diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
index 45bd0df..1813e8a 100755
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProvider.java
@@ -140,31 +140,10 @@ public class LDAPFederationProvider implements UserFederationProvider {
@Override
public List<UserModel> searchByAttributes(Map<String, String> attributes, RealmModel realm, int maxResults) {
- IdentityManager identityManager = getIdentityManager();
List<UserModel> searchResults =new LinkedList<UserModel>();
try {
- Map<String, User> results = new HashMap<String, User>();
- if (attributes.containsKey(USERNAME)) {
- User user = BasicModel.getUser(identityManager, attributes.get(USERNAME));
- if (user != null) results.put(user.getLoginName(), user);
- } else if (attributes.containsKey(EMAIL)) {
- User user = queryByEmail(identityManager, attributes.get(EMAIL));
- if (user != null) results.put(user.getLoginName(), user);
- } else if (attributes.containsKey(FIRST_NAME) || attributes.containsKey(LAST_NAME)) {
- IdentityQuery<User> query = identityManager.createIdentityQuery(User.class);
- if (attributes.containsKey(FIRST_NAME)) {
- query.setParameter(User.FIRST_NAME, attributes.get(FIRST_NAME));
- }
- if (attributes.containsKey(LAST_NAME)) {
- query.setParameter(User.LAST_NAME, attributes.get(LAST_NAME));
- }
- query.setLimit(maxResults);
- List<User> agents = query.getResultList();
- for (User user : agents) {
- results.put(user.getLoginName(), user);
- }
- }
- for (User user : results.values()) {
+ Map<String, User> plUsers = searchPicketlink(attributes, maxResults);
+ for (User user : plUsers.values()) {
if (session.userStorage().getUserByUsername(user.getLoginName(), realm) == null) {
UserModel imported = importUserFromPicketlink(realm, user);
searchResults.add(imported);
@@ -176,6 +155,43 @@ public class LDAPFederationProvider implements UserFederationProvider {
return searchResults;
}
+ protected Map<String, User> searchPicketlink(Map<String, String> attributes, int maxResults) {
+ IdentityManager identityManager = getIdentityManager();
+ Map<String, User> results = new HashMap<String, User>();
+ if (attributes.containsKey(USERNAME)) {
+ User user = BasicModel.getUser(identityManager, attributes.get(USERNAME));
+ if (user != null) {
+ results.put(user.getLoginName(), user);
+ return results;
+ }
+ }
+
+ if (attributes.containsKey(EMAIL)) {
+ User user = queryByEmail(identityManager, attributes.get(EMAIL));
+ if (user != null) {
+ results.put(user.getLoginName(), user);
+ return results;
+ }
+ }
+
+ if (attributes.containsKey(FIRST_NAME) || attributes.containsKey(LAST_NAME)) {
+ IdentityQuery<User> query = identityManager.createIdentityQuery(User.class);
+ if (attributes.containsKey(FIRST_NAME)) {
+ query.setParameter(User.FIRST_NAME, attributes.get(FIRST_NAME));
+ }
+ if (attributes.containsKey(LAST_NAME)) {
+ query.setParameter(User.LAST_NAME, attributes.get(LAST_NAME));
+ }
+ query.setLimit(maxResults);
+ List<User> agents = query.getResultList();
+ for (User user : agents) {
+ results.put(user.getLoginName(), user);
+ }
+ }
+
+ return results;
+ }
+
@Override
public boolean isValid(UserModel local) {
try {
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java
index d0b2080..3caae8b 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java
@@ -237,23 +237,6 @@ public class FederationProvidersIntegrationTest {
}
@Test
- public void testRemoveFederatedUser() {
- KeycloakSession session = keycloakRule.startSession();
- try {
- RealmModel appRealm = session.realms().getRealmByName("test");
- UserModel user = session.users().getUserByUsername("registerUserSuccess2", appRealm);
- Assert.assertNotNull(user);
- Assert.assertNotNull(user.getFederationLink());
- Assert.assertEquals(user.getFederationLink(), ldapModel.getId());
-
- Assert.assertTrue(session.users().removeUser(appRealm, user));
