keycloak-aplcache
Changes
spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthenticationProviderManager.java 5(+2 -3)
Details
diff --git a/model/api/src/main/java/org/keycloak/models/AuthenticationProviderModel.java b/model/api/src/main/java/org/keycloak/models/AuthenticationProviderModel.java
index 6a0f1c6..7dea3c9 100644
--- a/model/api/src/main/java/org/keycloak/models/AuthenticationProviderModel.java
+++ b/model/api/src/main/java/org/keycloak/models/AuthenticationProviderModel.java
@@ -1,5 +1,6 @@
package org.keycloak.models;
+import java.util.Collections;
import java.util.Map;
/**
@@ -7,6 +8,8 @@ import java.util.Map;
*/
public class AuthenticationProviderModel {
+ public static final AuthenticationProviderModel DEFAULT_PROVIDER = new AuthenticationProviderModel("model", true, Collections.EMPTY_MAP);
+
private String providerName;
private boolean passwordUpdateSupported = true;
private Map<String, String> config;
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
index 95e113d..8517ad2 100644
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
@@ -25,6 +25,7 @@ public class AuthenticationProviderEntity {
private String providerName;
private boolean passwordUpdateSupported;
+ private int priority;
@ElementCollection
@MapKeyColumn(name="name")
@@ -56,6 +57,14 @@ public class AuthenticationProviderEntity {
this.passwordUpdateSupported = passwordUpdateSupported;
}
+ public int getPriority() {
+ return priority;
+ }
+
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
public Map<String, String> getConfig() {
return config;
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
index c099913..1863cb7 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
@@ -17,6 +17,7 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -67,7 +68,7 @@ public class RealmEntity {
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="AuthProviders")
- Collection<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
+ List<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<ApplicationEntity> applications = new ArrayList<ApplicationEntity>();
@@ -244,11 +245,11 @@ public class RealmEntity {
this.requiredCredentials = requiredCredentials;
}
- public Collection<AuthenticationProviderEntity> getAuthenticationProviders() {
+ public List<AuthenticationProviderEntity> getAuthenticationProviders() {
return authenticationProviders;
}
- public void setAuthenticationProviders(Collection<AuthenticationProviderEntity> authenticationProviders) {
+ public void setAuthenticationProviders(List<AuthenticationProviderEntity> authenticationProviders) {
this.authenticationProviders = authenticationProviders;
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index dbb3a92..08e6f39 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -38,6 +38,8 @@ import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -814,7 +816,15 @@ public class RealmAdapter implements RealmModel {
@Override
public List<AuthenticationProviderModel> getAuthenticationProviders() {
- Collection<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
+ List<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
+ Collections.sort(entities, new Comparator<AuthenticationProviderEntity>() {
+
+ @Override
+ public int compare(AuthenticationProviderEntity o1, AuthenticationProviderEntity o2) {
+ return o1.getPriority() - o2.getPriority();
+ }
+
+ });
List<AuthenticationProviderModel> result = new ArrayList<AuthenticationProviderModel>();
for (AuthenticationProviderEntity entity : entities) {
result.add(new AuthenticationProviderModel(entity.getProviderName(), entity.isPasswordUpdateSupported(), entity.getConfig()));
@@ -826,11 +836,13 @@ public class RealmAdapter implements RealmModel {
@Override
public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
List<AuthenticationProviderEntity> newEntities = new ArrayList<AuthenticationProviderEntity>();
+ int counter = 1;
for (AuthenticationProviderModel model : authenticationProviders) {
AuthenticationProviderEntity entity = new AuthenticationProviderEntity();
entity.setProviderName(model.getProviderName());
entity.setPasswordUpdateSupported(model.isPasswordUpdateSupported());
entity.setConfig(model.getConfig());
+ entity.setPriority(counter++);
newEntities.add(entity);
}
diff --git a/model/tests/src/test/java/org/keycloak/model/test/AuthenticationManagerTest.java b/model/tests/src/test/java/org/keycloak/model/test/AuthenticationManagerTest.java
index 513c119..8e9b7c3 100755
--- a/model/tests/src/test/java/org/keycloak/model/test/AuthenticationManagerTest.java
+++ b/model/tests/src/test/java/org/keycloak/model/test/AuthenticationManagerTest.java
@@ -3,6 +3,7 @@ package org.keycloak.model.test;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
+import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
@@ -14,6 +15,8 @@ import org.keycloak.services.managers.AuthenticationManager.AuthenticationStatus
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.MultivaluedMap;
+
+import java.util.Arrays;
import java.util.UUID;
public class AuthenticationManagerTest extends AbstractModelTest {
@@ -138,6 +141,7 @@ public class AuthenticationManagerTest extends AbstractModelTest {
realm.setPublicKeyPem("0234234");
realm.setAccessTokenLifespan(1000);
realm.addRequiredCredential(CredentialRepresentation.PASSWORD);
+ realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
