Details
diff --git a/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java b/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java
index 90043ac..8e9242c 100755
--- a/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java
+++ b/examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java
@@ -66,7 +66,7 @@ public class DemoApplication extends KeycloakApplication {
manager.generateRealmKeys(defaultRealm);
defaultRealm.updateRealm();
defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
- defaultRealm.getIdm().add(new SimpleRole(RegistrationService.REALM_CREATOR_ROLE));
+ defaultRealm.addRole(RegistrationService.REALM_CREATOR_ROLE);
RealmRepresentation rep = loadJson("META-INF/testrealm.json");
RealmModel realm = manager.createRealm("demo", rep.getRealm());
diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
index 00c8bd2..24a9225 100755
--- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
@@ -72,7 +72,7 @@ public class AuthenticationManager {
expireIdentityCookie(realm, uriInfo);
return null;
}
- User user = realm.getIdm().getUser(token.getPrincipal());
+ User user = realm.getUser(token.getPrincipal());
if (user == null || !user.isEnabled()) {
logger.info("Unknown user in identity cookie");
expireIdentityCookie(realm, uriInfo);
@@ -104,7 +104,7 @@ public class AuthenticationManager {
if (!token.isActive()) {
throw new NotAuthorizedException("token_expired");
}
- User user = realm.getIdm().getUser(token.getPrincipal());
+ User user = realm.getUser(token.getPrincipal());
if (user == null || !user.isEnabled()) {
throw new NotAuthorizedException("invalid_user");
}
@@ -136,25 +136,13 @@ public class AuthenticationManager {
logger.warn("TOTP token not provided");
return false;
}
- TOTPCredentials creds = new TOTPCredentials();
- creds.setToken(token);
- creds.setUsername(username);
- creds.setPassword(new Password(password));
- realm.getIdm().validateCredentials(creds);
- if (creds.getStatus() != Credentials.Status.VALID) {
- return false;
- }
+ return realm.validateTOTP(user, password, token);
} else {
- UsernamePasswordCredentials creds = new UsernamePasswordCredentials(username, new Password(password));
- realm.getIdm().validateCredentials(creds);
- if (creds.getStatus() != Credentials.Status.VALID) {
- return false;
- }
+ return realm.validatePassword(user, password);
}
} else {
logger.warn("Do not know how to authenticate user");
return false;
}
- return true;
}
}
diff --git a/services/src/main/java/org/keycloak/services/managers/InstallationManager.java b/services/src/main/java/org/keycloak/services/managers/InstallationManager.java
index 0cb0efc..1da60e7 100755
--- a/services/src/main/java/org/keycloak/services/managers/InstallationManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/InstallationManager.java
@@ -23,7 +23,7 @@ public class InstallationManager {
manager.generateRealmKeys(defaultRealm);
defaultRealm.updateRealm();
defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
- defaultRealm.getIdm().add(new SimpleRole(RegistrationService.REALM_CREATOR_ROLE));
+ defaultRealm.addRole(RegistrationService.REALM_CREATOR_ROLE);
}
public boolean isInstalled(RealmManager manager) {
diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index d2a512e..69b6b2d 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -139,7 +139,7 @@ public class RealmManager {
user.setAttribute(new Attribute<String>(entry.getKey(), entry.getValue()));
}
}
- newRealm.getIdm().add(user);
+ newRealm.addUser(user);
if (userRep.getCredentials() != null) {
for (CredentialRepresentation cred : userRep.getCredentials()) {
UserCredentialModel credential = new UserCredentialModel();
@@ -155,7 +155,7 @@ public class RealmManager {
for (RoleRepresentation roleRep : rep.getRoles()) {
SimpleRole role = new SimpleRole(roleRep.getName());
if (roleRep.getDescription() != null) role.setAttribute(new Attribute<String>("description", roleRep.getDescription()));
