keycloak-aplcache
Changes
adapters/oidc/adapter-core/pom.xml 2(+1 -1)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java 16(+16 -0)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java 1(+1 -0)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java 2(+1 -1)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/RefreshableKeycloakSecurityContext.java 2(+1 -1)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/HardcodedPublicKeyLocator.java 5(+5 -0)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/JWKPublicKeyLocator.java 40(+26 -14)
adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/PublicKeyLocator.java 7(+7 -0)
adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java 2(+2 -0)
adapters/oidc/as7-eap6/pom.xml 2(+1 -1)
adapters/oidc/installed/pom.xml 2(+1 -1)
adapters/oidc/jetty/jetty8.1/pom.xml 2(+1 -1)
adapters/oidc/jetty/jetty9.1/pom.xml 2(+1 -1)
adapters/oidc/jetty/jetty9.2/pom.xml 2(+1 -1)
adapters/oidc/jetty/jetty9.3/pom.xml 2(+1 -1)
adapters/oidc/jetty/pom.xml 2(+1 -1)
adapters/oidc/js/pom.xml 2(+1 -1)
adapters/oidc/osgi-adapter/pom.xml 2(+1 -1)
adapters/oidc/pom.xml 2(+1 -1)
adapters/oidc/servlet-filter/pom.xml 2(+1 -1)
adapters/oidc/spring-boot/pom.xml 2(+1 -1)
adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticatedActionsFilter.java 90(+90 -0)
adapters/oidc/tomcat/pom.xml 2(+1 -1)
adapters/oidc/tomcat/tomcat6/pom.xml 2(+1 -1)
adapters/oidc/tomcat/tomcat7/pom.xml 2(+1 -1)
adapters/oidc/tomcat/tomcat8/pom.xml 2(+1 -1)
adapters/oidc/undertow/pom.xml 2(+1 -1)
adapters/oidc/wildfly/pom.xml 2(+1 -1)
adapters/pom.xml 2(+1 -1)
adapters/saml/as7-eap6/pom.xml 2(+1 -1)
adapters/saml/core/pom.xml 2(+1 -1)
adapters/saml/core-public/pom.xml 2(+1 -1)
adapters/saml/jetty/jetty8.1/pom.xml 2(+1 -1)
adapters/saml/jetty/jetty9.1/pom.xml 2(+1 -1)
adapters/saml/jetty/jetty9.2/pom.xml 2(+1 -1)
adapters/saml/jetty/jetty9.3/pom.xml 2(+1 -1)
adapters/saml/jetty/pom.xml 2(+1 -1)
adapters/saml/pom.xml 2(+1 -1)
adapters/saml/servlet-filter/pom.xml 2(+1 -1)
adapters/saml/tomcat/pom.xml 2(+1 -1)
adapters/saml/tomcat/tomcat6/pom.xml 2(+1 -1)
adapters/saml/tomcat/tomcat7/pom.xml 2(+1 -1)
adapters/saml/tomcat/tomcat8/pom.xml 2(+1 -1)
adapters/saml/undertow/pom.xml 2(+1 -1)
adapters/saml/wildfly/pom.xml 2(+1 -1)
adapters/spi/adapter-spi/pom.xml 2(+1 -1)
adapters/spi/pom.xml 2(+1 -1)
authz/client/pom.xml 2(+1 -1)
authz/policy/common/pom.xml 2(+1 -1)
authz/policy/drools/pom.xml 2(+1 -1)
authz/policy/pom.xml 2(+1 -1)
authz/pom.xml 2(+1 -1)
common/pom.xml 2(+1 -1)
core/pom.xml 2(+1 -1)
dependencies/pom.xml 2(+1 -1)
dependencies/server-all/pom.xml 2(+1 -1)
dependencies/server-min/pom.xml 2(+1 -1)
distribution/adapters/osgi/pom.xml 2(+1 -1)
distribution/adapters/pom.xml 2(+1 -1)
distribution/api-docs-dist/pom.xml 2(+1 -1)
distribution/demo-dist/pom.xml 2(+1 -1)
distribution/downloads/pom.xml 2(+1 -1)
distribution/examples-dist/pom.xml 2(+1 -1)
distribution/feature-packs/pom.xml 2(+1 -1)
distribution/pom.xml 2(+1 -1)
distribution/proxy-dist/pom.xml 2(+1 -1)
distribution/saml-adapters/pom.xml 2(+1 -1)
distribution/server-dist/pom.xml 2(+1 -1)
distribution/server-overlay/pom.xml 2(+1 -1)
examples/admin-client/pom.xml 2(+1 -1)
examples/authz/hello-world/pom.xml 2(+1 -1)
examples/authz/photoz/pom.xml 2(+1 -1)
examples/authz/pom.xml 2(+1 -1)
examples/authz/servlet-authz/pom.xml 2(+1 -1)
examples/basic-auth/pom.xml 2(+1 -1)
examples/broker/pom.xml 2(+1 -1)
examples/cors/pom.xml 2(+1 -1)
examples/demo-template/pom.xml 2(+1 -1)
examples/fuse/camel/pom.xml 2(+1 -1)
examples/fuse/cxf-jaxrs/pom.xml 2(+1 -1)
examples/fuse/cxf-jaxws/pom.xml 2(+1 -1)
examples/fuse/features/pom.xml 2(+1 -1)
examples/fuse/pom.xml 2(+1 -1)
examples/js-console/pom.xml 2(+1 -1)
examples/kerberos/pom.xml 2(+1 -1)
examples/ldap/pom.xml 2(+1 -1)
examples/multi-tenant/pom.xml 2(+1 -1)
examples/pom.xml 2(+1 -1)
examples/providers/pom.xml 2(+1 -1)
examples/providers/rest/pom.xml 2(+1 -1)
examples/saml/pom.xml 2(+1 -1)
examples/saml/servlet-filter/pom.xml 2(+1 -1)
examples/themes/pom.xml 2(+1 -1)
federation/kerberos/pom.xml 2(+1 -1)
federation/ldap/pom.xml 2(+1 -1)
federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java 7(+3 -4)
federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapper.java 267(+267 -0)
federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapperFactory.java 63(+63 -0)
federation/ldap/src/main/resources/META-INF/services/org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory 1(+1 -0)
federation/pom.xml 2(+1 -1)
federation/sssd/pom.xml 2(+1 -1)
integration/admin-client/pom.xml 2(+1 -1)
integration/client-cli/pom.xml 2(+1 -1)
integration/pom.xml 2(+1 -1)
model/infinispan/pom.xml 2(+1 -1)
model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProvider.java 8(+7 -1)
model/infinispan/src/test/java/org/keycloak/keys/infinispan/InfinispanKeyStorageProviderTest.java 1(+0 -1)
model/jpa/pom.xml 2(+1 -1)
model/mongo/pom.xml 2(+1 -1)
model/pom.xml 2(+1 -1)
pom.xml 2(+1 -1)
proxy/launcher/pom.xml 2(+1 -1)
proxy/pom.xml 2(+1 -1)
proxy/proxy-server/pom.xml 2(+1 -1)
saml-core/pom.xml 2(+1 -1)
saml-core-api/pom.xml 2(+1 -1)
server-spi/pom.xml 2(+1 -1)
server-spi-private/pom.xml 2(+1 -1)
services/pom.xml 2(+1 -1)
services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractJsonUserAttributeMapper.java 34(+26 -8)
services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java 90(+69 -21)
services/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeStatementMapper.java 7(+3 -4)
services/src/main/java/org/keycloak/services/resources/admin/info/ServerInfoAdminResource.java 3(+3 -0)
services/src/test/java/org/keycloak/test/broker/oidc/mappers/AbstractJsonUserAttributeMapperTest.java 11(+6 -5)
testsuite/integration/pom.xml 2(+1 -1)
testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java 14(+7 -7)
testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/KeycloakOnUndertow.java 4(+2 -2)
testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/filter/AdapterActionsFilter.java 25(+18 -7)
testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/AbstractShowTokensServlet.java 1(+1 -0)
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/AbstractShowTokensPage.java 17(+16 -1)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java 15(+9 -6)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java 6(+0 -6)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java 99(+1 -98)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractOIDCPublicKeyRotationAdapterTest.java 346(+346 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventTest.java 24(+24 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/LoginEventsTest.java 21(+21 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupMappersTest.java 14(+7 -7)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java 27(+27 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java 14(+14 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractUserAttributeMapperTest.java 1(+0 -1)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java 20(+20 -0)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java 2(+1 -1)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OIDCProtocolMappersTest.java 23(+16 -7)
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ServiceAccountTest.java 4(+2 -2)
testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/keycloak.json 4(+2 -2)
testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml 17(+17 -0)
testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/secure-portal/WEB-INF/keycloak.json 1(+0 -1)
testsuite/integration-arquillian/tests/other/adapters/jboss/as7/src/test/java/org/keycloak/testsuite/adapter/AS7OIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/integration-arquillian/tests/other/adapters/jboss/eap/src/test/java/org/keycloak/testsuite/adapter/EAPOIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/src/test/java/org/keycloak/testsuite/adapter/EAP6OIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/WildflyOIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/src/test/java/org/keycloak/testsuite/adapter/Wildfly8OIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/src/test/java/org/keycloak/testsuite/adapter/Wildfly9OIDCPublicKeyRotationAdapterTest.java 28(+28 -0)
testsuite/jetty/jetty81/pom.xml 2(+1 -1)
testsuite/jetty/jetty91/pom.xml 2(+1 -1)
testsuite/jetty/jetty92/pom.xml 2(+1 -1)
testsuite/jetty/jetty93/pom.xml 2(+1 -1)
testsuite/jetty/pom.xml 2(+1 -1)
testsuite/pom.xml 2(+1 -1)
testsuite/proxy/pom.xml 2(+1 -1)
testsuite/tomcat6/pom.xml 2(+1 -1)
testsuite/tomcat7/pom.xml 2(+1 -1)
testsuite/tomcat8/pom.xml 2(+1 -1)
themes/pom.xml 2(+1 -1)
themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mapper-detail.html 3(+2 -1)
themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mappers.html 4(+3 -1)
themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-export.html 4(+3 -1)
themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload.js 156(+156 -0)
themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-html5-shim.js 25(+25 -0)
themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-shim.js 215(+215 -0)
themes/src/main/resources/theme/keycloak/common/resources/lib/select2-3.4.1/select2.js 3137(+3137 -0)
travis-run-tests.sh 23(+12 -11)
util/embedded-ldap/pom.xml 2(+1 -1)
util/pom.xml 2(+1 -1)
wildfly/adduser/pom.xml 2(+1 -1)
wildfly/extensions/pom.xml 2(+1 -1)
wildfly/pom.xml 2(+1 -1)
wildfly/server-subsystem/pom.xml 2(+1 -1)
Details
adapters/oidc/adapter-core/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/adapter-core/pom.xml b/adapters/oidc/adapter-core/pom.xml
index efcbf3a..6d4e8a1 100755
--- a/adapters/oidc/adapter-core/pom.xml
+++ b/adapters/oidc/adapter-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java
index 63ea79e..dd0d39b 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/AdapterDeploymentContext.java
@@ -343,6 +343,12 @@ public class AdapterDeploymentContext {
}
@Override
+ public void updateNotBefore(int notBefore) {
+ delegate.setNotBefore(notBefore);
+ getPublicKeyLocator().reset(this);
+ }
+
+ @Override
public void setExposeToken(boolean exposeToken) {
delegate.setExposeToken(exposeToken);
}
@@ -446,6 +452,16 @@ public class AdapterDeploymentContext {
public int getMinTimeBetweenJwksRequests() {
return delegate.getMinTimeBetweenJwksRequests();
}
+
+ @Override
+ public int getPublicKeyCacheTtl() {
+ return delegate.getPublicKeyCacheTtl();
+ }
+
+ @Override
+ public void setPublicKeyCacheTtl(int publicKeyCacheTtl) {
+ delegate.setPublicKeyCacheTtl(publicKeyCacheTtl);
+ }
}
protected KeycloakUriBuilder getBaseBuilder(HttpFacade facade, String base) {
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/HttpAdapterUtils.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/HttpAdapterUtils.java
index 3e0f36d..b787796 100644
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/HttpAdapterUtils.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/HttpAdapterUtils.java
@@ -46,14 +46,7 @@ public class HttpAdapterUtils {
}
InputStream is = entity.getContent();
try {
- ByteArrayOutputStream os = new ByteArrayOutputStream();
- int c;
- while ((c = is.read()) != -1) {
- os.write(c);
- }
- byte[] bytes = os.toByteArray();
- String json = new String(bytes);
- return JsonSerialization.readValue(json, clazz);
+ return JsonSerialization.readValue(is, clazz);
} finally {
try {
is.close();
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java
index 1071b71..b9ee4c6 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeployment.java
@@ -81,6 +81,7 @@ public class KeycloakDeployment {
protected volatile int notBefore;
protected int tokenMinimumTimeToLive;
protected int minTimeBetweenJwksRequests;
+ protected int publicKeyCacheTtl;
