keycloak-aplcache
Changes
federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/CustomLDAPFilter.java 5(+5 -0)
federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/NamedParameterCondition.java 8(+8 -0)
federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/OrCondition.java 7(+7 -0)
Details
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/Condition.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/Condition.java
index 6e57890..00f93a2 100644
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/Condition.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/Condition.java
@@ -1,7 +1,7 @@
package org.keycloak.federation.ldap.idm.query;
/**
- * <p>A {@link Condition} is used to specify how a specific {@link QueryParameter}
+ * <p>A {@link Condition} is used to specify how a specific query parameter
* is defined in order to filter query results.</p>
*
* @author Pedro Igor
@@ -11,6 +11,15 @@ public interface Condition {
String getParameterName();
void setParameterName(String parameterName);
+ /**
+ * Will change the parameter name if it is "modelParamName" to "ldapParamName" . Implementation can apply this to subconditions as well.
+ *
+ * It is used to update LDAP queries, which were created with model parameter name ( for example "firstName" ) and rewrite them to use real
+ * LDAP mapped attribute (for example "givenName" )
+ */
+ void updateParameterName(String modelParamName, String ldapParamName);
+
+
void applyCondition(StringBuilder filter);
}
\ No newline at end of file
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/CustomLDAPFilter.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/CustomLDAPFilter.java
index 17caa3c..f1c63c1 100644
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/CustomLDAPFilter.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/CustomLDAPFilter.java
@@ -23,6 +23,11 @@ class CustomLDAPFilter implements Condition {
}
@Override
+ public void updateParameterName(String modelParamName, String ldapParamName) {
+
+ }
+
+ @Override
public void applyCondition(StringBuilder filter) {
filter.append(customFilter);
}
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/NamedParameterCondition.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/NamedParameterCondition.java
index 427fa08..98597ce 100644
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/NamedParameterCondition.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/NamedParameterCondition.java
@@ -22,4 +22,12 @@ public abstract class NamedParameterCondition implements Condition {
public void setParameterName(String parameterName) {
this.parameterName = parameterName;
}
+
+
+ @Override
+ public void updateParameterName(String modelParamName, String ldapParamName) {
+ if (parameterName.equalsIgnoreCase(modelParamName)) {
+ this.parameterName = ldapParamName;
+ }
+ }
}
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/OrCondition.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/OrCondition.java
index 121b3c5..9271578 100644
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/OrCondition.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/idm/query/internal/OrCondition.java
@@ -23,6 +23,13 @@ class OrCondition implements Condition {
}
@Override
+ public void updateParameterName(String modelParamName, String ldapParamName) {
+ for (Condition innerCondition : innerConditions) {
+ innerCondition.updateParameterName(modelParamName, ldapParamName);
+ }
+ }
+
+ @Override
public void applyCondition(StringBuilder filter) {
filter.append("(|");
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/UserAttributeLDAPFederationMapper.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/UserAttributeLDAPFederationMapper.java
index 373c115..a645de4 100644
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/UserAttributeLDAPFederationMapper.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/UserAttributeLDAPFederationMapper.java
@@ -324,10 +324,7 @@ public class UserAttributeLDAPFederationMapper extends AbstractLDAPFederationMap
// Change conditions and use ldapAttribute instead of userModel
for (Condition condition : query.getConditions()) {
- String paramName = condition.getParameterName();
- if (paramName != null && paramName.equalsIgnoreCase(userModelAttrName)) {
- condition.setParameterName(ldapAttrName);
- }
+ condition.updateParameterName(userModelAttrName, ldapAttrName);
}
}
diff --git a/themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js b/themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
index 2f3dc48..405e4e9 100755
--- a/themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
@@ -752,6 +752,25 @@ module.controller('GenericUserFederationCtrl', function($scope, $location, Notif
module.controller('LDAPCtrl', function($scope, $location, $route, Notifications, Dialog, realm, instance, UserFederationInstances, UserFederationSync, RealmLDAPConnectionTester) {
console.log('LDAPCtrl');
+
+ $scope.ldapVendors = [
+ { "id": "ad", "name": "Active Directory" },
+ { "id": "rhds", "name": "Red Hat Directory Server" },
+ { "id": "tivoli", "name": "Tivoli" },
+ { "id": "edirectory", "name": "Novell eDirectory" },
+ { "id": "other", "name": "Other" }
+ ];
+
+ $scope.authTypes = [
+ { "id": "none", "name": "none" },
+ { "id": "simple", "name": "simple" }
+ ];
+
+ $scope.searchScopes = [
+ { "id": "1", "name": "One Level" },
+ { "id": "2", "name": "Subtree" }
+ ];
+
var DEFAULT_BATCH_SIZE = "1000";
$scope.create = !instance.providerName;
@@ -799,6 +818,12 @@ module.controller('LDAPCtrl', function($scope, $location, $route, Notifications,
$scope.fullSyncEnabled = (instance.fullSyncPeriod && instance.fullSyncPeriod > 0);
$scope.changedSyncEnabled = (instance.changedSyncPeriod && instance.changedSyncPeriod > 0);
+
+ for (var i=0 ; i<$scope.ldapVendors.length ; i++) {
+ if ($scope.ldapVendors[i].id === instance.config.vendor) {
+ $scope.vendorName = $scope.ldapVendors[i].name;
+ }
+ };
}
$scope.changed = false;
@@ -808,24 +833,6 @@ module.controller('LDAPCtrl', function($scope, $location, $route, Notifications,
initFederationSettings();
$scope.instance = angular.copy(instance);
- $scope.ldapVendors = [
- { "id": "ad", "name": "Active Directory" },
- { "id": "rhds", "name": "Red Hat Directory Server" },
- { "id": "tivoli", "name": "Tivoli" },
- { "id": "edirectory", "name": "Novell eDirectory" },
- { "id": "other", "name": "Other" }
- ];
-
- $scope.authTypes = [
- { "id": "none", "name": "none" },
- { "id": "simple", "name": "simple" }
- ];
-
- $scope.searchScopes = [
- { "id": "1", "name": "One Level" },
- { "id": "2", "name": "Subtree" }
- ];
-
$scope.realm = realm;
$scope.$watch('fullSyncEnabled', function(newVal, oldVal) {
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/federated-ldap.html b/themes/src/main/resources/theme/base/admin/resources/partials/federated-ldap.html
index 1ddf888..8ddefd4 100755
--- a/themes/src/main/resources/theme/base/admin/resources/partials/federated-ldap.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/federated-ldap.html
@@ -55,13 +55,16 @@
<div class="form-group clearfix">
<label class="col-md-2 control-label" for="vendor"><span class="required">*</span> Vendor</label>
<div class="col-md-6">
- <div>
+ <div data-ng-show="create">
<select class="form-control" id="vendor"
ng-model="instance.config.vendor"
ng-options="vendor.id as vendor.name for vendor in ldapVendors"
required>
</select>
</div>
+ <div data-ng-show="!create">
+ <input class="form-control" id="vendor-ro" type="text" ng-model="vendorName" readonly>
+ </div>
</div>
<kc-tooltip>LDAP vendor (provider)</kc-tooltip>
</div>