- newRealm.getIdm().add(role);
+ newRealm.addRole(role);
}
}
@@ -167,12 +167,12 @@ public class RealmManager {
for (RoleMappingRepresentation mapping : rep.getRoleMappings()) {
User user = userMap.get(mapping.getUsername());
for (String roleString : mapping.getRoles()) {
- Role role = newRealm.getIdm().getRole(roleString.trim());
+ Role role = newRealm.getRole(roleString.trim());
if (role == null) {
role = new SimpleRole(roleString.trim());
- newRealm.getIdm().add(role);
+ newRealm.addRole(role);
}
- newRealm.getIdm().grantRole(user, role);
+ newRealm.grantRole(user, role);
}
}
}
@@ -180,10 +180,10 @@ public class RealmManager {
if (rep.getScopeMappings() != null) {
for (ScopeMappingRepresentation scope : rep.getScopeMappings()) {
for (String roleString : scope.getRoles()) {
- Role role = newRealm.getIdm().getRole(roleString.trim());
+ Role role = newRealm.getRole(roleString.trim());
if (role == null) {
role = new SimpleRole(roleString.trim());
- newRealm.getIdm().add(role);
+ newRealm.addRole(role);
}
User user = userMap.get(scope.getUsername());
newRealm.addScope(user, role.getName());
@@ -194,7 +194,7 @@ public class RealmManager {
}
protected void createResources(RealmRepresentation rep, RealmModel realm, Map<String, User> userMap) {
- Role loginRole = realm.getIdm().getRole(RealmManager.RESOURCE_ROLE);
+ Role loginRole = realm.getRole(RealmManager.RESOURCE_ROLE);
for (ResourceRepresentation resourceRep : rep.getResources()) {
ResourceModel resource = realm.addResource(resourceRep.getName());
resource.setManagementUrl(resourceRep.getAdminUrl());
@@ -211,26 +211,26 @@ public class RealmManager {
}
}
userMap.put(resourceUser.getLoginName(), resourceUser);
- realm.getIdm().grantRole(resourceUser, loginRole);
+ realm.grantRole(resourceUser, loginRole);
if (resourceRep.getRoles() != null) {
for (RoleRepresentation roleRep : resourceRep.getRoles()) {
SimpleRole role = new SimpleRole(roleRep.getName());
if (roleRep.getDescription() != null) role.setAttribute(new Attribute<String>("description", roleRep.getDescription()));
- resource.getIdm().add(role);
+ resource.addRole(role);
}
}
if (resourceRep.getRoleMappings() != null) {
for (RoleMappingRepresentation mapping : resourceRep.getRoleMappings()) {
User user = userMap.get(mapping.getUsername());
for (String roleString : mapping.getRoles()) {
- Role role = resource.getIdm().getRole(roleString.trim());
+ Role role = resource.getRole(roleString.trim());
if (role == null) {
role = new SimpleRole(roleString.trim());
- resource.getIdm().add(role);
+ resource.addRole(role);
}
- realm.getIdm().grantRole(user, role);
+ realm.grantRole(user, role);
}
}
}
@@ -238,10 +238,10 @@ public class RealmManager {
for (ScopeMappingRepresentation mapping : resourceRep.getScopeMappings()) {
User user = userMap.get(mapping.getUsername());
for (String roleString : mapping.getRoles()) {
- Role role = resource.getIdm().getRole(roleString.trim());
+ Role role = resource.getRole(roleString.trim());
if (role == null) {
role = new SimpleRole(roleString.trim());
- resource.getIdm().add(role);
+ resource.addRole(role);
}
resource.addScope(user, role.getName());
}
diff --git a/services/src/main/java/org/keycloak/services/managers/TokenManager.java b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
index a50fbff..881f88a 100755
--- a/services/src/main/java/org/keycloak/services/managers/TokenManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
@@ -75,7 +75,7 @@ public class TokenManager {
(scopeRequest == null || scopeRequest.contains(role)) &&
(scope.contains("*") || scope.contains(role))
)
- realmRolesRequested.add(realm.getIdm().getRole(role));
+ realmRolesRequested.add(realm.getRole(role));
}
}
}
@@ -94,7 +94,7 @@ public class TokenManager {
(scopeRequest == null || scopeRequest.contains(role)) &&
