keycloak-aplcache
Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean …
12/15/2015 7:53:10 AM
Changes
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextBean.java 64(+0 -64)
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBean.java 79(+79 -0)
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java 15(+9 -6)
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/config/KeycloakWebSecurityConfigurerAdapter.java 23(+18 -5)
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java 11(+6 -5)
integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakPreAuthActionsFilter.java 5(+1 -4)
integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextBeanTest.java 56(+0 -56)
integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBeanTest.java 77(+77 -0)
Details
diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBean.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBean.java
new file mode 100644
index 0000000..d089ded
--- /dev/null
+++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBean.java
@@ -0,0 +1,79 @@
+package org.keycloak.adapters.springsecurity;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.util.Objects;
+
+import org.keycloak.adapters.AdapterDeploymentContext;
+import org.keycloak.adapters.KeycloakConfigResolver;
+import org.keycloak.adapters.KeycloakDeployment;
+import org.keycloak.adapters.KeycloakDeploymentBuilder;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import org.springframework.beans.factory.FactoryBean;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.core.io.Resource;
+
+/**
+ * {@link FactoryBean} that creates an {@link AdapterDeploymentContext} given a {@link Resource} defining the Keycloak
+ * client configuration or a {@link KeycloakConfigResolver} for multi-tenant environments.
+ *
+ * @author <a href="mailto:thomas.raehalme@aitiofinland.com">Thomas Raehalme</a>
+ */
+public class AdapterDeploymentContextFactoryBean
+ implements FactoryBean<AdapterDeploymentContext>, InitializingBean {
+ private static final Logger log =
+ LoggerFactory.getLogger(AdapterDeploymentContextFactoryBean.class);
+ private final Resource keycloakConfigFileResource;
+ private final KeycloakConfigResolver keycloakConfigResolver;
+ private AdapterDeploymentContext adapterDeploymentContext;
+
+ public AdapterDeploymentContextFactoryBean(Resource keycloakConfigFileResource) {
+ this.keycloakConfigFileResource = Objects.requireNonNull(keycloakConfigFileResource);
+ this.keycloakConfigResolver = null;
+ }
+
+ public AdapterDeploymentContextFactoryBean(KeycloakConfigResolver keycloakConfigResolver) {
+ this.keycloakConfigResolver = Objects.requireNonNull(keycloakConfigResolver);
+ this.keycloakConfigFileResource = null;
+ }
+
+ @Override
+ public Class<?> getObjectType() {
+ return AdapterDeploymentContext.class;
+ }
+
+ @Override
+ public boolean isSingleton() {
+ return true;
+ }
+
+ @Override
+ public void afterPropertiesSet() throws Exception {
+ if (keycloakConfigResolver != null) {
+ adapterDeploymentContext = new AdapterDeploymentContext(keycloakConfigResolver);
+ }
+ else {
+ log.info("Loading Keycloak deployment from configuration file: {}", keycloakConfigFileResource);
+
+ KeycloakDeployment deployment = loadKeycloakDeployment();
+ adapterDeploymentContext = new AdapterDeploymentContext(deployment);
+ }
+ }
+
+ private KeycloakDeployment loadKeycloakDeployment() throws IOException {
+ if (!keycloakConfigFileResource.isReadable()) {
+ throw new FileNotFoundException(String.format("Unable to locate Keycloak configuration file: %s",
+ keycloakConfigFileResource.getFilename()));
+ }
+
+ return KeycloakDeploymentBuilder.build(keycloakConfigFileResource.getInputStream());
+ }
+
+ @Override
+ public AdapterDeploymentContext getObject() throws Exception {
+ return adapterDeploymentContext;
+ }
+}
diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java
index 27178ca..c17dca1 100644
--- a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java
+++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandler.java
@@ -1,8 +1,10 @@
package org.keycloak.adapters.springsecurity.authentication;
+import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
-import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
+import org.keycloak.adapters.spi.HttpFacade;
+import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -23,11 +25,11 @@ public class KeycloakLogoutHandler implements LogoutHandler {
private static final Logger log = LoggerFactory.getLogger(KeycloakLogoutHandler.class);
