keycloak-aplcache
Changes
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java 2(+1 -1)
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaSecurityContextHelper.java 6(+3 -3)
integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java 4(+2 -2)
integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java 2(+1 -1)
Details
diff --git a/core/src/main/java/org/keycloak/representations/JsonWebToken.java b/core/src/main/java/org/keycloak/representations/JsonWebToken.java
index 3d7252a..c5ca3f1 100755
--- a/core/src/main/java/org/keycloak/representations/JsonWebToken.java
+++ b/core/src/main/java/org/keycloak/representations/JsonWebToken.java
@@ -22,8 +22,8 @@ public class JsonWebToken implements Serializable {
protected String issuer;
@JsonProperty("aud")
protected String audience;
- @JsonProperty("prn")
- protected String principal;
+ @JsonProperty("sub")
+ protected String subject;
@JsonProperty("typ")
protected String type;
@@ -116,12 +116,12 @@ public class JsonWebToken implements Serializable {
return this;
}
- public String getPrincipal() {
- return principal;
+ public String getSubject() {
+ return subject;
}
public JsonWebToken principal(String principal) {
- this.principal = principal;
+ this.subject = principal;
return this;
}
diff --git a/core/src/main/java/org/keycloak/RSATokenVerifier.java b/core/src/main/java/org/keycloak/RSATokenVerifier.java
index 56fe140..f4d6896 100755
--- a/core/src/main/java/org/keycloak/RSATokenVerifier.java
+++ b/core/src/main/java/org/keycloak/RSATokenVerifier.java
@@ -32,7 +32,7 @@ public class RSATokenVerifier {
if (!token.isActive()) {
throw new VerificationException("Token is not active.");
}
- String user = token.getPrincipal();
+ String user = token.getSubject();
if (user == null) {
throw new VerificationException("Token user was null");
}
diff --git a/core/src/test/java/org/keycloak/RSAVerifierTest.java b/core/src/test/java/org/keycloak/RSAVerifierTest.java
index 0aacbc8..ca0f46f 100755
--- a/core/src/test/java/org/keycloak/RSAVerifierTest.java
+++ b/core/src/test/java/org/keycloak/RSAVerifierTest.java
@@ -97,7 +97,7 @@ public class RSAVerifierTest {
.rsa256(idpPair.getPrivate());
SkeletonKeyToken token = verifySkeletonKeyToken(encoded);
Assert.assertTrue(token.getResourceAccess("service").getRoles().contains("admin"));
- Assert.assertEquals("CN=Client", token.getPrincipal());
+ Assert.assertEquals("CN=Client", token.getSubject());
}
private SkeletonKeyToken verifySkeletonKeyToken(String encoded) throws VerificationException {
diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java
index da95481..c75704f 100755
--- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java
+++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaBearerTokenAuthenticator.java
@@ -102,7 +102,7 @@ public class CatalinaBearerTokenAuthenticator {
}
surrogate = chain[0].getSubjectX500Principal().getName();
}
- SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getPrincipal(), surrogate);
+ SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getSubject(), surrogate);
principal = new CatalinaSecurityContextHelper().createPrincipal(request.getContext().getRealm(), skeletonKeyPrincipal, roles);
request.setUserPrincipal(principal);
request.setAuthType("OAUTH_BEARER");
diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaSecurityContextHelper.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaSecurityContextHelper.java
index b939d19..8cfbcb5 100755
--- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaSecurityContextHelper.java
+++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/CatalinaSecurityContextHelper.java
@@ -65,11 +65,11 @@ public class CatalinaSecurityContextHelper {
}
/**
- * Get the Principal given the authenticated Subject. Currently the first principal that is not of type {@code Group} is
- * considered or the single principal inside the CallerPrincipal group.
+ * Get the Principal given the authenticated Subject. Currently the first subject that is not of type {@code Group} is
+ * considered or the single subject inside the CallerPrincipal group.