(scope.contains("*") || scope.contains(role))
)
- resourceRolesRequested.add(resource.getName(), resource.getIdm().getRole(role));
+ resourceRolesRequested.add(resource.getName(), resource.getRole(role));
}
}
}
diff --git a/services/src/main/java/org/keycloak/services/models/KeycloakSession.java b/services/src/main/java/org/keycloak/services/models/KeycloakSession.java
new file mode 100755
index 0000000..d245db9
--- /dev/null
+++ b/services/src/main/java/org/keycloak/services/models/KeycloakSession.java
@@ -0,0 +1,11 @@
+package org.keycloak.services.models;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public interface KeycloakSession {
+ KeycloakTransaction getTransaction();
+
+ void close();
+}
diff --git a/services/src/main/java/org/keycloak/services/models/KeycloakSessionFactory.java b/services/src/main/java/org/keycloak/services/models/KeycloakSessionFactory.java
new file mode 100755
index 0000000..28b326e
--- /dev/null
+++ b/services/src/main/java/org/keycloak/services/models/KeycloakSessionFactory.java
@@ -0,0 +1,8 @@
+package org.keycloak.services.models;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public interface KeycloakSessionFactory {
+}
diff --git a/services/src/main/java/org/keycloak/services/models/KeycloakTransaction.java b/services/src/main/java/org/keycloak/services/models/KeycloakTransaction.java
new file mode 100755
index 0000000..bc2e08d
--- /dev/null
+++ b/services/src/main/java/org/keycloak/services/models/KeycloakTransaction.java
@@ -0,0 +1,13 @@
+package org.keycloak.services.models;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public interface KeycloakTransaction {
+ void begin();
+ void commit();
+ void rollback();
+ void setRollbackOnly();
+ boolean getRollbackOnly();
+ boolean isActive();}
diff --git a/services/src/main/java/org/keycloak/services/models/RealmModel.java b/services/src/main/java/org/keycloak/services/models/RealmModel.java
index 171e57d..6020194 100755
--- a/services/src/main/java/org/keycloak/services/models/RealmModel.java
+++ b/services/src/main/java/org/keycloak/services/models/RealmModel.java
@@ -10,8 +10,11 @@ import org.keycloak.services.models.relationships.RequiredCredentialRelationship
import org.keycloak.services.models.relationships.ScopeRelationship;
import org.picketlink.idm.IdentitySession;
import org.picketlink.idm.IdentityManager;
+import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.credential.TOTPCredential;
+import org.picketlink.idm.credential.TOTPCredentials;
+import org.picketlink.idm.credential.UsernamePasswordCredentials;
import org.picketlink.idm.credential.X509CertificateCredentials;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.model.Attribute;
@@ -67,7 +70,7 @@ public class RealmModel {
realmAgent = getIdm().getAgent(REALM_AGENT_ID);
}
- public IdentityManager getIdm() {
+ protected IdentityManager getIdm() {
if (idm == null) idm = identitySession.createIdentityManager(realm);
return idm;
}
@@ -236,6 +239,21 @@ public class RealmModel {
idm.add(relationship);
}
+ public boolean validatePassword(User user, String password) {
+ UsernamePasswordCredentials creds = new UsernamePasswordCredentials(user.getLoginName(), new Password(password));
+ getIdm().validateCredentials(creds);
+ return creds.getStatus() == Credentials.Status.VALID;
+ }
+
+ public boolean validateTOTP(User user, String password, String token) {
+ TOTPCredentials creds = new TOTPCredentials();
+ creds.setToken(token);
+ creds.setUsername(user.getLoginName());
+ creds.setPassword(new Password(password));
+ getIdm().validateCredentials(creds);
+ return creds.getStatus() == Credentials.Status.VALID;
+ }
+
public void updateCredential(User user, UserCredentialModel cred) {
IdentityManager idm = getIdm();
if (cred.getType().equals(RequiredCredentialRepresentation.PASSWORD)) {
@@ -256,6 +274,28 @@ public class RealmModel {
}
}
