keycloak-aplcache
Changes
server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProvider.java 41(+41 -0)
server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProviderFactory.java 41(+41 -0)
Details
diff --git a/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProvider.java b/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProvider.java
new file mode 100644
index 0000000..be94977
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProvider.java
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.resource.admin;
+
+import org.keycloak.provider.Provider;
+
+/**
+ * <p>A {@link RealmAdminResourceProvider} creates JAX-RS <emphasis>sub-resource</emphasis> instances for paths relative to
+ * Realm's Admin RESTful API that could not be resolved by the server.
+ *
+ * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
+ */
+public interface RealmAdminResourceProvider extends Provider {
+
+ /**
+ * <p>Returns a JAX-RS resource instance that maps to the given <code>path</code>.
+ *
+ * <p>If the given <code>path</code> could not be resolved to a sub-resource, this method must return null to give a chance to other providers
+ * to resolve their sub-resources.
+ *
+ * @param path the sub-resource's path
+ * @return a JAX-RS sub-resource instance that maps to the given path or null if the path could not be resolved to a sub-resource.
+ */
+ Object getResource(String path);
+}
diff --git a/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProviderFactory.java b/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProviderFactory.java
new file mode 100644
index 0000000..5a797a5
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceProviderFactory.java
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.resource.admin;
+
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.provider.ProviderFactory;
+import org.keycloak.provider.ServerInfoAwareProviderFactory;
+
+/**
+ * <p>A factory that creates {@link RealmAdminResourceProvider} instances.
+ *
+ * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
+ */
+public interface RealmAdminResourceProviderFactory extends ProviderFactory<RealmAdminResourceProvider>, ServerInfoAwareProviderFactory {
+
+ /**
+ * Creates a {@link RealmAdminResourceProvider}.
+ *
+ * @param realm the {@link RealmModel} associated with the current request
+ * @param keycloakSession the {@link KeycloakSession} associated with the current request
+ * @return a {@link RealmAdminResourceProvider} instance
+ */
+ RealmAdminResourceProvider create(RealmModel realm, KeycloakSession keycloakSession);
+}
diff --git a/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceSPI.java b/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceSPI.java
new file mode 100644
index 0000000..f72741d
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/services/resource/admin/RealmAdminResourceSPI.java
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.resource.admin;
+
+import org.keycloak.provider.Provider;
+import org.keycloak.provider.ProviderFactory;
+import org.keycloak.provider.Spi;
+
+/**
+ * <p>A {@link Spi} to plug additional sub-resources to Realms' Administration RESTful API.
+ *
+ * <p>Implementors can use this {@link Spi} to provide additional services to the mentioned API and extend Keycloak capabilities by
+ * creating JAX-RS sub-resources for paths not known by the server.
+ *
+ * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
+ */
+public class RealmAdminResourceSPI implements Spi {
+
+ @Override
+ public boolean isInternal() {
+ return true;
+ }
+
+ @Override
+ public String getName() {
+ return "realm-admin-restapi-extension";
+ }
+
+ @Override
+ public Class<? extends Provider> getProviderClass() {
+ return RealmAdminResourceProvider.class;
+ }
+
+ @Override
+ public Class<? extends ProviderFactory> getProviderFactoryClass() {
+ return RealmAdminResourceProviderFactory.class;
+ }
+}
diff --git a/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceProvider.java b/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceProvider.java
new file mode 100644
index 0000000..f8f21e4
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceProvider.java
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.resource;
+
+import org.keycloak.provider.Provider;
+
+/**
+ * <p>A {@link RealmResourceProvider} creates JAX-RS <emphasis>sub-resource</emphasis> instances for paths relative
+ * to Realm's RESTful API that could not be resolved by the server.
+ *
+ * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
+ */
+public interface RealmResourceProvider extends Provider {
+
+ /**
+ * <p>Returns a JAX-RS resource instance that maps to the given <code>path</code>.
+ *
+ * <p>If the given <code>path</code> could not be resolved to a sub-resource, this method must return null to give a chance to other providers
+ * to resolve their sub-resources.
+ *
+ * @param path the sub-resource's path
+ * @return a JAX-RS sub-resource instance that maps to the given path or null if the path could not be resolved to a sub-resource.