private PolicyEnforcer policyEnforcer;
public KeycloakDeployment() {
@@ -328,6 +329,11 @@ public class KeycloakDeployment {
this.notBefore = notBefore;
}
+ public void updateNotBefore(int notBefore) {
+ this.notBefore = notBefore;
+ getPublicKeyLocator().reset(this);
+ }
+
public boolean isAlwaysRefreshToken() {
return alwaysRefreshToken;
}
@@ -384,6 +390,14 @@ public class KeycloakDeployment {
this.minTimeBetweenJwksRequests = minTimeBetweenJwksRequests;
}
+ public int getPublicKeyCacheTtl() {
+ return publicKeyCacheTtl;
+ }
+
+ public void setPublicKeyCacheTtl(int publicKeyCacheTtl) {
+ this.publicKeyCacheTtl = publicKeyCacheTtl;
+ }
+
public void setPolicyEnforcer(PolicyEnforcer policyEnforcer) {
this.policyEnforcer = policyEnforcer;
}
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
index f6c6f5e..85b19ca 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/KeycloakDeploymentBuilder.java
@@ -105,6 +105,7 @@ public class KeycloakDeploymentBuilder {
deployment.setRegisterNodePeriod(adapterConfig.getRegisterNodePeriod());
deployment.setTokenMinimumTimeToLive(adapterConfig.getTokenMinimumTimeToLive());
deployment.setMinTimeBetweenJwksRequests(adapterConfig.getMinTimeBetweenJwksRequests());
+ deployment.setPublicKeyCacheTtl(adapterConfig.getPublicKeyCacheTtl());
if (realmKeyPem == null && adapterConfig.isBearerOnly() && adapterConfig.getAuthServerUrl() == null) {
throw new IllegalArgumentException("For bearer auth, you must set the realm-public-key or auth-server-url");
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
index 109361f..e8f5344 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
@@ -357,7 +357,7 @@ public class OAuthRequestAuthenticator {
return challenge(403, OIDCAuthenticationError.Reason.INVALID_TOKEN, null);
}
if (tokenResponse.getNotBeforePolicy() > deployment.getNotBefore()) {
- deployment.setNotBefore(tokenResponse.getNotBeforePolicy());
+ deployment.updateNotBefore(tokenResponse.getNotBeforePolicy());
}
if (token.getIssuedAt() < deployment.getNotBefore()) {
log.error("Stale token");
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/PreAuthActionsHandler.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/PreAuthActionsHandler.java
index 9a291c0..b4d017b 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/PreAuthActionsHandler.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/PreAuthActionsHandler.java
@@ -155,7 +155,7 @@ public class PreAuthActionsHandler {
} else {
log.debugf("logout of all sessions for application '%s'", action.getResource());
if (action.getNotBefore() > deployment.getNotBefore()) {
- deployment.setNotBefore(action.getNotBefore());
+ deployment.updateNotBefore(action.getNotBefore());
}
userSessionManagement.logoutAll();
}
@@ -177,7 +177,7 @@ public class PreAuthActionsHandler {
}
PushNotBeforeAction action = JsonSerialization.readValue(token.getContent(), PushNotBeforeAction.class);
if (!validateAction(action)) return;
- deployment.setNotBefore(action.getNotBefore());
+ deployment.updateNotBefore(action.getNotBefore());
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/RefreshableKeycloakSecurityContext.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/RefreshableKeycloakSecurityContext.java
index 39a3f1e..c70bce1 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/RefreshableKeycloakSecurityContext.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/RefreshableKeycloakSecurityContext.java
@@ -144,7 +144,7 @@ public class RefreshableKeycloakSecurityContext extends KeycloakSecurityContext
}
if (response.getNotBeforePolicy() > deployment.getNotBefore()) {
- deployment.setNotBefore(response.getNotBeforePolicy());
+ deployment.updateNotBefore(response.getNotBeforePolicy());
}
this.token = token;
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/HardcodedPublicKeyLocator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/HardcodedPublicKeyLocator.java
index 2aa51a4..9e285a2 100644
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/HardcodedPublicKeyLocator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/HardcodedPublicKeyLocator.java
@@ -37,4 +37,9 @@ public class HardcodedPublicKeyLocator implements PublicKeyLocator {
public PublicKey getPublicKey(String kid, KeycloakDeployment deployment) {
return publicKey;
}
+
+ @Override
+ public void reset(KeycloakDeployment deployment) {
+
+ }
}
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/JWKPublicKeyLocator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/JWKPublicKeyLocator.java
index 9305f32..22c6d7d 100644
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/JWKPublicKeyLocator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/JWKPublicKeyLocator.java
@@ -25,7 +25,6 @@ import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.common.util.Time;
import org.keycloak.jose.jwk.JSONWebKeySet;
import org.keycloak.jose.jwk.JWK;
-import org.keycloak.jose.jws.JWSInput;
import org.keycloak.util.JWKSUtils;
import java.security.PublicKey;
@@ -48,30 +47,43 @@ public class JWKPublicKeyLocator implements PublicKeyLocator {
@Override
public PublicKey getPublicKey(String kid, KeycloakDeployment deployment) {
int minTimeBetweenRequests = deployment.getMinTimeBetweenJwksRequests();
+ int publicKeyCacheTtl = deployment.getPublicKeyCacheTtl();
+ int currentTime = Time.currentTime();
// Check if key is in cache.
- PublicKey publicKey = currentKeys.get(kid);
+ PublicKey publicKey = lookupCachedKey(publicKeyCacheTtl, currentTime, kid);
if (publicKey != null) {
return publicKey;
}
- int currentTime = Time.currentTime();
-
// Check if we are allowed to send request
- if (currentTime > lastRequestTime + minTimeBetweenRequests) {
- synchronized (this) {
- currentTime = Time.currentTime();
- if (currentTime > lastRequestTime + minTimeBetweenRequests) {
- sendRequest(deployment);
- lastRequestTime = currentTime;
- } else {
- log.debugf("Won't send request to realm jwks url. Last request time was %d", lastRequestTime);
- }
+ synchronized (this) {
+ currentTime = Time.currentTime();
+ if (currentTime > lastRequestTime + minTimeBetweenRequests) {
+ sendRequest(deployment);
+ lastRequestTime = currentTime;
+ } else {
+ log.debugf("Won't send request to realm jwks url. Last request time was %d", lastRequestTime);
}
+
+ return lookupCachedKey(publicKeyCacheTtl, currentTime, kid);
}
+ }
- return currentKeys.get(kid);
+ @Override
+ public void reset(KeycloakDeployment deployment) {
+ sendRequest(deployment);
+ lastRequestTime = Time.currentTime();
+ }
+
+
+ private PublicKey lookupCachedKey(int publicKeyCacheTtl, int currentTime, String kid) {
+ if (lastRequestTime + publicKeyCacheTtl > currentTime) {
+ return currentKeys.get(kid);
+ } else {
+ return null;
+ }
}
diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/PublicKeyLocator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/PublicKeyLocator.java
index 3efd90a..096f75f 100644
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/PublicKeyLocator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/rotation/PublicKeyLocator.java
@@ -34,4 +34,11 @@ public interface PublicKeyLocator {
*/
PublicKey getPublicKey(String kid, KeycloakDeployment deployment);
+ /**
+ * Reset the state of locator (eg. clear the cached keys)
+ *
+ * @param deployment
+ */
+ void reset(KeycloakDeployment deployment);
+
}
diff --git a/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java b/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java
index 77eb475..233c1ed 100644
--- a/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java
+++ b/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java
@@ -69,6 +69,7 @@ public class KeycloakDeploymentBuilderTest {
assertEquals("email", deployment.getPrincipalAttribute());
assertEquals(10, deployment.getTokenMinimumTimeToLive());
assertEquals(20, deployment.getMinTimeBetweenJwksRequests());
+ assertEquals(120, deployment.getPublicKeyCacheTtl());
}
@Test
@@ -78,6 +79,7 @@ public class KeycloakDeploymentBuilderTest {
assertTrue(deployment.getPublicKeyLocator() instanceof JWKPublicKeyLocator);
assertEquals(10, deployment.getMinTimeBetweenJwksRequests());
+ assertEquals(86400, deployment.getPublicKeyCacheTtl());
}
@Test
diff --git a/adapters/oidc/adapter-core/src/test/resources/keycloak.json b/adapters/oidc/adapter-core/src/test/resources/keycloak.json
index a8afd22..9f0a204 100644
--- a/adapters/oidc/adapter-core/src/test/resources/keycloak.json
+++ b/adapters/oidc/adapter-core/src/test/resources/keycloak.json
@@ -30,5 +30,6 @@
"token-store": "cookie",
"principal-attribute": "email",
"token-minimum-time-to-live": 10,
- "min-time-between-jwks-requests": 20
+ "min-time-between-jwks-requests": 20,
+ "public-key-cache-ttl": 120
}
\ No newline at end of file
diff --git a/adapters/oidc/as7-eap6/as7-adapter/pom.xml b/adapters/oidc/as7-eap6/as7-adapter/pom.xml
index 5f21d6d..67ad24b 100755
--- a/adapters/oidc/as7-eap6/as7-adapter/pom.xml
+++ b/adapters/oidc/as7-eap6/as7-adapter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-as7-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/as7-eap6/as7-adapter-spi/pom.xml b/adapters/oidc/as7-eap6/as7-adapter-spi/pom.xml
index 1f64c36..fa0c29b 100755
--- a/adapters/oidc/as7-eap6/as7-adapter-spi/pom.xml
+++ b/adapters/oidc/as7-eap6/as7-adapter-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-as7-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/as7-eap6/as7-subsystem/pom.xml b/adapters/oidc/as7-eap6/as7-subsystem/pom.xml
index 972903f..4b3369d 100755
--- a/adapters/oidc/as7-eap6/as7-subsystem/pom.xml
+++ b/adapters/oidc/as7-eap6/as7-subsystem/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-integration-pom</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
adapters/oidc/as7-eap6/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/as7-eap6/pom.xml b/adapters/oidc/as7-eap6/pom.xml
index 626c1a1..e8c50f5 100755
--- a/adapters/oidc/as7-eap6/pom.xml
+++ b/adapters/oidc/as7-eap6/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak AS7 / JBoss EAP 6 Integration</name>
adapters/oidc/installed/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/installed/pom.xml b/adapters/oidc/installed/pom.xml
index 2cff21a..1e88bae 100755
--- a/adapters/oidc/installed/pom.xml
+++ b/adapters/oidc/installed/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/jaxrs-oauth-client/pom.xml b/adapters/oidc/jaxrs-oauth-client/pom.xml
index feca253..d911192 100755
--- a/adapters/oidc/jaxrs-oauth-client/pom.xml
+++ b/adapters/oidc/jaxrs-oauth-client/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/jetty/jetty8.1/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/jetty/jetty8.1/pom.xml b/adapters/oidc/jetty/jetty8.1/pom.xml
index 5d9bfc3..b966d60 100755
--- a/adapters/oidc/jetty/jetty8.1/pom.xml
+++ b/adapters/oidc/jetty/jetty8.1/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/jetty/jetty9.1/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/jetty/jetty9.1/pom.xml b/adapters/oidc/jetty/jetty9.1/pom.xml
index dbe08dd..d017e24 100755
--- a/adapters/oidc/jetty/jetty9.1/pom.xml
+++ b/adapters/oidc/jetty/jetty9.1/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/jetty/jetty9.2/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/jetty/jetty9.2/pom.xml b/adapters/oidc/jetty/jetty9.2/pom.xml
index 430a02d..20e7afa 100755
--- a/adapters/oidc/jetty/jetty9.2/pom.xml
+++ b/adapters/oidc/jetty/jetty9.2/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/jetty/jetty9.3/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/jetty/jetty9.3/pom.xml b/adapters/oidc/jetty/jetty9.3/pom.xml
index 9596a00..b1ec1ff 100644
--- a/adapters/oidc/jetty/jetty9.3/pom.xml
+++ b/adapters/oidc/jetty/jetty9.3/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/jetty/jetty-core/pom.xml b/adapters/oidc/jetty/jetty-core/pom.xml
