != null) {
for (String sessionIndex : logoutRequest.getSessionIndex()) {
@@ -426,7 +426,7 @@ public class SamlService extends AuthorizationEndpointBase {
}
try {
- authManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
+ authManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, true);
} catch (Exception e) {
logger.warn("Failure with backchannel logout", e);
}
@@ -438,12 +438,12 @@ public class SamlService extends AuthorizationEndpointBase {
// default
String logoutBinding = getBindingType();
- String logoutBindingUri = SamlProtocol.getLogoutServiceUrl(uriInfo, client, logoutBinding);
+ String logoutBindingUri = SamlProtocol.getLogoutServiceUrl(session.getContext().getUri(), client, logoutBinding);
String logoutRelayState = relayState;
SAML2LogoutResponseBuilder builder = new SAML2LogoutResponseBuilder();
builder.logoutRequestID(logoutRequest.getID());
builder.destination(logoutBindingUri);
- builder.issuer(RealmsResource.realmBaseUrl(uriInfo).build(realm.getName()).toString());
+ builder.issuer(RealmsResource.realmBaseUrl(session.getContext().getUri()).build(realm.getName()).toString());
JaxrsSAML2BindingBuilder binding = new JaxrsSAML2BindingBuilder().relayState(logoutRelayState);
boolean postBinding = SamlProtocol.SAML_POST_BINDING.equals(logoutBinding);
if (samlClient.requiresRealmSignature()) {
@@ -466,7 +466,7 @@ public class SamlService extends AuthorizationEndpointBase {
}
private boolean checkSsl() {
- if (uriInfo.getBaseUri().getScheme().equals("https")) {
+ if (session.getContext().getUri().getBaseUri().getScheme().equals("https")) {
return true;
} else {
return !realm.getSslRequired().isRequired(clientConnection);
@@ -518,7 +518,7 @@ public class SamlService extends AuthorizationEndpointBase {
}
PublicKey publicKey = SamlProtocolUtils.getSignatureValidationKey(client);
KeyLocator clientKeyLocator = new HardcodedKeyLocator(publicKey);
- SamlProtocolUtils.verifyRedirectSignature(documentHolder, clientKeyLocator, uriInfo, GeneralConstants.SAML_REQUEST_KEY);
+ SamlProtocolUtils.verifyRedirectSignature(documentHolder, clientKeyLocator, session.getContext().getUri(), GeneralConstants.SAML_REQUEST_KEY);
}
@Override
@@ -539,7 +539,7 @@ public class SamlService extends AuthorizationEndpointBase {
}
protected Response newBrowserAuthentication(AuthenticationSessionModel authSession, boolean isPassive, boolean redirectToAuthentication) {
- SamlProtocol samlProtocol = new SamlProtocol().setEventBuilder(event).setHttpHeaders(headers).setRealm(realm).setSession(session).setUriInfo(uriInfo);
+ SamlProtocol samlProtocol = new SamlProtocol().setEventBuilder(event).setHttpHeaders(headers).setRealm(realm).setSession(session).setUriInfo(session.getContext().getUri());
return newBrowserAuthentication(authSession, isPassive, redirectToAuthentication, samlProtocol);
}
@@ -576,7 +576,7 @@ public class SamlService extends AuthorizationEndpointBase {
@Produces(MediaType.APPLICATION_XML)
@NoCache
public String getDescriptor() throws Exception {
- return getIDPMetadataDescriptor(uriInfo, session, realm);
+ return getIDPMetadataDescriptor(session.getContext().getUri(), session, realm);
}
@@ -708,7 +708,7 @@ public class SamlService extends AuthorizationEndpointBase {
return true; // destination is optional
}
- URI expected = uriInfo.getAbsolutePath();
+ URI expected = session.getContext().getUri().getAbsolutePath();
if (Objects.equals(expected, destination)) {
return true;
@@ -716,12 +716,12 @@ public class SamlService extends AuthorizationEndpointBase {
Integer portByScheme = knownPorts.get(expected.getScheme());
if (expected.getPort() < 0 && portByScheme != null) {
- return Objects.equals(uriInfo.getRequestUriBuilder().port(portByScheme).build(), destination);
+ return Objects.equals(session.getContext().getUri().getRequestUriBuilder().port(portByScheme).build(), destination);
}
String protocolByPort = knownProtocols.get(expected.getPort());
if (expected.getPort() >= 0 && Objects.equals(protocolByPort, expected.getScheme())) {
- return Objects.equals(uriInfo.getRequestUriBuilder().port(-1).build(), destination);
+ return Objects.equals(session.getContext().getUri().getRequestUriBuilder().port(-1).build(), destination);
}
return false;
diff --git a/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java b/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java
index 80ecdbd..68c9786 100644
--- a/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java
+++ b/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java
@@ -8,14 +8,12 @@ import org.keycloak.Config;
import org.keycloak.forms.login.freemarker.model.UrlBean;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakTransaction;
-import org.keycloak.models.KeycloakTransactionManager;
import org.keycloak.models.RealmModel;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.messages.Messages;
import org.keycloak.services.util.LocaleHelper;
import org.keycloak.theme.FreeMarkerUtil;
import org.keycloak.theme.Theme;
-import org.keycloak.theme.ThemeProvider;
import org.keycloak.theme.beans.LocaleBean;
import org.keycloak.theme.beans.MessageBean;
import org.keycloak.theme.beans.MessageFormatterMethod;
@@ -27,11 +25,13 @@ import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.ExceptionMapper;
import javax.ws.rs.ext.Provider;
import java.io.IOException;
-import java.util.*;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -43,9 +43,6 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
private static final Pattern realmNamePattern = Pattern.compile(".*/realms/([^/]+).*");
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
@Context
@@ -103,7 +100,7 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
}
private RealmModel resolveRealm() {
- String path = uriInfo.getPath();
+ String path = session.getContext().getUri().getPath();
Matcher m = realmNamePattern.matcher(path);
String realmName;
if(m.matches()) {
@@ -130,8 +127,8 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
attributes.put("statusCode", statusCode);
attributes.put("realm", realm);
- attributes.put("url", new UrlBean(realm, theme, uriInfo.getBaseUri(), null));
- attributes.put("locale", new LocaleBean(realm, locale, uriInfo.getBaseUriBuilder(), messagesBundle));
+ attributes.put("url", new UrlBean(realm, theme, session.getContext().getUri().getBaseUri(), null));
+ attributes.put("locale", new LocaleBean(realm, locale, session.getContext().getUri().getBaseUriBuilder(), messagesBundle));
String errorKey = statusCode == 404 ? Messages.PAGE_NOT_FOUND : Messages.INTERNAL_SERVER_ERROR;
diff --git a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
index 0f3a80b..b1918a7 100755
--- a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
@@ -23,28 +23,22 @@ import org.keycloak.AbstractOAuthClient;
import org.keycloak.OAuth2Constants;
import org.keycloak.OAuthErrorException;
import org.keycloak.common.ClientConnection;
-import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.forms.login.LoginFormsProvider;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.services.ForbiddenException;
import org.keycloak.services.managers.Auth;
-import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.messages.Messages;
-import org.keycloak.services.util.CookieHelper;
import org.keycloak.util.TokenUtil;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
-import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
@@ -65,8 +59,6 @@ public abstract class AbstractSecuredLocalService {
protected RealmModel realm;
@Context
- protected UriInfo uriInfo;
- @Context
protected HttpHeaders headers;
@Context
protected ClientConnection clientConnection;
@@ -139,7 +131,7 @@ public abstract class AbstractSecuredLocalService {
protected Response login(String path) {
OAuthRedirect oauth = new OAuthRedirect();
- String authUrl = OIDCLoginProtocolService.authUrl(uriInfo).build(realm.getName()).toString();
+ String authUrl = OIDCLoginProtocolService.authUrl(session.getContext().getUri()).build(realm.getName()).toString();
oauth.setAuthUrl(authUrl);
oauth.setClientId(client.getClientId());
@@ -152,12 +144,12 @@ public abstract class AbstractSecuredLocalService {
uriBuilder.queryParam("path", path);
}
- String referrer = uriInfo.getQueryParameters().getFirst("referrer");
+ String referrer = session.getContext().getUri().getQueryParameters().getFirst("referrer");
if (referrer != null) {
uriBuilder.queryParam("referrer", referrer);
}
- String referrerUri = uriInfo.getQueryParameters().getFirst("referrer_uri");
+ String referrerUri = session.getContext().getUri().getQueryParameters().getFirst("referrer_uri");
if (referrerUri != null) {
uriBuilder.queryParam("referrer_uri", referrerUri);
}
@@ -165,7 +157,7 @@ public abstract class AbstractSecuredLocalService {
URI accountUri = uriBuilder.build(realm.getName());
oauth.setStateCookiePath(accountUri.getRawPath());
- return oauth.redirect(uriInfo, accountUri.toString());
+ return oauth.redirect(session.getContext().getUri(), accountUri.toString());
}
static class OAuthRedirect extends AbstractOAuthClient {
diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
index 43ddc4a..d332fb7 100644
--- a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
@@ -1,25 +1,40 @@
package org.keycloak.services.resources.account;
+import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
+import org.keycloak.common.Profile;
import org.keycloak.common.Version;
-import org.keycloak.models.*;
+import org.keycloak.events.EventStoreProvider;
+import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.protocol.oidc.utils.RedirectUtils;
import org.keycloak.services.Urls;
+import org.keycloak.services.managers.AppAuthManager;
+import org.keycloak.services.managers.Auth;
+import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.ClientManager;
+import org.keycloak.services.managers.RealmManager;
+import org.keycloak.services.util.LocaleHelper;
+import org.keycloak.services.util.ResolveRelative;
+import org.keycloak.services.validation.Validation;
import org.keycloak.theme.BrowserSecurityHeaderSetup;
import org.keycloak.theme.FreeMarkerException;
import org.keycloak.theme.FreeMarkerUtil;
import org.keycloak.theme.Theme;
+import org.keycloak.theme.beans.MessageFormatterMethod;
import org.keycloak.utils.MediaType;
+import javax.json.Json;
+import javax.json.JsonObjectBuilder;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.io.IOException;
-import java.io.StringWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashMap;
@@ -28,23 +43,6 @@ import java.util.Map;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
-import javax.json.Json;
-import javax.json.JsonObjectBuilder;
-import javax.json.JsonWriter;
-import org.jboss.logging.Logger;
-import org.keycloak.common.Profile;
-import org.keycloak.events.EventStoreProvider;
-import org.keycloak.forms.account.freemarker.model.FeaturesBean;
-import org.keycloak.models.ClientModel;
-import org.keycloak.protocol.oidc.utils.RedirectUtils;
-import org.keycloak.services.managers.RealmManager;
-import org.keycloak.services.managers.AppAuthManager;
-import org.keycloak.services.managers.Auth;
-import org.keycloak.services.managers.AuthenticationManager;
-import org.keycloak.services.util.LocaleHelper;
-import org.keycloak.services.util.ResolveRelative;
-import org.keycloak.services.validation.Validation;
-import org.keycloak.theme.beans.MessageFormatterMethod;
/**
* Created by st on 29/03/17.
