keycloak-aplcache
Changes
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java 12(+6 -6)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java 28(+14 -14)
services/src/main/java/org/keycloak/authentication/authenticators/CookieAuthenticatorFactory.java 5(+2 -3)
services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticator.java 7(+1 -6)
services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticatorFactory.java 6(+3 -3)
services/src/main/java/org/keycloak/authentication/authenticators/SpnegoAuthenticatorFactory.java 4(+2 -2)
services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordForm.java 7(+1 -6)
services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordFormFactory.java 6(+3 -3)
Details
diff --git a/connections/jpa/src/main/resources/META-INF/persistence.xml b/connections/jpa/src/main/resources/META-INF/persistence.xml
index 08d51a9..3fac88c 100755
--- a/connections/jpa/src/main/resources/META-INF/persistence.xml
+++ b/connections/jpa/src/main/resources/META-INF/persistence.xml
@@ -27,7 +27,7 @@
<class>org.keycloak.models.jpa.entities.UserConsentProtocolMapperEntity</class>
<class>org.keycloak.models.jpa.entities.AuthenticationFlowEntity</class>
<class>org.keycloak.models.jpa.entities.AuthenticationExecutionEntity</class>
- <class>org.keycloak.models.jpa.entities.AuthenticatorEntity</class>
+ <class>org.keycloak.models.jpa.entities.AuthenticatorConfigEntity</class>
<class>org.keycloak.models.jpa.entities.RequiredActionProviderEntity</class>
<!-- JpaUserSessionProvider -->
diff --git a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.4.0.xml b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.4.0.xml
index 8c00cb6..3134b12 100755
--- a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.4.0.xml
+++ b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.4.0.xml
@@ -12,6 +12,9 @@
<constraints nullable="true"/>
</column>
</addColumn>
+ <dropColumn tableName="AUTHENTICATOR" columnName="PROVIDER_ID"/>
+ <renameTable oldTableName="AUTHENTICATOR_CONFIG" newTableName="AUTHENTICATOR_CONFIG_ENTRY"/>
+ <renameTable oldTableName="AUTHENTICATOR" newTableName="AUTHENTICATOR_CONFIG"/>
<!-- OAUTH_GRANT,
CODE_TO_TOKEN,
VERIFY_EMAIL,
diff --git a/model/api/src/main/java/org/keycloak/models/AuthenticationExecutionModel.java b/model/api/src/main/java/org/keycloak/models/AuthenticationExecutionModel.java
index 11dfadf..15a599f 100755
--- a/model/api/src/main/java/org/keycloak/models/AuthenticationExecutionModel.java
+++ b/model/api/src/main/java/org/keycloak/models/AuthenticationExecutionModel.java
@@ -20,6 +20,7 @@ public class AuthenticationExecutionModel implements Serializable {
}
private String id;
+ private String authenticatorConfig;
private String authenticator;
private boolean autheticatorFlow;
private Requirement requirement;
@@ -35,6 +36,14 @@ public class AuthenticationExecutionModel implements Serializable {
this.id = id;
}
+ public String getAuthenticatorConfig() {
+ return authenticatorConfig;
+ }
+
+ public void setAuthenticatorConfig(String authenticatorConfig) {
+ this.authenticatorConfig = authenticatorConfig;
+ }
+
public String getAuthenticator() {
return authenticator;
}
diff --git a/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java b/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
index 0548d49..c8bcecd 100755
--- a/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
+++ b/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
@@ -2,10 +2,8 @@ package org.keycloak.models.entities;
import java.util.ArrayList;
import java.util.HashMap;
-import java.util.HashSet;
import java.util.List;
import java.util.Map;
-import java.util.Set;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@@ -77,7 +75,7 @@ public class RealmEntity extends AbstractIdentifiableEntity {
private String defaultLocale;
private List<IdentityProviderMapperEntity> identityProviderMappers = new ArrayList<IdentityProviderMapperEntity>();
private List<AuthenticationFlowEntity> authenticationFlows = new ArrayList<>();
- private List<AuthenticatorEntity> authenticators = new ArrayList<>();
+ private List<AuthenticatorConfigEntity> authenticatorConfigs = new ArrayList<>();
private List<RequiredActionProviderEntity> requiredActionProviders = new ArrayList<>();
@@ -496,12 +494,12 @@ public class RealmEntity extends AbstractIdentifiableEntity {
this.authenticationFlows = authenticationFlows;
}
- public List<AuthenticatorEntity> getAuthenticators() {
- return authenticators;
+ public List<AuthenticatorConfigEntity> getAuthenticatorConfigs() {
+ return authenticatorConfigs;
}
- public void setAuthenticators(List<AuthenticatorEntity> authenticators) {
- this.authenticators = authenticators;
+ public void setAuthenticatorConfigs(List<AuthenticatorConfigEntity> authenticators) {
+ this.authenticatorConfigs = authenticators;
}
public List<RequiredActionProviderEntity> getRequiredActionProviders() {
diff --git a/model/api/src/main/java/org/keycloak/models/RealmModel.java b/model/api/src/main/java/org/keycloak/models/RealmModel.java
index 8aaec24..27af04e 100755
--- a/model/api/src/main/java/org/keycloak/models/RealmModel.java
+++ b/model/api/src/main/java/org/keycloak/models/RealmModel.java
@@ -193,11 +193,11 @@ public interface RealmModel extends RoleContainerModel {
void removeAuthenticatorExecution(AuthenticationExecutionModel model);
- List<AuthenticatorModel> getAuthenticators();
- AuthenticatorModel addAuthenticator(AuthenticatorModel model);
- void updateAuthenticator(AuthenticatorModel model);
- void removeAuthenticator(AuthenticatorModel model);
- AuthenticatorModel getAuthenticatorById(String id);
+ List<AuthenticatorConfigModel> getAuthenticatorConfigs();
+ AuthenticatorConfigModel addAuthenticatorConfig(AuthenticatorConfigModel model);
+ void updateAuthenticatorConfig(AuthenticatorConfigModel model);