am = new AuthenticationManager();
diff --git a/model/tests/src/test/java/org/keycloak/model/test/AuthProvidersExternalModelTest.java b/model/tests/src/test/java/org/keycloak/model/test/AuthProvidersExternalModelTest.java
index f8ce23b..3f57de3 100644
--- a/model/tests/src/test/java/org/keycloak/model/test/AuthProvidersExternalModelTest.java
+++ b/model/tests/src/test/java/org/keycloak/model/test/AuthProvidersExternalModelTest.java
@@ -49,6 +49,8 @@ public class AuthProvidersExternalModelTest extends AbstractModelTest {
realm2 = realmManager.createRealm("realm2");
realm1.addRequiredCredential(CredentialRepresentation.PASSWORD);
realm2.addRequiredCredential(CredentialRepresentation.PASSWORD);
+ realm1.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
+ realm2.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
UserModel john = realm1.addUser("john");
john.setEnabled(true);
diff --git a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
index 8233a4c..ea5e5aa 100755
--- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
@@ -1,8 +1,11 @@
package org.keycloak.services.managers;
+import java.util.Arrays;
+
import org.jboss.resteasy.logging.Logger;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
@@ -58,6 +61,7 @@ public class ApplianceBootstrap {
realm.setSslNotRequired(true);
realm.setRegistrationAllowed(false);
manager.generateRealmKeys(realm);
+ realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
ApplicationModel adminConsole = new ApplicationManager(manager).createApplication(realm, Constants.ADMIN_CONSOLE_APPLICATION);
adminConsole.setBaseUrl("/auth/admin/index.html");
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index d2e42f6..5b4c735 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -37,6 +37,7 @@ import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
@@ -411,6 +412,9 @@ public class RealmManager {
if (rep.getAuthenticationProviders() != null) {
List<AuthenticationProviderModel> authProviderModels = convertAuthenticationProviders(rep.getAuthenticationProviders());
newRealm.setAuthenticationProviders(authProviderModels);
+ } else {
+ List<AuthenticationProviderModel> authProviderModels = Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER);
+ newRealm.setAuthenticationProviders(authProviderModels);
}
}
diff --git a/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthenticationProviderManager.java b/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthenticationProviderManager.java
index 669153e..8c6a6b8 100644
--- a/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthenticationProviderManager.java
+++ b/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthenticationProviderManager.java
@@ -22,7 +22,6 @@ import org.keycloak.util.ProviderLoader;
public class AuthenticationProviderManager {
private static final Logger logger = Logger.getLogger(AuthenticationProviderManager.class);
- private static final AuthenticationProviderModel DEFAULT_PROVIDER = new AuthenticationProviderModel(AuthProviderConstants.PROVIDER_NAME_MODEL, true, Collections.EMPTY_MAP);
private final RealmModel realm;
private final Map<String, AuthenticationProvider> delegates;
@@ -122,8 +121,8 @@ public class AuthenticationProviderManager {
// Use model based authentication of current realm by default
if (configuredProviders == null || configuredProviders.isEmpty()) {
- configuredProviders = new ArrayList<AuthenticationProviderModel>();
- configuredProviders.add(DEFAULT_PROVIDER);
+ configuredProviders = Collections.EMPTY_LIST;
+ logger.warnf("No authentication providers found");
}
return configuredProviders;
diff --git a/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthProviderConstants.java b/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthProviderConstants.java
index cae2cb6..d736da7 100644
--- a/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthProviderConstants.java
+++ b/spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthProviderConstants.java
@@ -5,12 +5,11 @@ package org.keycloak.spi.authentication;
*/
public class AuthProviderConstants {
+ // Model is default provider. See AuthenticationProviderModel.DEFAULT_PROVIDER
public static final String PROVIDER_NAME_MODEL = "model";
public static final String PROVIDER_NAME_EXTERNAL_MODEL = "externalModel";
public static final String PROVIDER_NAME_PICKETLINK = "picketlink";
- public static final String DEFAULT_PROVIDER = PROVIDER_NAME_MODEL;
-
// Used in external-model provider
public static final String EXTERNAL_REALM_ID = "externalRealmId";
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
index 3ddf565..c971525 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
@@ -27,6 +27,7 @@ import org.junit.Rule;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
@@ -44,6 +45,7 @@ import org.keycloak.testsuite.rule.WebRule;
import org.openqa.selenium.WebDriver;
import java.security.PublicKey;
+import java.util.Arrays;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -66,6 +68,7 @@ public class CompositeRoleTest {
realm.setSslNotRequired(true);
realm.setEnabled(true);
realm.addRequiredCredential(UserCredentialModel.PASSWORD);
+ realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
final RoleModel realmRole1 = realm.addRole("REALM_ROLE_1");
final RoleModel realmRole2 = realm.addRole("REALM_ROLE_2");
final RoleModel realmRole3 = realm.addRole("REALM_ROLE_3");