keycloak-aplcache
Changes
services/src/main/java/org/keycloak/authentication/forms/RegistrationPasswordValidation.java 4(+4 -0)
services/src/main/java/org/keycloak/authentication/forms/RegistrationProfileValidation.java 4(+4 -0)
Details
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
index 161ffe0..472f62f 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
@@ -177,6 +177,12 @@ public class AuthenticationProcessor {
}
@Override
+ public EventBuilder newEvent() {
+ AuthenticationProcessor.this.event = new EventBuilder(realm, session, connection);
+ return AuthenticationProcessor.this.event;
+ }
+
+ @Override
public AuthenticationExecutionModel.Requirement getCategoryRequirementFromCurrentFlow(String authenticatorCategory) {
List<AuthenticationExecutionModel> executions = realm.getAuthenticationExecutions(execution.getParentFlow());
for (AuthenticationExecutionModel exe : executions) {
@@ -463,7 +469,6 @@ public class AuthenticationProcessor {
public Response authenticate() throws AuthException {
checkClientSession();
logger.debug("AUTHENTICATE");
- event.event(EventType.LOGIN);
event.client(clientSession.getClient().getClientId())
.detail(Details.REDIRECT_URI, clientSession.getRedirectUri())
.detail(Details.AUTH_METHOD, clientSession.getAuthMethod());
@@ -505,7 +510,6 @@ public class AuthenticationProcessor {
resetFlow(clientSession);
return authenticate();
}
- event.event(EventType.LOGIN);
event.client(clientSession.getClient().getClientId())
.detail(Details.REDIRECT_URI, clientSession.getRedirectUri())
.detail(Details.AUTH_METHOD, clientSession.getAuthMethod());
@@ -536,7 +540,6 @@ public class AuthenticationProcessor {
public Response authenticateOnly() throws AuthException {
checkClientSession();
- event.event(EventType.LOGIN);
event.client(clientSession.getClient().getClientId())
.detail(Details.REDIRECT_URI, clientSession.getRedirectUri())
.detail(Details.AUTH_METHOD, clientSession.getAuthMethod());
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java b/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java
index c73e5ec..80654c7 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java
@@ -21,6 +21,7 @@ import javax.ws.rs.core.UriInfo;
*/
public interface AuthenticatorContext {
EventBuilder getEvent();
+ EventBuilder newEvent();
AuthenticationExecutionModel getExecution();
diff --git a/services/src/main/java/org/keycloak/authentication/FormAuthenticationFlow.java b/services/src/main/java/org/keycloak/authentication/FormAuthenticationFlow.java
index 1ef53eb..ab40717 100755
--- a/services/src/main/java/org/keycloak/authentication/FormAuthenticationFlow.java
+++ b/services/src/main/java/org/keycloak/authentication/FormAuthenticationFlow.java
@@ -44,7 +44,10 @@ public class FormAuthenticationFlow implements AuthenticationFlow {
this.delegate = delegate;
}
-
+ @Override
+ public EventBuilder newEvent() {
+ return delegate.newEvent();
+ }
@Override
public FormAuthenticator getFormAuthenticator() {
diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationPasswordValidation.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationPasswordValidation.java
index c8df503..565d7d3 100755
--- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationPasswordValidation.java
+++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationPasswordValidation.java
@@ -6,6 +6,8 @@ import org.keycloak.authentication.FormAction;
import org.keycloak.authentication.FormActionContext;
import org.keycloak.authentication.FormActionFactory;
import org.keycloak.authentication.FormAuthenticator;
+import org.keycloak.events.Details;
+import org.keycloak.events.Errors;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
@@ -33,6 +35,7 @@ public class RegistrationPasswordValidation implements FormAction, FormActionFac
public void authenticate(FormActionContext context) {
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
List<FormMessage> errors = new ArrayList<>();
+ context.getEvent().detail(Details.REGISTER_METHOD, "form");
if (Validation.isBlank(formData.getFirst(RegistrationPage.FIELD_PASSWORD))) {
errors.add(new FormMessage(RegistrationPage.FIELD_PASSWORD, Messages.MISSING_PASSWORD));