@@ -56,9 +54,7 @@ public class AccountConsole {
@Context
protected KeycloakSession session;
- @Context
- protected UriInfo uriInfo;
-
+
private final AppAuthManager authManager;
private final RealmModel realm;
private final ClientModel client;
@@ -83,12 +79,12 @@ public class AccountConsole {
@GET
@NoCache
public Response getMainPage() throws URISyntaxException, IOException, FreeMarkerException {
- if (!uriInfo.getRequestUri().getPath().endsWith("/")) {
- return Response.status(302).location(uriInfo.getRequestUriBuilder().path("/").build()).build();
+ if (!session.getContext().getUri().getRequestUri().getPath().endsWith("/")) {
+ return Response.status(302).location(session.getContext().getUri().getRequestUriBuilder().path("/").build()).build();
} else {
Map<String, Object> map = new HashMap<>();
- URI baseUri = uriInfo.getBaseUri();
+ URI baseUri = session.getContext().getUri().getBaseUri();
map.put("authUrl", session.getContext().getContextPath());
map.put("baseUrl", session.getContext().getContextPath() + "/realms/" + realm.getName() + "/account");
@@ -189,19 +185,19 @@ public class AccountConsole {
// TODO: took this code from elsewhere - refactor
private String[] getReferrer() {
- String referrer = uriInfo.getQueryParameters().getFirst("referrer");
+ String referrer = session.getContext().getUri().getQueryParameters().getFirst("referrer");
if (referrer == null) {
return null;
}
- String referrerUri = uriInfo.getQueryParameters().getFirst("referrer_uri");
+ String referrerUri = session.getContext().getUri().getQueryParameters().getFirst("referrer_uri");
ClientModel referrerClient = realm.getClientByClientId(referrer);
if (referrerClient != null) {
if (referrerUri != null) {
- referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient);
+ referrerUri = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), referrerUri, realm, referrerClient);
} else {
- referrerUri = ResolveRelative.resolveRelativeUri(uriInfo.getRequestUri(), client.getRootUrl(), referrerClient.getBaseUrl());
+ referrerUri = ResolveRelative.resolveRelativeUri(session.getContext().getUri().getRequestUri(), client.getRootUrl(), referrerClient.getBaseUrl());
}
if (referrerUri != null) {
@@ -214,7 +210,7 @@ public class AccountConsole {
} else if (referrerUri != null) {
referrerClient = realm.getClientByClientId(referrer);
if (client != null) {
- referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient);
+ referrerUri = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), referrerUri, realm, referrerClient);
if (referrerUri != null) {
return new String[]{referrer, referrerUri};
diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java b/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java
index 1355614..c27c387 100755
--- a/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java
+++ b/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java
@@ -17,7 +17,6 @@
package org.keycloak.services.resources.account;
import org.jboss.logging.Logger;
-import org.keycloak.authentication.RequiredActionContext;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.model.PermissionTicket;
import org.keycloak.authorization.model.Policy;
@@ -54,7 +53,6 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.utils.CredentialValidation;
import org.keycloak.models.utils.FormMessage;
-import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.protocol.oidc.utils.RedirectUtils;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.ForbiddenException;
@@ -72,18 +70,23 @@ import org.keycloak.services.resources.RealmsResource;
import org.keycloak.services.util.ResolveRelative;
import org.keycloak.services.validation.Validation;
import org.keycloak.sessions.AuthenticationSessionModel;
-import org.keycloak.sessions.RootAuthenticationSessionModel;
import org.keycloak.storage.ReadOnlyException;
import org.keycloak.util.JsonSerialization;
-import javax.ws.rs.*;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.FormParam;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
-
import java.io.IOException;
import java.lang.reflect.Method;
import java.net.URI;
@@ -133,7 +136,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
public void init() {
eventStore = session.getProvider(EventStoreProvider.class);
- account = session.getProvider(AccountProvider.class).setRealm(realm).setUriInfo(uriInfo).setHttpHeaders(headers);
+ account = session.getProvider(AccountProvider.class).setRealm(realm).setUriInfo(session.getContext().getUri()).setHttpHeaders(headers);
AuthenticationManager.AuthResult authResult = authManager.authenticateIdentityCookie(session, realm);
if (authResult != null) {
@@ -142,7 +145,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
account.setStateChecker(stateChecker);
}
- String requestOrigin = UriUtils.getOrigin(uriInfo.getBaseUri());
+ String requestOrigin = UriUtils.getOrigin(session.getContext().getUri().getBaseUri());
String origin = headers.getRequestHeaders().getFirst("Origin");
if (origin != null && !requestOrigin.equals(origin)) {
@@ -245,7 +248,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
@Path("totp")
@GET
public Response totpPage() {
- account.setAttribute("mode", uriInfo.getQueryParameters().getFirst("mode"));
+ account.setAttribute("mode", session.getContext().getUri().getQueryParameters().getFirst("mode"));
return forwardToPage("totp", AccountPages.TOTP);
}
@@ -383,11 +386,11 @@ public class AccountFormService extends AbstractSecuredLocalService {
List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
for (UserSessionModel userSession : userSessions) {
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, true);
}
- UriBuilder builder = Urls.accountBase(uriInfo.getBaseUri()).path(AccountFormService.class, "sessionsPage");
- String referrer = uriInfo.getQueryParameters().getFirst("referrer");
+ UriBuilder builder = Urls.accountBase(session.getContext().getUri().getBaseUri()).path(AccountFormService.class, "sessionsPage");
+ String referrer = session.getContext().getUri().getQueryParameters().getFirst("referrer");
if (referrer != null) {
builder.queryParam("referrer", referrer);
@@ -422,13 +425,13 @@ public class AccountFormService extends AbstractSecuredLocalService {
new UserSessionManager(session).revokeOfflineToken(user, client);
// Logout clientSessions for this user and client
- AuthenticationManager.backchannelLogoutUserFromClient(session, realm, user, client, uriInfo, headers);
+ AuthenticationManager.backchannelLogoutUserFromClient(session, realm, user, client, session.getContext().getUri(), headers);
event.event(EventType.REVOKE_GRANT).client(auth.getClient()).user(auth.getUser()).detail(Details.REVOKED_CLIENT, client.getClientId()).success();
setReferrerOnPage();
- UriBuilder builder = Urls.accountBase(uriInfo.getBaseUri()).path(AccountFormService.class, "applicationsPage");
- String referrer = uriInfo.getQueryParameters().getFirst("referrer");
+ UriBuilder builder = Urls.accountBase(session.getContext().getUri().getBaseUri()).path(AccountFormService.class, "applicationsPage");
+ String referrer = session.getContext().getUri().getQueryParameters().getFirst("referrer");
if (referrer != null) {
builder.queryParam("referrer", referrer);
@@ -458,7 +461,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
auth.require(AccountRoles.MANAGE_ACCOUNT);
- account.setAttribute("mode", uriInfo.getQueryParameters().getFirst("mode"));
+ account.setAttribute("mode", session.getContext().getUri().getQueryParameters().getFirst("mode"));
String action = formData.getFirst("submitAction");
if (action != null && action.equals("Cancel")) {
@@ -591,7 +594,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user);
for (UserSessionModel s : sessions) {
if (!s.getId().equals(auth.getSession().getId())) {
- AuthenticationManager.backchannelLogout(session, realm, s, uriInfo, clientConnection, headers, true);
+ AuthenticationManager.backchannelLogout(session, realm, s, session.getContext().getUri(), clientConnection, headers, true);
}
}
@@ -646,7 +649,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
switch (accountSocialAction) {
case ADD:
- String redirectUri = UriBuilder.fromUri(Urls.accountFederatedIdentityPage(uriInfo.getBaseUri(), realm.getName())).build().toString();
+ String redirectUri = UriBuilder.fromUri(Urls.accountFederatedIdentityPage(session.getContext().getUri().getBaseUri(), realm.getName())).build().toString();
try {
String nonce = UUID.randomUUID().toString();
@@ -654,7 +657,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
String input = nonce + auth.getSession().getId() + client.getClientId() + providerId;
byte[] check = md.digest(input.getBytes(StandardCharsets.UTF_8));
String hash = Base64Url.encode(check);
- URI linkUrl = Urls.identityProviderLinkRequest(this.uriInfo.getBaseUri(), providerId, realm.getName());
+ URI linkUrl = Urls.identityProviderLinkRequest(this.session.getContext().getUri().getBaseUri(), providerId, realm.getName());
linkUrl = UriBuilder.fromUri(linkUrl)
.queryParam("nonce", nonce)
.queryParam("hash", hash)
@@ -936,7 +939,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
@Override
protected URI getBaseRedirectUri() {
- return Urls.accountBase(uriInfo.getBaseUri()).path("/").build(realm.getName());
+ return Urls.accountBase(session.getContext().getUri().getBaseUri()).path("/").build(realm.getName());
}
public static boolean isPasswordSet(KeycloakSession session, RealmModel realm, UserModel user) {
@@ -944,19 +947,19 @@ public class AccountFormService extends AbstractSecuredLocalService {
}
private String[] getReferrer() {
- String referrer = uriInfo.getQueryParameters().getFirst("referrer");
+ String referrer = session.getContext().getUri().getQueryParameters().getFirst("referrer");
if (referrer == null) {
return null;
}
- String referrerUri = uriInfo.getQueryParameters().getFirst("referrer_uri");
+ String referrerUri = session.getContext().getUri().getQueryParameters().getFirst("referrer_uri");
ClientModel referrerClient = realm.getClientByClientId(referrer);
if (referrerClient != null) {
if (referrerUri != null) {
- referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient);
+ referrerUri = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), referrerUri, realm, referrerClient);
} else {
- referrerUri = ResolveRelative.resolveRelativeUri(uriInfo.getRequestUri(), client.getRootUrl(), referrerClient.getBaseUrl());
+ referrerUri = ResolveRelative.resolveRelativeUri(session.getContext().getUri().getRequestUri(), client.getRootUrl(), referrerClient.getBaseUrl());
}
if (referrerUri != null) {
@@ -969,7 +972,7 @@ public class AccountFormService extends AbstractSecuredLocalService {
} else if (referrerUri != null) {
referrerClient = realm.getClientByClientId(referrer);
if (client != null) {
- referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient);
+ referrerUri = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), referrerUri, realm, referrerClient);
if (referrerUri != null) {
return new String[]{referrer, referrerUri};
diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java b/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
index 48e55ee..57b808c 100755
--- a/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
+++ b/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
@@ -35,6 +35,7 @@ import org.keycloak.representations.account.UserRepresentation;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.managers.Auth;
import org.keycloak.services.managers.AuthenticationManager;
+import org.keycloak.services.messages.Messages;
import org.keycloak.services.resources.Cors;
import org.keycloak.storage.ReadOnlyException;
@@ -50,11 +51,9 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
-import org.keycloak.services.messages.Messages;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -64,8 +63,6 @@ public class AccountRestService {
@Context
private HttpRequest request;
@Context
- protected UriInfo uriInfo;
- @Context
protected HttpHeaders headers;
@Context
protected ClientConnection clientConnection;
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
index f74a2a1..38c40d4 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
@@ -52,7 +52,6 @@ import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Providers;
import java.io.IOException;
import java.net.URI;
@@ -73,9 +72,6 @@ public class AdminConsole {
protected static final Logger logger = Logger.getLogger(AdminConsole.class);
@Context
- protected UriInfo uriInfo;
-
- @Context
protected ClientConnection clientConnection;
@Context
@@ -177,7 +173,7 @@ public class AdminConsole {
if (consoleApp == null) {
throw new NotFoundException("Could not find admin console client");
}
- return new ClientManager(new RealmManager(session)).toInstallationRepresentation(realm, consoleApp, keycloak.getBaseUri(uriInfo));
+ return new ClientManager(new RealmManager(session)).toInstallationRepresentation(realm, consoleApp, keycloak.getBaseUri(session.getContext().getUri()));
}
@@ -193,7 +189,7 @@ public class AdminConsole {
@NoCache
public Response whoAmI(final @Context HttpHeaders headers) {
RealmManager realmManager = new RealmManager(session);
- AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(session, realm, uriInfo, clientConnection, headers);
+ AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(session, realm, session.getContext().getUri(), clientConnection, headers);
if (authResult == null) {
return Response.status(401).build();
}
@@ -263,10 +259,10 @@ public class AdminConsole {
@GET
@NoCache
public Response logout() {
- URI redirect = AdminRoot.adminConsoleUrl(uriInfo).build(realm.getName());
+ URI redirect = AdminRoot.adminConsoleUrl(session.getContext().getUri()).build(realm.getName());
return Response.status(302).location(
- OIDCLoginProtocolService.logoutUrl(uriInfo).queryParam("redirect_uri", redirect.toString()).build(realm.getName())
+ OIDCLoginProtocolService.logoutUrl(session.getContext().getUri()).queryParam("redirect_uri", redirect.toString()).build(realm.getName())
).build();
}
@@ -283,14 +279,14 @@ public class AdminConsole {
@GET
@NoCache
public Response getMainPage() throws URISyntaxException, IOException, FreeMarkerException {
- if (!uriInfo.getRequestUri().getPath().endsWith("/")) {
- return Response.status(302).location(uriInfo.getRequestUriBuilder().path("/").build()).build();
+ if (!session.getContext().getUri().getRequestUri().getPath().endsWith("/")) {
+ return Response.status(302).location(session.getContext().getUri().getRequestUriBuilder().path("/").build()).build();
} else {
Theme theme = AdminRoot.getTheme(session, realm);
Map<String, Object> map = new HashMap<>();
- URI baseUri = uriInfo.getBaseUri();
+ URI baseUri = session.getContext().getUri().getBaseUri();
map.put("authUrl", session.getContext().getContextPath());
map.put("consoleBaseUrl", Urls.adminConsoleRoot(baseUri, realm.getName()).getPath());
@@ -310,7 +306,7 @@ public class AdminConsole {
@GET
@Path("{indexhtml: index.html}") // this expression is a hack to get around jaxdoclet generation bug. Doesn't like index.html
public Response getIndexHtmlRedirect() {
- return Response.status(302).location(uriInfo.getRequestUriBuilder().path("../").build()).build();
+ return Response.status(302).location(session.getContext().getUri().getRequestUriBuilder().path("../").build()).build();
}
@GET
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
index 8060095..a2c11a8 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
@@ -38,7 +38,6 @@ import org.keycloak.services.resources.Cors;
import org.keycloak.services.resources.admin.info.ServerInfoAdminResource;
import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import org.keycloak.theme.Theme;
-import org.keycloak.theme.ThemeProvider;
import javax.ws.rs.GET;
import javax.ws.rs.HttpMethod;
@@ -64,9 +63,6 @@ public class AdminRoot {
protected static final Logger logger = Logger.getLogger(AdminRoot.class);