index d6de061..0a62619 100755
--- a/adapters/oidc/jetty/jetty-core/pom.xml
+++ b/adapters/oidc/jetty/jetty-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/jetty/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/jetty/pom.xml b/adapters/oidc/jetty/pom.xml
index 6933fe7..d4b2f4b 100755
--- a/adapters/oidc/jetty/pom.xml
+++ b/adapters/oidc/jetty/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak Jetty Integration</name>
adapters/oidc/js/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/js/pom.xml b/adapters/oidc/js/pom.xml
index 5d1f812..026d8e4 100755
--- a/adapters/oidc/js/pom.xml
+++ b/adapters/oidc/js/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/js/src/main/resources/keycloak.js b/adapters/oidc/js/src/main/resources/keycloak.js
index ba27ed0..70b318e 100755
--- a/adapters/oidc/js/src/main/resources/keycloak.js
+++ b/adapters/oidc/js/src/main/resources/keycloak.js
@@ -846,14 +846,15 @@
kc.clearToken();
}
- for (var i = loginIframe.callbackList.length - 1; i >= 0; --i) {
- var promise = loginIframe.callbackList[i];
+ var callbacks = loginIframe.callbackList.splice(0, loginIframe.callbackList.length);
+
+ for (var i = callbacks.length - 1; i >= 0; --i) {
+ var promise = callbacks[i];
if (event.data == "unchanged") {
promise.setSuccess();
} else {
promise.setError();
}
- loginIframe.callbackList.splice(i, 1);
}
};
diff --git a/adapters/oidc/js/src/main/resources/login-status-iframe.html b/adapters/oidc/js/src/main/resources/login-status-iframe.html
index 6bea92a..f941663 100755
--- a/adapters/oidc/js/src/main/resources/login-status-iframe.html
+++ b/adapters/oidc/js/src/main/resources/login-status-iframe.html
@@ -35,14 +35,14 @@
req.open('GET', url, true);
req.onreadystatechange = function () {
- if (req.readyState == 4) {
- if (req.status == 204) {
+ if (req.readyState === 4) {
+ if (req.status === 204) {
init = {
clientId: clientId,
origin: origin
}
callback('unchanged');
- } else if (req.status = 404) {
+ } else if (req.status === 404) {
callback('changed');
} else {
callback('error');
@@ -52,8 +52,8 @@
req.send();
} else {
- if (clientId == init.clientId && origin == init.origin) {
- if (sessionState == cookie) {
+ if (clientId === init.clientId && origin === init.origin) {
+ if (sessionState === cookie) {
callback('unchanged');
} else {
callback('changed');
@@ -71,7 +71,7 @@
for(var i=0; i<ca.length; i++)
{
var c = ca[i].trim();
- if (c.indexOf(name)==0) return c.substring(name.length,c.length);
+ if (c.indexOf(name)===0) return c.substring(name.length,c.length);
}
return null;
}
@@ -95,4 +95,4 @@
window.addEventListener("message", receiveMessage, false);
</script>
</body>
-</html>
\ No newline at end of file
+</html>
adapters/oidc/osgi-adapter/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/osgi-adapter/pom.xml b/adapters/oidc/osgi-adapter/pom.xml
index bfc078b..a2f33f9 100755
--- a/adapters/oidc/osgi-adapter/pom.xml
+++ b/adapters/oidc/osgi-adapter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/pom.xml b/adapters/oidc/pom.xml
index cc51e53..4c7d60e 100755
--- a/adapters/oidc/pom.xml
+++ b/adapters/oidc/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<name>Keycloak OIDC Client Adapter Modules</name>
adapters/oidc/servlet-filter/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/servlet-filter/pom.xml b/adapters/oidc/servlet-filter/pom.xml
index 2371c34..5e1f898 100755
--- a/adapters/oidc/servlet-filter/pom.xml
+++ b/adapters/oidc/servlet-filter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/servlet-oauth-client/pom.xml b/adapters/oidc/servlet-oauth-client/pom.xml
index 46efa50..3928311 100755
--- a/adapters/oidc/servlet-oauth-client/pom.xml
+++ b/adapters/oidc/servlet-oauth-client/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/spring-boot/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/spring-boot/pom.xml b/adapters/oidc/spring-boot/pom.xml
index 0553fb2..ed6e9c1 100755
--- a/adapters/oidc/spring-boot/pom.xml
+++ b/adapters/oidc/spring-boot/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/spring-security/pom.xml b/adapters/oidc/spring-security/pom.xml
index 89092e8..af2c52e 100755
--- a/adapters/oidc/spring-security/pom.xml
+++ b/adapters/oidc/spring-security/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticatedActionsFilter.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticatedActionsFilter.java
new file mode 100644
index 0000000..a30a784
--- /dev/null
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/filter/KeycloakAuthenticatedActionsFilter.java
@@ -0,0 +1,90 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.adapters.springsecurity.filter;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.keycloak.adapters.AdapterDeploymentContext;
+import org.keycloak.adapters.AuthenticatedActionsHandler;
+import org.keycloak.adapters.NodesRegistrationManagement;
+import org.keycloak.adapters.OIDCHttpFacade;
+import org.keycloak.adapters.spi.HttpFacade;
+import org.keycloak.adapters.springsecurity.facade.SimpleHttpFacade;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.BeansException;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.web.filter.GenericFilterBean;
+
+/**
+ * Exposes a Keycloak adapter {@link AuthenticatedActionsHandler} as a Spring Security filter.
+ *
+ * @author <a href="mailto:srossillo@smartling.com">Scott Rossillo</a>
+ * @version $Revision: 1 $
+ */
+public class KeycloakAuthenticatedActionsFilter extends GenericFilterBean implements ApplicationContextAware {
+
+ private static final Logger log = LoggerFactory.getLogger(KeycloakAuthenticatedActionsFilter.class);
+
+ private final NodesRegistrationManagement management = new NodesRegistrationManagement();
+ private ApplicationContext applicationContext;
+ private AdapterDeploymentContext deploymentContext;
+
+
+ public KeycloakAuthenticatedActionsFilter() {
+ super();
+ }
+
+ @Override
+ protected void initFilterBean() throws ServletException {
+ deploymentContext = applicationContext.getBean(AdapterDeploymentContext.class);
+ }
+
+ @Override
+ public void destroy() {
+ log.debug("Unregistering deployment");
+ management.stop();
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ throws IOException, ServletException {
+
+ HttpFacade facade = new SimpleHttpFacade((HttpServletRequest)request, (HttpServletResponse)response);
+ AuthenticatedActionsHandler handler = new AuthenticatedActionsHandler(deploymentContext.resolveDeployment(facade), (OIDCHttpFacade)facade);
+ boolean handled = handler.handledRequest();
+ if (handled) {
+ log.debug("Authenticated filter handled request: {}", ((HttpServletRequest) request).getRequestURI());
+ } else {
+ chain.doFilter(request, response);
+ }
+ }
+
+ @Override
+ public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
+ this.applicationContext = applicationContext;
+ }
+}
adapters/oidc/tomcat/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/tomcat/pom.xml b/adapters/oidc/tomcat/pom.xml
index e8495d4..99844f9 100755
--- a/adapters/oidc/tomcat/pom.xml
+++ b/adapters/oidc/tomcat/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak Tomcat Integration</name>
adapters/oidc/tomcat/tomcat6/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/tomcat/tomcat6/pom.xml b/adapters/oidc/tomcat/tomcat6/pom.xml
index cd0d6d9..7976af6 100755
--- a/adapters/oidc/tomcat/tomcat6/pom.xml
+++ b/adapters/oidc/tomcat/tomcat6/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/tomcat/tomcat7/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/tomcat/tomcat7/pom.xml b/adapters/oidc/tomcat/tomcat7/pom.xml
index 8d36d61..5f6435a 100755
--- a/adapters/oidc/tomcat/tomcat7/pom.xml
+++ b/adapters/oidc/tomcat/tomcat7/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/tomcat/tomcat8/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/tomcat/tomcat8/pom.xml b/adapters/oidc/tomcat/tomcat8/pom.xml
index edaf4da..620ca5c 100755
--- a/adapters/oidc/tomcat/tomcat8/pom.xml
+++ b/adapters/oidc/tomcat/tomcat8/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/tomcat/tomcat-core/pom.xml b/adapters/oidc/tomcat/tomcat-core/pom.xml
index e048ada..bce1604 100755
--- a/adapters/oidc/tomcat/tomcat-core/pom.xml
+++ b/adapters/oidc/tomcat/tomcat-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/undertow/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/undertow/pom.xml b/adapters/oidc/undertow/pom.xml
index be1d44e..8c84d41 100755
--- a/adapters/oidc/undertow/pom.xml
+++ b/adapters/oidc/undertow/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/oidc/wildfly/pom.xml 2(+1 -1)
diff --git a/adapters/oidc/wildfly/pom.xml b/adapters/oidc/wildfly/pom.xml
index 641dcc0..c762574 100755
--- a/adapters/oidc/wildfly/pom.xml
+++ b/adapters/oidc/wildfly/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak WildFly Integration</name>
diff --git a/adapters/oidc/wildfly/wf8-subsystem/pom.xml b/adapters/oidc/wildfly/wf8-subsystem/pom.xml
index d805818..cf5fe68 100755
--- a/adapters/oidc/wildfly/wf8-subsystem/pom.xml
+++ b/adapters/oidc/wildfly/wf8-subsystem/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/adapters/oidc/wildfly/wildfly-adapter/pom.xml b/adapters/oidc/wildfly/wildfly-adapter/pom.xml
index f20335b..1db02a3 100755
--- a/adapters/oidc/wildfly/wildfly-adapter/pom.xml
+++ b/adapters/oidc/wildfly/wildfly-adapter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/oidc/wildfly/wildfly-subsystem/pom.xml b/adapters/oidc/wildfly/wildfly-subsystem/pom.xml
index 76a7ee2..16734b3 100755
--- a/adapters/oidc/wildfly/wildfly-subsystem/pom.xml
+++ b/adapters/oidc/wildfly/wildfly-subsystem/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
adapters/pom.xml 2(+1 -1)
diff --git a/adapters/pom.xml b/adapters/pom.xml
index bb45f11..a9179ed 100755
--- a/adapters/pom.xml
+++ b/adapters/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<name>Keycloak Integration</name>
diff --git a/adapters/saml/as7-eap6/adapter/pom.xml b/adapters/saml/as7-eap6/adapter/pom.xml
index c609859..1fdec2a 100755
--- a/adapters/saml/as7-eap6/adapter/pom.xml
+++ b/adapters/saml/as7-eap6/adapter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-saml-eap-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/as7-eap6/pom.xml 2(+1 -1)
diff --git a/adapters/saml/as7-eap6/pom.xml b/adapters/saml/as7-eap6/pom.xml
index f265e43..f9c226c 100755
--- a/adapters/saml/as7-eap6/pom.xml
+++ b/adapters/saml/as7-eap6/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak SAML EAP Integration</name>
diff --git a/adapters/saml/as7-eap6/subsystem/pom.xml b/adapters/saml/as7-eap6/subsystem/pom.xml
index 1f97819..1c0dd02 100755
--- a/adapters/saml/as7-eap6/subsystem/pom.xml
+++ b/adapters/saml/as7-eap6/subsystem/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-eap-integration-pom</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
adapters/saml/core/pom.xml 2(+1 -1)
diff --git a/adapters/saml/core/pom.xml b/adapters/saml/core/pom.xml
index 98ad604..66fbed7 100755
--- a/adapters/saml/core/pom.xml
+++ b/adapters/saml/core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/core-public/pom.xml 2(+1 -1)
diff --git a/adapters/saml/core-public/pom.xml b/adapters/saml/core-public/pom.xml
index 00e5a3b..8213652 100755
--- a/adapters/saml/core-public/pom.xml
+++ b/adapters/saml/core-public/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/jetty/jetty8.1/pom.xml 2(+1 -1)
diff --git a/adapters/saml/jetty/jetty8.1/pom.xml b/adapters/saml/jetty/jetty8.1/pom.xml
index adb70cc..2f58cab 100755
--- a/adapters/saml/jetty/jetty8.1/pom.xml
+++ b/adapters/saml/jetty/jetty8.1/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/jetty/jetty9.1/pom.xml 2(+1 -1)
