Details
diff --git a/model/jpa/src/main/resources/META-INF/services/org.keycloak.provider.ExceptionConverter b/model/jpa/src/main/resources/META-INF/services/org.keycloak.provider.ExceptionConverter
new file mode 100644
index 0000000..ab12ae6
--- /dev/null
+++ b/model/jpa/src/main/resources/META-INF/services/org.keycloak.provider.ExceptionConverter
@@ -0,0 +1 @@
+org.keycloak.connections.jpa.JpaExceptionConverter
\ No newline at end of file
diff --git a/server-spi/src/main/java/org/keycloak/storage/user/UserQueryProvider.java b/server-spi/src/main/java/org/keycloak/storage/user/UserQueryProvider.java
index eb179c9..8143dc4 100644
--- a/server-spi/src/main/java/org/keycloak/storage/user/UserQueryProvider.java
+++ b/server-spi/src/main/java/org/keycloak/storage/user/UserQueryProvider.java
@@ -85,7 +85,7 @@ public interface UserQueryProvider {
List<UserModel> searchForUser(Map<String, String> params, RealmModel realm);
/**
- * Search for user by parameter. Valid parameters are:
+ * Search for user by parameter. Valid parameters are:
* "first" - first name
* "last" - last name
* "email" - email
diff --git a/server-spi-private/src/main/java/org/keycloak/provider/ExceptionConverter.java b/server-spi-private/src/main/java/org/keycloak/provider/ExceptionConverter.java
new file mode 100644
index 0000000..62f139b
--- /dev/null
+++ b/server-spi-private/src/main/java/org/keycloak/provider/ExceptionConverter.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.provider;
+
+import org.keycloak.Config;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.KeycloakSessionFactory;
+
+/**
+ * Use to unwrap exceptions specifically if there is an exception at JTA commit
+ *
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public interface ExceptionConverter extends Provider, ProviderFactory<ExceptionConverter> {
+
+ /**
+ * Return null if the provider doesn't handle this type
+ *
+ * @param t
+ * @return
+ */
+ Throwable convert(Throwable t);
+
+ @Override
+ default ExceptionConverter create(KeycloakSession session) {
+ return this;
+ }
+
+ @Override
+ default void init(Config.Scope config) {
+
+ }
+
+ @Override
+ default void postInit(KeycloakSessionFactory factory) {
+
+ }
+
+ @Override
+ default void close() {
+
+ }
+
+
+
+}
diff --git a/server-spi-private/src/main/java/org/keycloak/provider/ExceptionConverterSpi.java b/server-spi-private/src/main/java/org/keycloak/provider/ExceptionConverterSpi.java
new file mode 100755
index 0000000..d885cc2
--- /dev/null
+++ b/server-spi-private/src/main/java/org/keycloak/provider/ExceptionConverterSpi.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.provider;
+
+
+/**
+ * @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
+ */
+public class ExceptionConverterSpi implements Spi {
+
+ @Override
+ public boolean isInternal() {
+ return true;
+ }
+
+ @Override
+ public String getName() {
+ return "exception-converter";
+ }
+
+ @Override
+ public Class<? extends Provider> getProviderClass() {
+ return ExceptionConverter.class;
+ }
+
+ @Override
+ public Class<? extends ProviderFactory> getProviderFactoryClass() {
+ return ExceptionConverter.class;
+ }
+
+}
diff --git a/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index 0ddc9da..9397536 100755