@Context
- protected UriInfo uriInfo;
-
- @Context
protected ClientConnection clientConnection;
@Context
@@ -104,7 +100,7 @@ public class AdminRoot {
public Response masterRealmAdminConsoleRedirect() {
RealmModel master = new RealmManager(session).getKeycloakAdminstrationRealm();
return Response.status(302).location(
- uriInfo.getBaseUriBuilder().path(AdminRoot.class).path(AdminRoot.class, "getAdminConsole").path("/").build(master.getName())
+ session.getContext().getUri().getBaseUriBuilder().path(AdminRoot.class).path(AdminRoot.class, "getAdminConsole").path("/").build(master.getName())
).build();
}
@@ -172,7 +168,7 @@ public class AdminRoot {
throw new UnauthorizedException("Unknown realm in token");
}
session.getContext().setRealm(realm);
- AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(session, realm, uriInfo, clientConnection, headers);
+ AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(session, realm, session.getContext().getUri(), clientConnection, headers);
if (authResult == null) {
logger.debug("Token not valid");
throw new UnauthorizedException("Bearer");
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java
index 4db698f..743e994 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java
@@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
-import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.common.ClientConnection;
import org.keycloak.common.util.Time;
import org.keycloak.events.admin.OperationType;
@@ -38,7 +37,6 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
import java.util.HashMap;
import java.util.Map;
@@ -59,9 +57,6 @@ public class AttackDetectionResource {
protected KeycloakSession session;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected ClientConnection connection;
@Context
@@ -137,7 +132,7 @@ public class AttackDetectionResource {
UserLoginFailureModel model = session.sessions().getUserLoginFailure(realm, userId);
if (model != null) {
session.sessions().removeUserLoginFailure(realm, userId);
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
}
@@ -153,7 +148,7 @@ public class AttackDetectionResource {
auth.users().requireManage();
session.sessions().removeAllUserLoginFailures(realm);
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
index 86561f6..d05f33b 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
@@ -61,18 +61,15 @@ import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.core.UriInfo;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
-import java.util.stream.Collectors;
import static javax.ws.rs.core.Response.Status.NOT_FOUND;
@@ -86,8 +83,6 @@ public class AuthenticationManagementResource {
private final KeycloakSession session;
private AdminPermissionEvaluator auth;
private AdminEventBuilder adminEvent;
- @Context
- private UriInfo uriInfo;
protected static final Logger logger = Logger.getLogger(AuthenticationManagementResource.class);
@@ -223,8 +218,8 @@ public class AuthenticationManagementResource {
AuthenticationFlowModel createdModel = realm.addAuthenticationFlow(RepresentationToModel.toModel(flow));
flow.setId(createdModel.getId());
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, createdModel.getId()).representation(flow).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(flow.getId()).build()).build();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), createdModel.getId()).representation(flow).success();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(flow.getId()).build()).build();
}
/**
@@ -268,7 +263,7 @@ public class AuthenticationManagementResource {
flow.setId(existingFlow.getId());
realm.updateAuthenticationFlow(RepresentationToModel.toModel(flow));
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(flow).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(flow).success();
return Response.accepted(flow).build();
}
@@ -305,7 +300,7 @@ public class AuthenticationManagementResource {
realm.removeAuthenticationFlow(flow);
// Use just one event for top-level flow. Using separate events won't work properly for flows of depth 2 or bigger
- if (isTopMostLevel) adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ if (isTopMostLevel) adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -336,7 +331,7 @@ public class AuthenticationManagementResource {
AuthenticationFlowModel copy = copyFlow(realm, flow, newName);
data.put("id", copy.getId());
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(data).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(data).success();
return Response.status(Response.Status.CREATED).build();
@@ -416,10 +411,10 @@ public class AuthenticationManagementResource {
execution = realm.addAuthenticatorExecution(execution);
data.put("id", execution.getId());
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION_FLOW).resourcePath(uriInfo).representation(data).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION_FLOW).resourcePath(session.getContext().getUri()).representation(data).success();
String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionFlow").build(parentFlow.getAlias()).getPath();
- return Response.created(uriInfo.getBaseUriBuilder().path(uriInfo.getPath().replace(addExecutionPathSegment, "")).path("flows").path(newFlow.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("flows").path(newFlow.getId()).build()).build();
}
private int getNextPriority(AuthenticationFlowModel parentFlow) {
@@ -472,10 +467,10 @@ public class AuthenticationManagementResource {
execution = realm.addAuthenticatorExecution(execution);
data.put("id", execution.getId());
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo).representation(data).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(data).success();
String addExecutionPathSegment = UriBuilder.fromMethod(AuthenticationManagementResource.class, "addExecutionToFlow").build(parentFlow.getAlias()).getPath();
- return Response.created(uriInfo.getBaseUriBuilder().path(uriInfo.getPath().replace(addExecutionPathSegment, "")).path("executions").path(execution.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getBaseUriBuilder().path(session.getContext().getUri().getPath().replace(addExecutionPathSegment, "")).path("executions").path(execution.getId()).build()).build();
}
/**
@@ -593,7 +588,7 @@ public class AuthenticationManagementResource {
if (!model.getRequirement().name().equals(rep.getRequirement())) {
model.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(rep.getRequirement()));
realm.updateAuthenticatorExecution(model);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(rep).success();
}
}
@@ -637,8 +632,8 @@ public class AuthenticationManagementResource {
model.setPriority(getNextPriority(parentFlow));
model = realm.addAuthenticatorExecution(model);
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo, model.getId()).representation(execution).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri(), model.getId()).representation(execution).success();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(model.getId()).build()).build();
}
public AuthenticationFlowModel getParentFlow(AuthenticationExecutionModel model) {
@@ -691,7 +686,7 @@ public class AuthenticationManagementResource {
model.setPriority(tmp);
realm.updateAuthenticatorExecution(model);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}
public List<AuthenticationExecutionModel> getSortedExecutions(AuthenticationFlowModel parentFlow) {
@@ -736,7 +731,7 @@ public class AuthenticationManagementResource {
next.setPriority(tmp);
realm.updateAuthenticatorExecution(next);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}
@@ -769,7 +764,7 @@ public class AuthenticationManagementResource {
realm.removeAuthenticatorExecution(model);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).success();
}
@@ -802,8 +797,8 @@ public class AuthenticationManagementResource {
realm.updateAuthenticatorExecution(model);
json.setId(config.getId());
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(uriInfo).representation(json).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(config.getId()).build()).build();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTH_EXECUTION).resourcePath(session.getContext().getUri()).representation(json).success();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(config.getId()).build()).build();
}
/**
@@ -886,7 +881,7 @@ public class AuthenticationManagementResource {
requiredAction = realm.addRequiredActionProvider(requiredAction);
data.put("id", requiredAction.getId());
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(uriInfo).representation(data).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(session.getContext().getUri()).representation(data).success();
}
private int getNextRequiredActionPriority() {
@@ -972,7 +967,7 @@ public class AuthenticationManagementResource {
update.setConfig(rep.getConfig());
realm.updateRequiredActionProvider(update);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(session.getContext().getUri()).representation(rep).success();
}
/**
@@ -990,7 +985,7 @@ public class AuthenticationManagementResource {
}
realm.removeRequiredActionProvider(model);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.REQUIRED_ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.REQUIRED_ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -1024,7 +1019,7 @@ public class AuthenticationManagementResource {
model.setPriority(tmp);
realm.updateRequiredActionProvider(model);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -1058,7 +1053,7 @@ public class AuthenticationManagementResource {
next.setPriority(tmp);
realm.updateRequiredActionProvider(next);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.REQUIRED_ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -1135,8 +1130,8 @@ public class AuthenticationManagementResource {
auth.realm().requireManageRealm();
AuthenticatorConfigModel config = realm.addAuthenticatorConfig(RepresentationToModel.toModel(rep));
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTHENTICATOR_CONFIG).resourcePath(uriInfo, config.getId()).representation(rep).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(config.getId()).build()).build();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.AUTHENTICATOR_CONFIG).resourcePath(session.getContext().getUri(), config.getId()).representation(rep).success();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(config.getId()).build()).build();
}
/**
@@ -1185,7 +1180,7 @@ public class AuthenticationManagementResource {
realm.removeAuthenticatorConfig(config);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.AUTHENTICATOR_CONFIG).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.AUTHENTICATOR_CONFIG).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -1208,6 +1203,6 @@ public class AuthenticationManagementResource {
exists.setAlias(rep.getAlias());
exists.setConfig(rep.getConfig());
realm.updateAuthenticatorConfig(exists);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTHENTICATOR_CONFIG).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.AUTHENTICATOR_CONFIG).resourcePath(session.getContext().getUri()).representation(rep).success();
}
}
\ No newline at end of file
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java
index 8cd50c2..8f4ac53 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java
@@ -129,7 +129,6 @@ public class ClientAttributeCertificateResource {
/**
* Upload certificate and eventually private key
*
- * @param uriInfo
* @param input
* @return
* @throws IOException
@@ -138,7 +137,7 @@ public class ClientAttributeCertificateResource {
@Path("upload")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- public CertificateRepresentation uploadJks(@Context final UriInfo uriInfo, MultipartFormDataInput input) throws IOException {
+ public CertificateRepresentation uploadJks(MultipartFormDataInput input) throws IOException {
auth.clients().requireConfigure(client);
try {
@@ -155,7 +154,6 @@ public class ClientAttributeCertificateResource {
/**
* Upload only certificate, not private key
*
- * @param uriInfo
* @param input
* @return information extracted from uploaded certificate - not necessarily the new state of certificate on the server
* @throws IOException
@@ -164,7 +162,7 @@ public class ClientAttributeCertificateResource {
@Path("upload-certificate")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- public CertificateRepresentation uploadJksCertificate(@Context final UriInfo uriInfo, MultipartFormDataInput input) throws IOException {
+ public CertificateRepresentation uploadJksCertificate(MultipartFormDataInput input) throws IOException {
auth.clients().requireConfigure(client);
try {
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java
index 609b9b0..f6ddd11 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java
@@ -39,7 +39,6 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.util.LinkedList;
import java.util.List;
@@ -56,9 +55,6 @@ public class ClientInitialAccessResource {
@Context
protected KeycloakSession session;
- @Context
- protected UriInfo uriInfo;
-
public ClientInitialAccessResource(RealmModel realm, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
this.auth = auth;
this.realm = realm;
@@ -83,15 +79,15 @@ public class ClientInitialAccessResource {
ClientInitialAccessModel clientInitialAccessModel = session.realms().createClientInitialAccessModel(realm, expiration, count);
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientInitialAccessModel.getId()).representation(config).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), clientInitialAccessModel.getId()).representation(config).success();
ClientInitialAccessPresentation rep = wrap(clientInitialAccessModel);
- String token = ClientRegistrationTokenUtils.createInitialAccessToken(session, realm, uriInfo, clientInitialAccessModel);
+ String token = ClientRegistrationTokenUtils.createInitialAccessToken(session, realm, session.getContext().getUri(), clientInitialAccessModel);
rep.setToken(token);
response.setStatus(Response.Status.CREATED.getStatusCode());
- response.setHeader(HttpHeaders.LOCATION, uriInfo.getAbsolutePathBuilder().path(clientInitialAccessModel.getId()).build().toString());
+ response.setHeader(HttpHeaders.LOCATION, session.getContext().getUri().getAbsolutePathBuilder().path(clientInitialAccessModel.getId()).build().toString());
return rep;
}
@@ -116,7 +112,7 @@ public class ClientInitialAccessResource {
auth.clients().requireManage();
session.realms().removeClientInitialAccessModel(realm, id);
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
private ClientInitialAccessPresentation wrap(ClientInitialAccessModel model) {
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientRegistrationPolicyResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientRegistrationPolicyResource.java
index 9250326..2102061 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientRegistrationPolicyResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientRegistrationPolicyResource.java
@@ -17,16 +17,6 @@
package org.keycloak.services.resources.admin;
-import java.util.List;
-import java.util.stream.Collectors;
-
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
-
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.KeycloakSession;
@@ -39,6 +29,14 @@ import org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy;
import org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyFactory;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import java.util.List;
+import java.util.stream.Collectors;
+
/**
* @resource Client Registration Policy
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@@ -52,9 +50,6 @@ public class ClientRegistrationPolicyResource {
@Context
protected KeycloakSession session;
- @Context
- protected UriInfo uriInfo;
-
public ClientRegistrationPolicyResource(RealmModel realm, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
this.auth = auth;
this.realm = realm;