*
* @param subject
- * @return the authenticated principal
+ * @return the authenticated subject
*/
protected Principal getPrincipal(Subject subject) {
Principal principal = null;
diff --git a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java
index b8b0688..01eb9aa 100755
--- a/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java
+++ b/integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticatorValve.java
@@ -227,7 +227,7 @@ public class OAuthAuthenticatorValve extends FormAuthenticator implements Lifecy
SkeletonKeyToken.Access access = token.getRealmAccess();
if (access != null) roles.addAll(access.getRoles());
}
- SkeletonKeyPrincipal skp = new SkeletonKeyPrincipal(token.getPrincipal(), null);
+ SkeletonKeyPrincipal skp = new SkeletonKeyPrincipal(token.getSubject(), null);
GenericPrincipal principal = new CatalinaSecurityContextHelper().createPrincipal(context.getRealm(), skp, roles);
Session session = request.getSessionInternal(true);
session.setPrincipal(principal);
@@ -235,7 +235,7 @@ public class OAuthAuthenticatorValve extends FormAuthenticator implements Lifecy
SkeletonKeySession skSession = new SkeletonKeySession(oauth.getTokenString(), token, realmConfiguration.getMetadata());
session.setNote(SkeletonKeySession.class.getName(), skSession);
- String username = token.getPrincipal();
+ String username = token.getSubject();
log.debug("userSessionManage.login: " + username);
userSessionManagement.login(session, username);
}
diff --git a/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java b/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java
index 319b5ac..6a5cb02 100755
--- a/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java
+++ b/integration/jaxrs-oauth-client/src/main/java/org/keycloak/jaxrs/JaxrsBearerTokenFilter.java
@@ -71,7 +71,7 @@ public class JaxrsBearerTokenFilter implements ContainerRequestFilter {
ResteasyProviderFactory.pushContext(SkeletonKeySession.class, skSession);
String callerPrincipal = securityContext.getUserPrincipal() != null ? securityContext.getUserPrincipal().getName() : null;
- final SkeletonKeyPrincipal principal = new SkeletonKeyPrincipal(token.getPrincipal(), callerPrincipal);
+ final SkeletonKeyPrincipal principal = new SkeletonKeyPrincipal(token.getSubject(), callerPrincipal);
final boolean isSecure = securityContext.isSecure();
final SkeletonKeyToken.Access access;
if (resourceMetadata.getResourceName() != null) {
diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java
index 120546f..8f0df9d 100755
--- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java
+++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakAuthenticationMechanism.java
@@ -98,7 +98,7 @@ public class KeycloakAuthenticationMechanism implements AuthenticationMechanism
}
protected SkeletonKeyPrincipal completeAuthentication(SecurityContext securityContext, SkeletonKeyToken token, String surrogate) {
- final SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getPrincipal(), surrogate);
+ final SkeletonKeyPrincipal skeletonKeyPrincipal = new SkeletonKeyPrincipal(token.getSubject(), surrogate);
Set<String> roles = null;
if (adapterConfig.isUseResourceRoleMappings()) {
SkeletonKeyToken.Access access = token.getResourceAccess(resourceMetadata.getResourceName());
diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
index a42b93a..6b6545b 100755
--- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
@@ -172,7 +172,7 @@ public class AuthenticationManager {
Auth auth = new Auth(token);
- UserModel user = realm.getUser(token.getPrincipal());
+ UserModel user = realm.getUser(token.getSubject());
if (user == null || !user.isEnabled()) {
logger.debug("Unknown user in identity cookie");
expireIdentityCookie(realm, uriInfo);
@@ -219,7 +219,7 @@ public class AuthenticationManager {
Auth auth = new Auth(token);
- UserModel user = realm.getUser(token.getPrincipal());
+ UserModel user = realm.getUser(token.getSubject());
if (user == null || !user.isEnabled()) {
throw new NotAuthorizedException("invalid_user");
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
index 0b25e48..2dfdde3 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
@@ -69,7 +69,7 @@ public class AccessTokenTest {
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
- Assert.assertEquals("test-user@localhost", token.getPrincipal());
+ Assert.assertEquals("test-user@localhost", token.getSubject());
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
Assert.assertTrue(token.getRealmAccess().isUserInRole("user"));
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
index e4c3c6f..d247d39 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
@@ -102,7 +102,7 @@ public class SocialLoginTest {
SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
- Assert.assertEquals("dummy-user", token.getPrincipal());
+ Assert.assertEquals("dummy-user", token.getSubject());
}
@Test