+ void removeAuthenticatorConfig(AuthenticatorConfigModel model);
+ AuthenticatorConfigModel getAuthenticatorConfigById(String id);
List<RequiredActionProviderModel> getRequiredActionProviders();
RequiredActionProviderModel addRequiredActionProvider(RequiredActionProviderModel model);
diff --git a/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java b/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java
index 48c5d61..df2e677 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/DefaultAuthenticationFlows.java
@@ -2,7 +2,7 @@ package org.keycloak.models.utils;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.RealmModel;
/**
@@ -15,26 +15,6 @@ public class DefaultAuthenticationFlows {
public static final String FORMS_FLOW = "forms";
public static void addFlows(RealmModel realm) {
- AuthenticatorModel model = new AuthenticatorModel();
- model.setProviderId("auth-cookie");
- model.setAlias("Cookie");
- AuthenticatorModel cookieAuth = realm.addAuthenticator(model);
-
- model = new AuthenticatorModel();
- model.setProviderId("auth-username-password-form");
- model.setAlias("Username Password Form");
- AuthenticatorModel usernamePasswordForm = realm.addAuthenticator(model);
-
- model = new AuthenticatorModel();
- model.setProviderId("auth-otp-form");
- model.setAlias("Single OTP Form");
- AuthenticatorModel otpForm = realm.addAuthenticator(model);
-
- model = new AuthenticatorModel();
- model.setProviderId("auth-spnego");
- model.setAlias("Kerberos");
- AuthenticatorModel kerberos = realm.addAuthenticator(model);
-
AuthenticationFlowModel browser = new AuthenticationFlowModel();
browser.setAlias(BROWSER_FLOW);
browser.setDescription("browser based authentication");
@@ -42,7 +22,7 @@ public class DefaultAuthenticationFlows {
AuthenticationExecutionModel execution = new AuthenticationExecutionModel();
execution.setParentFlow(browser.getId());
execution.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE);
- execution.setAuthenticator(cookieAuth.getId());
+ execution.setAuthenticator("auth-cookie");
execution.setPriority(10);
execution.setUserSetupAllowed(false);
execution.setAutheticatorFlow(false);
@@ -50,7 +30,7 @@ public class DefaultAuthenticationFlows {
execution = new AuthenticationExecutionModel();
execution.setParentFlow(browser.getId());
execution.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED);
- execution.setAuthenticator(kerberos.getId());
+ execution.setAuthenticator("auth-spnego");
execution.setPriority(20);
execution.setUserSetupAllowed(false);
execution.setAutheticatorFlow(false);
@@ -75,7 +55,7 @@ public class DefaultAuthenticationFlows {
execution = new AuthenticationExecutionModel();
execution.setParentFlow(forms.getId());
execution.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED);
- execution.setAuthenticator(usernamePasswordForm.getId());
+ execution.setAuthenticator("auth-username-password-form");
execution.setPriority(10);
execution.setUserSetupAllowed(false);
execution.setAutheticatorFlow(false);
@@ -85,7 +65,7 @@ public class DefaultAuthenticationFlows {
execution = new AuthenticationExecutionModel();
execution.setParentFlow(forms.getId());
execution.setRequirement(AuthenticationExecutionModel.Requirement.OPTIONAL);
- execution.setAuthenticator(otpForm.getId());
+ execution.setAuthenticator("auth-otp-form");
execution.setPriority(20);
execution.setUserSetupAllowed(true);
execution.setAutheticatorFlow(false);
diff --git a/model/api/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java b/model/api/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java
index ab5468c..d0ddee1 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/DefaultRequiredActions.java
@@ -1,8 +1,5 @@
package org.keycloak.models.utils;
-import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.UserModel;
diff --git a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
index c5b49d0..1dc6fab 100755
--- a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
+++ b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
@@ -20,7 +20,7 @@ import org.keycloak.connections.file.InMemoryModel;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
@@ -38,7 +38,7 @@ import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.entities.AuthenticationExecutionEntity;
import org.keycloak.models.entities.AuthenticationFlowEntity;
-import org.keycloak.models.entities.AuthenticatorEntity;
+import org.keycloak.models.entities.AuthenticatorConfigEntity;
import org.keycloak.models.entities.ClientEntity;
import org.keycloak.models.entities.IdentityProviderMapperEntity;
import org.keycloak.models.entities.RealmEntity;
@@ -1373,44 +1373,43 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public List<AuthenticatorModel> getAuthenticators() {
- List<AuthenticatorModel> authenticators = new LinkedList<>();
- for (AuthenticatorEntity entity : realm.getAuthenticators()) {
+ public List<AuthenticatorConfigModel> getAuthenticatorConfigs() {
+ List<AuthenticatorConfigModel> authenticators = new LinkedList<>();
+ for (AuthenticatorConfigEntity entity : realm.getAuthenticatorConfigs()) {
authenticators.add(entityToModel(entity));
}
return authenticators;
}
@Override
- public AuthenticatorModel addAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity auth = new AuthenticatorEntity();
+ public AuthenticatorConfigModel addAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity auth = new AuthenticatorConfigEntity();
auth.setId(KeycloakModelUtils.generateId());
auth.setAlias(model.getAlias());
- auth.setProviderId(model.getProviderId());
auth.setConfig(model.getConfig());
- realm.getAuthenticators().add(auth);
+ realm.getAuthenticatorConfigs().add(auth);
model.setId(auth.getId());
return model;
}
@Override
- public void removeAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity entity = getAuthenticatorEntity(model.getId());