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
index 6d0b0ca..a78a255 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
@@ -77,7 +77,6 @@ import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedList;
@@ -104,9 +103,6 @@ public class ClientResource {
protected KeycloakSession session;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakApplication keycloak;
@Context
@@ -155,7 +151,7 @@ public class ClientResource {
try {
updateClientFromRep(rep, client, session);
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
updateAuthorizationSettings(rep);
return Response.noContent().build();
} catch (ModelDuplicateException e) {
@@ -203,7 +199,7 @@ public class ClientResource {
ClientInstallationProvider provider = session.getProvider(ClientInstallationProvider.class, providerId);
if (provider == null) throw new NotFoundException("Unknown Provider");
- return provider.generateInstallation(session, realm, client, keycloak.getBaseUri(uriInfo));
+ return provider.generateInstallation(session, realm, client, keycloak.getBaseUri(session.getContext().getUri()));
}
/**
@@ -220,7 +216,7 @@ public class ClientResource {
}
new ClientManager(new RealmManager(session)).removeClient(realm, client);
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
@@ -239,7 +235,7 @@ public class ClientResource {
logger.debug("regenerateSecret");
UserCredentialModel cred = KeycloakModelUtils.generateSecret(client);
CredentialRepresentation rep = ModelToRepresentation.toRepresentation(cred);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(rep).success();
return rep;
}
@@ -255,12 +251,12 @@ public class ClientResource {
public ClientRepresentation regenerateRegistrationAccessToken() {
auth.clients().requireManage(client);
- String token = ClientRegistrationTokenUtils.updateRegistrationAccessToken(session, realm, uriInfo, client, RegistrationAuth.AUTHENTICATED);
+ String token = ClientRegistrationTokenUtils.updateRegistrationAccessToken(session, realm, session.getContext().getUri(), client, RegistrationAuth.AUTHENTICATED);
ClientRepresentation rep = ModelToRepresentation.toRepresentation(client);
rep.setRegistrationAccessToken(token);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(rep).success();
return rep;
}
@@ -296,7 +292,7 @@ public class ClientResource {
@Path("roles")
public RoleContainerResource getRoleContainerResource() {
- return new RoleContainerResource(session, uriInfo, realm, auth, client, adminEvent);
+ return new RoleContainerResource(session, session.getContext().getUri(), realm, auth, client, adminEvent);
}
@@ -343,7 +339,7 @@ public class ClientResource {
}
client.addClientScope(clientScope, defaultScope);
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLIENT).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLIENT).resourcePath(session.getContext().getUri()).success();
}
@@ -359,7 +355,7 @@ public class ClientResource {
}
client.removeClientScope(clientScope);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.CLIENT).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.CLIENT).resourcePath(session.getContext().getUri()).success();
}
@@ -392,7 +388,7 @@ public class ClientResource {
@Path("evaluate-scopes")
public ClientScopeEvaluateResource clientScopeEvaluateResource() {
- return new ClientScopeEvaluateResource(session, uriInfo, realm, auth, client, clientConnection);
+ return new ClientScopeEvaluateResource(session, session.getContext().getUri(), realm, auth, client, clientConnection);
}
/**
@@ -431,8 +427,8 @@ public class ClientResource {
public GlobalRequestResult pushRevocation() {
auth.clients().requireConfigure(client);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).resource(ResourceType.CLIENT).success();
- return new ResourceAdminManager(session).pushClientRevocationPolicy(uriInfo.getRequestUri(), realm, client);
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).resource(ResourceType.CLIENT).success();
+ return new ResourceAdminManager(session).pushClientRevocationPolicy(session.getContext().getUri().getRequestUri(), realm, client);
}
@@ -567,7 +563,7 @@ public class ClientResource {
}
if (logger.isDebugEnabled()) logger.debug("Register node: " + node);
client.registerNode(node, Time.currentTime());
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLUSTER_NODE).resourcePath(uriInfo, node).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLUSTER_NODE).resourcePath(session.getContext().getUri(), node).success();
}
/**
@@ -588,7 +584,7 @@ public class ClientResource {
throw new NotFoundException("Client does not have node ");
}
client.unregisterNode(node);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.CLUSTER_NODE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.CLUSTER_NODE).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -606,8 +602,8 @@ public class ClientResource {
auth.clients().requireConfigure(client);
logger.debug("Test availability of cluster nodes");
- GlobalRequestResult result = new ResourceAdminManager(session).testNodesAvailability(uriInfo.getRequestUri(), realm, client);
- adminEvent.operation(OperationType.ACTION).resource(ResourceType.CLUSTER_NODE).resourcePath(uriInfo).representation(result).success();
+ GlobalRequestResult result = new ResourceAdminManager(session).testNodesAvailability(session.getContext().getUri().getRequestUri(), realm, client);
+ adminEvent.operation(OperationType.ACTION).resource(ResourceType.CLUSTER_NODE).resourcePath(session.getContext().getUri()).representation(result).success();
return result;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeResource.java
index 8eed164..f1877a5 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeResource.java
@@ -59,9 +59,6 @@ public class ClientScopeResource {
protected ClientScopeModel clientScope;
protected KeycloakSession session;
- @Context
- protected UriInfo uriInfo;
-
public ClientScopeResource(RealmModel realm, AdminPermissionEvaluator auth, ClientScopeModel clientScope, KeycloakSession session, AdminEventBuilder adminEvent) {
this.realm = realm;
this.auth = auth;
@@ -107,7 +104,7 @@ public class ClientScopeResource {
if (session.getTransactionManager().isActive()) {
session.getTransactionManager().commit();
}
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
return Response.noContent().build();
} catch (ModelDuplicateException e) {
return ErrorResponse.exists("Client Scope " + rep.getName() + " already exists");
@@ -141,7 +138,7 @@ public class ClientScopeResource {
try {
realm.removeClientScope(clientScope.getId());
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
return Response.noContent().build();
} catch (ModelException me) {
return ErrorResponse.error(me.getMessage(), Response.Status.BAD_REQUEST);
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientScopesResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientScopesResource.java
index 6df7748..81b0c74 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientScopesResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientScopesResource.java
@@ -41,7 +41,6 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.util.ArrayList;
import java.util.List;
@@ -61,9 +60,6 @@ public class ClientScopesResource {
@Context
protected KeycloakSession session;
- @Context
- protected UriInfo uriInfo;
-
public ClientScopesResource(RealmModel realm, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
this.realm = realm;
this.auth = auth;
@@ -114,9 +110,9 @@ public class ClientScopesResource {
try {
ClientScopeModel clientModel = RepresentationToModel.createClientScope(session, realm, rep);
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientModel.getId()).representation(rep).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), clientModel.getId()).representation(rep).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(clientModel.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(clientModel.getId()).build()).build();
} catch (ModelDuplicateException e) {
return ErrorResponse.exists("Client Scope " + rep.getName() + " already exists");
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
index 580a0bc..1ab8d3e 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
@@ -155,13 +155,12 @@ public class ClientsResource {
*
* Client's client_id must be unique!
*
- * @param uriInfo
* @param rep
* @return
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
- public Response createClient(final @Context UriInfo uriInfo, final ClientRepresentation rep) {
+ public Response createClient(final ClientRepresentation rep) {
auth.clients().requireManage();
ValidationMessages validationMessages = new ValidationMessages();
@@ -185,7 +184,7 @@ public class ClientsResource {
}
}
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientModel.getId()).representation(rep).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), clientModel.getId()).representation(rep).success();
if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) {
if (TRUE.equals(rep.getAuthorizationServicesEnabled())) {
@@ -196,12 +195,12 @@ public class ClientsResource {
ResourceServerRepresentation authorizationSettings = rep.getAuthorizationSettings();
if (authorizationSettings != null) {
- authorizationService.resourceServer().importSettings(uriInfo, authorizationSettings);
+ authorizationService.resourceServer().importSettings(authorizationSettings);
}
}
}
- return Response.created(uriInfo.getAbsolutePathBuilder().path(clientModel.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(clientModel.getId()).build()).build();
} catch (ModelDuplicateException e) {
return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientStorageProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientStorageProviderResource.java
index 6c8561c..9304735 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientStorageProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientStorageProviderResource.java
@@ -21,30 +21,18 @@ import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.common.ClientConnection;
import org.keycloak.component.ComponentModel;
-import org.keycloak.events.admin.OperationType;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
-import org.keycloak.services.ServicesLogger;
-import org.keycloak.services.managers.UserStorageSyncManager;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import org.keycloak.storage.UserStorageProvider;
-import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.client.ClientStorageProvider;
-import org.keycloak.storage.ldap.LDAPStorageProvider;
-import org.keycloak.storage.ldap.mappers.LDAPStorageMapper;
-import org.keycloak.storage.user.SynchronizationResult;
-import javax.ws.rs.BadRequestException;
import javax.ws.rs.GET;
-import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
import java.util.HashMap;
import java.util.Map;
@@ -66,9 +54,6 @@ public class ClientStorageProviderResource {
protected ClientConnection clientConnection;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
@Context
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java
index c532245..27e16f5 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java
@@ -54,8 +54,6 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
-
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Collections;
@@ -82,9 +80,6 @@ public class ComponentResource {
protected ClientConnection clientConnection;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
@Context
@@ -139,8 +134,8 @@ public class ComponentResource {
model = realm.addComponentModel(model);
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, model.getId()).representation(StripSecretsUtils.strip(session, rep)).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), model.getId()).representation(StripSecretsUtils.strip(session, rep)).success();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(model.getId()).build()).build();
} catch (ComponentValidationException e) {
return localizedErrorResponse(e);
} catch (IllegalArgumentException e) {
@@ -173,7 +168,7 @@ public class ComponentResource {
throw new NotFoundException("Could not find component");
}
RepresentationToModel.updateComponent(session, rep, model, false);
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(StripSecretsUtils.strip(session, rep)).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(StripSecretsUtils.strip(session, rep)).success();
realm.updateComponent(model);
return Response.noContent().build();
} catch (ComponentValidationException e) {
@@ -190,7 +185,7 @@ public class ComponentResource {
if (model == null) {
throw new NotFoundException("Could not find component");
}
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
realm.removeComponent(model);
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java
index 0c0ed89..27c6852 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java
@@ -21,7 +21,6 @@ import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
-import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
@@ -31,6 +30,10 @@ import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.ManagementPermissionReference;
import org.keycloak.representations.idm.UserRepresentation;
+import org.keycloak.services.ErrorResponse;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
+import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -40,20 +43,14 @@ import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.net.URI;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
-import org.keycloak.services.ErrorResponse;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
-import org.keycloak.services.resources.admin.permissions.AdminPermissions;
/**
* @resource Groups
@@ -75,8 +72,6 @@ public class GroupResource {
this.group = group;
}
- @Context private UriInfo uriInfo;
-
/**
*
*
@@ -106,7 +101,7 @@ public class GroupResource {
this.auth.groups().requireManage(group);
updateGroup(rep, group);
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
}
@@ -116,7 +111,7 @@ public class GroupResource {
this.auth.groups().requireManage(group);
realm.removeGroup(group);
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
@@ -151,8 +146,8 @@ public class GroupResource {
} else {
child = realm.createGroup(rep.getName());
updateGroup(rep, child);
- URI uri = uriInfo.getBaseUriBuilder()
- .path(uriInfo.getMatchedURIs().get(2))
+ URI uri = session.getContext().getUri().getBaseUriBuilder()
+ .path(session.getContext().getUri().getMatchedURIs().get(2))
.path(child.getId()).build();
builder.status(201).location(uri);
rep.setId(child.getId());
@@ -160,7 +155,7 @@ public class GroupResource {
}
realm.moveGroup(child, group);
- adminEvent.resourcePath(uriInfo).representation(rep).success();
+ adminEvent.resourcePath(session.getContext().getUri()).representation(rep).success();
GroupRepresentation childRep = ModelToRepresentation.toGroupHierarchy(child, true);
return builder.type(MediaType.APPLICATION_JSON_TYPE).entity(childRep).build();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
index 15be7ae..28f36be 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
@@ -16,7 +16,6 @@
*/
package org.keycloak.services.resources.admin;
-import org.apache.http.HttpStatus;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
@@ -28,21 +27,23 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.services.ErrorResponse;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import javax.ws.rs.*;
-import javax.ws.rs.core.Context;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.DefaultValue;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.net.URI;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
-import org.keycloak.services.ErrorResponse;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import twitter4j.JSONException;
-import twitter4j.JSONObject;
/**
* @resource Groups
@@ -63,8 +64,6 @@ public class GroupsResource {
}
- @Context private UriInfo uriInfo;
-
/**
* Get group hierarchy. Only name and ids are returned.