diff --git a/adapters/saml/jetty/jetty9.1/pom.xml b/adapters/saml/jetty/jetty9.1/pom.xml
index 9c8e9e3..36e2c79 100755
--- a/adapters/saml/jetty/jetty9.1/pom.xml
+++ b/adapters/saml/jetty/jetty9.1/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/jetty/jetty9.2/pom.xml 2(+1 -1)
diff --git a/adapters/saml/jetty/jetty9.2/pom.xml b/adapters/saml/jetty/jetty9.2/pom.xml
index 43833e8..48f8ec9 100755
--- a/adapters/saml/jetty/jetty9.2/pom.xml
+++ b/adapters/saml/jetty/jetty9.2/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/jetty/jetty9.3/pom.xml 2(+1 -1)
diff --git a/adapters/saml/jetty/jetty9.3/pom.xml b/adapters/saml/jetty/jetty9.3/pom.xml
index 894f329..27e146f 100644
--- a/adapters/saml/jetty/jetty9.3/pom.xml
+++ b/adapters/saml/jetty/jetty9.3/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/saml/jetty/jetty-core/pom.xml b/adapters/saml/jetty/jetty-core/pom.xml
index d735fa5..6a97fce 100755
--- a/adapters/saml/jetty/jetty-core/pom.xml
+++ b/adapters/saml/jetty/jetty-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/jetty/pom.xml 2(+1 -1)
diff --git a/adapters/saml/jetty/pom.xml b/adapters/saml/jetty/pom.xml
index 7a06bb9..5c195b7 100755
--- a/adapters/saml/jetty/pom.xml
+++ b/adapters/saml/jetty/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak SAML Jetty Integration</name>
adapters/saml/pom.xml 2(+1 -1)
diff --git a/adapters/saml/pom.xml b/adapters/saml/pom.xml
index 6ce9bab..71e4768 100755
--- a/adapters/saml/pom.xml
+++ b/adapters/saml/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<name>Keycloak SAML Client Adapter Modules</name>
adapters/saml/servlet-filter/pom.xml 2(+1 -1)
diff --git a/adapters/saml/servlet-filter/pom.xml b/adapters/saml/servlet-filter/pom.xml
index 0065ad0..222238c 100755
--- a/adapters/saml/servlet-filter/pom.xml
+++ b/adapters/saml/servlet-filter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/tomcat/pom.xml 2(+1 -1)
diff --git a/adapters/saml/tomcat/pom.xml b/adapters/saml/tomcat/pom.xml
index 7d699d5..d244ce4 100755
--- a/adapters/saml/tomcat/pom.xml
+++ b/adapters/saml/tomcat/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak SAML Tomcat Integration</name>
adapters/saml/tomcat/tomcat6/pom.xml 2(+1 -1)
diff --git a/adapters/saml/tomcat/tomcat6/pom.xml b/adapters/saml/tomcat/tomcat6/pom.xml
index 218151d..1a75eb9 100755
--- a/adapters/saml/tomcat/tomcat6/pom.xml
+++ b/adapters/saml/tomcat/tomcat6/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-saml-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/tomcat/tomcat7/pom.xml 2(+1 -1)
diff --git a/adapters/saml/tomcat/tomcat7/pom.xml b/adapters/saml/tomcat/tomcat7/pom.xml
index c2c0006..f2e2586 100755
--- a/adapters/saml/tomcat/tomcat7/pom.xml
+++ b/adapters/saml/tomcat/tomcat7/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-saml-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/tomcat/tomcat8/pom.xml 2(+1 -1)
diff --git a/adapters/saml/tomcat/tomcat8/pom.xml b/adapters/saml/tomcat/tomcat8/pom.xml
index e292c36..5d4e8b8 100755
--- a/adapters/saml/tomcat/tomcat8/pom.xml
+++ b/adapters/saml/tomcat/tomcat8/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-saml-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/saml/tomcat/tomcat-core/pom.xml b/adapters/saml/tomcat/tomcat-core/pom.xml
index 4654bdf..a195726 100755
--- a/adapters/saml/tomcat/tomcat-core/pom.xml
+++ b/adapters/saml/tomcat/tomcat-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-saml-tomcat-integration-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/undertow/pom.xml 2(+1 -1)
diff --git a/adapters/saml/undertow/pom.xml b/adapters/saml/undertow/pom.xml
index e81f667..5c51f9f 100755
--- a/adapters/saml/undertow/pom.xml
+++ b/adapters/saml/undertow/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/saml/wildfly/pom.xml 2(+1 -1)
diff --git a/adapters/saml/wildfly/pom.xml b/adapters/saml/wildfly/pom.xml
index 441d734..65e9ecb 100755
--- a/adapters/saml/wildfly/pom.xml
+++ b/adapters/saml/wildfly/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak SAML Wildfly Integration</name>
diff --git a/adapters/saml/wildfly/wildfly-adapter/pom.xml b/adapters/saml/wildfly/wildfly-adapter/pom.xml
index e849bee..d18013a 100755
--- a/adapters/saml/wildfly/wildfly-adapter/pom.xml
+++ b/adapters/saml/wildfly/wildfly-adapter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/saml/wildfly/wildfly-subsystem/pom.xml b/adapters/saml/wildfly/wildfly-subsystem/pom.xml
index 8c628c8..d297bd0 100755
--- a/adapters/saml/wildfly/wildfly-subsystem/pom.xml
+++ b/adapters/saml/wildfly/wildfly-subsystem/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
adapters/spi/adapter-spi/pom.xml 2(+1 -1)
diff --git a/adapters/spi/adapter-spi/pom.xml b/adapters/spi/adapter-spi/pom.xml
index c4ceb9f..216fc6b 100755
--- a/adapters/spi/adapter-spi/pom.xml
+++ b/adapters/spi/adapter-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/spi/jboss-adapter-core/pom.xml b/adapters/spi/jboss-adapter-core/pom.xml
index 11b61c3..7a4623c 100755
--- a/adapters/spi/jboss-adapter-core/pom.xml
+++ b/adapters/spi/jboss-adapter-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/spi/jetty-adapter-spi/pom.xml b/adapters/spi/jetty-adapter-spi/pom.xml
index e213416..edf189c 100755
--- a/adapters/spi/jetty-adapter-spi/pom.xml
+++ b/adapters/spi/jetty-adapter-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
adapters/spi/pom.xml 2(+1 -1)
diff --git a/adapters/spi/pom.xml b/adapters/spi/pom.xml
index d662207..f14009f 100755
--- a/adapters/spi/pom.xml
+++ b/adapters/spi/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<name>Keycloak Client Adapter SPI Modules</name>
diff --git a/adapters/spi/servlet-adapter-spi/pom.xml b/adapters/spi/servlet-adapter-spi/pom.xml
index ecae51f..7a61a0b 100755
--- a/adapters/spi/servlet-adapter-spi/pom.xml
+++ b/adapters/spi/servlet-adapter-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/spi/tomcat-adapter-spi/pom.xml b/adapters/spi/tomcat-adapter-spi/pom.xml
index 23378d7..3ee0fda 100755
--- a/adapters/spi/tomcat-adapter-spi/pom.xml
+++ b/adapters/spi/tomcat-adapter-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/adapters/spi/undertow-adapter-spi/pom.xml b/adapters/spi/undertow-adapter-spi/pom.xml
index 9ebbed5..d3b0e7f 100755
--- a/adapters/spi/undertow-adapter-spi/pom.xml
+++ b/adapters/spi/undertow-adapter-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
authz/client/pom.xml 2(+1 -1)
diff --git a/authz/client/pom.xml b/authz/client/pom.xml
index 3dbf10c..fda3267 100644
--- a/authz/client/pom.xml
+++ b/authz/client/pom.xml
@@ -7,7 +7,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
authz/policy/common/pom.xml 2(+1 -1)
diff --git a/authz/policy/common/pom.xml b/authz/policy/common/pom.xml
index a27dba1..6cf86b6 100644
--- a/authz/policy/common/pom.xml
+++ b/authz/policy/common/pom.xml
@@ -25,7 +25,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-provider-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
authz/policy/drools/pom.xml 2(+1 -1)
diff --git a/authz/policy/drools/pom.xml b/authz/policy/drools/pom.xml
index dd4adff..0dcd107 100644
--- a/authz/policy/drools/pom.xml
+++ b/authz/policy/drools/pom.xml
@@ -7,7 +7,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-provider-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
authz/policy/pom.xml 2(+1 -1)
diff --git a/authz/policy/pom.xml b/authz/policy/pom.xml
index 6a8816d..3f24bf5 100644
--- a/authz/policy/pom.xml
+++ b/authz/policy/pom.xml
@@ -7,7 +7,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
authz/pom.xml 2(+1 -1)
diff --git a/authz/pom.xml b/authz/pom.xml
index 9e9898b..7be9e34 100644
--- a/authz/pom.xml
+++ b/authz/pom.xml
@@ -7,7 +7,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
common/pom.xml 2(+1 -1)
diff --git a/common/pom.xml b/common/pom.xml
index e741c09..f94aa83 100755
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
core/pom.xml 2(+1 -1)
diff --git a/core/pom.xml b/core/pom.xml
index 3e69bdc..ab080f8 100755
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
index 0ba327d..e4065bc 100755
--- a/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
+++ b/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
@@ -36,7 +36,8 @@ import com.fasterxml.jackson.annotation.JsonPropertyOrder;
"client-keystore", "client-keystore-password", "client-key-password",
"always-refresh-token",
"register-node-at-startup", "register-node-period", "token-store", "principal-attribute",
- "proxy-url", "turn-off-change-session-id-on-login", "token-minimum-time-to-live", "min-time-between-jwks-requests",
+ "proxy-url", "turn-off-change-session-id-on-login", "token-minimum-time-to-live",
+ "min-time-between-jwks-requests", "public-key-cache-ttl",
"policy-enforcer"
})
public class AdapterConfig extends BaseAdapterConfig implements AdapterHttpClientConfig {
@@ -73,6 +74,8 @@ public class AdapterConfig extends BaseAdapterConfig implements AdapterHttpClien
protected int tokenMinimumTimeToLive = 0;
@JsonProperty("min-time-between-jwks-requests")
protected int minTimeBetweenJwksRequests = 10;
+ @JsonProperty("public-key-cache-ttl")
+ protected int publicKeyCacheTtl = 86400; // 1 day
@JsonProperty("policy-enforcer")
protected PolicyEnforcerConfig policyEnforcerConfig;
@@ -233,4 +236,12 @@ public class AdapterConfig extends BaseAdapterConfig implements AdapterHttpClien
public void setMinTimeBetweenJwksRequests(int minTimeBetweenJwksRequests) {
this.minTimeBetweenJwksRequests = minTimeBetweenJwksRequests;
}
+
+ public int getPublicKeyCacheTtl() {
+ return publicKeyCacheTtl;
+ }
+
+ public void setPublicKeyCacheTtl(int publicKeyCacheTtl) {
+ this.publicKeyCacheTtl = publicKeyCacheTtl;
+ }
}
dependencies/pom.xml 2(+1 -1)
diff --git a/dependencies/pom.xml b/dependencies/pom.xml
index 17883ab..6d72740 100755
--- a/dependencies/pom.xml
+++ b/dependencies/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
dependencies/server-all/pom.xml 2(+1 -1)
diff --git a/dependencies/server-all/pom.xml b/dependencies/server-all/pom.xml
index 4d66d38..f4489d4 100755
--- a/dependencies/server-all/pom.xml
+++ b/dependencies/server-all/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
dependencies/server-min/pom.xml 2(+1 -1)
diff --git a/dependencies/server-min/pom.xml b/dependencies/server-min/pom.xml
index 6cbf21b..1da3a70 100755
--- a/dependencies/server-min/pom.xml
+++ b/dependencies/server-min/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/distribution/adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml b/distribution/adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
index 4315912..589927f 100755
--- a/distribution/adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
+++ b/distribution/adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/as7-eap6-adapter/as7-modules/pom.xml b/distribution/adapters/as7-eap6-adapter/as7-modules/pom.xml
index ec486aa..ca58758 100755
--- a/distribution/adapters/as7-eap6-adapter/as7-modules/pom.xml
+++ b/distribution/adapters/as7-eap6-adapter/as7-modules/pom.xml
@@ -25,7 +25,7 @@
<parent>
<artifactId>keycloak-as7-eap6-adapter-dist-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml b/distribution/adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
index 2a9767d..991ac2d 100755
--- a/distribution/adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
+++ b/distribution/adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-as7-eap6-adapter-dist-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/as7-eap6-adapter/pom.xml b/distribution/adapters/as7-eap6-adapter/pom.xml
index a00b050..fe2df2e 100644
--- a/distribution/adapters/as7-eap6-adapter/pom.xml
+++ b/distribution/adapters/as7-eap6-adapter/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak AS7 / JBoss EAP 6 Adapter Distros</name>