+ public void removeAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity entity = getAuthenticatorEntity(model.getId());
if (entity == null) return;
- realm.getAuthenticators().remove(entity);
+ realm.getAuthenticatorConfigs().remove(entity);
}
@Override
- public AuthenticatorModel getAuthenticatorById(String id) {
- AuthenticatorEntity entity = getAuthenticatorEntity(id);
+ public AuthenticatorConfigModel getAuthenticatorConfigById(String id) {
+ AuthenticatorConfigEntity entity = getAuthenticatorEntity(id);
if (entity == null) return null;
return entityToModel(entity);
}
- public AuthenticatorEntity getAuthenticatorEntity(String id) {
- AuthenticatorEntity entity = null;
- for (AuthenticatorEntity auth : realm.getAuthenticators()) {
+ public AuthenticatorConfigEntity getAuthenticatorEntity(String id) {
+ AuthenticatorConfigEntity entity = null;
+ for (AuthenticatorConfigEntity auth : realm.getAuthenticatorConfigs()) {
if (auth.getId().equals(id)) {
entity = auth;
break;
@@ -1419,10 +1418,9 @@ public class RealmAdapter implements RealmModel {
return entity;
}
- public AuthenticatorModel entityToModel(AuthenticatorEntity entity) {
- AuthenticatorModel model = new AuthenticatorModel();
+ public AuthenticatorConfigModel entityToModel(AuthenticatorConfigEntity entity) {
+ AuthenticatorConfigModel model = new AuthenticatorConfigModel();
model.setId(entity.getId());
- model.setProviderId(entity.getProviderId());
model.setAlias(entity.getAlias());
Map<String, String> config = new HashMap<>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
@@ -1431,11 +1429,10 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public void updateAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity entity = getAuthenticatorEntity(model.getId());
+ public void updateAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity entity = getAuthenticatorEntity(model.getId());
if (entity == null) return;
entity.setAlias(model.getAlias());
- entity.setProviderId(model.getProviderId());
if (entity.getConfig() == null) {
entity.setConfig(model.getConfig());
} else {
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
index b08748d..dd6e2e7 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
@@ -3,7 +3,7 @@ package org.keycloak.models.cache.entities;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
@@ -83,7 +83,7 @@ public class CachedRealm implements Serializable {
private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
private Map<String, String> smtpConfig = new HashMap<String, String>();
private Map<String, AuthenticationFlowModel> authenticationFlows = new HashMap<>();
- private Map<String, AuthenticatorModel> authenticators = new HashMap<>();
+ private Map<String, AuthenticatorConfigModel> authenticatorConfigs = new HashMap<>();
private Map<String, RequiredActionProviderModel> requiredActionProviders = new HashMap<>();
private Map<String, RequiredActionProviderModel> requiredActionProvidersByAlias = new HashMap<>();
private MultivaluedHashMap<String, AuthenticationExecutionModel> authenticationExecutions = new MultivaluedHashMap<>();
@@ -202,8 +202,8 @@ public class CachedRealm implements Serializable {
executionsById.put(execution.getId(), execution);
}
}
- for (AuthenticatorModel authenticator : model.getAuthenticators()) {
- authenticators.put(authenticator.getId(), authenticator);
+ for (AuthenticatorConfigModel authenticator : model.getAuthenticatorConfigs()) {
+ authenticatorConfigs.put(authenticator.getId(), authenticator);
}
for (RequiredActionProviderModel action : model.getRequiredActionProviders()) {
requiredActionProviders.put(action.getId(), action);
@@ -436,8 +436,8 @@ public class CachedRealm implements Serializable {
return authenticationFlows;
}
- public Map<String, AuthenticatorModel> getAuthenticators() {
- return authenticators;
+ public Map<String, AuthenticatorConfigModel> getAuthenticatorConfigs() {
+ return authenticatorConfigs;
}
public MultivaluedHashMap<String, AuthenticationExecutionModel> getAuthenticationExecutions() {
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
index cf1bcb1..b620f18 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
@@ -4,7 +4,7 @@ import org.keycloak.Config;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
@@ -1095,37 +1095,37 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public List<AuthenticatorModel> getAuthenticators() {
- if (updated != null) return updated.getAuthenticators();
- List<AuthenticatorModel> models = new ArrayList<>();
- models.addAll(cached.getAuthenticators().values());
+ public List<AuthenticatorConfigModel> getAuthenticatorConfigs() {
+ if (updated != null) return updated.getAuthenticatorConfigs();
+ List<AuthenticatorConfigModel> models = new ArrayList<>();
+ models.addAll(cached.getAuthenticatorConfigs().values());
return models;
}
@Override
- public AuthenticatorModel addAuthenticator(AuthenticatorModel model) {
+ public AuthenticatorConfigModel addAuthenticatorConfig(AuthenticatorConfigModel model) {
getDelegateForUpdate();
- return updated.addAuthenticator(model);
+ return updated.addAuthenticatorConfig(model);
}
@Override
- public void updateAuthenticator(AuthenticatorModel model) {
+ public void updateAuthenticatorConfig(AuthenticatorConfigModel model) {
getDelegateForUpdate();
- updated.updateAuthenticator(model);
+ updated.updateAuthenticatorConfig(model);
}
@Override
- public void removeAuthenticator(AuthenticatorModel model) {
+ public void removeAuthenticatorConfig(AuthenticatorConfigModel model) {
getDelegateForUpdate();
- updated.removeAuthenticator(model);
+ updated.removeAuthenticatorConfig(model);
}
@Override
- public AuthenticatorModel getAuthenticatorById(String id) {
- if (updated != null) return updated.getAuthenticatorById(id);
- return cached.getAuthenticators().get(id);
+ public AuthenticatorConfigModel getAuthenticatorConfigById(String id) {