*
@@ -153,16 +152,16 @@ public class GroupsResource {
if (child == null) {
throw new NotFoundException("Could not find child by id");
}
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo);
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri());
} else {
child = realm.createGroup(rep.getName());
GroupResource.updateGroup(rep, child);
- URI uri = uriInfo.getAbsolutePathBuilder()
+ URI uri = session.getContext().getUri().getAbsolutePathBuilder()
.path(child.getId()).build();
builder.status(201).location(uri);
rep.setId(child.getId());
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, child.getId());
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), child.getId());
}
realm.moveGroup(child, null);
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
index 4d22005..6a01713 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
@@ -86,8 +86,6 @@ public class IdentityProviderResource {
private final IdentityProviderModel identityProviderModel;
private final AdminEventBuilder adminEvent;
- @Context private UriInfo uriInfo;
-
public IdentityProviderResource(AdminPermissionEvaluator auth, RealmModel realm, KeycloakSession session, IdentityProviderModel identityProviderModel, AdminEventBuilder adminEvent) {
this.realm = realm;
this.session = session;
@@ -137,7 +135,7 @@ public class IdentityProviderResource {
this.realm.removeIdentityProviderMapper(mapper);
}
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
return Response.noContent().build();
}
@@ -161,7 +159,7 @@ public class IdentityProviderResource {
try {
updateIdpFromRep(providerRep, realm, session);
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(providerRep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(providerRep).success();
return Response.noContent().build();
} catch (ModelDuplicateException e) {
@@ -235,14 +233,13 @@ public class IdentityProviderResource {
/**
* Export public broker configuration for identity provider
*
- * @param uriInfo
* @param format Format to use
* @return
*/
@GET
@Path("export")
@NoCache
- public Response export(@Context UriInfo uriInfo, @QueryParam("format") String format) {
+ public Response export(@QueryParam("format") String format) {
this.auth.realm().requireViewIdentityProviders();
if (identityProviderModel == null) {
@@ -251,7 +248,7 @@ public class IdentityProviderResource {
try {
IdentityProviderFactory factory = getIdentityProviderFactory();
- return factory.create(session, identityProviderModel).export(uriInfo, realm, format);
+ return factory.create(session, identityProviderModel).export(session.getContext().getUri(), realm, format);
} catch (Exception e) {
return ErrorResponse.error("Could not export public broker configuration for identity provider [" + identityProviderModel.getProviderId() + "].", Response.Status.NOT_FOUND);
}
@@ -339,10 +336,10 @@ public class IdentityProviderResource {
return ErrorResponse.error("Failed to add mapper '" + model.getName() + "' to identity provider [" + identityProviderModel.getProviderId() + "].", Response.Status.BAD_REQUEST);
}
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(uriInfo, model.getId())
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(session.getContext().getUri(), model.getId())
.representation(mapper).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(model.getId()).build()).build();
}
@@ -389,7 +386,7 @@ public class IdentityProviderResource {
if (model == null) throw new NotFoundException("Model not found");
model = RepresentationToModel.toModel(rep);
realm.updateIdentityProviderMapper(model);
- adminEvent.operation(OperationType.UPDATE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(session.getContext().getUri()).representation(rep).success();
}
@@ -411,7 +408,7 @@ public class IdentityProviderResource {
IdentityProviderMapperModel model = realm.getIdentityProviderMapperById(id);
if (model == null) throw new NotFoundException("Model not found");
realm.removeIdentityProviderMapper(model);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.IDENTITY_PROVIDER_MAPPER).resourcePath(session.getContext().getUri()).success();
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
index 646b463..bc3e78e 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
@@ -46,10 +46,8 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
@@ -98,7 +96,6 @@ public class IdentityProvidersResource {
/**
* Import identity provider from uploaded JSON file
*
- * @param uriInfo
* @param input
* @return
* @throws IOException
@@ -107,7 +104,7 @@ public class IdentityProvidersResource {
@Path("import-config")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- public Map<String, String> importFrom(@Context UriInfo uriInfo, MultipartFormDataInput input) throws IOException {
+ public Map<String, String> importFrom(MultipartFormDataInput input) throws IOException {
this.auth.realm().requireManageIdentityProviders();
Map<String, List<InputPart>> formDataMap = input.getFormDataMap();
if (!(formDataMap.containsKey("providerId") && formDataMap.containsKey("file"))) {
@@ -124,7 +121,6 @@ public class IdentityProvidersResource {
/**
* Import identity provider from JSON body
*
- * @param uriInfo
* @param data JSON body
* @return
* @throws IOException
@@ -133,7 +129,7 @@ public class IdentityProvidersResource {
@Path("import-config")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- public Map<String, String> importFrom(@Context UriInfo uriInfo, Map<String, Object> data) throws IOException {
+ public Map<String, String> importFrom(Map<String, Object> data) throws IOException {
this.auth.realm().requireManageIdentityProviders();
if (!(data.containsKey("providerId") && data.containsKey("fromUrl"))) {
throw new BadRequestException();
@@ -177,14 +173,13 @@ public class IdentityProvidersResource {
/**
* Create a new identity provider
*
- * @param uriInfo
* @param representation JSON body
* @return
*/
@POST
@Path("instances")
@Consumes(MediaType.APPLICATION_JSON)
- public Response create(@Context UriInfo uriInfo, IdentityProviderRepresentation representation) {
+ public Response create(IdentityProviderRepresentation representation) {
this.auth.realm().requireManageIdentityProviders();
try {
@@ -192,10 +187,10 @@ public class IdentityProvidersResource {
this.realm.addIdentityProvider(identityProvider);
representation.setInternalId(identityProvider.getInternalId());
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, identityProvider.getAlias())
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), identityProvider.getAlias())
.representation(StripSecretsUtils.strip(representation)).success();
- return Response.created(uriInfo.getAbsolutePathBuilder().path(representation.getAlias()).build()).build();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(representation.getAlias()).build()).build();
} catch (ModelDuplicateException e) {
return ErrorResponse.exists("Identity Provider " + representation.getAlias() + " already exists");
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
index 709197d..c6e4be6 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
@@ -46,7 +46,6 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.text.MessageFormat;
import java.util.LinkedList;
import java.util.List;
@@ -73,9 +72,6 @@ public class ProtocolMappersResource {
protected AdminEventBuilder adminEvent;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
public ProtocolMappersResource(RealmModel realm, ProtocolMapperContainerModel client, AdminPermissionEvaluator auth,
@@ -128,13 +124,13 @@ public class ProtocolMappersResource {
model = RepresentationToModel.toModel(rep);
validateModel(model);
model = client.addProtocolMapper(model);
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, model.getId()).representation(rep).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), model.getId()).representation(rep).success();
} catch (ModelDuplicateException e) {
return ErrorResponse.exists("Protocol mapper exists with same name");
}
- return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(model.getId()).build()).build();
}
/**
* Create multiple mappers
@@ -153,7 +149,7 @@ public class ProtocolMappersResource {
validateModel(model);
model = client.addProtocolMapper(model);
}
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(reps).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(reps).success();
}
/**
@@ -213,7 +209,7 @@ public class ProtocolMappersResource {
validateModel(model);
client.updateProtocolMapper(model);
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
}
/**
@@ -230,7 +226,7 @@ public class ProtocolMappersResource {
ProtocolMapperModel model = client.getProtocolMapperById(id);
if (model == null) throw new NotFoundException("Model not found");
client.removeProtocolMapper(model);
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index dee4147..585e287 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -24,11 +24,6 @@ import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.Config;
import org.keycloak.KeyPairVerifier;
-import org.keycloak.models.ClientScopeModel;
-import org.keycloak.representations.idm.ClientScopeRepresentation;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
-import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import org.keycloak.common.ClientConnection;
import org.keycloak.common.VerificationException;
import org.keycloak.common.util.PemUtils;
@@ -47,6 +42,7 @@ import org.keycloak.exportimport.util.ExportOptions;
import org.keycloak.exportimport.util.ExportUtils;
import org.keycloak.keys.PublicKeyStorageProvider;
import org.keycloak.models.ClientModel;
+import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.Constants;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
@@ -68,6 +64,7 @@ import org.keycloak.provider.ProviderFactory;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.AdminEventRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.ClientScopeRepresentation;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
@@ -81,6 +78,9 @@ import org.keycloak.services.managers.LDAPConnectionTestManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.ResourceAdminManager;
import org.keycloak.services.managers.UserStorageSyncManager;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
+import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import org.keycloak.storage.UserStorageProviderModel;
import javax.ws.rs.Consumes;
@@ -98,7 +98,6 @@ import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import javax.ws.rs.core.UriInfo;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
@@ -130,9 +129,6 @@ public class RealmAdminResource {
protected KeycloakSession session;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected ClientConnection connection;
@Context
@@ -261,7 +257,7 @@ public class RealmAdminResource {
}
realm.addDefaultClientScope(clientScope, defaultScope);
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLIENT_SCOPE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLIENT_SCOPE).resourcePath(session.getContext().getUri()).success();
}
@@ -277,7 +273,7 @@ public class RealmAdminResource {
}
realm.removeDefaultClientScope(clientScope);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.CLIENT_SCOPE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.CLIENT_SCOPE).resourcePath(session.getContext().getUri()).success();
}
@@ -346,7 +342,7 @@ public class RealmAdminResource {
*/
@Path("roles")
public RoleContainerResource getRoleContainerResource() {
- return new RoleContainerResource(session, uriInfo, realm, auth, realm, adminEvent);
+ return new RoleContainerResource(session, session.getContext().getUri(), realm, auth, realm, adminEvent);
}
/**
@@ -555,8 +551,8 @@ public class RealmAdminResource {
public GlobalRequestResult pushRevocation() {
auth.realm().requireManageRealm();
- GlobalRequestResult result = new ResourceAdminManager(session).pushRealmRevocationPolicy(uriInfo.getRequestUri(), realm);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(result).success();
+ GlobalRequestResult result = new ResourceAdminManager(session).pushRealmRevocationPolicy(session.getContext().getUri().getRequestUri(), realm);
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(result).success();
return result;
}
@@ -571,8 +567,8 @@ public class RealmAdminResource {
auth.users().requireManage();
session.sessions().removeUserSessions(realm);
- GlobalRequestResult result = new ResourceAdminManager(session).logoutAll(uriInfo.getRequestUri(), realm);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(result).success();
+ GlobalRequestResult result = new ResourceAdminManager(session).logoutAll(session.getContext().getUri().getRequestUri(), realm);
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(result).success();
return result;
}
@@ -589,8 +585,8 @@ public class RealmAdminResource {
UserSessionModel userSession = session.sessions().getUserSession(realm, sessionId);
if (userSession == null) throw new NotFoundException("Sesssion not found");
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, connection, headers, true);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.USER_SESSION).resourcePath(uriInfo).success();
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), connection, headers, true);
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.USER_SESSION).resourcePath(session.getContext().getUri()).success();
}
@@ -1007,7 +1003,7 @@ public class RealmAdminResource {
}
realm.addDefaultGroup(group);
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.GROUP).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.GROUP).resourcePath(session.getContext().getUri()).success();
}
@DELETE
@@ -1022,7 +1018,7 @@ public class RealmAdminResource {
}
realm.removeDefaultGroup(group);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.GROUP).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.GROUP).resourcePath(session.getContext().getUri()).success();
}
@@ -1099,7 +1095,7 @@ public class RealmAdminResource {
cache.clear();
}
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -1116,7 +1112,7 @@ public class RealmAdminResource {
cache.clear();
}
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -1133,7 +1129,7 @@ public class RealmAdminResource {
cache.clearCache();
}
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
@Path("keys")
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
index 76fb999..cda6494 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@@ -21,7 +21,6 @@ import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.common.ClientConnection;
-import org.keycloak.policy.PasswordPolicyNotMetException;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
@@ -29,6 +28,7 @@ import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.utils.ModelToRepresentation;
+import org.keycloak.policy.PasswordPolicyNotMetException;
import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.ErrorResponse;
@@ -49,7 +49,6 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.net.URI;
import java.util.ArrayList;
import java.util.List;
@@ -125,13 +124,12 @@ public class RealmsAdminResource {
*
* Imports a realm from a full representation of that realm. Realm name must be unique.