diff --git a/distribution/adapters/fuse-adapter-zip/pom.xml b/distribution/adapters/fuse-adapter-zip/pom.xml
index 7c036d9..abda11d 100644
--- a/distribution/adapters/fuse-adapter-zip/pom.xml
+++ b/distribution/adapters/fuse-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/jetty81-adapter-zip/pom.xml b/distribution/adapters/jetty81-adapter-zip/pom.xml
index 074315f..72fa567 100755
--- a/distribution/adapters/jetty81-adapter-zip/pom.xml
+++ b/distribution/adapters/jetty81-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/jetty91-adapter-zip/pom.xml b/distribution/adapters/jetty91-adapter-zip/pom.xml
index 6ad37cd..09ee966 100755
--- a/distribution/adapters/jetty91-adapter-zip/pom.xml
+++ b/distribution/adapters/jetty91-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/jetty92-adapter-zip/pom.xml b/distribution/adapters/jetty92-adapter-zip/pom.xml
index e1acb94..10dfe4e 100755
--- a/distribution/adapters/jetty92-adapter-zip/pom.xml
+++ b/distribution/adapters/jetty92-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/jetty93-adapter-zip/pom.xml b/distribution/adapters/jetty93-adapter-zip/pom.xml
index a65b62d..ddb743f 100644
--- a/distribution/adapters/jetty93-adapter-zip/pom.xml
+++ b/distribution/adapters/jetty93-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/js-adapter-zip/pom.xml b/distribution/adapters/js-adapter-zip/pom.xml
index 1e3074b..57dcae4 100755
--- a/distribution/adapters/js-adapter-zip/pom.xml
+++ b/distribution/adapters/js-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/osgi/features/pom.xml b/distribution/adapters/osgi/features/pom.xml
index 56a1253..7448ff6 100755
--- a/distribution/adapters/osgi/features/pom.xml
+++ b/distribution/adapters/osgi/features/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<name>Keycloak OSGI Features</name>
diff --git a/distribution/adapters/osgi/jaas/pom.xml b/distribution/adapters/osgi/jaas/pom.xml
index b986893..fcd3029 100755
--- a/distribution/adapters/osgi/jaas/pom.xml
+++ b/distribution/adapters/osgi/jaas/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
<name>Keycloak OSGI JAAS Realm Configuration</name>
distribution/adapters/osgi/pom.xml 2(+1 -1)
diff --git a/distribution/adapters/osgi/pom.xml b/distribution/adapters/osgi/pom.xml
index 8a4f603..093e2ec 100755
--- a/distribution/adapters/osgi/pom.xml
+++ b/distribution/adapters/osgi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak OSGI Integration</name>
diff --git a/distribution/adapters/osgi/thirdparty/pom.xml b/distribution/adapters/osgi/thirdparty/pom.xml
index 470469a..1974d0f 100755
--- a/distribution/adapters/osgi/thirdparty/pom.xml
+++ b/distribution/adapters/osgi/thirdparty/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
distribution/adapters/pom.xml 2(+1 -1)
diff --git a/distribution/adapters/pom.xml b/distribution/adapters/pom.xml
index 5c9bcc8..b8ca39a 100755
--- a/distribution/adapters/pom.xml
+++ b/distribution/adapters/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Adapters Distribution Parent</name>
diff --git a/distribution/adapters/tomcat6-adapter-zip/pom.xml b/distribution/adapters/tomcat6-adapter-zip/pom.xml
index bc650ac..67de7c3 100755
--- a/distribution/adapters/tomcat6-adapter-zip/pom.xml
+++ b/distribution/adapters/tomcat6-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/tomcat7-adapter-zip/pom.xml b/distribution/adapters/tomcat7-adapter-zip/pom.xml
index b524945..6d2d887 100755
--- a/distribution/adapters/tomcat7-adapter-zip/pom.xml
+++ b/distribution/adapters/tomcat7-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/tomcat8-adapter-zip/pom.xml b/distribution/adapters/tomcat8-adapter-zip/pom.xml
index d1dac8d..ba29d33 100755
--- a/distribution/adapters/tomcat8-adapter-zip/pom.xml
+++ b/distribution/adapters/tomcat8-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/wf8-adapter/pom.xml b/distribution/adapters/wf8-adapter/pom.xml
index 922e754..7bd34a0 100644
--- a/distribution/adapters/wf8-adapter/pom.xml
+++ b/distribution/adapters/wf8-adapter/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak Wildfly 8 Adapter</name>
diff --git a/distribution/adapters/wf8-adapter/wf8-adapter-zip/pom.xml b/distribution/adapters/wf8-adapter/wf8-adapter-zip/pom.xml
index 4d0a06b..9bb314b 100755
--- a/distribution/adapters/wf8-adapter/wf8-adapter-zip/pom.xml
+++ b/distribution/adapters/wf8-adapter/wf8-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/wf8-adapter/wf8-modules/pom.xml b/distribution/adapters/wf8-adapter/wf8-modules/pom.xml
index ef7c331..2e151c7 100755
--- a/distribution/adapters/wf8-adapter/wf8-modules/pom.xml
+++ b/distribution/adapters/wf8-adapter/wf8-modules/pom.xml
@@ -25,7 +25,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/wildfly-adapter/pom.xml b/distribution/adapters/wildfly-adapter/pom.xml
index 0f814d4..af991b8 100644
--- a/distribution/adapters/wildfly-adapter/pom.xml
+++ b/distribution/adapters/wildfly-adapter/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak Wildfly Adapter</name>
diff --git a/distribution/adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml b/distribution/adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml
index 4251876..f691030 100755
--- a/distribution/adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml
+++ b/distribution/adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/adapters/wildfly-adapter/wildfly-modules/pom.xml b/distribution/adapters/wildfly-adapter/wildfly-modules/pom.xml
index bf500db..b528fef 100755
--- a/distribution/adapters/wildfly-adapter/wildfly-modules/pom.xml
+++ b/distribution/adapters/wildfly-adapter/wildfly-modules/pom.xml
@@ -25,7 +25,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
distribution/api-docs-dist/pom.xml 2(+1 -1)
diff --git a/distribution/api-docs-dist/pom.xml b/distribution/api-docs-dist/pom.xml
index 2267578..8536bb9 100755
--- a/distribution/api-docs-dist/pom.xml
+++ b/distribution/api-docs-dist/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-api-docs-dist</artifactId>
distribution/demo-dist/pom.xml 2(+1 -1)
diff --git a/distribution/demo-dist/pom.xml b/distribution/demo-dist/pom.xml
index 2d0130f..ddb6e04 100755
--- a/distribution/demo-dist/pom.xml
+++ b/distribution/demo-dist/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-demo-dist</artifactId>
distribution/downloads/pom.xml 2(+1 -1)
diff --git a/distribution/downloads/pom.xml b/distribution/downloads/pom.xml
index 1fc22ff..bba0b91 100755
--- a/distribution/downloads/pom.xml
+++ b/distribution/downloads/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-dist-downloads</artifactId>
distribution/examples-dist/pom.xml 2(+1 -1)
diff --git a/distribution/examples-dist/pom.xml b/distribution/examples-dist/pom.xml
index cb25859..c7eea91 100755
--- a/distribution/examples-dist/pom.xml
+++ b/distribution/examples-dist/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-examples-dist</artifactId>
diff --git a/distribution/feature-packs/adapter-feature-pack/pom.xml b/distribution/feature-packs/adapter-feature-pack/pom.xml
index ca868b3..9dbfe27 100755
--- a/distribution/feature-packs/adapter-feature-pack/pom.xml
+++ b/distribution/feature-packs/adapter-feature-pack/pom.xml
@@ -19,7 +19,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>feature-packs-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
distribution/feature-packs/pom.xml 2(+1 -1)
diff --git a/distribution/feature-packs/pom.xml b/distribution/feature-packs/pom.xml
index 4198508..e767d8c 100644
--- a/distribution/feature-packs/pom.xml
+++ b/distribution/feature-packs/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Feature Pack Builds</name>
diff --git a/distribution/feature-packs/server-feature-pack/pom.xml b/distribution/feature-packs/server-feature-pack/pom.xml
index f001634..2a5ee4c 100644
--- a/distribution/feature-packs/server-feature-pack/pom.xml
+++ b/distribution/feature-packs/server-feature-pack/pom.xml
@@ -19,7 +19,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>feature-packs-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
distribution/pom.xml 2(+1 -1)
diff --git a/distribution/pom.xml b/distribution/pom.xml
index 6004cc0..dfb8e7c 100755
--- a/distribution/pom.xml
+++ b/distribution/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
distribution/proxy-dist/pom.xml 2(+1 -1)
diff --git a/distribution/proxy-dist/pom.xml b/distribution/proxy-dist/pom.xml
index 279314d..40e5d26 100755
--- a/distribution/proxy-dist/pom.xml
+++ b/distribution/proxy-dist/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-proxy-dist</artifactId>
diff --git a/distribution/saml-adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml b/distribution/saml-adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
index bc99ccb..d3ad498 100755
--- a/distribution/saml-adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/as7-eap6-adapter/as7-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/as7-eap6-adapter/as7-modules/pom.xml b/distribution/saml-adapters/as7-eap6-adapter/as7-modules/pom.xml
index bef3baf..545e033 100755
--- a/distribution/saml-adapters/as7-eap6-adapter/as7-modules/pom.xml
+++ b/distribution/saml-adapters/as7-eap6-adapter/as7-modules/pom.xml
@@ -25,7 +25,7 @@
<parent>
<artifactId>keycloak-saml-as7-eap6-adapter-dist-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml b/distribution/saml-adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
index cc48779..d6433a4 100755
--- a/distribution/saml-adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/as7-eap6-adapter/eap6-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-saml-as7-eap6-adapter-dist-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/as7-eap6-adapter/pom.xml b/distribution/saml-adapters/as7-eap6-adapter/pom.xml
index 0ceef5a..1a705c1 100755
--- a/distribution/saml-adapters/as7-eap6-adapter/pom.xml
+++ b/distribution/saml-adapters/as7-eap6-adapter/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak SAML AS7 / JBoss EAP 6 Adapter Distros</name>
diff --git a/distribution/saml-adapters/jetty81-adapter-zip/pom.xml b/distribution/saml-adapters/jetty81-adapter-zip/pom.xml
index 1d8ddd3..aeb4407 100755
--- a/distribution/saml-adapters/jetty81-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/jetty81-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/jetty92-adapter-zip/pom.xml b/distribution/saml-adapters/jetty92-adapter-zip/pom.xml
index 589fdde..9ba4478 100755
--- a/distribution/saml-adapters/jetty92-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/jetty92-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/jetty93-adapter-zip/pom.xml b/distribution/saml-adapters/jetty93-adapter-zip/pom.xml
index 9f06f28..42e4d75 100644
--- a/distribution/saml-adapters/jetty93-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/jetty93-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
distribution/saml-adapters/pom.xml 2(+1 -1)
diff --git a/distribution/saml-adapters/pom.xml b/distribution/saml-adapters/pom.xml
index e273793..e458130 100755
--- a/distribution/saml-adapters/pom.xml
+++ b/distribution/saml-adapters/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>SAML Adapters Distribution Parent</name>
diff --git a/distribution/saml-adapters/tomcat6-adapter-zip/pom.xml b/distribution/saml-adapters/tomcat6-adapter-zip/pom.xml
index 8282701..bee4575 100755
--- a/distribution/saml-adapters/tomcat6-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/tomcat6-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/tomcat7-adapter-zip/pom.xml b/distribution/saml-adapters/tomcat7-adapter-zip/pom.xml
index 5911235..14b9875 100755
