Prosoft Git

keycloak-aplcache

KEYCLOAK-3493 KEYCLOAK-3532 Renamed KeyStorageProvider

10/3/2016 9:23:46 AM
mposolda

mposolda

Commit: 0f9798a

Tree: e379428

Parents: d12f157

Changes

model/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionProvider.java 2(+1 -1)

model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProvider.java 16(+8 -8)

model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProviderFactory.java 13(+7 -6)

model/infinispan/src/main/resources/META-INF/services/org.keycloak.keys.PublicKeyStorageProviderFactory 2(+1 -1)

model/infinispan/src/test/java/org/keycloak/models/keys/infinispan/InfinispanKeyStorageProviderTest.java 8(+4 -4)

server-spi/src/main/java/org/keycloak/keys/PublicKeyLoader.java 2(+1 -1)

server-spi/src/main/java/org/keycloak/keys/PublicKeyStorageProvider.java 4(+2 -2)

server-spi/src/main/java/org/keycloak/keys/PublicKeyStorageProviderFactory.java 2(+1 -1)

server-spi/src/main/java/org/keycloak/keys/PublicKeyStorageSpi.java 8(+4 -4)

server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi 2(+1 -1)

services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java 32(+16 -16)

services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java 4(+2 -2)

services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java 4(+2 -2)

services/src/main/java/org/keycloak/keys/loader/OIDCIdentityProviderPublicKeyLoader.java 6(+3 -3)

services/src/main/java/org/keycloak/keys/loader/PublicKeyStorageManager.java 10(+5 -5)

services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestObjectParser.java 17(+7 -10)

wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties 2(+1 -1)

wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli 4(+2 -2)

Details

model/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionProvider.java 2(+1 -1) 

diff --git a/model/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionProvider.java b/model/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionProvider.java
index 1468460..5173c3c 100755
--- a/model/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionProvider.java
+++ b/model/infinispan/src/main/java/org/keycloak/connections/infinispan/InfinispanConnectionProvider.java
@@ -40,7 +40,7 @@ public interface InfinispanConnectionProvider extends Provider {
     String AUTHORIZATION_CACHE_NAME = "authorization";
 
     String KEYS_CACHE_NAME = "keys";
-    int KEYS_CACHE_DEFAULT_MAX = 500;
+    int KEYS_CACHE_DEFAULT_MAX = 1000;
     int KEYS_CACHE_MAX_IDLE_SECONDS = 3600;

model/infinispan/src/test/java/org/keycloak/models/keys/infinispan/InfinispanKeyStorageProviderTest.java 8(+4 -4) 

diff --git a/model/infinispan/src/test/java/org/keycloak/models/keys/infinispan/InfinispanKeyStorageProviderTest.java b/model/infinispan/src/test/java/org/keycloak/models/keys/infinispan/InfinispanKeyStorageProviderTest.java
index 99a5f07..5a15dc3 100644
--- a/model/infinispan/src/test/java/org/keycloak/models/keys/infinispan/InfinispanKeyStorageProviderTest.java
+++ b/model/infinispan/src/test/java/org/keycloak/models/keys/infinispan/InfinispanKeyStorageProviderTest.java
@@ -39,8 +39,8 @@ import org.junit.Before;
 import org.junit.Test;
 import org.keycloak.common.util.Time;
 import org.keycloak.connections.infinispan.InfinispanConnectionProvider;
-import org.keycloak.keys.KeyLoader;
-import org.keycloak.keys.infinispan.InfinispanKeyStorageProvider;
+import org.keycloak.keys.PublicKeyLoader;
+import org.keycloak.keys.infinispan.InfinispanPublicKeyStorageProvider;
 import org.keycloak.keys.infinispan.PublicKeysEntry;
 
 /**
@@ -130,14 +130,14 @@ public class InfinispanKeyStorageProviderTest {
 
         @Override
         public void run() {
-            InfinispanKeyStorageProvider provider = new InfinispanKeyStorageProvider(keys, tasksInProgress, minTimeBetweenRequests);
+            InfinispanPublicKeyStorageProvider provider = new InfinispanPublicKeyStorageProvider(keys, tasksInProgress, minTimeBetweenRequests);
             provider.getPublicKey(modelKey, "kid1", new SampleLoader(modelKey));
         }
 