*
- * @param uriInfo
* @param rep JSON representation of the realm
* @return
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
- public Response importRealm(@Context final UriInfo uriInfo, final RealmRepresentation rep) {
+ public Response importRealm(final RealmRepresentation rep) {
RealmManager realmManager = new RealmManager(session);
realmManager.setContextPath(keycloak.getContextPath());
AdminPermissions.realms(session, auth).requireCreateRealm();
@@ -142,7 +140,7 @@ public class RealmsAdminResource {
RealmModel realm = realmManager.importRealm(rep);
grantPermissionsToRealmCreator(realm);
- URI location = AdminRoot.realmsUrl(uriInfo).path(realm.getName()).build();
+ URI location = AdminRoot.realmsUrl(session.getContext().getUri()).path(realm.getName()).build();
logger.debugv("imported realm success, sending back: {0}", location.toString());
return Response.created(location).build();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
index b2ae6ad..87f3951 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
@@ -19,19 +19,17 @@ package org.keycloak.services.resources.admin;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
-import org.keycloak.services.resources.admin.permissions.AdminPermissions;
-import org.keycloak.services.resources.admin.permissions.RolePermissionManagement;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.ManagementPermissionReference;
import org.keycloak.representations.idm.RoleRepresentation;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
+import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -43,10 +41,7 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import java.util.Set;
/**
@@ -65,9 +60,6 @@ public class RoleByIdResource extends RoleResource {
@Context
private KeycloakSession session;
- @Context
- private UriInfo uriInfo;
-
public RoleByIdResource(RealmModel realm, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
super(realm);
@@ -120,7 +112,7 @@ public class RoleByIdResource extends RoleResource {
adminEvent.resource(ResourceType.REALM_ROLE);
}
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -143,7 +135,7 @@ public class RoleByIdResource extends RoleResource {
adminEvent.resource(ResourceType.REALM_ROLE);
}
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
}
/**
@@ -158,7 +150,7 @@ public class RoleByIdResource extends RoleResource {
public void addComposites(final @PathParam("role-id") String id, List<RoleRepresentation> roles) {
RoleModel role = getRoleModel(id);
auth.roles().requireManage(role);
- addComposites(auth, adminEvent, uriInfo, roles, role);
+ addComposites(auth, adminEvent, session.getContext().getUri(), roles, role);
}
/**
@@ -233,7 +225,7 @@ public class RoleByIdResource extends RoleResource {
public void deleteComposites(final @PathParam("role-id") String id, List<RoleRepresentation> roles) {
RoleModel role = getRoleModel(id);
auth.roles().requireManage(role);
- deleteComposites(adminEvent, uriInfo, roles, role);
+ deleteComposites(adminEvent, session.getContext().getUri(), roles, role);
}
/**
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java
index addf33c..8ad922b 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java
@@ -19,10 +19,6 @@ package org.keycloak.services.resources.admin;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
-import org.jboss.resteasy.spi.ResteasyProviderFactory;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
-import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.ClientModel;
@@ -38,11 +34,13 @@ import org.keycloak.representations.idm.ManagementPermissionReference;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.ErrorResponse;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement;
+import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
-import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
@@ -50,7 +48,6 @@ import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
@@ -284,8 +281,7 @@ public class RoleContainerResource extends RoleResource {
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
- public Set<RoleRepresentation> getClientRoleComposites(@Context final UriInfo uriInfo,
- final @PathParam("role-name") String roleName,
+ public Set<RoleRepresentation> getClientRoleComposites(final @PathParam("role-name") String roleName,
final @PathParam("client") String client) {
auth.roles().requireView(roleContainer);
RoleModel role = roleContainer.getRole(roleName);
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java
index b785b1a..dccad2b 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java
@@ -19,7 +19,6 @@ package org.keycloak.services.resources.admin;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
@@ -34,8 +33,8 @@ import org.keycloak.representations.idm.ClientMappingsRepresentation;
import org.keycloak.representations.idm.MappingsRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.services.ErrorResponseException;
-import org.keycloak.services.ForbiddenException;
import org.keycloak.services.managers.RealmManager;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -48,7 +47,6 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
@@ -84,9 +82,6 @@ public class RoleMapperResource {
protected ClientConnection clientConnection;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
@Context
@@ -236,7 +231,7 @@ public class RoleMapperResource {
roleMapper.grantRole(roleModel);
}
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(roles).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(roles).success();
}
/**
@@ -279,7 +274,7 @@ public class RoleMapperResource {
}
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).representation(roles).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).representation(roles).success();
}
@@ -293,7 +288,7 @@ public class RoleMapperResource {
if (clientModel == null) {
throw new NotFoundException("Client not found");
}
- ClientRoleMappingsResource resource = new ClientRoleMappingsResource(uriInfo, session, realm, auth, roleMapper,
+ ClientRoleMappingsResource resource = new ClientRoleMappingsResource(session.getContext().getUri(), session, realm, auth, roleMapper,
clientModel, adminEvent,
managePermission, viewPermission);
return resource;
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
index 4df22ec..7d537ca 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
@@ -50,7 +50,6 @@ import org.keycloak.models.UserLoginFailureModel;
import org.keycloak.models.UserManager;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
-import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
@@ -92,7 +91,6 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.core.UriInfo;
import java.net.URI;
import java.text.MessageFormat;
import java.util.ArrayList;
@@ -127,9 +125,6 @@ public class UserResource {
protected ClientConnection clientConnection;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
@Context
@@ -171,7 +166,7 @@ public class UserResource {
updateUserFromRep(user, rep, attrsToRemove, realm, session, true);
RepresentationToModel.createCredentials(rep, session, realm, user, true);
- adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
if (session.getTransactionManager().isActive()) {
session.getTransactionManager().commit();
@@ -278,15 +273,15 @@ public class UserResource {
if (authenticatedRealm.getId().equals(realm.getId())) {
sameRealm = true;
UserSessionModel userSession = session.sessions().getUserSession(authenticatedRealm, auth.adminAuth().getToken().getSessionState());
- AuthenticationManager.expireIdentityCookie(realm, uriInfo, clientConnection);
- AuthenticationManager.expireRememberMeCookie(realm, uriInfo, clientConnection);
- AuthenticationManager.backchannelLogout(session, authenticatedRealm, userSession, uriInfo, clientConnection, headers, true);
+ AuthenticationManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
+ AuthenticationManager.expireRememberMeCookie(realm, session.getContext().getUri(), clientConnection);
+ AuthenticationManager.backchannelLogout(session, authenticatedRealm, userSession, session.getContext().getUri(), clientConnection, headers, true);
}
EventBuilder event = new EventBuilder(realm, session, clientConnection);
UserSessionModel userSession = session.sessions().createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null);
- AuthenticationManager.createLoginCookie(session, realm, userSession.getUser(), userSession, uriInfo, clientConnection);
- URI redirect = AccountFormService.accountServiceApplicationPage(uriInfo).build(realm.getName());
+ AuthenticationManager.createLoginCookie(session, realm, userSession.getUser(), userSession, session.getContext().getUri(), clientConnection);
+ URI redirect = AccountFormService.accountServiceApplicationPage(session.getContext().getUri()).build(realm.getName());
Map<String, Object> result = new HashMap<>();
result.put("sameRealm", sameRealm);
result.put("redirect", redirect.toString());
@@ -403,7 +398,7 @@ public class UserResource {
FederatedIdentityModel socialLink = new FederatedIdentityModel(provider, rep.getUserId(), rep.getUserName());
session.users().addFederatedIdentity(realm, user, socialLink);
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(rep).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(rep).success();
return Response.noContent().build();
}
@@ -420,7 +415,7 @@ public class UserResource {
if (!session.users().removeFederatedIdentity(realm, user, provider)) {
throw new NotFoundException("Link not found");
}
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -490,13 +485,13 @@ public class UserResource {
if (revokedConsent) {
// Logout clientSessions for this user and client
- AuthenticationManager.backchannelLogoutUserFromClient(session, realm, user, client, uriInfo, headers);
+ AuthenticationManager.backchannelLogoutUserFromClient(session, realm, user, client, session.getContext().getUri(), headers);
}
if (!revokedConsent && !revokedOfflineToken) {
throw new NotFoundException("Consent nor offline token not found");
}
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -514,9 +509,9 @@ public class UserResource {
List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
for (UserSessionModel userSession : userSessions) {
- AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true);
+ AuthenticationManager.backchannelLogout(session, realm, userSession, session.getContext().getUri(), clientConnection, headers, true);
}
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -529,7 +524,7 @@ public class UserResource {
boolean removed = new UserManager(session).removeUser(realm, user);
if (removed) {
- adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).success();
return Response.noContent().build();
} else {
return ErrorResponse.error("User couldn't be deleted", Status.BAD_REQUEST);
@@ -598,7 +593,7 @@ public class UserResource {
}
if (pass.isTemporary() != null && pass.isTemporary()) user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -612,7 +607,7 @@ public class UserResource {
auth.users().requireManage(user);
session.userCredentialManager().disableCredentialType(realm, user, CredentialModel.OTP);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
/**
@@ -688,7 +683,7 @@ public class UserResource {
String redirect;
if (redirectUri != null) {
- redirect = RedirectUtils.verifyRedirectUri(uriInfo, redirectUri, realm, client);
+ redirect = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), redirectUri, realm, client);
if (redirect == null) {
throw new WebApplicationException(
ErrorResponse.error("Invalid redirect uri.", Status.BAD_REQUEST));
@@ -702,8 +697,8 @@ public class UserResource {
ExecuteActionsActionToken token = new ExecuteActionsActionToken(user.getId(), expiration, actions, redirectUri, clientId);
try {
- UriBuilder builder = LoginActionsService.actionTokenProcessor(uriInfo);
- builder.queryParam("key", token.serialize(session, realm, uriInfo));
+ UriBuilder builder = LoginActionsService.actionTokenProcessor(session.getContext().getUri());
+ builder.queryParam("key", token.serialize(session, realm, session.getContext().getUri()));
String link = builder.build(realm.getName()).toString();
@@ -715,7 +710,7 @@ public class UserResource {
//audit.user(user).detail(Details.EMAIL, user.getEmail()).detail(Details.CODE_ID, accessCode.getCodeId()).success();
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
return Response.ok().build();
} catch (EmailException e) {
@@ -772,7 +767,7 @@ public class UserResource {
try {
if (user.isMemberOf(group)){
user.leaveGroup(group);
- adminEvent.operation(OperationType.DELETE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.DELETE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(session.getContext().getUri()).success();
}
} catch (ModelException me) {
Properties messages = AdminRoot.getMessages(session, realm, auth.adminAuth().getToken().getLocale());
@@ -793,7 +788,7 @@ public class UserResource {
auth.groups().requireManageMembership(group);
if (!user.isMemberOf(group)){
user.joinGroup(group);
- adminEvent.operation(OperationType.CREATE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(uriInfo).success();
+ adminEvent.operation(OperationType.CREATE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(session.getContext().getUri()).success();
}
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
index d591581..6c15f68 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@@ -20,7 +20,6 @@ import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
-import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
@@ -34,7 +33,8 @@ import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.ErrorResponse;
-import org.keycloak.services.*;
+import org.keycloak.services.ForbiddenException;
+import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
@@ -78,9 +78,6 @@ public class UsersResource {
protected ClientConnection clientConnection;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
@Context
@@ -97,13 +94,12 @@ public class UsersResource {
*
* Username must be unique.