--- a/distribution/saml-adapters/tomcat7-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/tomcat7-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/tomcat8-adapter-zip/pom.xml b/distribution/saml-adapters/tomcat8-adapter-zip/pom.xml
index e0036d6..339b054 100755
--- a/distribution/saml-adapters/tomcat8-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/tomcat8-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/wildfly-adapter/pom.xml b/distribution/saml-adapters/wildfly-adapter/pom.xml
index 91f6402..da5d1f1 100755
--- a/distribution/saml-adapters/wildfly-adapter/pom.xml
+++ b/distribution/saml-adapters/wildfly-adapter/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<name>Keycloak Wildfly SAML Adapter</name>
diff --git a/distribution/saml-adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml b/distribution/saml-adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml
index 655a99f..34823e9 100755
--- a/distribution/saml-adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml
+++ b/distribution/saml-adapters/wildfly-adapter/wildfly-adapter-zip/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
diff --git a/distribution/saml-adapters/wildfly-adapter/wildfly-modules/pom.xml b/distribution/saml-adapters/wildfly-adapter/wildfly-modules/pom.xml
index 6e8a4c3..9fe62c9 100755
--- a/distribution/saml-adapters/wildfly-adapter/wildfly-modules/pom.xml
+++ b/distribution/saml-adapters/wildfly-adapter/wildfly-modules/pom.xml
@@ -25,7 +25,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../../../pom.xml</relativePath>
</parent>
distribution/server-dist/pom.xml 2(+1 -1)
diff --git a/distribution/server-dist/pom.xml b/distribution/server-dist/pom.xml
index 6ce5eaa..85bd552 100755
--- a/distribution/server-dist/pom.xml
+++ b/distribution/server-dist/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-server-dist</artifactId>
distribution/server-overlay/pom.xml 2(+1 -1)
diff --git a/distribution/server-overlay/pom.xml b/distribution/server-overlay/pom.xml
index 485dd46..ddf8cb5 100755
--- a/distribution/server-overlay/pom.xml
+++ b/distribution/server-overlay/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-distribution-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-server-overlay</artifactId>
examples/admin-client/pom.xml 2(+1 -1)
diff --git a/examples/admin-client/pom.xml b/examples/admin-client/pom.xml
index 70b4e06..a37811e 100755
--- a/examples/admin-client/pom.xml
+++ b/examples/admin-client/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Examples - Admin Client</name>
examples/authz/hello-world/pom.xml 2(+1 -1)
diff --git a/examples/authz/hello-world/pom.xml b/examples/authz/hello-world/pom.xml
index 7863206..c48651c 100755
--- a/examples/authz/hello-world/pom.xml
+++ b/examples/authz/hello-world/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-example-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/examples/authz/hello-world-authz-service/pom.xml b/examples/authz/hello-world-authz-service/pom.xml
index 11ec950..d68e599 100755
--- a/examples/authz/hello-world-authz-service/pom.xml
+++ b/examples/authz/hello-world-authz-service/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-example-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/examples/authz/photoz/photoz-authz-policy/pom.xml b/examples/authz/photoz/photoz-authz-policy/pom.xml
index 5f594cc..36415dc 100755
--- a/examples/authz/photoz/photoz-authz-policy/pom.xml
+++ b/examples/authz/photoz/photoz-authz-policy/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-photoz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/examples/authz/photoz/photoz-html5-client/pom.xml b/examples/authz/photoz/photoz-html5-client/pom.xml
index 94a586d..337a8a9 100755
--- a/examples/authz/photoz/photoz-html5-client/pom.xml
+++ b/examples/authz/photoz/photoz-html5-client/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-photoz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/examples/authz/photoz/photoz-restful-api/pom.xml b/examples/authz/photoz/photoz-restful-api/pom.xml
index 46dd910..c4016f0 100755
--- a/examples/authz/photoz/photoz-restful-api/pom.xml
+++ b/examples/authz/photoz/photoz-restful-api/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-photoz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
examples/authz/photoz/pom.xml 2(+1 -1)
diff --git a/examples/authz/photoz/pom.xml b/examples/authz/photoz/pom.xml
index 35222d8..813c680 100755
--- a/examples/authz/photoz/pom.xml
+++ b/examples/authz/photoz/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-example-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
examples/authz/pom.xml 2(+1 -1)
diff --git a/examples/authz/pom.xml b/examples/authz/pom.xml
index c15d7ba..a05ae7a 100755
--- a/examples/authz/pom.xml
+++ b/examples/authz/pom.xml
@@ -6,7 +6,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
examples/authz/servlet-authz/pom.xml 2(+1 -1)
diff --git a/examples/authz/servlet-authz/pom.xml b/examples/authz/servlet-authz/pom.xml
index 0ad4022..502c20a 100755
--- a/examples/authz/servlet-authz/pom.xml
+++ b/examples/authz/servlet-authz/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-authz-example-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
examples/basic-auth/pom.xml 2(+1 -1)
diff --git a/examples/basic-auth/pom.xml b/examples/basic-auth/pom.xml
index dbe695e..26f5d89 100755
--- a/examples/basic-auth/pom.xml
+++ b/examples/basic-auth/pom.xml
@@ -23,7 +23,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Examples - Basic Auth</name>
diff --git a/examples/broker/facebook-authentication/pom.xml b/examples/broker/facebook-authentication/pom.xml
index ac38959..c385021 100755
--- a/examples/broker/facebook-authentication/pom.xml
+++ b/examples/broker/facebook-authentication/pom.xml
@@ -23,7 +23,7 @@
<parent>
<artifactId>keycloak-examples-broker-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Broker Examples - Facebook Authentication</name>
diff --git a/examples/broker/google-authentication/pom.xml b/examples/broker/google-authentication/pom.xml
index 6daddda..2915b37 100755
--- a/examples/broker/google-authentication/pom.xml
+++ b/examples/broker/google-authentication/pom.xml
@@ -23,7 +23,7 @@
<parent>
<artifactId>keycloak-examples-broker-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Broker Examples - Google Authentication</name>
examples/broker/pom.xml 2(+1 -1)
diff --git a/examples/broker/pom.xml b/examples/broker/pom.xml
index 7574ff6..ea4e4b9 100755
--- a/examples/broker/pom.xml
+++ b/examples/broker/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Broker Examples</name>
diff --git a/examples/broker/saml-broker-authentication/pom.xml b/examples/broker/saml-broker-authentication/pom.xml
index a926b41..44ee35c 100755
--- a/examples/broker/saml-broker-authentication/pom.xml
+++ b/examples/broker/saml-broker-authentication/pom.xml
@@ -23,7 +23,7 @@
<parent>
<artifactId>keycloak-examples-broker-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Broker Examples - SAML Identity Provider Brokering</name>
diff --git a/examples/broker/twitter-authentication/pom.xml b/examples/broker/twitter-authentication/pom.xml
index 5d7facc..af32c5e 100755
--- a/examples/broker/twitter-authentication/pom.xml
+++ b/examples/broker/twitter-authentication/pom.xml
@@ -23,7 +23,7 @@
<parent>
<artifactId>keycloak-examples-broker-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Broker Examples - Twitter Authentication</name>
diff --git a/examples/cors/angular-product-app/pom.xml b/examples/cors/angular-product-app/pom.xml
index 3412f64..ec4f769 100755
--- a/examples/cors/angular-product-app/pom.xml
+++ b/examples/cors/angular-product-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-cors-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/cors/database-service/pom.xml b/examples/cors/database-service/pom.xml
index 14f71ec..e59fca3 100755
--- a/examples/cors/database-service/pom.xml
+++ b/examples/cors/database-service/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-cors-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/cors/pom.xml 2(+1 -1)
diff --git a/examples/cors/pom.xml b/examples/cors/pom.xml
index 69aa10f..a38f8d8 100755
--- a/examples/cors/pom.xml
+++ b/examples/cors/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Examples - CORS</name>
diff --git a/examples/demo-template/admin-access-app/pom.xml b/examples/demo-template/admin-access-app/pom.xml
index 2d93fb4..49ba4f8 100755
--- a/examples/demo-template/admin-access-app/pom.xml
+++ b/examples/demo-template/admin-access-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/angular2-product-app/pom.xml b/examples/demo-template/angular2-product-app/pom.xml
index ee63fd6..3ac174a 100644
--- a/examples/demo-template/angular2-product-app/pom.xml
+++ b/examples/demo-template/angular2-product-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/angular-product-app/pom.xml b/examples/demo-template/angular-product-app/pom.xml
index 9d81a98..c540f36 100755
--- a/examples/demo-template/angular-product-app/pom.xml
+++ b/examples/demo-template/angular-product-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app/pom.xml b/examples/demo-template/customer-app/pom.xml
index 1adc37f..96697db 100755
--- a/examples/demo-template/customer-app/pom.xml
+++ b/examples/demo-template/customer-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app-cli/pom.xml b/examples/demo-template/customer-app-cli/pom.xml
index 0f8a08f..c4aef58 100755
--- a/examples/demo-template/customer-app-cli/pom.xml
+++ b/examples/demo-template/customer-app-cli/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app-filter/pom.xml b/examples/demo-template/customer-app-filter/pom.xml
index 7d3bd76..5e49975 100755
--- a/examples/demo-template/customer-app-filter/pom.xml
+++ b/examples/demo-template/customer-app-filter/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app-js/pom.xml b/examples/demo-template/customer-app-js/pom.xml
index a0f6317..efd2961 100755
--- a/examples/demo-template/customer-app-js/pom.xml
+++ b/examples/demo-template/customer-app-js/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/database-service/pom.xml b/examples/demo-template/database-service/pom.xml
index e46ebf4..1fbdec4 100755
--- a/examples/demo-template/database-service/pom.xml
+++ b/examples/demo-template/database-service/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/example-ear/pom.xml b/examples/demo-template/example-ear/pom.xml
index a81d5e9..57fb93b 100755
--- a/examples/demo-template/example-ear/pom.xml
+++ b/examples/demo-template/example-ear/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/offline-access-app/pom.xml b/examples/demo-template/offline-access-app/pom.xml
index d5dc95d..103f13d 100755
--- a/examples/demo-template/offline-access-app/pom.xml
+++ b/examples/demo-template/offline-access-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/demo-template/pom.xml 2(+1 -1)
diff --git a/examples/demo-template/pom.xml b/examples/demo-template/pom.xml
index f2d38ad..d08aedb 100755
--- a/examples/demo-template/pom.xml
+++ b/examples/demo-template/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Examples</name>
diff --git a/examples/demo-template/product-app/pom.xml b/examples/demo-template/product-app/pom.xml
index 8b123e8..71ae41f 100755
--- a/examples/demo-template/product-app/pom.xml
+++ b/examples/demo-template/product-app/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/service-account/pom.xml b/examples/demo-template/service-account/pom.xml
index 517cd39..2d5c45d 100755
--- a/examples/demo-template/service-account/pom.xml
+++ b/examples/demo-template/service-account/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/third-party/pom.xml b/examples/demo-template/third-party/pom.xml
index 664b2e6..fcd67c5 100755