+ if (updated != null) return updated.getAuthenticatorConfigById(id);
+ return cached.getAuthenticatorConfigs().get(id);
}
@Override
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationFlowEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationFlowEntity.java
index 464fb4a..1a60832 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationFlowEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationFlowEntity.java
@@ -1,24 +1,18 @@
package org.keycloak.models.jpa.entities;
-import org.keycloak.models.AuthenticatorModel;
-
import javax.persistence.CascadeType;
-import javax.persistence.CollectionTable;
import javax.persistence.Column;
-import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
-import javax.persistence.MapKeyColumn;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Map;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
index be77599..193f1fa 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
@@ -155,7 +155,7 @@ public class RealmEntity {
Collection<IdentityProviderMapperEntity> identityProviderMappers = new ArrayList<IdentityProviderMapperEntity>();
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
- Collection<AuthenticatorEntity> authenticators = new ArrayList<>();
+ Collection<AuthenticatorConfigEntity> authenticators = new ArrayList<>();
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<RequiredActionProviderEntity> requiredActionProviders = new ArrayList<>();
@@ -556,11 +556,11 @@ public class RealmEntity {
this.identityProviderMappers = identityProviderMappers;
}
- public Collection<AuthenticatorEntity> getAuthenticators() {
+ public Collection<AuthenticatorConfigEntity> getAuthenticatorConfigs() {
return authenticators;
}
- public void setAuthenticators(Collection<AuthenticatorEntity> authenticators) {
+ public void setAuthenticatorConfigs(Collection<AuthenticatorConfigEntity> authenticators) {
this.authenticators = authenticators;
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index 5c62dcd..de47499 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -3,7 +3,7 @@ package org.keycloak.models.jpa;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
@@ -20,7 +20,7 @@ import org.keycloak.models.UserFederationProviderCreationEventImpl;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.jpa.entities.AuthenticationExecutionEntity;
import org.keycloak.models.jpa.entities.AuthenticationFlowEntity;
-import org.keycloak.models.jpa.entities.AuthenticatorEntity;
+import org.keycloak.models.jpa.entities.AuthenticatorConfigEntity;
import org.keycloak.models.jpa.entities.ClientEntity;
import org.keycloak.models.jpa.entities.IdentityProviderEntity;
import org.keycloak.models.jpa.entities.IdentityProviderMapperEntity;
@@ -1661,14 +1661,13 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public AuthenticatorModel addAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity auth = new AuthenticatorEntity();
+ public AuthenticatorConfigModel addAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity auth = new AuthenticatorConfigEntity();
auth.setId(KeycloakModelUtils.generateId());
auth.setAlias(model.getAlias());
auth.setRealm(realm);
- auth.setProviderId(model.getProviderId());
auth.setConfig(model.getConfig());
- realm.getAuthenticators().add(auth);
+ realm.getAuthenticatorConfigs().add(auth);
em.persist(auth);
em.flush();
model.setId(auth.getId());
@@ -1676,8 +1675,8 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public void removeAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity entity = em.find(AuthenticatorEntity.class, model.getId());
+ public void removeAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity entity = em.find(AuthenticatorConfigEntity.class, model.getId());
if (entity == null) return;
em.remove(entity);
em.flush();
@@ -1685,16 +1684,15 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public AuthenticatorModel getAuthenticatorById(String id) {
- AuthenticatorEntity entity = em.find(AuthenticatorEntity.class, id);
+ public AuthenticatorConfigModel getAuthenticatorConfigById(String id) {
+ AuthenticatorConfigEntity entity = em.find(AuthenticatorConfigEntity.class, id);
if (entity == null) return null;
return entityToModel(entity);
}
- public AuthenticatorModel entityToModel(AuthenticatorEntity entity) {
- AuthenticatorModel model = new AuthenticatorModel();
+ public AuthenticatorConfigModel entityToModel(AuthenticatorConfigEntity entity) {
+ AuthenticatorConfigModel model = new AuthenticatorConfigModel();
model.setId(entity.getId());
- model.setProviderId(entity.getProviderId());
model.setAlias(entity.getAlias());
Map<String, String> config = new HashMap<>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
@@ -1703,11 +1701,10 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public void updateAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity entity = em.find(AuthenticatorEntity.class, model.getId());
+ public void updateAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity entity = em.find(AuthenticatorConfigEntity.class, model.getId());
if (entity == null) return;
entity.setAlias(model.getAlias());
- entity.setProviderId(model.getProviderId());
if (entity.getConfig() == null) {
entity.setConfig(model.getConfig());
} else {
@@ -1719,9 +1716,9 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public List<AuthenticatorModel> getAuthenticators() {
- List<AuthenticatorModel> authenticators = new LinkedList<>();
- for (AuthenticatorEntity entity : realm.getAuthenticators()) {
+ public List<AuthenticatorConfigModel> getAuthenticatorConfigs() {
+ List<AuthenticatorConfigModel> authenticators = new LinkedList<>();
+ for (AuthenticatorConfigEntity entity : realm.getAuthenticatorConfigs()) {
authenticators.add(entityToModel(entity));
}
return authenticators;
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