*
- * @param uriInfo
* @param rep
* @return
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
- public Response createUser(final @Context UriInfo uriInfo, final UserRepresentation rep) {
+ public Response createUser(final UserRepresentation rep) {
auth.users().requireManage();
// Double-check duplicated username and email here due to federation
@@ -120,13 +116,13 @@ public class UsersResource {
UserResource.updateUserFromRep(user, rep, emptySet, realm, session, false);
RepresentationToModel.createCredentials(rep, session, realm, user, true);
- adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, user.getId()).representation(rep).success();
+ adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), user.getId()).representation(rep).success();
if (session.getTransactionManager().isActive()) {
session.getTransactionManager().commit();
}
- return Response.created(uriInfo.getAbsolutePathBuilder().path(user.getId()).build()).build();
+ return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(user.getId()).build()).build();
} catch (ModelDuplicateException e) {
if (session.getTransactionManager().isActive()) {
session.getTransactionManager().setRollbackOnly();
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java
index d9ec881..672822b 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java
@@ -43,7 +43,6 @@ import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
import java.util.HashMap;
import java.util.Map;
@@ -65,9 +64,6 @@ public class UserStorageProviderResource {
protected ClientConnection clientConnection;
@Context
- protected UriInfo uriInfo;
-
- @Context
protected KeycloakSession session;
@Context
@@ -153,7 +149,7 @@ public class UserStorageProviderResource {
Map<String, Object> eventRep = new HashMap<>();
eventRep.put("action", action);
eventRep.put("result", syncResult);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(eventRep).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(eventRep).success();
return syncResult;
}
@@ -241,7 +237,7 @@ public class UserStorageProviderResource {
Map<String, Object> eventRep = new HashMap<>();
eventRep.put("action", direction);
eventRep.put("result", syncResult);
- adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(eventRep).success();
+ adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(eventRep).success();
return syncResult;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
index 5170bc2..636cb52 100755
--- a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
+++ b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
@@ -45,7 +45,6 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Providers;
/**
@@ -66,9 +65,6 @@ public class ClientsManagementService {
protected HttpHeaders headers;
@Context
- private UriInfo uriInfo;
-
- @Context
private ClientConnection clientConnection;
@Context
@@ -193,7 +189,7 @@ public class ClientsManagementService {
private boolean checkSsl() {
- if (uriInfo.getBaseUri().getScheme().equals("https")) {
+ if (session.getContext().getUri().getBaseUri().getScheme().equals("https")) {
return true;
} else {
return !realm.getSslRequired().isRequired(clientConnection);
diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
index 0b61c21..6c7ea3f 100755
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
@@ -85,6 +85,17 @@ import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.RootAuthenticationSessionModel;
import org.keycloak.util.JsonSerialization;
+import javax.ws.rs.GET;
+import javax.ws.rs.OPTIONS;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriBuilder;
import java.io.IOException;
import java.net.URI;
import java.nio.charset.StandardCharsets;
@@ -99,19 +110,6 @@ import java.util.Optional;
import java.util.Set;
import java.util.UUID;
-import javax.ws.rs.GET;
-import javax.ws.rs.OPTIONS;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.core.UriInfo;
-
/**
* <p></p>
*
@@ -127,9 +125,6 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
private final RealmModel realmModel;
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
@Context
@@ -209,7 +204,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
this.event.event(EventType.CLIENT_INITIATED_ACCOUNT_LINKING);
checkRealm();
ClientModel client = checkClient(clientId);
- redirectUri = RedirectUtils.verifyRedirectUri(uriInfo, redirectUri, realmModel, client);
+ redirectUri = RedirectUtils.verifyRedirectUri(session.getContext().getUri(), redirectUri, realmModel, client);
if (redirectUri == null) {
event.error(Errors.INVALID_REDIRECT_URI);
throw new ErrorPageException(session, Response.Status.BAD_REQUEST, Messages.INVALID_REQUEST);
@@ -432,7 +427,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
try {
AppAuthManager authManager = new AppAuthManager();
- AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(this.session, this.realmModel, this.uriInfo, this.clientConnection, this.request.getHttpHeaders());
+ AuthenticationManager.AuthResult authResult = authManager.authenticateBearerToken(this.session, this.realmModel, this.session.getContext().getUri(), this.clientConnection, this.request.getHttpHeaders());
if (authResult != null) {
AccessToken token = authResult.getToken();
@@ -557,7 +552,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
SerializedBrokeredIdentityContext ctx = SerializedBrokeredIdentityContext.serialize(context);
ctx.saveToAuthenticationSession(authenticationSession, AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE);
- URI redirect = LoginActionsService.firstBrokerLoginProcessor(uriInfo)
+ URI redirect = LoginActionsService.firstBrokerLoginProcessor(session.getContext().getUri())
.queryParam(Constants.CLIENT_ID, authenticationSession.getClient().getClientId())
.queryParam(Constants.TAB_ID, authenticationSession.getTabId())
.build(realmModel.getName());
@@ -713,7 +708,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
authSession.setAuthNote(PostBrokerLoginConstants.PBL_AFTER_FIRST_BROKER_LOGIN, String.valueOf(wasFirstBrokerLogin));
- URI redirect = LoginActionsService.postBrokerLoginProcessor(uriInfo)
+ URI redirect = LoginActionsService.postBrokerLoginProcessor(session.getContext().getUri())
.queryParam(Constants.CLIENT_ID, authSession.getClient().getClientId())
.queryParam(Constants.TAB_ID, authSession.getTabId())
.build(realmModel.getName());
@@ -809,12 +804,12 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
AuthenticationManager.setClientScopesInSession(authSession);
- String nextRequiredAction = AuthenticationManager.nextRequiredAction(session, authSession, clientConnection, request, uriInfo, event);
+ String nextRequiredAction = AuthenticationManager.nextRequiredAction(session, authSession, clientConnection, request, session.getContext().getUri(), event);
if (nextRequiredAction != null) {
- return AuthenticationManager.redirectToRequiredActions(session, realmModel, authSession, uriInfo, nextRequiredAction);
+ return AuthenticationManager.redirectToRequiredActions(session, realmModel, authSession, session.getContext().getUri(), nextRequiredAction);
} else {
event.detail(Details.CODE_ID, authSession.getParentSession().getId()); // todo This should be set elsewhere. find out why tests fail. Don't know where this is supposed to be set
- return AuthenticationManager.finishedRequiredActions(session, authSession, null, clientConnection, request, uriInfo, event);
+ return AuthenticationManager.finishedRequiredActions(session, authSession, null, clientConnection, request, session.getContext().getUri(), event);
}
}
@@ -992,7 +987,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
return ParsedCodeContext.response(staleCodeError);
}
- SessionCodeChecks checks = new SessionCodeChecks(realmModel, uriInfo, request, clientConnection, session, event, null, code, null, clientId, tabId, LoginActionsService.AUTHENTICATE_PATH);
+ SessionCodeChecks checks = new SessionCodeChecks(realmModel, session.getContext().getUri(), request, clientConnection, session, event, null, code, null, clientId, tabId, LoginActionsService.AUTHENTICATE_PATH);
checks.initialVerify();
if (!checks.verifyActiveAndValidAction(AuthenticationSessionModel.Action.AUTHENTICATE.name(), ClientSessionCode.ActionType.LOGIN)) {
@@ -1075,11 +1070,11 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
encodedState = IdentityBrokerState.decoded(relayState, authSession.getClient().getClientId(), authSession.getTabId());
}
- return new AuthenticationRequest(this.session, this.realmModel, authSession, this.request, this.uriInfo, encodedState, getRedirectUri(providerId));
+ return new AuthenticationRequest(this.session, this.realmModel, authSession, this.request, this.session.getContext().getUri(), encodedState, getRedirectUri(providerId));
}
private String getRedirectUri(String providerId) {
- return Urls.identityProviderAuthnResponse(this.uriInfo.getBaseUri(), providerId, this.realmModel.getName()).toString();
+ return Urls.identityProviderAuthnResponse(this.session.getContext().getUri().getBaseUri(), providerId, this.realmModel.getName()).toString();
}
private Response redirectToErrorPage(AuthenticationSessionModel authSession, Response.Status status, String message, Object ... parameters) {
@@ -1134,7 +1129,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
.setEventBuilder(event)
.setRealm(realmModel)
.setSession(session)
- .setUriInfo(uriInfo)
+ .setUriInfo(session.getContext().getUri())
.setRequest(request);
if (errorMessage != null) processor.setForwardedErrorMessage(new FormMessage(null, errorMessage));
@@ -1196,7 +1191,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
}
private Response corsResponse(Response response, ClientModel clientModel) {
- return Cors.add(this.request, Response.fromResponse(response)).auth().allowedOrigins(uriInfo, clientModel).build();
+ return Cors.add(this.request, Response.fromResponse(response)).auth().allowedOrigins(session.getContext().getUri(), clientModel).build();
}
private void fireErrorEvent(String message, Throwable throwable) {
diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
index ccaadb5..9723eb3 100755
--- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
@@ -16,13 +16,21 @@
*/
package org.keycloak.services.resources;
-import org.keycloak.authentication.*;
-import org.keycloak.authentication.actiontoken.DefaultActionTokenKey;
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.OAuth2Constants;
import org.keycloak.TokenVerifier;
-import org.keycloak.authentication.actiontoken.*;
+import org.keycloak.authentication.AuthenticationFlowException;
+import org.keycloak.authentication.AuthenticationProcessor;
+import org.keycloak.authentication.ExplainedVerificationException;
+import org.keycloak.authentication.RequiredActionContext;
+import org.keycloak.authentication.RequiredActionContextResult;
+import org.keycloak.authentication.RequiredActionFactory;
+import org.keycloak.authentication.RequiredActionProvider;
+import org.keycloak.authentication.actiontoken.ActionTokenContext;
+import org.keycloak.authentication.actiontoken.ActionTokenHandler;
+import org.keycloak.authentication.actiontoken.DefaultActionTokenKey;
+import org.keycloak.authentication.actiontoken.ExplainedTokenVerificationException;
import org.keycloak.authentication.actiontoken.resetcred.ResetCredentialsActionTokenHandler;
import org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator;
import org.keycloak.authentication.authenticators.broker.util.PostBrokerLoginConstants;
@@ -39,15 +47,12 @@ import org.keycloak.events.EventType;
import org.keycloak.exceptions.TokenNotActiveException;
import org.keycloak.models.ActionTokenKeyModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatedClientSessionModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.ClientSessionContext;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
-import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.AuthenticationFlowResolver;
@@ -68,9 +73,9 @@ import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.services.managers.ClientSessionCode;
import org.keycloak.services.messages.Messages;
-import org.keycloak.services.util.CacheControlUtil;
import org.keycloak.services.util.AuthenticationFlowURLHelper;
import org.keycloak.services.util.BrowserHistoryHelper;
+import org.keycloak.services.util.CacheControlUtil;
import org.keycloak.sessions.AuthenticationSessionCompoundId;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.RootAuthenticationSessionModel;
@@ -87,12 +92,12 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
+import javax.ws.rs.core.UriBuilderException;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Providers;
import java.net.URI;
import java.util.Map;
-import javax.ws.rs.core.*;
import static org.keycloak.authentication.actiontoken.DefaultActionToken.ACTION_TOKEN_BASIC_CHECKS;
/**
@@ -125,9 +130,6 @@ public class LoginActionsService {
protected HttpHeaders headers;
@Context
- private UriInfo uriInfo;
-
- @Context
private ClientConnection clientConnection;
@Context
@@ -178,7 +180,7 @@ public class LoginActionsService {
}
private boolean checkSsl() {
- if (uriInfo.getBaseUri().getScheme().equals("https")) {
+ if (session.getContext().getUri().getBaseUri().getScheme().equals("https")) {
return true;
} else {
return !realm.getSslRequired().isRequired(clientConnection);
@@ -186,14 +188,14 @@ public class LoginActionsService {
}
private SessionCodeChecks checksForCode(String authSessionId, String code, String execution, String clientId, String tabId, String flowPath) {