--- a/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -15,6 +15,7 @@
# limitations under the License.
#
+org.keycloak.provider.ExceptionConverterSpi
org.keycloak.storage.UserStorageProviderSpi
org.keycloak.storage.federated.UserFederatedStorageProviderSpi
org.keycloak.models.RealmSpi
diff --git a/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java b/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java
index 4e2b52a..0dd4aa7 100644
--- a/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java
+++ b/services/src/main/java/org/keycloak/credential/UserCredentialStoreManager.java
@@ -125,7 +125,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
if (toValidate.isEmpty()) return true;
- List<CredentialInputValidator> credentialProviders = getCredentialProviders(realm, CredentialInputValidator.class);
+ List<CredentialInputValidator> credentialProviders = getCredentialProviders(session, realm, CredentialInputValidator.class);
for (CredentialInputValidator validator : credentialProviders) {
validate(realm, user, toValidate, validator);
@@ -143,7 +143,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
- protected <T> List<T> getCredentialProviders(RealmModel realm, Class<T> type) {
+ public static <T> List<T> getCredentialProviders(KeycloakSession session, RealmModel realm, Class<T> type) {
List<T> list = new LinkedList<T>();
for (ProviderFactory f : session.getKeycloakSessionFactory().getProviderFactories(CredentialProvider.class)) {
if (!Types.supports(type, f, CredentialProviderFactory.class)) continue;
@@ -173,7 +173,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
- List<CredentialInputUpdater> credentialProviders = getCredentialProviders(realm, CredentialInputUpdater.class);
+ List<CredentialInputUpdater> credentialProviders = getCredentialProviders(session, realm, CredentialInputUpdater.class);
for (CredentialInputUpdater updater : credentialProviders) {
if (!updater.supportsCredentialType(input.getType())) continue;
if (updater.updateCredential(realm, user, input)) return;
@@ -201,7 +201,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
- List<CredentialInputUpdater> credentialProviders = getCredentialProviders(realm, CredentialInputUpdater.class);
+ List<CredentialInputUpdater> credentialProviders = getCredentialProviders(session, realm, CredentialInputUpdater.class);
for (CredentialInputUpdater updater : credentialProviders) {
if (!updater.supportsCredentialType(credentialType)) continue;
updater.disableCredentialType(realm, user, credentialType);
@@ -231,7 +231,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
- List<CredentialInputUpdater> credentialProviders = getCredentialProviders(realm, CredentialInputUpdater.class);
+ List<CredentialInputUpdater> credentialProviders = getCredentialProviders(session, realm, CredentialInputUpdater.class);
for (CredentialInputUpdater updater : credentialProviders) {
types.addAll(updater.getDisableableCredentialTypes(realm, user));
}
@@ -264,7 +264,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
@Override
public boolean isConfiguredLocally(RealmModel realm, UserModel user, String type) {
- List<CredentialInputValidator> credentialProviders = getCredentialProviders(realm, CredentialInputValidator.class);
+ List<CredentialInputValidator> credentialProviders = getCredentialProviders(session, realm, CredentialInputValidator.class);
for (CredentialInputValidator validator : credentialProviders) {
if (validator.supportsCredentialType(type) && validator.isConfiguredFor(realm, user, type)) {
return true;
@@ -284,7 +284,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
}
}
- list = getCredentialProviders(realm, CredentialAuthentication.class);
+ list = getCredentialProviders(session, realm, CredentialAuthentication.class);
for (CredentialAuthentication auth : list) {
if (auth.supportsCredentialAuthenticationFor(input.getType())) {
CredentialValidationOutput output = auth.authenticate(realm, input);
@@ -297,7 +297,7 @@ public class UserCredentialStoreManager implements UserCredentialManager, OnUser
@Override
public void onCache(RealmModel realm, CachedUserModel user, UserModel delegate) {
- List<OnUserCache> credentialProviders = getCredentialProviders(realm, OnUserCache.class);
+ List<OnUserCache> credentialProviders = getCredentialProviders(session, realm, OnUserCache.class);
for (OnUserCache validator : credentialProviders) {
validator.onCache(realm, user, delegate);
}
diff --git a/services/src/main/java/org/keycloak/partialimport/PartialImportManager.java b/services/src/main/java/org/keycloak/partialimport/PartialImportManager.java
index 107ea43..41b9d92 100644
--- a/services/src/main/java/org/keycloak/partialimport/PartialImportManager.java
+++ b/services/src/main/java/org/keycloak/partialimport/PartialImportManager.java
@@ -20,6 +20,7 @@ package org.keycloak.partialimport;
import org.keycloak.events.admin.OperationType;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