} else if (!formData.getFirst(RegistrationPage.FIELD_PASSWORD).equals(formData.getFirst(RegistrationPage.FIELD_PASSWORD_CONFIRM))) {
@@ -45,6 +48,7 @@ public class RegistrationPasswordValidation implements FormAction, FormActionFac
}
if (errors.size() > 0) {
+ context.getEvent().error(Errors.INVALID_REGISTRATION);
formData.remove(RegistrationPage.FIELD_PASSWORD);
formData.remove(RegistrationPage.FIELD_PASSWORD_CONFIRM);
Response challenge = context.getFormAuthenticator().createChallenge(context, formData, errors);
diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationProfileValidation.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationProfileValidation.java
index 9d0a11e..75d9cf3 100755
--- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationProfileValidation.java
+++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationProfileValidation.java
@@ -6,6 +6,7 @@ import org.keycloak.authentication.FormAction;
import org.keycloak.authentication.FormActionContext;
import org.keycloak.authentication.FormActionFactory;
import org.keycloak.authentication.FormAuthenticator;
+import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
@@ -35,6 +36,7 @@ public class RegistrationProfileValidation implements FormAction, FormActionFact
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
List<FormMessage> errors = new ArrayList<>();
+ context.getEvent().detail(Details.REGISTER_METHOD, "form");
String eventError = Errors.INVALID_REGISTRATION;
if (Validation.isBlank(formData.getFirst((RegistrationPage.FIELD_FIRST_NAME)))) {
@@ -50,12 +52,14 @@ public class RegistrationProfileValidation implements FormAction, FormActionFact
errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.MISSING_EMAIL));
} else if (!Validation.isEmailValid(email)) {
formData.remove(Validation.FIELD_EMAIL);
+ context.getEvent().detail(Details.EMAIL, email);
errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.INVALID_EMAIL));
}
if (context.getSession().users().getUserByEmail(email, context.getRealm()) != null) {
eventError = Errors.EMAIL_IN_USE;
formData.remove(Validation.FIELD_EMAIL);
+ context.getEvent().detail(Details.EMAIL, email);
errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.EMAIL_EXISTS));
}
diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationUserCreation.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationUserCreation.java
index 60c28b2..e218c54 100755
--- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationUserCreation.java
+++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationUserCreation.java
@@ -6,6 +6,8 @@ import org.keycloak.authentication.FormAction;
import org.keycloak.authentication.FormActionContext;
import org.keycloak.authentication.FormActionFactory;
import org.keycloak.authentication.FormAuthenticator;
+import org.keycloak.events.Details;
+import org.keycloak.events.EventType;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
@@ -37,6 +39,10 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
if (context.getRealm().isRegistrationEmailAsUsername()) {
username = formData.getFirst(RegistrationPage.FIELD_EMAIL);
}
+ context.getEvent().detail(Details.USERNAME, username)
+ .detail(Details.REGISTER_METHOD, "form")
+ .detail(Details.EMAIL, email)
+ ;
UserModel user = context.getSession().users().addUser(context.getRealm(), username);
user.setEnabled(true);
user.setFirstName(formData.getFirst("firstName"));
@@ -62,6 +68,15 @@ public class RegistrationUserCreation implements FormAction, FormActionFactory {
}
context.getEvent().user(user);
context.success();
+ context.getEvent().success();
+ context.newEvent().event(EventType.LOGIN);
+ context.getEvent().client(context.getClientSession().getClient().getClientId())
+ .detail(Details.REDIRECT_URI, context.getClientSession().getRedirectUri())
+ .detail(Details.AUTH_METHOD, context.getClientSession().getAuthMethod());
+ String authType = context.getClientSession().getNote(Details.AUTH_TYPE);
+ if (authType != null) {
+ context.getEvent().detail(Details.AUTH_TYPE, authType);
+ }
}
@Override
diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationUsernameValidation.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationUsernameValidation.java
index fa5e8e4..be406e3 100755
--- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationUsernameValidation.java
+++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationUsernameValidation.java
@@ -6,6 +6,7 @@ import org.keycloak.authentication.FormAction;
import org.keycloak.authentication.FormActionContext;
import org.keycloak.authentication.FormActionFactory;
import org.keycloak.authentication.FormAuthenticator;
+import org.keycloak.events.Details;
import org.keycloak.events.Errors;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
@@ -34,13 +35,17 @@ public class RegistrationUsernameValidation implements FormAction, FormActionFac
public void authenticate(FormActionContext context) {
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
List<FormMessage> errors = new ArrayList<>();
+ context.getEvent().detail(Details.REGISTER_METHOD, "form");
String email = formData.getFirst(Validation.FIELD_EMAIL);
String username = formData.getFirst(RegistrationPage.FIELD_USERNAME);
+ context.getEvent().detail(Details.USERNAME, username);
+ context.getEvent().detail(Details.EMAIL, email);
String usernameField = RegistrationPage.FIELD_USERNAME;
if (context.getRealm().isRegistrationEmailAsUsername()) {
username = email;
+ context.getEvent().detail(Details.USERNAME, username);
usernameField = RegistrationPage.FIELD_EMAIL;
if (Validation.isBlank(email)) {
errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.MISSING_EMAIL));
@@ -55,9 +60,9 @@ public class RegistrationUsernameValidation implements FormAction, FormActionFac
return;
}
if (email != null && context.getSession().users().getUserByEmail(email, context.getRealm()) != null) {
- context.getEvent().error(Errors.EMAIL_IN_USE);
+ context.getEvent().error(Errors.USERNAME_IN_USE);
formData.remove(Validation.FIELD_EMAIL);
- errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.EMAIL_EXISTS));
+ errors.add(new FormMessage(RegistrationPage.FIELD_EMAIL, Messages.USERNAME_EXISTS));
Response challenge = context.getFormAuthenticator().createChallenge(context, formData, errors);
context.challenge(challenge);
return;
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
index e938732..c2a42eb 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
@@ -249,6 +249,7 @@ public class AuthorizationEndpoint {
}
protected Response browserAuthentication(String accessCode) {
+ this.event.event(EventType.LOGIN);
List<IdentityProviderModel> identityProviders = realm.getIdentityProviders();
for (IdentityProviderModel identityProvider : identityProviders) {
if (identityProvider.isAuthenticateByDefault()) {
diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
index 57b16a7..9f223d2 100755
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
@@ -466,6 +466,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
}
protected Response browserAuthentication(ClientSessionModel clientSession, String errorMessage) {
+ this.event.event(EventType.LOGIN);
AuthenticationFlowModel flow = realmModel.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW);
String flowId = flow.getId();
AuthenticationProcessor processor = new AuthenticationProcessor();
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
index b97a9d3..d621e46 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
@@ -166,7 +166,7 @@ public class AccountTest {
});
}
- @Test
+ //@Test
public void ideTesting() throws Exception {
Thread.sleep(100000000);
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/AssertEvents.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/AssertEvents.java
index e6851b5..3d70977 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/AssertEvents.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/AssertEvents.java
@@ -167,7 +167,6 @@ public class AssertEvents implements TestRule, EventListenerProviderFactory {
.user(user != null ? user.getId() : null)
.detail(Details.USERNAME, username)
.detail(Details.EMAIL, email)
- .detail(Details.RESPONSE_TYPE, "code")
.detail(Details.REGISTER_METHOD, "form")