+ */
+ Object getResource(String path);
+}
diff --git a/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceProviderFactory.java b/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceProviderFactory.java
new file mode 100644
index 0000000..d970687
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceProviderFactory.java
@@ -0,0 +1,41 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.resource;
+
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.RealmModel;
+import org.keycloak.provider.ProviderFactory;
+import org.keycloak.provider.ServerInfoAwareProviderFactory;
+
+/**
+ * <p>A factory that creates {@link RealmResourceProvider} instances.
+ *
+ * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
+ */
+public interface RealmResourceProviderFactory extends ProviderFactory<RealmResourceProvider>, ServerInfoAwareProviderFactory {
+
+ /**
+ * Creates a {@link RealmResourceProvider}.
+ *
+ * @param realm the {@link RealmModel} associated with the current request
+ * @param keycloakSession the {@link KeycloakSession} associated with the current request
+ * @return a {@link RealmResourceProvider} instance
+ */
+ RealmResourceProvider create(RealmModel realm, KeycloakSession keycloakSession);
+}
\ No newline at end of file
diff --git a/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceSPI.java b/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceSPI.java
new file mode 100644
index 0000000..04e8f6d
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/services/resource/RealmResourceSPI.java
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2016 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.resource;
+
+import org.keycloak.provider.Provider;
+import org.keycloak.provider.ProviderFactory;
+import org.keycloak.provider.Spi;
+
+/**
+ * <p>A {@link Spi} to plug additional sub-resources to Realms' RESTful API.
+ *
+ * <p>Implementors can use this {@link Spi} to provide additional services to the mentioned API and extend Keycloak capabilities by
+ * creating JAX-RS sub-resources for paths not known by the server.
+ *
+ * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
+ */
+public class RealmResourceSPI implements Spi {
+
+ @Override
+ public boolean isInternal() {
+ return true;
+ }
+
+ @Override
+ public String getName() {
+ return "realm-restapi-extension";
+ }
+
+ @Override
+ public Class<? extends Provider> getProviderClass() {
+ return RealmResourceProvider.class;
+ }
+
+ @Override
+ public Class<? extends ProviderFactory> getProviderFactoryClass() {
+ return RealmResourceProviderFactory.class;
+ }
+}
diff --git a/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index ffbb0ac..d263efd 100755
--- a/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -30,6 +30,8 @@ org.keycloak.exportimport.ExportSpi
org.keycloak.exportimport.ImportSpi
org.keycloak.timer.TimerSpi
org.keycloak.services.managers.BruteForceProtectorSpi
+org.keycloak.services.resource.RealmResourceSPI
+org.keycloak.services.resource.admin.RealmAdminResourceSPI
org.keycloak.protocol.ClientInstallationSpi
org.keycloak.protocol.LoginProtocolSpi
org.keycloak.protocol.ProtocolMapperSpi
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index b434cdf..5825d0d 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -64,6 +64,10 @@ import org.keycloak.services.managers.ResourceAdminManager;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.services.ErrorResponse;
+import org.keycloak.services.resource.RealmResourceProvider;
+import org.keycloak.services.resource.RealmResourceProviderFactory;
+import org.keycloak.services.resource.admin.RealmAdminResourceProvider;
+import org.keycloak.services.resource.admin.RealmAdminResourceProviderFactory;
import org.keycloak.timer.TimerProvider;
import javax.ws.rs.Consumes;
@@ -790,4 +794,30 @@ public class RealmAdminResource {
}
}
+ /**
+ * A JAX-RS sub-resource locator that uses the {@link org.keycloak.services.resource.admin.RealmAdminResourceSPI} to resolve
+ * sub-resources instances given an <code>unknownPath</code>.
+ *
+ * @param unknownPath a path that is unknown to the server
+ * @return a JAX-RS sub-resource instance that maps to the given <code>unknownPath</code>. Otherwise null is returned.
