keycloak-aplcache
Changes
integration/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java 3(+2 -1)
integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java 2(+1 -1)
integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowUserSessionManagement.java 1(+1 -0)
testsuite/docker-cluster/fig.yml 2(+1 -1)
Details
diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
index acb4243..587d30a 100755
--- a/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
+++ b/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
@@ -10,7 +10,7 @@ import org.codehaus.jackson.annotate.JsonPropertyOrder;
* @version $Revision: 1 $
*/
@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-required",
- "resource", "credentials",
+ "resource", "public-client", "credentials",
"use-resource-role-mappings",
"enable-cors", "cors-max-age", "cors-allowed-methods",
"expose-token", "bearer-only",
diff --git a/core/src/main/java/org/keycloak/util/JsonSerialization.java b/core/src/main/java/org/keycloak/util/JsonSerialization.java
index d0bf6a0..0575e13 100755
--- a/core/src/main/java/org/keycloak/util/JsonSerialization.java
+++ b/core/src/main/java/org/keycloak/util/JsonSerialization.java
@@ -17,6 +17,7 @@ import java.io.OutputStream;
public class JsonSerialization {
public static final ObjectMapper mapper = new ObjectMapper();
public static final ObjectMapper prettyMapper = new ObjectMapper();
+ public static final ObjectMapper sysPropertiesAwareMapper = new ObjectMapper(new SystemPropertiesJsonParserFactory());
static {
mapper.setSerializationInclusion(JsonSerialize.Inclusion.NON_NULL);
@@ -49,6 +50,10 @@ public class JsonSerialization {
return mapper.readValue(bytes, type);
}
+ public static <T> T readValueAndReplaceSysProperties(InputStream bytes, Class<T> type) throws IOException {
+ return sysPropertiesAwareMapper.readValue(bytes, type);
+ }
+
}
diff --git a/core/src/main/java/org/keycloak/util/SystemPropertiesJsonParserFactory.java b/core/src/main/java/org/keycloak/util/SystemPropertiesJsonParserFactory.java
new file mode 100644
index 0000000..52f893d
--- /dev/null
+++ b/core/src/main/java/org/keycloak/util/SystemPropertiesJsonParserFactory.java
@@ -0,0 +1,51 @@
+package org.keycloak.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.Reader;
+
+import org.codehaus.jackson.JsonParser;
+import org.codehaus.jackson.io.IOContext;
+import org.codehaus.jackson.map.MappingJsonFactory;
+import org.codehaus.jackson.util.JsonParserDelegate;
+
+/**
+ * Provides replacing of system properties for parsed values
+ *
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class SystemPropertiesJsonParserFactory extends MappingJsonFactory {
+
+ @Override
+ protected JsonParser _createJsonParser(byte[] data, int offset, int len, IOContext ctxt) throws IOException {
+ JsonParser delegate = super._createJsonParser(data, offset, len, ctxt);
+ return new SystemPropertiesAwareJsonParser(delegate);
+ }
+
+ @Override
+ protected JsonParser _createJsonParser(Reader r, IOContext ctxt) throws IOException {
+ JsonParser delegate = super._createJsonParser(r, ctxt);
+ return new SystemPropertiesAwareJsonParser(delegate);
+ }
+
+ @Override
+ protected JsonParser _createJsonParser(InputStream in, IOContext ctxt) throws IOException {
+ JsonParser delegate = super._createJsonParser(in, ctxt);
+ return new SystemPropertiesAwareJsonParser(delegate);
+ }
+
+
+
+ public static class SystemPropertiesAwareJsonParser extends JsonParserDelegate {
+
+ public SystemPropertiesAwareJsonParser(JsonParser d) {
+ super(d);
+ }
+
+ @Override
+ public String getText() throws IOException {
+ String orig = super.getText();
+ return StringPropertyReplacer.replaceProperties(orig);
+ }
+ }
+}
diff --git a/core/src/test/java/org/keycloak/JsonParserTest.java b/core/src/test/java/org/keycloak/JsonParserTest.java
new file mode 100644
index 0000000..8cdbd41
--- /dev/null
+++ b/core/src/test/java/org/keycloak/JsonParserTest.java
@@ -0,0 +1,33 @@
+package org.keycloak;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.keycloak.representations.adapters.config.AdapterConfig;
+import org.keycloak.util.JsonSerialization;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class JsonParserTest {
+
+ @Test
+ public void testParsingSystemProps() throws IOException {
+ System.setProperty("my.host", "foo");
+ System.setProperty("con.pool.size", "200");
+ System.setProperty("allow.any.hostname", "true");
+
+ InputStream is = getClass().getClassLoader().getResourceAsStream("keycloak.json");
+
+ AdapterConfig config = JsonSerialization.readValueAndReplaceSysProperties(is, AdapterConfig.class);
+ Assert.assertEquals("http://foo:8080/auth", config.getAuthServerUrl());
+ Assert.assertEquals("external", config.getSslRequired());
+ Assert.assertEquals("angular-product${non.existing}", config.getResource());
+ Assert.assertTrue(config.isPublicClient());