- SessionCodeChecks res = new SessionCodeChecks(realm, uriInfo, request, clientConnection, session, event, authSessionId, code, execution, clientId, tabId, flowPath);
+ SessionCodeChecks res = new SessionCodeChecks(realm, session.getContext().getUri(), request, clientConnection, session, event, authSessionId, code, execution, clientId, tabId, flowPath);
res.initialVerify();
return res;
}
protected URI getLastExecutionUrl(String flowPath, String executionId, String clientId, String tabId) {
- return new AuthenticationFlowURLHelper(session, realm, uriInfo)
+ return new AuthenticationFlowURLHelper(session, realm, session.getContext().getUri())
.getLastExecutionUrl(flowPath, executionId, clientId, tabId);
}
@@ -209,7 +211,7 @@ public class LoginActionsService {
@QueryParam(Constants.CLIENT_ID) String clientId,
@QueryParam(Constants.TAB_ID) String tabId) {
event.event(EventType.RESTART_AUTHENTICATION);
- SessionCodeChecks checks = new SessionCodeChecks(realm, uriInfo, request, clientConnection, session, event, authSessionId, null, null, clientId, tabId, null);
+ SessionCodeChecks checks = new SessionCodeChecks(realm, session.getContext().getUri(), request, clientConnection, session, event, authSessionId, null, null, clientId, tabId, null);
AuthenticationSessionModel authSession = checks.initialVerifyAuthSession();
if (authSession == null) {
@@ -268,7 +270,7 @@ public class LoginActionsService {
.setEventBuilder(event)
.setRealm(realm)
.setSession(session)
- .setUriInfo(uriInfo)
+ .setUriInfo(session.getContext().getUri())
.setRequest(request);
if (errorMessage != null) {
processor.setForwardedErrorMessage(new FormMessage(null, errorMessage));
@@ -380,11 +382,11 @@ public class LoginActionsService {
authSession.setAction(AuthenticationSessionModel.Action.AUTHENTICATE.name());
//authSession.setNote(AuthenticationManager.END_AFTER_REQUIRED_ACTIONS, "true");
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
- String redirectUri = Urls.accountBase(uriInfo.getBaseUri()).path("/").build(realm.getName()).toString();
+ String redirectUri = Urls.accountBase(session.getContext().getUri().getBaseUri()).path("/").build(realm.getName()).toString();
authSession.setRedirectUri(redirectUri);
authSession.setClientNote(OIDCLoginProtocol.RESPONSE_TYPE_PARAM, OAuth2Constants.CODE);
authSession.setClientNote(OIDCLoginProtocol.REDIRECT_URI_PARAM, redirectUri);
- authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
+ authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName()));
return authSession;
}
@@ -479,7 +481,7 @@ public class LoginActionsService {
.withChecks(
// Token introspection checks
TokenVerifier.IS_ACTIVE,
- new TokenVerifier.RealmUrlCheck(Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName())),
+ new TokenVerifier.RealmUrlCheck(Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName())),
ACTION_TOKEN_BASIC_CHECKS
)
@@ -510,7 +512,7 @@ public class LoginActionsService {
}
// Now proceed with the verification and handle the token
- tokenContext = new ActionTokenContext(session, realm, uriInfo, clientConnection, request, event, handler, execution, this::processFlow, this::brokerLoginFlow);
+ tokenContext = new ActionTokenContext(session, realm, session.getContext().getUri(), clientConnection, request, event, handler, execution, this::processFlow, this::brokerLoginFlow);
try {
String tokenAuthSessionCompoundId = handler.getAuthenticationSessionIdFromToken(token, tokenContext, authSession);
@@ -667,7 +669,7 @@ public class LoginActionsService {
AuthenticationSessionModel authSession = checks.getAuthenticationSession();
- AuthenticationManager.expireIdentityCookie(realm, uriInfo, clientConnection);
+ AuthenticationManager.expireIdentityCookie(realm, session.getContext().getUri(), clientConnection);
return processRegistration(checks.isActionRequest(), execution, authSession, null);
}
@@ -771,7 +773,7 @@ public class LoginActionsService {
}
private Response redirectToAfterBrokerLoginEndpoint(AuthenticationSessionModel authSession, boolean firstBrokerLogin) {
- return redirectToAfterBrokerLoginEndpoint(session, realm, uriInfo, authSession, firstBrokerLogin);
+ return redirectToAfterBrokerLoginEndpoint(session, realm, session.getContext().getUri(), authSession, firstBrokerLogin);
}
public static Response redirectToAfterBrokerLoginEndpoint(KeycloakSession session, RealmModel realm, UriInfo uriInfo, AuthenticationSessionModel authSession, boolean firstBrokerLogin) {
@@ -800,8 +802,8 @@ public class LoginActionsService {
public Response processConsent(final MultivaluedMap<String, String> formData) {
event.event(EventType.LOGIN);
String code = formData.getFirst(SESSION_CODE);
- String clientId = uriInfo.getQueryParameters().getFirst(Constants.CLIENT_ID);
- String tabId = uriInfo.getQueryParameters().getFirst(Constants.TAB_ID);
+ String clientId = session.getContext().getUri().getQueryParameters().getFirst(Constants.CLIENT_ID);
+ String tabId = session.getContext().getUri().getQueryParameters().getFirst(Constants.TAB_ID);
SessionCodeChecks checks = checksForCode(null, code, null, clientId, tabId, REQUIRED_ACTION);
if (!checks.verifyRequiredAction(AuthenticationSessionModel.Action.OAUTH_GRANT.name())) {
return checks.getResponse();
@@ -819,7 +821,7 @@ public class LoginActionsService {
LoginProtocol protocol = session.getProvider(LoginProtocol.class, authSession.getProtocol());
protocol.setRealm(realm)
.setHttpHeaders(headers)
- .setUriInfo(uriInfo)
+ .setUriInfo(session.getContext().getUri())
.setEventBuilder(event);
Response response = protocol.sendError(authSession, Error.CONSENT_DENIED);
event.error(Errors.REJECTED_BY_USER);
@@ -847,7 +849,7 @@ public class LoginActionsService {
event.success();
ClientSessionContext clientSessionCtx = AuthenticationProcessor.attachSession(authSession, null, session, realm, clientConnection, event);
- return AuthenticationManager.redirectAfterSuccessfulFlow(session, realm, clientSessionCtx.getClientSession().getUserSession(), clientSessionCtx, request, uriInfo, clientConnection, event, authSession.getProtocol());
+ return AuthenticationManager.redirectAfterSuccessfulFlow(session, realm, clientSessionCtx.getClientSession().getUserSession(), clientSessionCtx, request, session.getContext().getUri(), clientConnection, event, authSession.getProtocol());
}
private void initLoginEvent(AuthenticationSessionModel authSession) {
@@ -922,7 +924,7 @@ public class LoginActionsService {
if (!checks.isActionRequest()) {
initLoginEvent(authSession);
event.event(EventType.CUSTOM_REQUIRED_ACTION);
- return AuthenticationManager.nextActionAfterAuthentication(session, authSession, clientConnection, request, uriInfo, event);
+ return AuthenticationManager.nextActionAfterAuthentication(session, authSession, clientConnection, request, session.getContext().getUri(), event);
}
initLoginEvent(authSession);
@@ -967,7 +969,7 @@ public class LoginActionsService {
authSession.getAuthenticatedUser().removeRequiredAction(factory.getId());
authSession.removeAuthNote(AuthenticationProcessor.CURRENT_AUTHENTICATION_EXECUTION);
- response = AuthenticationManager.nextActionAfterAuthentication(session, authSession, clientConnection, request, uriInfo, event);
+ response = AuthenticationManager.nextActionAfterAuthentication(session, authSession, clientConnection, request, session.getContext().getUri(), event);
} else if (context.getStatus() == RequiredActionContext.Status.CHALLENGE) {
response = context.getChallenge();
} else if (context.getStatus() == RequiredActionContext.Status.FAILURE) {
diff --git a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
index 0bacdbb..baf768e 100755
--- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
@@ -26,7 +26,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.representations.idm.PublishedRealmRepresentation;
import org.keycloak.services.resources.account.AccountFormService;
-import org.keycloak.services.resources.admin.AdminRoot;
import javax.ws.rs.GET;
import javax.ws.rs.OPTIONS;
@@ -47,9 +46,6 @@ public class PublicRealmResource {
protected static final Logger logger = Logger.getLogger(PublicRealmResource.class);
@Context
- protected UriInfo uriInfo;
-
- @Context
protected HttpRequest request;
@Context
@@ -85,7 +81,7 @@ public class PublicRealmResource {
@Produces(MediaType.APPLICATION_JSON)
public PublishedRealmRepresentation getRealm() {
Cors.add(request).allowedOrigins(Cors.ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD).auth().build(response);
- return realmRep(session, realm, uriInfo);
+ return realmRep(session, realm, session.getContext().getUri());
}
public static PublishedRealmRepresentation realmRep(KeycloakSession session, RealmModel realm, UriInfo uriInfo) {
diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
index 84ea21f..7a95bb8 100755
--- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
@@ -71,9 +71,6 @@ public class RealmsResource {
@Context
private HttpRequest request;
- @Context
- private UriInfo uriInfo;
-
public static UriBuilder realmBaseUrl(UriInfo uriInfo) {
UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
return realmBaseUrl(baseUriBuilder);
@@ -163,7 +160,7 @@ public class RealmsResource {
if (client.getRootUrl() != null && (client.getBaseUrl() == null || client.getBaseUrl().isEmpty())) {
targetUri = KeycloakUriBuilder.fromUri(client.getRootUrl()).build();
} else {
- targetUri = KeycloakUriBuilder.fromUri(ResolveRelative.resolveRelativeUri(uriInfo.getRequestUri(), client.getRootUrl(), client.getBaseUrl())).build();
+ targetUri = KeycloakUriBuilder.fromUri(ResolveRelative.resolveRelativeUri(session.getContext().getUri().getRequestUri(), client.getRootUrl(), client.getBaseUrl())).build();
}
return Response.seeOther(targetUri).build();
diff --git a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java
index f6e464e..f80241e 100755
--- a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java
@@ -17,7 +17,6 @@
package org.keycloak.services.resources;
import org.jboss.logging.Logger;
-import org.keycloak.Config;
import org.keycloak.common.ClientConnection;
import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.MimeTypeUtil;
@@ -32,7 +31,6 @@ import org.keycloak.services.util.CookieHelper;
import org.keycloak.theme.BrowserSecurityHeaderSetup;
import org.keycloak.theme.FreeMarkerUtil;
import org.keycloak.theme.Theme;
-import org.keycloak.theme.ThemeProvider;
import org.keycloak.utils.MediaType;
import javax.ws.rs.Consumes;
@@ -49,7 +47,6 @@ import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status;
-import javax.ws.rs.core.UriInfo;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
@@ -75,9 +72,6 @@ public class WelcomeResource {
protected HttpHeaders headers;
@Context
- private UriInfo uriInfo;
-
- @Context
private KeycloakSession session;
public WelcomeResource(boolean bootstrap) {
@@ -95,7 +89,7 @@ public class WelcomeResource {
public Response getWelcomePage() throws URISyntaxException {
checkBootstrap();
- String requestUri = uriInfo.getRequestUri().toString();
+ String requestUri = session.getContext().getUri().getRequestUri().toString();
if (!requestUri.endsWith("/")) {
return Response.seeOther(new URI(requestUri + "/")).build();
} else {
@@ -243,15 +237,15 @@ public class WelcomeResource {
private String setCsrfCookie() {
String stateChecker = Base64Url.encode(KeycloakModelUtils.generateSecret());
- String cookiePath = uriInfo.getPath();
- boolean secureOnly = uriInfo.getRequestUri().getScheme().equalsIgnoreCase("https");
+ String cookiePath = session.getContext().getUri().getPath();
+ boolean secureOnly = session.getContext().getUri().getRequestUri().getScheme().equalsIgnoreCase("https");
CookieHelper.addCookie(KEYCLOAK_STATE_CHECKER, stateChecker, cookiePath, null, null, 300, secureOnly, true);
return stateChecker;
}
private void expireCsrfCookie() {
- String cookiePath = uriInfo.getPath();
- boolean secureOnly = uriInfo.getRequestUri().getScheme().equalsIgnoreCase("https");
+ String cookiePath = session.getContext().getUri().getPath();
+ boolean secureOnly = session.getContext().getUri().getRequestUri().getScheme().equalsIgnoreCase("https");
CookieHelper.addCookie(KEYCLOAK_STATE_CHECKER, "", cookiePath, null, null, 0, secureOnly, true);
}
diff --git a/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java b/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java
index b8d6c3a..e8e5196 100755
--- a/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java
+++ b/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java
@@ -22,8 +22,8 @@ import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig;
import org.keycloak.broker.provider.AbstractIdentityProvider;
import org.keycloak.broker.provider.AuthenticationRequest;
import org.keycloak.broker.provider.BrokeredIdentityContext;
-import org.keycloak.broker.provider.IdentityBrokerException;
import org.keycloak.broker.provider.ExchangeTokenToIdentityProviderToken;
+import org.keycloak.broker.provider.IdentityBrokerException;
import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.util.IdentityBrokerState;
import org.keycloak.broker.social.SocialIdentityProvider;
@@ -173,11 +173,6 @@ public class TwitterIdentityProvider extends AbstractIdentityProvider<OAuth2Iden
@Context
protected HttpHeaders headers;
- @Context
- protected UriInfo uriInfo;
-
-
-
public Endpoint(RealmModel realm, AuthenticationCallback callback, EventBuilder event) {
this.realm = realm;
this.callback = callback;