+ */
+ @Path("{unknow_path}")
+ public Object resolveUnknowPath(@PathParam("unknow_path") String unknownPath) {
+ List<ProviderFactory> factory = this.session.getKeycloakSessionFactory().getProviderFactories(RealmAdminResourceProvider.class);
+
+ if (factory != null) {
+ for (ProviderFactory providerFactory : factory) {
+ RealmAdminResourceProviderFactory realmFactory = (RealmAdminResourceProviderFactory) providerFactory;
+ RealmAdminResourceProvider resourceProvider = realmFactory.create(realm, this.session);
+ Object resource = resourceProvider.getResource(unknownPath);
+
+ if (resource != null) {
+ return resource;
+ }
+ }
+ }
+
+ return null;
+ }
+
}
diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
index f8c800c..24b4450 100755
--- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
@@ -20,6 +20,7 @@ import org.jboss.resteasy.spi.HttpRequest;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.common.ClientConnection;
+import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
@@ -27,21 +28,20 @@ import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.LoginProtocol;
import org.keycloak.protocol.LoginProtocolFactory;
-import org.keycloak.protocol.oidc.OIDCLoginProtocol;
-import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.clientregistration.ClientRegistrationService;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.util.CacheControlUtil;
+import org.keycloak.services.util.ResolveRelative;
import org.keycloak.wellknown.WellKnownProvider;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
import javax.ws.rs.core.*;
import javax.ws.rs.core.Response.ResponseBuilder;
+import java.net.URI;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -60,6 +60,9 @@ public class RealmsResource {
@Context
private HttpRequest request;
+ @Context
+ private UriInfo uriInfo;
+
public static UriBuilder realmBaseUrl(UriInfo uriInfo) {
UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
return realmBaseUrl(baseUriBuilder);
@@ -103,6 +106,49 @@ public class RealmsResource {
return endpoint;
}
+ /**
+ * Returns a temporary redirect to the client url configured for the given {@code clientId} in the given {@code realmName}.
+ * <p>
+ * This allows a client to refer to other clients just by their client id in URLs, will then redirect users to the actual client url.
+ * The client url is derived according to the rules of the base url in the client configuration.
+ * </p>
+ *
+ * @param realmName
+ * @param clientId
+ * @return
+ * @since 2.0
+ */
+ @GET
+ @Path("{realm}/clients/{client_id}/redirect")
+ public Response getRedirect(final @PathParam("realm") String realmName, final @PathParam("client_id") String clientId) {
+
+ RealmModel realm = init(realmName);
+
+ if (realm == null) {
+ return null;
+ }
+
+ ClientModel client = realm.getClientByClientId(clientId);
+
+ if (client == null) {
+ return null;
+ }
+
+ if (client.getRootUrl() == null && client.getBaseUrl() == null) {
+ return null;
+ }
+
+
+ URI targetUri;
+ if (client.getRootUrl() != null && (client.getBaseUrl() == null || client.getBaseUrl().isEmpty())) {
+ targetUri = KeycloakUriBuilder.fromUri(client.getRootUrl()).build();
+ } else {
+ targetUri = KeycloakUriBuilder.fromUri(ResolveRelative.resolveRelativeUri(uriInfo.getRequestUri(), client.getRootUrl(), client.getBaseUrl())).build();
+ }
+
+ return Response.temporaryRedirect(targetUri).build();
+ }
+
@Path("{realm}/login-actions")
public LoginActionsService getLoginActionsService(final @PathParam("realm") String name) {
RealmModel realm = init(name);
@@ -190,4 +236,30 @@ public class RealmsResource {
return Cors.add(request, responseBuilder).allowedOrigins("*").build();
}
+ /**
+ * A JAX-RS sub-resource locator that uses the {@link org.keycloak.services.resource.RealmResourceSPI} to resolve sub-resources instances given an <code>unknownPath</code>.
+ *
+ * @param unknownPath a path that is unknown to the server
+ * @return a JAX-RS sub-resource instance that maps to the given <code>unknownPath</code>. Otherwise null is returned.
+ */
+ @Path("{realm}/{unknow_path}")
+ public Object resolveUnknowPath(@PathParam("realm") String realmName, @PathParam("unknow_path") String unknownPath) {
+ List<ProviderFactory> factory = this.session.getKeycloakSessionFactory().getProviderFactories(RealmResourceProvider.class);
+
+ if (factory != null) {
+ RealmModel realm = init(realmName);
+
+ for (ProviderFactory providerFactory : factory) {
+ RealmResourceProviderFactory realmFactory = (RealmResourceProviderFactory) providerFactory;
+ RealmResourceProvider resourceProvider = realmFactory.create(realm, this.session);
+ Object resource = resourceProvider.getResource(unknownPath);
+
+ if (resource != null) {
+ return resource;
+ }
+ }
+ }
+
+ return null;
+ }
}