--- a/examples/demo-template/third-party/pom.xml
+++ b/examples/demo-template/third-party/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/third-party-cdi/pom.xml b/examples/demo-template/third-party-cdi/pom.xml
index 8ceaf94..b0b0212 100755
--- a/examples/demo-template/third-party-cdi/pom.xml
+++ b/examples/demo-template/third-party-cdi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-demo-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/fuse/camel/pom.xml 2(+1 -1)
diff --git a/examples/fuse/camel/pom.xml b/examples/fuse/camel/pom.xml
index 984e987..be15f3d 100755
--- a/examples/fuse/camel/pom.xml
+++ b/examples/fuse/camel/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/fuse/customer-app-fuse/pom.xml b/examples/fuse/customer-app-fuse/pom.xml
index 603a2cc..7d9f990 100755
--- a/examples/fuse/customer-app-fuse/pom.xml
+++ b/examples/fuse/customer-app-fuse/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/fuse/cxf-jaxrs/pom.xml 2(+1 -1)
diff --git a/examples/fuse/cxf-jaxrs/pom.xml b/examples/fuse/cxf-jaxrs/pom.xml
index ac4832e..60238fb 100755
--- a/examples/fuse/cxf-jaxrs/pom.xml
+++ b/examples/fuse/cxf-jaxrs/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/fuse/cxf-jaxws/pom.xml 2(+1 -1)
diff --git a/examples/fuse/cxf-jaxws/pom.xml b/examples/fuse/cxf-jaxws/pom.xml
index 2a37cfb..b3705c7 100755
--- a/examples/fuse/cxf-jaxws/pom.xml
+++ b/examples/fuse/cxf-jaxws/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/examples/fuse/external-config/pom.xml b/examples/fuse/external-config/pom.xml
index 178904b..daadfef 100755
--- a/examples/fuse/external-config/pom.xml
+++ b/examples/fuse/external-config/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Examples - External Config</name>
examples/fuse/features/pom.xml 2(+1 -1)
diff --git a/examples/fuse/features/pom.xml b/examples/fuse/features/pom.xml
index 58183e6..7d59641 100755
--- a/examples/fuse/features/pom.xml
+++ b/examples/fuse/features/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/fuse/pom.xml 2(+1 -1)
diff --git a/examples/fuse/pom.xml b/examples/fuse/pom.xml
index d589b8d..cc09f87 100755
--- a/examples/fuse/pom.xml
+++ b/examples/fuse/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Fuse examples</name>
diff --git a/examples/fuse/product-app-fuse/pom.xml b/examples/fuse/product-app-fuse/pom.xml
index 1b5dc91..418f327 100755
--- a/examples/fuse/product-app-fuse/pom.xml
+++ b/examples/fuse/product-app-fuse/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-fuse-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/js-console/pom.xml 2(+1 -1)
diff --git a/examples/js-console/pom.xml b/examples/js-console/pom.xml
index 3d5f651..eade8ca 100755
--- a/examples/js-console/pom.xml
+++ b/examples/js-console/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/kerberos/pom.xml 2(+1 -1)
diff --git a/examples/kerberos/pom.xml b/examples/kerberos/pom.xml
index 129575b..8e2bcca 100755
--- a/examples/kerberos/pom.xml
+++ b/examples/kerberos/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Examples - Kerberos Credential Delegation</name>
examples/ldap/pom.xml 2(+1 -1)
diff --git a/examples/ldap/pom.xml b/examples/ldap/pom.xml
index 4b65b78..d70425b 100644
--- a/examples/ldap/pom.xml
+++ b/examples/ldap/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
examples/multi-tenant/pom.xml 2(+1 -1)
diff --git a/examples/multi-tenant/pom.xml b/examples/multi-tenant/pom.xml
index ac30331..e0c276c 100755
--- a/examples/multi-tenant/pom.xml
+++ b/examples/multi-tenant/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Examples - Multi Tenant</name>
examples/pom.xml 2(+1 -1)
diff --git a/examples/pom.xml b/examples/pom.xml
index 1a985e2..f2507b1 100755
--- a/examples/pom.xml
+++ b/examples/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Examples</name>
diff --git a/examples/providers/authenticator/pom.xml b/examples/providers/authenticator/pom.xml
index 100b03a..5b70723 100755
--- a/examples/providers/authenticator/pom.xml
+++ b/examples/providers/authenticator/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Authenticator Example</name>
diff --git a/examples/providers/domain-extension/pom.xml b/examples/providers/domain-extension/pom.xml
index e0d75ca..7cae035 100755
--- a/examples/providers/domain-extension/pom.xml
+++ b/examples/providers/domain-extension/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Domain Extension Example</name>
diff --git a/examples/providers/event-listener-sysout/pom.xml b/examples/providers/event-listener-sysout/pom.xml
index e5dcf77..d17e48a 100755
--- a/examples/providers/event-listener-sysout/pom.xml
+++ b/examples/providers/event-listener-sysout/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Event Listener System.out Example</name>
diff --git a/examples/providers/event-store-mem/pom.xml b/examples/providers/event-store-mem/pom.xml
index d1e068c..88ac583 100755
--- a/examples/providers/event-store-mem/pom.xml
+++ b/examples/providers/event-store-mem/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Event Store In-Mem Example</name>
examples/providers/pom.xml 2(+1 -1)
diff --git a/examples/providers/pom.xml b/examples/providers/pom.xml
index c9be81d..dd59811 100755
--- a/examples/providers/pom.xml
+++ b/examples/providers/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Provider Examples</name>
examples/providers/rest/pom.xml 2(+1 -1)
diff --git a/examples/providers/rest/pom.xml b/examples/providers/rest/pom.xml
index b17a42e..1f78550 100755
--- a/examples/providers/rest/pom.xml
+++ b/examples/providers/rest/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Authenticator Example</name>
diff --git a/examples/providers/user-storage-jpa/pom.xml b/examples/providers/user-storage-jpa/pom.xml
index d22ecc8..0eb846f 100755
--- a/examples/providers/user-storage-jpa/pom.xml
+++ b/examples/providers/user-storage-jpa/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>User Storage JPA Provider Exapmle</name>
diff --git a/examples/providers/user-storage-simple/pom.xml b/examples/providers/user-storage-simple/pom.xml
index 0995103..03faeec 100755
--- a/examples/providers/user-storage-simple/pom.xml
+++ b/examples/providers/user-storage-simple/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-providers-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>UserStorageProvider Simple Example</name>
examples/saml/pom.xml 2(+1 -1)
diff --git a/examples/saml/pom.xml b/examples/saml/pom.xml
index 429fe35..c5ffee9 100755
--- a/examples/saml/pom.xml
+++ b/examples/saml/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Provider Examples</name>
diff --git a/examples/saml/post-with-encryption/pom.xml b/examples/saml/post-with-encryption/pom.xml
index 41cde50..40c690a 100755
--- a/examples/saml/post-with-encryption/pom.xml
+++ b/examples/saml/post-with-encryption/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-saml-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>saml-post-encryption</artifactId>
diff --git a/examples/saml/post-with-signature/pom.xml b/examples/saml/post-with-signature/pom.xml
index 06d1a87..fc74042 100755
--- a/examples/saml/post-with-signature/pom.xml
+++ b/examples/saml/post-with-signature/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-saml-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>sales-post-sig</artifactId>
diff --git a/examples/saml/redirect-with-signature/pom.xml b/examples/saml/redirect-with-signature/pom.xml
index c86a0f6..0a8a6d9 100755
--- a/examples/saml/redirect-with-signature/pom.xml
+++ b/examples/saml/redirect-with-signature/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-saml-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>saml-redirect-signatures</artifactId>
examples/saml/servlet-filter/pom.xml 2(+1 -1)
diff --git a/examples/saml/servlet-filter/pom.xml b/examples/saml/servlet-filter/pom.xml
index fb01fa8..3b1f94b 100755
--- a/examples/saml/servlet-filter/pom.xml
+++ b/examples/saml/servlet-filter/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-examples-saml-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>saml-servlet-filter</artifactId>
examples/themes/pom.xml 2(+1 -1)
diff --git a/examples/themes/pom.xml b/examples/themes/pom.xml
index ab4c7b6..ff5fc6a 100755
--- a/examples/themes/pom.xml
+++ b/examples/themes/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-examples-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Themes Examples</name>
federation/kerberos/pom.xml 2(+1 -1)
diff --git a/federation/kerberos/pom.xml b/federation/kerberos/pom.xml
index a169fe2..e8eddb1 100755
--- a/federation/kerberos/pom.xml
+++ b/federation/kerberos/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
federation/ldap/pom.xml 2(+1 -1)
diff --git a/federation/ldap/pom.xml b/federation/ldap/pom.xml
index 8e554a5..9323814 100755
--- a/federation/ldap/pom.xml
+++ b/federation/ldap/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java
index 4fe4002..cb58a1e 100644
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPOperationManager.java
@@ -242,7 +242,7 @@ public class LDAPOperationManager {
public String getFilterById(String id) {
String filter = null;
- if (this.config.isActiveDirectory()) {
+ if (this.config.isObjectGUID()) {
final String strObjectGUID = "<GUID=" + id + ">";
try {
@@ -458,8 +458,7 @@ public class LDAPOperationManager {
public String decodeEntryUUID(final Object entryUUID) {
String id;
-
- if (this.config.isActiveDirectory() && entryUUID instanceof byte[]) {
+ if (this.config.isObjectGUID() && entryUUID instanceof byte[]) {
id = LDAPUtil.decodeObjectGUID((byte[]) entryUUID);
} else {
id = entryUUID.toString();
@@ -516,7 +515,7 @@ public class LDAPOperationManager {
}
}
- if (config.isActiveDirectory()) {
+ if (this.config.isObjectGUID()) {
env.put("java.naming.ldap.attributes.binary", LDAPConstants.OBJECT_GUID);
}
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPConfig.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPConfig.java
index ec2e32c..930837d 100644
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPConfig.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPConfig.java
@@ -127,6 +127,10 @@ public class LDAPConfig {
return uuidAttrName;
}
+
+ public boolean isObjectGUID() {
+ return getUuidLDAPAttributeName().equalsIgnoreCase(LDAPConstants.OBJECT_GUID);
+ }
public boolean isPagination() {
String pagination = config.getFirst(LDAPConstants.PAGINATION);
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapper.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapper.java
new file mode 100644
index 0000000..be07781
--- /dev/null
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapper.java
@@ -0,0 +1,267 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.storage.ldap.mappers.msadlds;
+
+import org.jboss.logging.Logger;
+import org.keycloak.component.ComponentModel;
+import org.keycloak.credential.CredentialInput;
+import org.keycloak.models.LDAPConstants;
+import org.keycloak.models.ModelException;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.UserModel;
+import org.keycloak.models.utils.UserModelDelegate;
+import org.keycloak.storage.UserStorageProvider;
+import org.keycloak.storage.ldap.LDAPStorageProvider;
+import org.keycloak.storage.ldap.idm.model.LDAPObject;
+import org.keycloak.storage.ldap.idm.query.internal.LDAPQuery;
+import org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper;
+import org.keycloak.storage.ldap.mappers.PasswordUpdated;
+
+import javax.naming.AuthenticationException;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * Mapper specific to MSAD LDS. It's able to read the msDS-UserAccountDisabled, msDS-UserPasswordExpired and pwdLastSet attributes and set actions in Keycloak based on that.