- private AdapterDeploymentContextBean deploymentContextBean;
+ private AdapterDeploymentContext adapterDeploymentContext;
- public KeycloakLogoutHandler(AdapterDeploymentContextBean deploymentContextBean) {
- Assert.notNull(deploymentContextBean);
- this.deploymentContextBean = deploymentContextBean;
+ public KeycloakLogoutHandler(AdapterDeploymentContext adapterDeploymentContext) {
+ Assert.notNull(adapterDeploymentContext);
+ this.adapterDeploymentContext = adapterDeploymentContext;
}
@Override
@@ -45,7 +47,8 @@ public class KeycloakLogoutHandler implements LogoutHandler {
}
protected void handleSingleSignOut(HttpServletRequest request, HttpServletResponse response, KeycloakAuthenticationToken authenticationToken) {
- KeycloakDeployment deployment = deploymentContextBean.getDeployment();
+ HttpFacade facade = new SimpleHttpFacade(request, response);
+ KeycloakDeployment deployment = adapterDeploymentContext.resolveDeployment(facade);
RefreshableKeycloakSecurityContext session = (RefreshableKeycloakSecurityContext) authenticationToken.getAccount().getKeycloakSecurityContext();
session.logout(deployment);
}
diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/config/KeycloakWebSecurityConfigurerAdapter.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/config/KeycloakWebSecurityConfigurerAdapter.java
index b5ef665..55c6b3c 100644
--- a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/config/KeycloakWebSecurityConfigurerAdapter.java
+++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/config/KeycloakWebSecurityConfigurerAdapter.java
@@ -1,6 +1,8 @@
package org.keycloak.adapters.springsecurity.config;
-import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
+import org.keycloak.adapters.AdapterDeploymentContext;
+import org.keycloak.adapters.KeycloakConfigResolver;
+import org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.authentication.KeycloakLogoutHandler;
@@ -8,6 +10,7 @@ import org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcess
import org.keycloak.adapters.springsecurity.filter.KeycloakCsrfRequestMatcher;
import org.keycloak.adapters.springsecurity.filter.KeycloakPreAuthActionsFilter;
import org.keycloak.adapters.springsecurity.management.HttpSessionManager;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.core.io.Resource;
@@ -35,10 +38,20 @@ public abstract class KeycloakWebSecurityConfigurerAdapter extends WebSecurityCo
@Value("${keycloak.configurationFile:WEB-INF/keycloak.json}")
private Resource keycloakConfigFileResource;
+ @Autowired(required = false)
+ private KeycloakConfigResolver keycloakConfigResolver;
@Bean
- protected AdapterDeploymentContextBean adapterDeploymentContextBean() {
- return new AdapterDeploymentContextBean(keycloakConfigFileResource);
+ protected AdapterDeploymentContext adapterDeploymentContext() throws Exception {
+ AdapterDeploymentContextFactoryBean factoryBean;
+ if (keycloakConfigResolver != null) {
+ factoryBean = new AdapterDeploymentContextFactoryBean(keycloakConfigResolver);
+ }
+ else {
+ factoryBean = new AdapterDeploymentContextFactoryBean(keycloakConfigFileResource);
+ }
+ factoryBean.afterPropertiesSet();
+ return factoryBean.getObject();
}
protected AuthenticationEntryPoint authenticationEntryPoint() {
@@ -70,8 +83,8 @@ public abstract class KeycloakWebSecurityConfigurerAdapter extends WebSecurityCo
return new HttpSessionManager();
}
- protected KeycloakLogoutHandler keycloakLogoutHandler() {
- return new KeycloakLogoutHandler(adapterDeploymentContextBean());
+ protected KeycloakLogoutHandler keycloakLogoutHandler() throws Exception {
+ return new KeycloakLogoutHandler(adapterDeploymentContext());
}
protected abstract SessionAuthenticationStrategy sessionAuthenticationStrategy();
diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
index 965c162..04c6ed3 100644
--- a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
+++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilter.java
@@ -1,11 +1,12 @@
package org.keycloak.adapters.springsecurity.filter;
+import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.spi.AuthChallenge;
import org.keycloak.adapters.spi.AuthOutcome;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.RequestAuthenticator;
-import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
+import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationEntryPoint;
import org.keycloak.adapters.springsecurity.authentication.SpringSecurityRequestAuthenticator;