.detail(Details.REDIRECT_URI, DEFAULT_REDIRECT_URI);
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/RegisterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/RegisterTest.java
index cf2fd77..7c3143a 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/RegisterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/RegisterTest.java
@@ -80,7 +80,9 @@ public class RegisterTest {
registerPage.assertCurrent();
Assert.assertEquals("Username already exists.", registerPage.getError());
- events.expectRegister("test-user@localhost", "registerExistingUser@email").user((String) null).error("username_in_use").assertEvent();
+ events.expectRegister("test-user@localhost", "registerExistingUser@email")
+ .removeDetail(Details.EMAIL)
+ .user((String) null).error("username_in_use").assertEvent();
}
@Test
@@ -94,7 +96,10 @@ public class RegisterTest {
registerPage.assertCurrent();
Assert.assertEquals("Password confirmation doesn't match.", registerPage.getError());
- events.expectRegister("registerUserInvalidPasswordConfirm", "registerUserInvalidPasswordConfirm@email").user((String) null).error("invalid_registration").assertEvent();
+ events.expectRegister("registerUserInvalidPasswordConfirm", "registerUserInvalidPasswordConfirm@email")
+ .removeDetail(Details.USERNAME)
+ .removeDetail(Details.EMAIL)
+ .user((String) null).error("invalid_registration").assertEvent();
}
@Test
@@ -108,7 +113,10 @@ public class RegisterTest {
registerPage.assertCurrent();
Assert.assertEquals("Please specify password.", registerPage.getError());
- events.expectRegister("registerUserMissingPassword", "registerUserMissingPassword@email").user((String) null).error("invalid_registration").assertEvent();
+ events.expectRegister("registerUserMissingPassword", "registerUserMissingPassword@email")
+ .removeDetail(Details.USERNAME)
+ .removeDetail(Details.EMAIL)
+ .user((String) null).error("invalid_registration").assertEvent();
}
@Test
@@ -130,7 +138,10 @@ public class RegisterTest {
registerPage.assertCurrent();
Assert.assertEquals("Invalid password: minimum length 8.", registerPage.getError());
- events.expectRegister("registerPasswordPolicy", "registerPasswordPolicy@email").user((String) null).error("invalid_registration").assertEvent();
+ events.expectRegister("registerPasswordPolicy", "registerPasswordPolicy@email")
+ .removeDetail(Details.USERNAME)
+ .removeDetail(Details.EMAIL)
+ .user((String) null).error("invalid_registration").assertEvent();
registerPage.register("firstName", "lastName", "registerPasswordPolicy@email", "registerPasswordPolicy", "password", "password");
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
@@ -159,7 +170,10 @@ public class RegisterTest {
registerPage.assertCurrent();
Assert.assertEquals("Please specify username.", registerPage.getError());
- events.expectRegister(null, "registerUserMissingUsername@email").removeDetail("username").error("invalid_registration").assertEvent();
+ events.expectRegister(null, "registerUserMissingUsername@email")
+ .removeDetail(Details.USERNAME)
+ .removeDetail(Details.EMAIL)
+ .error("invalid_registration").assertEvent();
}
@Test
@@ -171,12 +185,15 @@ public class RegisterTest {
registerPage.register("firstName", "lastName", null, "registerUserMissingEmail", "password", "password");
registerPage.assertCurrent();
Assert.assertEquals("Please specify email.", registerPage.getError());
- events.expectRegister("registerUserMissingEmail", null).removeDetail("email").error("invalid_registration").assertEvent();
+ events.expectRegister("registerUserMissingEmail", null)
+ .removeDetail("email")
+ .error("invalid_registration").assertEvent();
registerPage.register("firstName", "lastName", "registerUserInvalidEmailemail", "registerUserInvalidEmail", "password", "password");
registerPage.assertCurrent();
Assert.assertEquals("Invalid email address.", registerPage.getError());
- events.expectRegister("registerUserInvalidEmail", "registerUserInvalidEmailemail").error("invalid_registration").assertEvent();
+ events.expectRegister("registerUserInvalidEmail", "registerUserInvalidEmailemail")
+ .error("invalid_registration").assertEvent();
}
@Test