+ public User getUser(String name) {
+ return getIdm().getUser(name);
+ }
+
+ public void addUser(User user) {
+ getIdm().add(user);
+ }
+
+ public Role getRole(String name) {
+ return getIdm().getRole(name);
+ }
+
+ public Role addRole(String name) {
+ Role role = new SimpleRole(name);
+ getIdm().add(role);
+ return role;
+ }
+
+ public void addRole(Role role) {
+ getIdm().add(role);
+ }
+
public List<Role> getRoles() {
IdentityManager idm = getIdm();
IdentityQuery<Role> query = idm.createIdentityQuery(Role.class);
@@ -305,11 +345,19 @@ public class RealmModel {
relationship.setResourceUser(resourceUser);
idm.add(relationship);
ResourceModel resource = new ResourceModel(newTier, relationship, this, identitySession);
- resource.getIdm().add(new SimpleRole("*"));
+ resource.addRole(new SimpleRole("*"));
resource.addScope(resourceUser, "*");
return resource;
}
+ public boolean hasRole(User user, Role role) {
+ return getIdm().hasRole(user, role);
+ }
+
+ public void grantRole(User user, Role role) {
+ getIdm().grantRole(user, role);
+ }
+
public Set<String> getRoleMappings(User user) {
RelationshipQuery<Grant> query = getIdm().createRelationshipQuery(Grant.class);
query.setParameter(Grant.ASSIGNEE, user);
diff --git a/services/src/main/java/org/keycloak/services/models/ResourceModel.java b/services/src/main/java/org/keycloak/services/models/ResourceModel.java
index f9b5ca3..ee07bba 100755
--- a/services/src/main/java/org/keycloak/services/models/ResourceModel.java
+++ b/services/src/main/java/org/keycloak/services/models/ResourceModel.java
@@ -7,6 +7,7 @@ import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.model.Grant;
import org.picketlink.idm.model.Role;
+import org.picketlink.idm.model.SimpleRole;
import org.picketlink.idm.model.Tier;
import org.picketlink.idm.model.User;
import org.picketlink.idm.query.IdentityQuery;
@@ -34,7 +35,7 @@ public class ResourceModel {
this.identitySession = session;
}
- public IdentityManager getIdm() {
+ protected IdentityManager getIdm() {
if (idm == null) idm = identitySession.createIdentityManager(tier);
return idm;
}
@@ -83,6 +84,28 @@ public class ResourceModel {
agent.setManagementUrl(url);
}
+ public User getUser(String name) {
+ return getIdm().getUser(name);
+ }
+
+ public void addUser(User user) {
+ getIdm().add(user);
+ }
+
+ public Role getRole(String name) {
+ return getIdm().getRole(name);
+ }
+
+ public Role addRole(String name) {
+ Role role = new SimpleRole(name);
+ getIdm().add(role);
+ return role;
+ }
+
+ public void addRole(Role role) {
+ getIdm().add(role);
+ }
+
public List<Role> getRoles() {
IdentityQuery<Role> query = getIdm().createIdentityQuery(Role.class);
query.setParameter(Role.PARTITION, tier);
diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
index f5cef80..69a2b47 100755
--- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
@@ -94,8 +94,8 @@ public class RealmsResource {
RealmManager realmManager = new RealmManager(identitySession);
RealmModel defaultRealm = realmManager.getRealm(Realm.DEFAULT_REALM);
User realmCreator = new AuthenticationManager().authenticateBearerToken(defaultRealm, headers);
- Role creatorRole = defaultRealm.getIdm().getRole(RegistrationService.REALM_CREATOR_ROLE);
- if (!defaultRealm.getIdm().hasRole(realmCreator, creatorRole)) {
+ Role creatorRole = defaultRealm.getRole(RegistrationService.REALM_CREATOR_ROLE);
+ if (!defaultRealm.hasRole(realmCreator, creatorRole)) {
logger.warn("not a realm creator");
throw new NotAuthorizedException("Bearer");
}
diff --git a/services/src/main/java/org/keycloak/services/resources/RegistrationService.java b/services/src/main/java/org/keycloak/services/resources/RegistrationService.java
index 7bd38fe..7dbc9cc 100755
--- a/services/src/main/java/org/keycloak/services/resources/RegistrationService.java
+++ b/services/src/main/java/org/keycloak/services/resources/RegistrationService.java