+import org.keycloak.models.ModelException;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.PartialImportRepresentation;
import org.keycloak.services.ErrorResponse;
@@ -90,7 +91,7 @@ public class PartialImportManager {
if (session.getTransactionManager().isActive()) {
try {
session.getTransactionManager().commit();
- } catch (ModelDuplicateException e) {
+ } catch (ModelException e) {
return ErrorResponse.exists(e.getLocalizedMessage());
}
}
diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
index 4ddcaf2..85ad054 100755
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
@@ -95,7 +95,7 @@ public class DefaultKeycloakTransactionManager implements KeycloakTransactionMan
if (jtaLookup != null) {
TransactionManager tm = jtaLookup.getTransactionManager();
if (tm != null) {
- enlist(new JtaTransactionWrapper(tm));
+ enlist(new JtaTransactionWrapper(session.getKeycloakSessionFactory(), tm));
}
}
}
diff --git a/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java b/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java
index 98f4fa8..e3382b2 100644
--- a/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java
+++ b/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java
@@ -17,8 +17,12 @@
package org.keycloak.transaction;
import org.jboss.logging.Logger;
+import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.KeycloakTransaction;
+import org.keycloak.provider.ExceptionConverter;
+import org.keycloak.provider.ProviderFactory;
+import javax.transaction.RollbackException;
import javax.transaction.Status;
import javax.transaction.Transaction;
import javax.transaction.TransactionManager;
@@ -33,9 +37,11 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
protected Transaction ut;
protected Transaction suspended;
protected Exception ended;
+ protected KeycloakSessionFactory factory;
- public JtaTransactionWrapper(TransactionManager tm) {
+ public JtaTransactionWrapper(KeycloakSessionFactory factory, TransactionManager tm) {
this.tm = tm;
+ this.factory = factory;
try {
suspended = tm.suspend();
@@ -49,6 +55,32 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
}
}
+ public void handleException(Throwable e) {
+ if (e instanceof RollbackException) {
+ e = e.getCause() != null ? e.getCause() : e;
+ }
+
+ for (ProviderFactory factory : this.factory.getProviderFactories(ExceptionConverter.class)) {
+ ExceptionConverter converter = (ExceptionConverter)factory;
+ Throwable throwable = converter.convert(e);
+ if (throwable == null) continue;
+ if (throwable instanceof RuntimeException) {
+ throw (RuntimeException)throwable;
+ } else {
+ throw new RuntimeException(throwable);
+ }
+ }
+
+ if (e instanceof RuntimeException) {
+ throw (RuntimeException)e;
+ } else {
+ throw new RuntimeException(e);
+ }
+
+
+
+ }
+
@Override
public void begin() {
}
@@ -59,7 +91,7 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
logger.debug("JtaTransactionWrapper commit");
tm.commit();
} catch (Exception e) {
- throw new RuntimeException(e);
+ handleException(e);
} finally {
end();
}
@@ -71,7 +103,7 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
logger.debug("JtaTransactionWrapper rollback");
tm.rollback();
} catch (Exception e) {
- throw new RuntimeException(e);
+ handleException(e);
} finally {
end();
}
@@ -83,7 +115,7 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
try {
tm.setRollbackOnly();
} catch (Exception e) {
- throw new RuntimeException(e);
+ handleException(e);
}
}
@@ -92,8 +124,9 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
try {
return tm.getStatus() == Status.STATUS_MARKED_ROLLBACK;
} catch (Exception e) {
- throw new RuntimeException(e);
+ handleException(e);
}
+ return false;
}
@Override
@@ -101,8 +134,9 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
try {
return tm.getStatus() == Status.STATUS_ACTIVE;
} catch (Exception e) {
- throw new RuntimeException(e);
+ handleException(e);
}
+ return false;
}
/*
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java
index a2b2636..abd41f3 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserStorageTest.java
@@ -24,6 +24,8 @@ import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.common.util.Time;
import org.keycloak.component.ComponentModel;
+import org.keycloak.credential.CredentialAuthentication;
+import org.keycloak.credential.UserCredentialStoreManager;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -137,6 +139,19 @@ public class UserStorageTest {
Thread.sleep(100000000);
}
+ /**
+ * KEYCLOAK-4013
+ *
+ * @throws Exception
+ */
+ @Test
+ public void testCast() throws Exception {
+ KeycloakSession session = keycloakRule.startSession();
+ List<CredentialAuthentication> list = UserCredentialStoreManager.getCredentialProviders(session, null, CredentialAuthentication.class);
+ keycloakRule.stopSession(session, true);
+
+ }
+
@Test
public void testDailyEviction() {
Calendar cal = Calendar.getInstance();