     }
 
 
-    private class SampleLoader implements KeyLoader {
+    private class SampleLoader implements PublicKeyLoader {
 
         private final String modelKey;

server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi 2(+1 -1) 

diff --git a/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index 5b1f529..392f3b0 100755
--- a/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -65,4 +65,4 @@ org.keycloak.policy.PasswordPolicyManagerSpi
 org.keycloak.transaction.TransactionManagerLookupSpi
 org.keycloak.credential.hash.PasswordHashSpi
 org.keycloak.credential.CredentialSpi
-org.keycloak.keys.KeyStorageSpi
+org.keycloak.keys.PublicKeyStorageSpi

services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java 32(+16 -16) 

diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
index aec70dc..16a867d 100644
--- a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
@@ -17,16 +17,29 @@
 
 package org.keycloak.authentication.authenticators.client;
 
+
+import java.security.PublicKey;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+
 import org.keycloak.OAuth2Constants;
 import org.keycloak.authentication.AuthenticationFlowError;
 import org.keycloak.authentication.ClientAuthenticationFlowContext;
 import org.keycloak.common.util.Time;
 import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.jose.jws.crypto.RSAProvider;
-import org.keycloak.keys.loader.KeyStorageManager;
+import org.keycloak.keys.loader.PublicKeyStorageManager;
 import org.keycloak.models.AuthenticationExecutionModel;
 import org.keycloak.models.ClientModel;
-import org.keycloak.models.ModelException;
 import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.oidc.OIDCLoginProtocol;
 import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
@@ -34,19 +47,6 @@ import org.keycloak.provider.ProviderConfigProperty;
 import org.keycloak.representations.JsonWebToken;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.Urls;
-import org.keycloak.services.util.CertificateInfoHelper;
-
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
-import java.security.PublicKey;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
 
 /**
  * Client authentication based on JWT signed by client private key .
@@ -163,7 +163,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
     }
 
     protected PublicKey getSignatureValidationKey(ClientModel client, ClientAuthenticationFlowContext context, JWSInput jws) {
-        PublicKey publicKey = KeyStorageManager.getClientPublicKey(context.getSession(), client, jws);
+        PublicKey publicKey = PublicKeyStorageManager.getClientPublicKey(context.getSession(), client, jws);
         if (publicKey == null) {
             Response challengeResponse = ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", "Unable to load public key");
             context.failure(AuthenticationFlowError.CLIENT_CREDENTIALS_SETUP_REQUIRED, challengeResponse);

services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java 4(+2 -2) 

diff --git a/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java b/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java
index c83d03f..8f971b8 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProvider.java
@@ -32,7 +32,7 @@ import org.keycloak.events.EventType;
 import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.jose.jws.JWSInputException;
 import org.keycloak.jose.jws.crypto.RSAProvider;
-import org.keycloak.keys.loader.KeyStorageManager;
+import org.keycloak.keys.loader.PublicKeyStorageManager;
 import org.keycloak.models.ClientSessionModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@@ -299,7 +299,7 @@ public class OIDCIdentityProvider extends AbstractOAuth2IdentityProvider<OIDCIde
     protected boolean verify(JWSInput jws) {
         if (!getConfig().isValidateSignature()) return true;
 
-        PublicKey publicKey = KeyStorageManager.getIdentityProviderPublicKey(session, session.getContext().getRealm(), getConfig(), jws);
+        PublicKey publicKey = PublicKeyStorageManager.getIdentityProviderPublicKey(session, session.getContext().getRealm(), getConfig(), jws);
 
         return publicKey != null && RSAProvider.verify(jws, publicKey);
     }

services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java 4(+2 -2) 