@@ -56,7 +57,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
private static final Logger log = LoggerFactory.getLogger(KeycloakAuthenticationProcessingFilter.class);
private ApplicationContext applicationContext;
- private AdapterDeploymentContextBean adapterDeploymentContextBean;
+ private AdapterDeploymentContext adapterDeploymentContext;
private AdapterTokenStoreFactory adapterTokenStoreFactory = new SpringSecurityAdapterTokenStoreFactory();
private AuthenticationManager authenticationManager;
@@ -100,7 +101,7 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
@Override
public void afterPropertiesSet() {
- adapterDeploymentContextBean = applicationContext.getBean(AdapterDeploymentContextBean.class);
+ adapterDeploymentContext = applicationContext.getBean(AdapterDeploymentContext.class);
super.afterPropertiesSet();
}
@@ -110,8 +111,8 @@ public class KeycloakAuthenticationProcessingFilter extends AbstractAuthenticati
log.debug("Attempting Keycloak authentication");
- KeycloakDeployment deployment = adapterDeploymentContextBean.getDeployment();
- SimpleHttpFacade facade = new SimpleHttpFacade(request, response);
+ HttpFacade facade = new SimpleHttpFacade(request, response);
+ KeycloakDeployment deployment = adapterDeploymentContext.resolveDeployment(facade);
AdapterTokenStore tokenStore = adapterTokenStoreFactory.createAdapterTokenStore(deployment, request);
RequestAuthenticator authenticator
= new SpringSecurityRequestAuthenticator(facade, request, deployment, tokenStore, -1);
diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakPreAuthActionsFilter.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakPreAuthActionsFilter.java
index 2363b3f..565ae62 100755
--- a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakPreAuthActionsFilter.java
+++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakPreAuthActionsFilter.java
@@ -5,7 +5,6 @@ import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.NodesRegistrationManagement;
import org.keycloak.adapters.PreAuthActionsHandler;
import org.keycloak.adapters.spi.UserSessionManagement;
-import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -47,9 +46,7 @@ public class KeycloakPreAuthActionsFilter extends GenericFilterBean implements A
@Override
protected void initFilterBean() throws ServletException {
- AdapterDeploymentContextBean contextBean = applicationContext.getBean(AdapterDeploymentContextBean.class);
- deploymentContext = contextBean.getDeploymentContext();
- management.tryRegister(contextBean.getDeployment());
+ deploymentContext = applicationContext.getBean(AdapterDeploymentContext.class);
}
@Override
diff --git a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBeanTest.java b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBeanTest.java
new file mode 100644
index 0000000..6a3b39f
--- /dev/null
+++ b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/AdapterDeploymentContextFactoryBeanTest.java
@@ -0,0 +1,77 @@
+package org.keycloak.adapters.springsecurity;
+
+import java.io.FileNotFoundException;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.ExpectedException;
+
+import org.keycloak.adapters.KeycloakConfigResolver;
+import org.keycloak.adapters.KeycloakDeployment;
+import org.keycloak.adapters.spi.HttpFacade;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import static org.junit.Assert.assertNotNull;
+
+public class AdapterDeploymentContextFactoryBeanTest {
+ @Rule
+ public ExpectedException expectedException = ExpectedException.none();
+
+ private AdapterDeploymentContextFactoryBean adapterDeploymentContextFactoryBean;
+
+ @Test
+ public void should_create_adapter_deployment_context_from_configuration_file() throws Exception {
+ // given:
+ adapterDeploymentContextFactoryBean = new AdapterDeploymentContextFactoryBean(getCorrectResource());
+
+ // when:
+ adapterDeploymentContextFactoryBean.afterPropertiesSet();
+
+ // then
+ assertNotNull(adapterDeploymentContextFactoryBean.getObject());
+ }
+
+ private Resource getCorrectResource() {
+ return new ClassPathResource("keycloak.json");
+ }
+
+ @Test
+ public void should_throw_exception_when_configuration_file_was_not_found() throws Exception {
+ // given:
+ adapterDeploymentContextFactoryBean = new AdapterDeploymentContextFactoryBean(getEmptyResource());
+
+ // then:
+ expectedException.expect(FileNotFoundException.class);
+ expectedException.expectMessage("Unable to locate Keycloak configuration file: no-file.json");
+
+ // when:
+ adapterDeploymentContextFactoryBean.afterPropertiesSet();