- Assert.assertNull(session.users().getUserByUsername("registerUserSuccess2", appRealm));
- } finally {
- keycloakRule.stopSession(session, true);
- }
- }
-
- @Test
public void testReadonly() {
KeycloakSession session = keycloakRule.startSession();
try {
@@ -308,6 +291,60 @@ public class FederationProvidersIntegrationTest {
}
@Test
+ public void testRemoveFederatedUser() {
+ KeycloakSession session = keycloakRule.startSession();
+ try {
+ RealmModel appRealm = session.realms().getRealmByName("test");
+ UserModel user = session.users().getUserByUsername("registerUserSuccess2", appRealm);
+ Assert.assertNotNull(user);
+ Assert.assertNotNull(user.getFederationLink());
+ Assert.assertEquals(user.getFederationLink(), ldapModel.getId());
+
+ Assert.assertTrue(session.users().removeUser(appRealm, user));
+ Assert.assertNull(session.users().getUserByUsername("registerUserSuccess2", appRealm));
+ } finally {
+ keycloakRule.stopSession(session, true);
+ }
+ }
+
+ @Test
+ public void testSearch() {
+ KeycloakSession session = keycloakRule.startSession();
+ PartitionManager partitionManager = getPartitionManager(session, ldapModel);
+ try {
+ RealmModel appRealm = session.realms().getRealmByName("test");
+ LDAPUtils.addUser(partitionManager, "username1", "John1", "Doel1", "user1@email.org");
+ LDAPUtils.addUser(partitionManager, "username2", "John2", "Doel2", "user2@email.org");
+ LDAPUtils.addUser(partitionManager, "username3", "John3", "Doel3", "user3@email.org");
+ LDAPUtils.addUser(partitionManager, "username4", "John4", "Doel4", "user4@email.org");
+
+ // Users are not at local store at this moment
+ Assert.assertNull(session.userStorage().getUserByUsername("username1", appRealm));
+ Assert.assertNull(session.userStorage().getUserByUsername("username2", appRealm));
+ Assert.assertNull(session.userStorage().getUserByUsername("username3", appRealm));
+ Assert.assertNull(session.userStorage().getUserByUsername("username4", appRealm));
+
+ // search by username
+ session.users().searchForUser("username1", appRealm);
+ SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username1", "John1", "Doel1", "user1@email.org");
+
+ // search by email
+ session.users().searchForUser("user2@email.org", appRealm);
+ SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username2", "John2", "Doel2", "user2@email.org");
+
+ // search by lastName
+ session.users().searchForUser("Doel3", appRealm);
+ SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username3", "John3", "Doel3", "user3@email.org");
+
+ // search by firstName + lastName
+ session.users().searchForUser("John4 Doel4", appRealm);
+ SyncProvidersTest.assertUserImported(session.userStorage(), appRealm, "username4", "John4", "Doel4", "user4@email.org");
+ } finally {
+ keycloakRule.stopSession(session, true);
+ }
+ }
+
+ @Test
public void testUnsynced() {
KeycloakSession session = keycloakRule.startSession();
try {
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/SyncProvidersTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/SyncProvidersTest.java
index 35f863b..4d2da8e 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/SyncProvidersTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/SyncProvidersTest.java
@@ -185,7 +185,7 @@ public class SyncProvidersTest {
}
}
- private void assertUserImported(UserProvider userProvider, RealmModel realm, String username, String expectedFirstName, String expectedLastName, String expectedEmail) {
+ public static void assertUserImported(UserProvider userProvider, RealmModel realm, String username, String expectedFirstName, String expectedLastName, String expectedEmail) {
UserModel user = userProvider.getUserByUsername(username, realm);
Assert.assertNotNull(user);
Assert.assertEquals(expectedFirstName, user.getFirstName());