@@ -49,21 +49,21 @@ public class RegistrationService {
if (!defaultRealm.isRegistrationAllowed()) {
throw new ForbiddenException();
}
- User user = defaultRealm.getIdm().getUser(newUser.getUsername());
+ User user = defaultRealm.getUser(newUser.getUsername());
if (user != null) {
return Response.status(400).type("text/plain").entity("user exists").build();
}
user = new SimpleUser(newUser.getUsername());
- defaultRealm.getIdm().add(user);
+ defaultRealm.addUser(user);
for (CredentialRepresentation cred : newUser.getCredentials()) {
UserCredentialModel credModel = new UserCredentialModel();
credModel.setType(cred.getType());
credModel.setValue(cred.getValue());
defaultRealm.updateCredential(user, credModel);
}
- Role realmCreator = defaultRealm.getIdm().getRole(REALM_CREATOR_ROLE);
- defaultRealm.getIdm().grantRole(user, realmCreator);
+ Role realmCreator = defaultRealm.getRole(REALM_CREATOR_ROLE);
+ defaultRealm.grantRole(user, realmCreator);
identitySession.getTransaction().commit();
URI uri = uriInfo.getBaseUriBuilder().path(RealmsResource.class).path(user.getLoginName()).build();
return Response.created(uri).build();
diff --git a/services/src/main/java/org/keycloak/services/resources/TokenService.java b/services/src/main/java/org/keycloak/services/resources/TokenService.java
index 8fc87af..7274dc0 100755
--- a/services/src/main/java/org/keycloak/services/resources/TokenService.java
+++ b/services/src/main/java/org/keycloak/services/resources/TokenService.java
@@ -125,7 +125,7 @@ public class TokenService {
if (!realm.isEnabled()) {
throw new NotAuthorizedException("Disabled realm");
}
- User user = realm.getIdm().getUser(username);
+ User user = realm.getUser(username);
if (user == null) {
throw new NotAuthorizedException("No user");
}
@@ -154,7 +154,7 @@ public class TokenService {
if (!realm.isEnabled()) {
throw new NotAuthorizedException("Disabled realm");
}
- User user = realm.getIdm().getUser(username);
+ User user = realm.getUser(username);
if (user == null) {
throw new NotAuthorizedException("No user");
}
@@ -183,7 +183,7 @@ public class TokenService {
securityFailureForward("Realm not enabled.");
return null;
}
- User client = realm.getIdm().getUser(clientId);
+ User client = realm.getUser(clientId);
if (client == null) {
securityFailureForward("Unknown login requester.");
return null;
@@ -193,7 +193,7 @@ public class TokenService {
return null;
}
String username = formData.getFirst("username");
- User user = realm.getIdm().getUser(username);
+ User user = realm.getUser(username);
if (user == null) {
logger.error("Incorrect user name.");
request.setAttribute("KEYCLOAK_LOGIN_ERROR_MESSAGE", "Incorrect user name.");
@@ -217,10 +217,10 @@ public class TokenService {
}
protected Response processAccessCode(String scopeParam, String state, String redirect, User client, User user) {
- Role resourceRole = realm.getIdm().getRole(RealmManager.RESOURCE_ROLE);
- Role identityRequestRole = realm.getIdm().getRole(RealmManager.IDENTITY_REQUESTER_ROLE);
- boolean isResource = realm.getIdm().hasRole(client, resourceRole);
- if (!isResource && !realm.getIdm().hasRole(client, identityRequestRole)) {
+ Role resourceRole = realm.getRole(RealmManager.RESOURCE_ROLE);
+ Role identityRequestRole = realm.getRole(RealmManager.IDENTITY_REQUESTER_ROLE);
+ boolean isResource = realm.hasRole(client, resourceRole);
+ if (!isResource && !realm.hasRole(client, identityRequestRole)) {
securityFailureForward("Login requester not allowed to request login.");
identitySession.close();
return null;
@@ -274,7 +274,7 @@ public class TokenService {
error.put("error_description", "client_id not specified");
return Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build();
}
- User client = realm.getIdm().getUser(client_id);
+ User client = realm.getUser(client_id);
if (client == null) {