+ }
+
+ private Resource getEmptyResource() {
+ return new ClassPathResource("no-file.json");
+ }
+
+ @Test
+ public void should_create_adapter_deployment_context_from_keycloak_config_resolver() throws Exception {
+ // given:
+ adapterDeploymentContextFactoryBean = new AdapterDeploymentContextFactoryBean(getKeycloakConfigResolver());
+
+ // when:
+ adapterDeploymentContextFactoryBean.afterPropertiesSet();
+
+ // then:
+ assertNotNull(adapterDeploymentContextFactoryBean.getObject());
+ }
+
+ private KeycloakConfigResolver getKeycloakConfigResolver() {
+ return new KeycloakConfigResolver() {
+ @Override
+ public KeycloakDeployment resolve(HttpFacade.Request facade) {
+ return null;
+ }
+ };
+ }
+}
diff --git a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandlerTest.java b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandlerTest.java
index cc751c4..2f44107 100755
--- a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandlerTest.java
+++ b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/authentication/KeycloakLogoutHandlerTest.java
@@ -2,10 +2,11 @@ package org.keycloak.adapters.springsecurity.authentication;
import org.junit.Before;
import org.junit.Test;
+import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OidcKeycloakAccount;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
-import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
+import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.springsecurity.account.KeycloakRole;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.mockito.Mock;
@@ -35,7 +36,7 @@ public class KeycloakLogoutHandlerTest {
private MockHttpServletResponse response;
@Mock
- private AdapterDeploymentContextBean adapterDeploymentContextBean;
+ private AdapterDeploymentContext adapterDeploymentContext;
@Mock
private OidcKeycloakAccount keycloakAccount;
@@ -52,11 +53,11 @@ public class KeycloakLogoutHandlerTest {
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
keycloakAuthenticationToken = mock(KeycloakAuthenticationToken.class);
- keycloakLogoutHandler = new KeycloakLogoutHandler(adapterDeploymentContextBean);
+ keycloakLogoutHandler = new KeycloakLogoutHandler(adapterDeploymentContext);
request = new MockHttpServletRequest();
response = new MockHttpServletResponse();
- when(adapterDeploymentContextBean.getDeployment()).thenReturn(keycloakDeployment);
+ when(adapterDeploymentContext.resolveDeployment(any(HttpFacade.class))).thenReturn(keycloakDeployment);
when(keycloakAuthenticationToken.getAccount()).thenReturn(keycloakAccount);
when(keycloakAccount.getKeycloakSecurityContext()).thenReturn(session);
}
diff --git a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilterTest.java b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilterTest.java
index ab4c032..1ccc367 100755
--- a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilterTest.java
+++ b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticationProcessingFilterTest.java
@@ -4,9 +4,10 @@ import org.junit.Before;
import org.junit.Test;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OidcKeycloakAccount;
-import org.keycloak.adapters.springsecurity.AdapterDeploymentContextBean;
+import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.springsecurity.KeycloakAuthenticationException;
import org.keycloak.adapters.springsecurity.account.KeycloakRole;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
@@ -45,7 +46,7 @@ public class KeycloakAuthenticationProcessingFilterTest {
private AuthenticationManager authenticationManager;
@Mock
- private AdapterDeploymentContextBean adapterDeploymentContextBean;
+ private AdapterDeploymentContext adapterDeploymentContext;
@Mock
private FilterChain chain;
@@ -85,8 +86,8 @@ public class KeycloakAuthenticationProcessingFilterTest {
filter.setAuthenticationSuccessHandler(successHandler);
filter.setAuthenticationFailureHandler(failureHandler);
- when(applicationContext.getBean(eq(AdapterDeploymentContextBean.class))).thenReturn(adapterDeploymentContextBean);
- when(adapterDeploymentContextBean.getDeployment()).thenReturn(keycloakDeployment);
+ when(applicationContext.getBean(eq(AdapterDeploymentContext.class))).thenReturn(adapterDeploymentContext);
+ when(adapterDeploymentContext.resolveDeployment(any(HttpFacade.class))).thenReturn(keycloakDeployment);
when(keycloakAccount.getPrincipal()).thenReturn(
new KeycloakPrincipal<KeycloakSecurityContext>(UUID.randomUUID().toString(), keycloakSecurityContext));