index bf1627f..dee96e2 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@@ -7,7 +7,7 @@ import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
@@ -25,7 +25,7 @@ import org.keycloak.models.UserFederationProviderCreationEventImpl;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.entities.AuthenticationExecutionEntity;
import org.keycloak.models.entities.AuthenticationFlowEntity;
-import org.keycloak.models.entities.AuthenticatorEntity;
+import org.keycloak.models.entities.AuthenticatorConfigEntity;
import org.keycloak.models.entities.IdentityProviderEntity;
import org.keycloak.models.entities.IdentityProviderMapperEntity;
import org.keycloak.models.entities.RequiredActionProviderEntity;
@@ -1453,46 +1453,45 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
}
@Override
- public List<AuthenticatorModel> getAuthenticators() {
- List<AuthenticatorModel> authenticators = new LinkedList<>();
- for (AuthenticatorEntity entity : getMongoEntity().getAuthenticators()) {
+ public List<AuthenticatorConfigModel> getAuthenticatorConfigs() {
+ List<AuthenticatorConfigModel> authenticators = new LinkedList<>();
+ for (AuthenticatorConfigEntity entity : getMongoEntity().getAuthenticatorConfigs()) {
authenticators.add(entityToModel(entity));
}
return authenticators;
}
@Override
- public AuthenticatorModel addAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity auth = new AuthenticatorEntity();
+ public AuthenticatorConfigModel addAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity auth = new AuthenticatorConfigEntity();
auth.setId(KeycloakModelUtils.generateId());
auth.setAlias(model.getAlias());
- auth.setProviderId(model.getProviderId());
auth.setConfig(model.getConfig());
- realm.getAuthenticators().add(auth);
+ realm.getAuthenticatorConfigs().add(auth);
model.setId(auth.getId());
updateMongoEntity();
return model;
}
@Override
- public void removeAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity entity = getAuthenticatorEntity(model.getId());
+ public void removeAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity entity = getAuthenticatorConfigEntity(model.getId());
if (entity == null) return;
- getMongoEntity().getAuthenticators().remove(entity);
+ getMongoEntity().getAuthenticatorConfigs().remove(entity);
updateMongoEntity();
}
@Override
- public AuthenticatorModel getAuthenticatorById(String id) {
- AuthenticatorEntity entity = getAuthenticatorEntity(id);
+ public AuthenticatorConfigModel getAuthenticatorConfigById(String id) {
+ AuthenticatorConfigEntity entity = getAuthenticatorConfigEntity(id);
if (entity == null) return null;
return entityToModel(entity);
}
- public AuthenticatorEntity getAuthenticatorEntity(String id) {
- AuthenticatorEntity entity = null;
- for (AuthenticatorEntity auth : getMongoEntity().getAuthenticators()) {
+ public AuthenticatorConfigEntity getAuthenticatorConfigEntity(String id) {
+ AuthenticatorConfigEntity entity = null;
+ for (AuthenticatorConfigEntity auth : getMongoEntity().getAuthenticatorConfigs()) {
if (auth.getId().equals(id)) {
entity = auth;
break;
@@ -1501,10 +1500,9 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
return entity;
}
- public AuthenticatorModel entityToModel(AuthenticatorEntity entity) {
- AuthenticatorModel model = new AuthenticatorModel();
+ public AuthenticatorConfigModel entityToModel(AuthenticatorConfigEntity entity) {
+ AuthenticatorConfigModel model = new AuthenticatorConfigModel();
model.setId(entity.getId());
- model.setProviderId(entity.getProviderId());
model.setAlias(entity.getAlias());
Map<String, String> config = new HashMap<>();
if (entity.getConfig() != null) config.putAll(entity.getConfig());
@@ -1513,11 +1511,10 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
}
@Override
- public void updateAuthenticator(AuthenticatorModel model) {
- AuthenticatorEntity entity = getAuthenticatorEntity(model.getId());
+ public void updateAuthenticatorConfig(AuthenticatorConfigModel model) {
+ AuthenticatorConfigEntity entity = getAuthenticatorConfigEntity(model.getId());
if (entity == null) return;
entity.setAlias(model.getAlias());
- entity.setProviderId(model.getProviderId());
if (entity.getConfig() == null) {
entity.setConfig(model.getConfig());
} else {
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
index aa0a0cf..509e5c5 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
@@ -10,7 +10,7 @@ import org.keycloak.events.EventBuilder;
import org.keycloak.events.EventType;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
@@ -26,7 +26,6 @@ import org.keycloak.util.Time;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
-import java.util.HashMap;
import java.util.Iterator;
/**
@@ -162,16 +161,15 @@ public class AuthenticationProcessor {
}
private class Result implements AuthenticatorContext {
- AuthenticatorModel model;
+ AuthenticatorConfigModel authenticatorConfig;
AuthenticationExecutionModel execution;
Authenticator authenticator;
Status status;
Response challenge;
Error error;
- private Result(AuthenticationExecutionModel execution, AuthenticatorModel model, Authenticator authenticator) {
+ private Result(AuthenticationExecutionModel execution, Authenticator authenticator) {
this.execution = execution;
- this.model = model;
this.authenticator = authenticator;
}
@@ -186,13 +184,11 @@ public class AuthenticationProcessor {
}
@Override
- public AuthenticatorModel getAuthenticatorModel() {
- return model;
- }
-
- @Override
- public void setAuthenticatorModel(AuthenticatorModel model) {
- this.model = model;
+ public AuthenticatorConfigModel getAuthenticatorConfig() {
+ if (execution.getAuthenticatorConfig() == null) return null;
+ if (authenticatorConfig != null) return authenticatorConfig;
+ authenticatorConfig = realm.getAuthenticatorConfigById(execution.getAuthenticatorConfig());
+ return authenticatorConfig;
}
@Override
@@ -490,10 +486,9 @@ public class AuthenticationProcessor {