logger.debug("Could not find user");
Map<String, String> error = new HashMap<String, String>();
@@ -403,7 +403,7 @@ public class TokenService {
securityFailureForward("Realm not enabled");
return null;
}
- User client = realm.getIdm().getUser(clientId);
+ User client = realm.getUser(clientId);
if (client == null) {
securityFailureForward("Unknown login requester.");
return null;
@@ -415,10 +415,10 @@ public class TokenService {
return null;
}
- Role resourceRole = realm.getIdm().getRole(RealmManager.RESOURCE_ROLE);
- Role identityRequestRole = realm.getIdm().getRole(RealmManager.IDENTITY_REQUESTER_ROLE);
- boolean isResource = realm.getIdm().hasRole(client, resourceRole);
- if (!isResource && !realm.getIdm().hasRole(client, identityRequestRole)) {
+ Role resourceRole = realm.getRole(RealmManager.RESOURCE_ROLE);
+ Role identityRequestRole = realm.getRole(RealmManager.IDENTITY_REQUESTER_ROLE);
+ boolean isResource = realm.hasRole(client, resourceRole);
+ if (!isResource && !realm.hasRole(client, identityRequestRole)) {
securityFailureForward("Login requester not allowed to request login.");
identitySession.close();
return null;
diff --git a/services/src/test/java/org/keycloak/test/AdapterTest.java b/services/src/test/java/org/keycloak/test/AdapterTest.java
index 1bcbca6..8b8b5ae 100755
--- a/services/src/test/java/org/keycloak/test/AdapterTest.java
+++ b/services/src/test/java/org/keycloak/test/AdapterTest.java
@@ -148,30 +148,26 @@ public class AdapterTest {
public void testCredentialValidation() throws Exception {
test1CreateRealm();
User user = new SimpleUser("bburke");
- realmModel.getIdm().add(user);
+ realmModel.addUser(user);
UserCredentialModel cred = new UserCredentialModel();
cred.setType(RequiredCredentialRepresentation.PASSWORD);
cred.setValue("geheim");
realmModel.updateCredential(user, cred);
- IdentityManager idm = realmModel.getIdm();
- UsernamePasswordCredentials creds = new UsernamePasswordCredentials(user.getLoginName(), new Password("geheim"));
- idm.validateCredentials(creds);
- Assert.assertEquals(creds.getStatus(), Credentials.Status.VALID);
+ Assert.assertTrue(realmModel.validatePassword(user, "geheim"));
}
@Test
public void testRoles() throws Exception {
test1CreateRealm();
- IdentityManager idm = realmModel.getIdm();
- idm.add(new SimpleRole("admin"));
- idm.add(new SimpleRole("user"));
+ realmModel.addRole(new SimpleRole("admin"));
+ realmModel.addRole(new SimpleRole("user"));
List<Role> roles = realmModel.getRoles();
Assert.assertEquals(5, roles.size());
SimpleUser user = new SimpleUser("bburke");
- idm.add(user);
- Role role = idm.getRole("user");
- idm.grantRole(user, role);
- Assert.assertTrue(idm.hasRole(user, role));
+ realmModel.addUser(user);
+ Role role = realmModel.getRole("user");
+ realmModel.grantRole(user, role);
+ Assert.assertTrue(realmModel.hasRole(user, role));
}
diff --git a/services/src/test/java/org/keycloak/test/ImportTest.java b/services/src/test/java/org/keycloak/test/ImportTest.java
index c785e21..850708f 100755
--- a/services/src/test/java/org/keycloak/test/ImportTest.java
+++ b/services/src/test/java/org/keycloak/test/ImportTest.java
@@ -96,13 +96,13 @@ public class ImportTest {
manager.generateRealmKeys(defaultRealm);
defaultRealm.updateRealm();
defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
- defaultRealm.getIdm().add(new SimpleRole(RegistrationService.REALM_CREATOR_ROLE));
+ defaultRealm.addRole(new SimpleRole(RegistrationService.REALM_CREATOR_ROLE));
RealmRepresentation rep = KeycloakTestBase.loadJson("testrealm.json");
RealmModel realm = manager.createRealm("demo", rep.getRealm());
manager.importRealm(rep, realm);
- User user = realm.getIdm().getUser("loginclient");
+ User user = realm.getUser("loginclient");
Assert.assertNotNull(user);
Set<String> scopes = realm.getScope(user);
System.out.println("Scopes size: " + scopes.size());