+ Assert.assertTrue(config.isAllowAnyHostname());
+ Assert.assertEquals(100, config.getCorsMaxAge());
+ Assert.assertEquals(200, config.getConnectionPoolSize());
+ }
+}
diff --git a/core/src/test/resources/keycloak.json b/core/src/test/resources/keycloak.json
new file mode 100644
index 0000000..b0a8935
--- /dev/null
+++ b/core/src/test/resources/keycloak.json
@@ -0,0 +1,9 @@
+{
+ "auth-server-url" : "http://${my.host}:8080/auth",
+ "ssl-required" : "external",
+ "resource" : "angular-product${non.existing}",
+ "public-client" : true,
+ "allow-any-hostname": "${allow.any.hostname}",
+ "cors-max-age": 100,
+ "connection-pool-size": "${con.pool.size}"
+}
\ No newline at end of file
diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
index 0a3ab33..5aa996b 100755
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
@@ -6,6 +6,7 @@ import org.jboss.logging.Logger;
import org.keycloak.enums.SslRequired;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.util.PemUtils;
+import org.keycloak.util.SystemPropertiesJsonParserFactory;
import java.io.IOException;
import java.io.InputStream;
@@ -79,7 +80,7 @@ public class KeycloakDeploymentBuilder {
}
public static KeycloakDeployment build(InputStream is) {
- ObjectMapper mapper = new ObjectMapper();
+ ObjectMapper mapper = new ObjectMapper(new SystemPropertiesJsonParserFactory());
mapper.setSerializationInclusion(JsonSerialize.Inclusion.NON_DEFAULT);
AdapterConfig adapterConfig = null;
try {
diff --git a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java
index e1ccd5d..ffc50eb 100755
--- a/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java
+++ b/integration/servlet-oauth-client/src/main/java/org/keycloak/servlet/ServletOAuthClientBuilder.java
@@ -25,7 +25,7 @@ public class ServletOAuthClientBuilder {
public static AdapterConfig getAdapterConfig(InputStream is) {
try {
- return JsonSerialization.readValue(is, AdapterConfig.class);
+ return JsonSerialization.readValueAndReplaceSysProperties(is, AdapterConfig.class);
} catch (IOException e) {
throw new RuntimeException(e);
}
diff --git a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowUserSessionManagement.java b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowUserSessionManagement.java
index b7112d7..352b3a3 100755
--- a/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowUserSessionManagement.java
+++ b/integration/undertow/src/main/java/org/keycloak/adapters/undertow/UndertowUserSessionManagement.java
@@ -151,6 +151,7 @@ public class UndertowUserSessionManagement implements SessionListener {
public void sessionDestroyed(Session session, HttpServerExchange exchange, SessionDestroyedReason reason) {
// Look up the single session id associated with this session (if any)
String username = getUsernameFromSession(session);
+ log.debugf("Session destroyed for user: %s, sessionId: %s", username, session.getId());
if (username == null) return;
String sessionId = session.getId();
UserSessions userSessions = userSessionMap.get(username);
diff --git a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
index 903b5e2..7d23393 100755
--- a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
@@ -23,6 +23,7 @@ import org.keycloak.representations.adapters.action.UserStats;
import org.keycloak.representations.adapters.action.UserStatsAction;
import org.keycloak.services.util.HttpClientBuilder;
import org.keycloak.services.util.ResolveRelative;
+import org.keycloak.util.StringPropertyReplacer;
import org.keycloak.util.Time;
import javax.ws.rs.core.MediaType;
@@ -108,8 +109,10 @@ public class ResourceAdminManager {
}
// this is to support relative admin urls when keycloak and applications are deployed on the same machine
- return ResolveRelative.resolveRelativeUri(requestUri, mgmtUrl);
+ String absoluteURI = ResolveRelative.resolveRelativeUri(requestUri, mgmtUrl);
+ // this is for resolving URI like "http://${jboss.home.name}:8080/..." in order to send request to same machine and avoid LB in cluster env
+ return StringPropertyReplacer.replaceProperties(absoluteURI);
}
public UserStats getUserStats(URI requestUri, RealmModel realm, ApplicationModel application, UserModel user) {
testsuite/docker-cluster/fig.yml 2(+1 -1)
diff --git a/testsuite/docker-cluster/fig.yml b/testsuite/docker-cluster/fig.yml
index 046d73b..a1c4c6d 100644
--- a/testsuite/docker-cluster/fig.yml
+++ b/testsuite/docker-cluster/fig.yml
@@ -1,7 +1,7 @@
httpd:
build: httpd
ports:
- - "8000:80"
+ - "8000:8000"
- "10001:10001"
volumes_from:
- mysql
diff --git a/testsuite/docker-cluster/httpd/httpd.conf b/testsuite/docker-cluster/httpd/httpd.conf
index 8d3758e..7d2d355 100644
--- a/testsuite/docker-cluster/httpd/httpd.conf
+++ b/testsuite/docker-cluster/httpd/httpd.conf
@@ -49,7 +49,7 @@ ServerRoot "/opt/jboss/httpd/httpd"
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
-Listen 80
+Listen 8000
#
# Dynamic Shared Object (DSO) Support