if (authType != null) {
event.detail(Details.AUTH_TYPE, authType);
}
- AuthenticatorModel authenticatorModel = realm.getAuthenticatorById(model.getAuthenticator());
- AuthenticatorFactory factory = (AuthenticatorFactory)session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, authenticatorModel.getProviderId());
- Authenticator authenticator = factory.create(authenticatorModel);
- Result context = new Result(model, authenticatorModel, authenticator);
+ AuthenticatorFactory factory = (AuthenticatorFactory)session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, model.getAuthenticator());
+ Authenticator authenticator = factory.create();
+ Result context = new Result(model, authenticator);
authenticator.action(context);
FlowExecution flowExecution = createFlowExecution(this.flowId);
@@ -639,10 +634,9 @@ public class AuthenticationProcessor {
}
- AuthenticatorModel authenticatorModel = realm.getAuthenticatorById(model.getAuthenticator());
- AuthenticatorFactory factory = (AuthenticatorFactory)session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, authenticatorModel.getProviderId());
- Authenticator authenticator = factory.create(authenticatorModel);
- logger.debugv("authenticator: {0}", authenticatorModel.getProviderId());
+ AuthenticatorFactory factory = (AuthenticatorFactory)session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, model.getAuthenticator());
+ Authenticator authenticator = factory.create();
+ logger.debugv("authenticator: {0}", factory.getId());
UserModel authUser = clientSession.getAuthenticatedUser();
if (authenticator.requiresUser() && authUser == null){
@@ -650,7 +644,7 @@ public class AuthenticationProcessor {
clientSession.setExecutionStatus(challengedAlternativeExecution.getId(), ClientSessionModel.ExecutionStatus.CHALLENGED);
return alternativeChallenge;
}
- throw new AuthException("authenticator: " + authenticatorModel.getProviderId(), Error.UNKNOWN_USER);
+ throw new AuthException("authenticator: " + factory.getId(), Error.UNKNOWN_USER);
}
boolean configuredFor = false;
if (authenticator.requiresUser() && authUser != null) {
@@ -658,7 +652,7 @@ public class AuthenticationProcessor {
if (!configuredFor) {
if (model.isRequired()) {
if (model.isUserSetupAllowed()) {
- logger.debugv("authenticator SETUP_REQUIRED: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator SETUP_REQUIRED: {0}", factory.getId());
clientSession.setExecutionStatus(model.getId(), ClientSessionModel.ExecutionStatus.SETUP_REQUIRED);
authenticator.setRequiredActions(session, realm, clientSession.getAuthenticatedUser());
continue;
@@ -671,7 +665,7 @@ public class AuthenticationProcessor {
}
}
}
- Result context = new Result(model, authenticatorModel, authenticator);
+ Result context = new Result(model, authenticator);
authenticator.authenticate(context);
Response response = processResult(context);
if (response != null) return response;
@@ -682,15 +676,14 @@ public class AuthenticationProcessor {
public Response processResult(Result result) {
AuthenticationExecutionModel execution = result.getExecution();
- AuthenticatorModel authenticatorModel = result.getAuthenticatorModel();
Status status = result.getStatus();
if (status == Status.SUCCESS){
- logger.debugv("authenticator SUCCESS: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator SUCCESS: {0}", execution.getAuthenticator());
clientSession.setExecutionStatus(execution.getId(), ClientSessionModel.ExecutionStatus.SUCCESS);
if (execution.isAlternative()) alternativeSuccessful = true;
return null;
} else if (status == Status.FAILED) {
- logger.debugv("authenticator FAILED: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator FAILED: {0}", execution.getAuthenticator());
logFailure();
clientSession.setExecutionStatus(execution.getId(), ClientSessionModel.ExecutionStatus.FAILED);
if (result.challenge != null) {
@@ -701,7 +694,7 @@ public class AuthenticationProcessor {
clientSession.setExecutionStatus(execution.getId(), ClientSessionModel.ExecutionStatus.CHALLENGED);
return sendChallenge(result, execution);
} else if (status == Status.CHALLENGE) {
- logger.debugv("authenticator CHALLENGE: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator CHALLENGE: {0}", execution.getAuthenticator());
if (execution.isRequired()) {
clientSession.setExecutionStatus(execution.getId(), ClientSessionModel.ExecutionStatus.CHALLENGED);
return sendChallenge(result, execution);
@@ -719,19 +712,19 @@ public class AuthenticationProcessor {
}
return null;
} else if (status == Status.FAILURE_CHALLENGE) {
- logger.debugv("authenticator FAILURE_CHALLENGE: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator FAILURE_CHALLENGE: {0}", execution.getAuthenticator());
logFailure();
clientSession.setExecutionStatus(execution.getId(), ClientSessionModel.ExecutionStatus.CHALLENGED);
return sendChallenge(result, execution);
} else if (status == Status.ATTEMPTED) {
- logger.debugv("authenticator ATTEMPTED: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator ATTEMPTED: {0}", execution.getAuthenticator());
if (execution.getRequirement() == AuthenticationExecutionModel.Requirement.REQUIRED) {
throw new AuthException(Error.INVALID_CREDENTIALS);
}
clientSession.setExecutionStatus(execution.getId(), ClientSessionModel.ExecutionStatus.ATTEMPTED);
return null;
} else {
- logger.debugv("authenticator INTERNAL_ERROR: {0}", authenticatorModel.getProviderId());
+ logger.debugv("authenticator INTERNAL_ERROR: {0}", execution.getAuthenticator());
logger.error("Unknown result status");
throw new AuthException(Error.INTERNAL_ERROR);
}
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java b/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java
index 637d3a8..49e663c 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticatorContext.java