diff --git a/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java b/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java
index 39524ce..a788b19 100644
--- a/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java
+++ b/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java
@@ -26,7 +26,7 @@ import org.keycloak.authentication.authenticators.client.JWTClientAuthenticator;
 import org.keycloak.jose.jwk.JSONWebKeySet;
 import org.keycloak.jose.jwk.JWK;
 import org.keycloak.jose.jwk.JWKBuilder;
-import org.keycloak.keys.KeyLoader;
+import org.keycloak.keys.PublicKeyLoader;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.ModelException;
@@ -41,7 +41,7 @@ import org.keycloak.util.JWKSUtils;
 /**
  * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
  */
-public class ClientPublicKeyLoader implements KeyLoader {
+public class ClientPublicKeyLoader implements PublicKeyLoader {
 
     protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;

services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestObjectParser.java 17(+7 -10) 

diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestObjectParser.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestObjectParser.java
index 62d711f..06de42c 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestObjectParser.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestObjectParser.java
@@ -17,24 +17,21 @@
 
 package org.keycloak.protocol.oidc.endpoints.request;
 
-import org.keycloak.authentication.authenticators.client.JWTClientAuthenticator;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
 import org.keycloak.jose.jws.Algorithm;
 import org.keycloak.jose.jws.JWSHeader;
 import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.jose.jws.crypto.RSAProvider;
-import org.keycloak.keys.KeyStorageProvider;
-import org.keycloak.keys.loader.KeyStorageManager;
+import org.keycloak.keys.loader.PublicKeyStorageManager;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper;
-import org.keycloak.services.util.CertificateInfoHelper;
 import org.keycloak.util.JsonSerialization;
 
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
 /**
  * Parse the parameters from OIDC "request" object
  *
@@ -57,7 +54,7 @@ class AuthzEndpointRequestObjectParser extends AuthzEndpointRequestParser {
         if (header.getAlgorithm() == Algorithm.none) {
             this.requestParams = JsonSerialization.readValue(input.getContent(), TypedHashMap.class);
         } else if (header.getAlgorithm() == Algorithm.RS256) {
-            PublicKey clientPublicKey = KeyStorageManager.getClientPublicKey(session, client, input);
+            PublicKey clientPublicKey = PublicKeyStorageManager.getClientPublicKey(session, client, input);
             if (clientPublicKey == null) {
                 throw new RuntimeException("Client public key not found");
             }

wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties 2(+1 -1) 

diff --git a/wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties b/wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties
index bb4b18c..fab6bdb 100644
--- a/wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties
+++ b/wildfly/server-subsystem/src/main/config/default-server-subsys-config.properties
@@ -73,7 +73,7 @@ keycloak.server.subsys.default.config=\
         <default-provider>${keycloak.jta.lookup.provider:jboss}</default-provider>\
         <provider name="jboss" enabled="true"/>\
     </spi>\
-    <spi name="keyStorage">\
+    <spi name="publicKeyStorage">\
         <provider name="infinispan" enabled="true">\
               <properties>\
                   <property name="minTimeBetweenRequests" value="10"/>\

wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli 4(+2 -2) 

diff --git a/wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli b/wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli
index cbfdd53..4147398 100644
--- a/wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli
+++ b/wildfly/server-subsystem/src/main/resources/cli/default-keycloak-subsys-config.cli
@@ -19,5 +19,5 @@
 /subsystem=keycloak-server/spi=connectionsInfinispan/provider=default/:add(properties={cacheContainer => "java:comp/env/infinispan/Keycloak"},enabled=true)
 /subsystem=keycloak-server/spi=jta-lookup/:add(default-provider=${keycloak.jta.lookup.provider:jboss})
 /subsystem=keycloak-server/spi=jta-lookup/provider=jboss/:add(enabled=true)
-/subsystem=keycloak-server/spi=keyStorage/:add
-/subsystem=keycloak-server/spi=keyStorage/provider=infinispan/:add(properties={minTimeBetweenRequests => "10"},enabled=true)
\ No newline at end of file
+/subsystem=keycloak-server/spi=publicKeyStorage/:add
+/subsystem=keycloak-server/spi=publicKeyStorage/provider=infinispan/:add(properties={minTimeBetweenRequests => "10"},enabled=true)
\ No newline at end of file

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github