@@ -4,14 +4,13 @@ import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.ClientConnection;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.services.managers.BruteForceProtector;
-import org.keycloak.services.managers.ClientSessionCode;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
@@ -27,9 +26,7 @@ public interface AuthenticatorContext {
void setExecution(AuthenticationExecutionModel execution);
- AuthenticatorModel getAuthenticatorModel();
-
- void setAuthenticatorModel(AuthenticatorModel model);
+ AuthenticatorConfigModel getAuthenticatorConfig();
String getAction();
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticatorFactory.java b/services/src/main/java/org/keycloak/authentication/AuthenticatorFactory.java
index 32414ab..2e6178c 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticatorFactory.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticatorFactory.java
@@ -1,18 +1,16 @@
package org.keycloak.authentication;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.provider.ConfiguredProvider;
import org.keycloak.provider.ProviderFactory;
-import java.util.List;
-
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public interface AuthenticatorFactory extends ProviderFactory<Authenticator>, ConfiguredProvider {
- Authenticator create(AuthenticatorModel model);
+ Authenticator create();
String getDisplayType();
/**
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/CookieAuthenticatorFactory.java b/services/src/main/java/org/keycloak/authentication/authenticators/CookieAuthenticatorFactory.java
index fc670d4..d45d2ae 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/CookieAuthenticatorFactory.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/CookieAuthenticatorFactory.java
@@ -4,10 +4,9 @@ import org.keycloak.Config;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
-import org.keycloak.models.UserCredentialModel;
import org.keycloak.provider.ProviderConfigProperty;
import java.util.List;
@@ -20,7 +19,7 @@ public class CookieAuthenticatorFactory implements AuthenticatorFactory {
public static final String PROVIDER_ID = "auth-cookie";
static CookieAuthenticator SINGLETON = new CookieAuthenticator();
@Override
- public Authenticator create(AuthenticatorModel model) {
+ public Authenticator create() {
return SINGLETON;
}
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticator.java
index fd2aa08..357e313 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticator.java
@@ -5,7 +5,7 @@ import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorContext;
import org.keycloak.events.Errors;
import org.keycloak.login.LoginFormsProvider;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
@@ -25,11 +25,6 @@ import java.util.List;
*/
public class OTPFormAuthenticator extends AbstractFormAuthenticator implements Authenticator {
public static final String TOTP_FORM_ACTION = "totp";
- protected AuthenticatorModel model;
-
- public OTPFormAuthenticator(AuthenticatorModel model) {
- this.model = model;
- }
@Override
public void action(AuthenticatorContext context) {
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticatorFactory.java b/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticatorFactory.java
index 6c8850d..6e21a52 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticatorFactory.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/OTPFormAuthenticatorFactory.java
@@ -4,7 +4,7 @@ import org.keycloak.Config;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.UserCredentialModel;
@@ -21,8 +21,8 @@ public class OTPFormAuthenticatorFactory implements AuthenticatorFactory {
public static final String PROVIDER_ID = "auth-otp-form";
@Override
- public Authenticator create(AuthenticatorModel model) {
- return new OTPFormAuthenticator(model);
+ public Authenticator create() {
+ return new OTPFormAuthenticator();
}
@Override
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/SpnegoAuthenticatorFactory.java b/services/src/main/java/org/keycloak/authentication/authenticators/SpnegoAuthenticatorFactory.java
index 392ad4a..8310d64 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/SpnegoAuthenticatorFactory.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/SpnegoAuthenticatorFactory.java
@@ -4,7 +4,7 @@ import org.keycloak.Config;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.UserCredentialModel;
@@ -21,7 +21,7 @@ public class SpnegoAuthenticatorFactory implements AuthenticatorFactory {
public static final String PROVIDER_ID = "auth-spnego";
@Override
- public Authenticator create(AuthenticatorModel model) {
+ public Authenticator create() {
return new SpnegoAuthenticator();
}
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordForm.java b/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordForm.java
index 0f7a076..302fcf8 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordForm.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordForm.java
@@ -6,7 +6,7 @@ import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorContext;
import org.keycloak.events.Errors;
import org.keycloak.login.LoginFormsProvider;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
@@ -22,11 +22,6 @@ import javax.ws.rs.core.Response;
* @version $Revision: 1 $
*/
public class UsernamePasswordForm extends AbstractFormAuthenticator implements Authenticator {
- protected AuthenticatorModel model;
-
- public UsernamePasswordForm(AuthenticatorModel model) {
- this.model = model;
- }
@Override
public void action(AuthenticatorContext context) {
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordFormFactory.java b/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordFormFactory.java
index 24c5c5a..36b3d21 100755
--- a/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordFormFactory.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/UsernamePasswordFormFactory.java
@@ -4,7 +4,7 @@ import org.keycloak.Config;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.UserCredentialModel;
@@ -21,8 +21,8 @@ public class UsernamePasswordFormFactory implements AuthenticatorFactory {
public static final String PROVIDER_ID = "auth-username-password-form";
@Override
- public Authenticator create(AuthenticatorModel model) {
- return new UsernamePasswordForm(model);
+ public Authenticator create() {
+ return new UsernamePasswordForm();
}
@Override
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticatorUtil.java b/services/src/main/java/org/keycloak/authentication/AuthenticatorUtil.java
index 30c123e..591ca4b 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticatorUtil.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticatorUtil.java
@@ -1,7 +1,7 @@
package org.keycloak.authentication;
import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.RealmModel;
import java.util.LinkedList;
@@ -36,8 +36,7 @@ public class AuthenticatorUtil {
if (recurse != null) return recurse;
}
- AuthenticatorModel authenticator = realm.getAuthenticatorById(model.getAuthenticator());
- if (authenticator.getProviderId().equals(authProviderId)) {
+ if (model.getAuthenticator().equals(authProviderId)) {
return model;
}
}
diff --git a/services/src/main/java/org/keycloak/authentication/RequiredActionContext.java b/services/src/main/java/org/keycloak/authentication/RequiredActionContext.java
index dc630a8..4a838a3 100755
--- a/services/src/main/java/org/keycloak/authentication/RequiredActionContext.java
+++ b/services/src/main/java/org/keycloak/authentication/RequiredActionContext.java
@@ -3,17 +3,12 @@ package org.keycloak.authentication;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.ClientConnection;
import org.keycloak.events.EventBuilder;
-import org.keycloak.models.AuthenticationExecutionModel;
-import org.keycloak.models.AuthenticatorModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
-import org.keycloak.services.managers.BruteForceProtector;
-import org.keycloak.services.managers.ClientSessionCode;
-import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
/**
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
index 8bf8a62..d048a57 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
@@ -6,15 +6,12 @@ import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.authentication.AuthenticatorUtil;
-import org.keycloak.authentication.RequiredActionFactory;
-import org.keycloak.authentication.RequiredActionProvider;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
-import org.keycloak.provider.ProviderFactory;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -141,8 +138,7 @@ public class AuthenticationManagementResource {
if (!flow.getId().equals(execution.getParentFlow())) {
rep.setSubFlow(true);
}
- AuthenticatorModel authenticator = realm.getAuthenticatorById(execution.getAuthenticator());
- AuthenticatorFactory factory = (AuthenticatorFactory)session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, authenticator.getProviderId());
+ AuthenticatorFactory factory = (AuthenticatorFactory)session.getKeycloakSessionFactory().getProviderFactory(Authenticator.class, execution.getAuthenticator());
if (factory.getReferenceType() == null) continue;
rep.setReferenceType(factory.getReferenceType());
rep.setConfigurable(factory.isConfigurable());
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/utils/CredentialHelper.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/utils/CredentialHelper.java
index fb38f17..557fa7e 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/utils/CredentialHelper.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/utils/CredentialHelper.java
@@ -5,7 +5,7 @@ import org.keycloak.authentication.authenticators.SpnegoAuthenticatorFactory;
import org.keycloak.authentication.authenticators.UsernamePasswordFormFactory;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
-import org.keycloak.models.AuthenticatorModel;
+import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.DefaultAuthenticationFlows;
import org.keycloak.representations.idm.CredentialRepresentation;
@@ -43,9 +43,8 @@ public class CredentialHelper {
}
public static AuthenticationExecutionModel.Requirement getRequirement(RealmModel realm, String authenticatorProviderId, String flowAlias) {
- AuthenticatorModel authenticator = findAuthenticatorByProviderId(realm, authenticatorProviderId);
AuthenticationFlowModel flow = findAuthenticatorFlowByAlias(realm, flowAlias);
- AuthenticationExecutionModel execution = findExecutionByAuthenticator(realm, flow.getId(), authenticator.getId());
+ AuthenticationExecutionModel execution = findExecutionByAuthenticator(realm, flow.getId(), authenticatorProviderId);
return execution.getRequirement();
}
@@ -56,21 +55,12 @@ public class CredentialHelper {
}
public static void authenticationRequirement(RealmModel realm, String authenticatorProviderId, String flowAlias, AuthenticationExecutionModel.Requirement requirement) {
- AuthenticatorModel authenticator = findAuthenticatorByProviderId(realm, authenticatorProviderId);
AuthenticationFlowModel flow = findAuthenticatorFlowByAlias(realm, flowAlias);
- AuthenticationExecutionModel execution = findExecutionByAuthenticator(realm, flow.getId(), authenticator.getId());
+ AuthenticationExecutionModel execution = findExecutionByAuthenticator(realm, flow.getId(), authenticatorProviderId);
execution.setRequirement(requirement);
realm.updateAuthenticatorExecution(execution);
}
- public static AuthenticatorModel findAuthenticatorByProviderId(RealmModel realm, String providerId) {
- for (AuthenticatorModel model : realm.getAuthenticators()) {
- if (model.getProviderId().equals(providerId)) {
- return model;
- }
- }
- return null;
- }
public static AuthenticationFlowModel findAuthenticatorFlowByAlias(RealmModel realm, String alias) {
for (AuthenticationFlowModel model : realm.getAuthenticationFlows()) {
if (model.getAlias().equals(alias)) {