+ * It's also able to handle exception code from LDAP user authentication (See http://www-01.ibm.com/support/docview.wss?uid=swg21290631 )
+ *
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ * @author <a href="mailto:slawomir@dabek.name">Slawomir Dabek</a>
+ */
+public class MSADLDSUserAccountControlStorageMapper extends AbstractLDAPStorageMapper implements PasswordUpdated {
+
+ private static final Logger logger = Logger.getLogger(MSADLDSUserAccountControlStorageMapper.class);
+
+ private static final Pattern AUTH_EXCEPTION_REGEX = Pattern.compile(".*AcceptSecurityContext error, data ([0-9a-f]*), v.*");
+ private static final Pattern AUTH_INVALID_NEW_PASSWORD = Pattern.compile("(?s).*problem 1005 \\(CONSTRAINT_ATT_TYPE\\), data [0-9a-f]*, Att 23 \\(userPassword\\).*");
+
+ public MSADLDSUserAccountControlStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider, RealmModel realm) {
+ super(mapperModel, ldapProvider, realm);
+ ldapProvider.setUpdater(this);
+ }
+
+ @Override
+ public void beforeLDAPQuery(LDAPQuery query) {
+ query.addReturningLdapAttribute(LDAPConstants.PWD_LAST_SET);
+ query.addReturningLdapAttribute(LDAPConstants.MSDS_USER_ACCOUNT_DISABLED);
+
+ // This needs to be read-only and can be set to writable just on demand
+ query.addReturningReadOnlyLdapAttribute(LDAPConstants.PWD_LAST_SET);
+
+ if (ldapProvider.getEditMode() != UserStorageProvider.EditMode.WRITABLE) {
+ query.addReturningReadOnlyLdapAttribute(LDAPConstants.MSDS_USER_ACCOUNT_DISABLED);
+ }
+ }
+
+ @Override
+ public void passwordUpdated(UserModel user, LDAPObject ldapUser, CredentialInput input) {
+ logger.debugf("Going to update pwdLastSet for ldap user '%s' after successful password update", ldapUser.getDn().toString());
+
+ // Normally it's read-only
+ ldapUser.removeReadOnlyAttributeName(LDAPConstants.PWD_LAST_SET);
+
+ ldapUser.setSingleAttribute(LDAPConstants.PWD_LAST_SET, "-1");
+
+ if (user.isEnabled()) {
+ // TODO: Use removeAttribute once available
+ ldapUser.setSingleAttribute(LDAPConstants.MSDS_USER_ACCOUNT_DISABLED, "FALSE");
+ logger.debugf("Removing msDS-UserPasswordExpired of user '%s'", ldapUser.getDn().toString());
+ }
+
+ ldapProvider.getLdapIdentityStore().update(ldapUser);
+ }
+
+ @Override
+ public UserModel proxy(LDAPObject ldapUser, UserModel delegate) {
+ return new MSADUserModelDelegate(delegate, ldapUser);
+ }
+
+ @Override
+ public void onRegisterUserToLDAP(LDAPObject ldapUser, UserModel localUser) {
+
+ }
+
+ @Override
+ public void onImportUserFromLDAP(LDAPObject ldapUser, UserModel user, boolean isCreate) {
+
+ }
+
+ @Override
+ public boolean onAuthenticationFailure(LDAPObject ldapUser, UserModel user, AuthenticationException ldapException) {
+ String exceptionMessage = ldapException.getMessage();
+ Matcher m = AUTH_EXCEPTION_REGEX.matcher(exceptionMessage);
+ if (m.matches()) {
+ String errorCode = m.group(1);
+ return processAuthErrorCode(errorCode, user);
+ } else {
+ return false;
+ }
+ }
+
+ protected boolean processAuthErrorCode(String errorCode, UserModel user) {
+ logger.debugf("MSAD LDS Error code is '%s' after failed LDAP login of user '%s'", errorCode, user.getUsername());
+
+ if (ldapProvider.getEditMode() == UserStorageProvider.EditMode.WRITABLE) {
+ if (errorCode.equals("532") || errorCode.equals("773")) {
+ // User needs to change his MSAD password. Allow him to login, but add UPDATE_PASSWORD required action
+ user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
+ return true;
+ } else if (errorCode.equals("533")) {
+ // User is disabled in MSAD LDS. Set him to disabled in KC as well
+ user.setEnabled(false);
+ return true;
+ } else if (errorCode.equals("775")) {
+ logger.warnf("Locked user '%s' attempt to login", user.getUsername());
+ }
+ }
+
+ return false;
+ }
+
+
+ protected ModelException processFailedPasswordUpdateException(ModelException e) {
+ if (e.getCause() == null || e.getCause().getMessage() == null) {
+ return e;
+ }
+
+ String exceptionMessage = e.getCause().getMessage();
+ Matcher m = AUTH_INVALID_NEW_PASSWORD.matcher(exceptionMessage);
+ if (m.matches()) {
+ ModelException me = new ModelException("invalidPasswordRegexPatternMessage", e);
+ me.setParameters(new Object[]{"passwordConstraintViolation"});
+ return me;
+ }
+
+ return e;
+ }
+
+ public class MSADUserModelDelegate extends UserModelDelegate {
+
+ private final LDAPObject ldapUser;
+
+ public MSADUserModelDelegate(UserModel delegate, LDAPObject ldapUser) {
+ super(delegate);
+ this.ldapUser = ldapUser;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ boolean kcEnabled = super.isEnabled();
+
+ if (getPwdLastSet() > 0) {
+ // Merge KC and MSAD LDS
+ return kcEnabled && !Boolean.parseBoolean(ldapUser.getAttributeAsString(LDAPConstants.MSDS_USER_ACCOUNT_DISABLED));
+ } else {
+ // If new MSAD LDS user is created and pwdLastSet is still 0, MSAD account is in disabled state. So read just from Keycloak DB. User is not able to login via MSAD anyway
+ return kcEnabled;
+ }
+ }
+
+ @Override
+ public void setEnabled(boolean enabled) {
+ // Always update DB
+ super.setEnabled(enabled);
+
+ if (ldapProvider.getEditMode() == UserStorageProvider.EditMode.WRITABLE && getPwdLastSet() > 0) {
+ if (enabled) {
+ logger.debugf("Removing msDS-UserAccountDisabled of user '%s'", ldapUser.getDn().toString());
+ // TODO: Use removeAttribute once available
+ ldapUser.setSingleAttribute(LDAPConstants.MSDS_USER_ACCOUNT_DISABLED, "FALSE");
+ } else {
+ logger.debugf("Setting msDS-UserAccountDisabled of user '%s' to value 'TRUE'", ldapUser.getDn().toString());
+ ldapUser.setSingleAttribute(LDAPConstants.MSDS_USER_ACCOUNT_DISABLED, "TRUE");
+ }
+
+ ldapProvider.getLdapIdentityStore().update(ldapUser);
+ }
+ }
+
+ @Override
+ public void addRequiredAction(RequiredAction action) {
+ String actionName = action.name();
+ addRequiredAction(actionName);
+ }
+
+ @Override
+ public void addRequiredAction(String action) {
+ // Always update DB
+ super.addRequiredAction(action);
+
+ if (ldapProvider.getEditMode() == UserStorageProvider.EditMode.WRITABLE && RequiredAction.UPDATE_PASSWORD.toString().equals(action)) {
+ logger.debugf("Going to propagate required action UPDATE_PASSWORD to MSAD for ldap user '%s' ", ldapUser.getDn().toString());
+
+ // Normally it's read-only
+ ldapUser.removeReadOnlyAttributeName(LDAPConstants.PWD_LAST_SET);
+
+ ldapUser.setSingleAttribute(LDAPConstants.PWD_LAST_SET, "0");
+ ldapProvider.getLdapIdentityStore().update(ldapUser);
+ }
+ }
+
+ @Override
+ public void removeRequiredAction(RequiredAction action) {
+ String actionName = action.name();
+ removeRequiredAction(actionName);
+ }
+
+ @Override
+ public void removeRequiredAction(String action) {
+ // Always update DB
+ super.removeRequiredAction(action);
+
+ if (ldapProvider.getEditMode() == UserStorageProvider.EditMode.WRITABLE && RequiredAction.UPDATE_PASSWORD.toString().equals(action)) {
+
+ // Don't set pwdLastSet in MSAD LDS when it is new user
+ if (!Boolean.parseBoolean(ldapUser.getAttributeAsString(LDAPConstants.MSDS_USER_PASSWORD_NOTREQD))) {
+ logger.debugf("Going to remove required action UPDATE_PASSWORD from MSAD LDS for ldap user '%s' ", ldapUser.getDn().toString());
+
+ // Normally it's read-only
+ ldapUser.removeReadOnlyAttributeName(LDAPConstants.PWD_LAST_SET);
+
+ ldapUser.setSingleAttribute(LDAPConstants.PWD_LAST_SET, "-1");
+ ldapProvider.getLdapIdentityStore().update(ldapUser);
+ }
+ }
+ }
+
+ @Override
+ public Set<String> getRequiredActions() {
+ Set<String> requiredActions = super.getRequiredActions();
+
+ if (ldapProvider.getEditMode() == UserStorageProvider.EditMode.WRITABLE) {
+ if (getPwdLastSet() == 0 || Boolean.parseBoolean(ldapUser.getAttributeAsString(LDAPConstants.MSDS_USER_PASSWORD_EXPIRED))) {
+ requiredActions = new HashSet<>(requiredActions);
+ requiredActions.add(RequiredAction.UPDATE_PASSWORD.toString());
+ return requiredActions;
+ }
+ }
+
+ return requiredActions;
+ }
+
+ protected long getPwdLastSet() {
+ String pwdLastSet = ldapUser.getAttributeAsString(LDAPConstants.PWD_LAST_SET);
+ return pwdLastSet == null ? 0 : Long.parseLong(pwdLastSet);
+ }
+
+
+ }
+
+}
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapperFactory.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapperFactory.java
new file mode 100644
index 0000000..fc456cd
--- /dev/null
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msadlds/MSADLDSUserAccountControlStorageMapperFactory.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.storage.ldap.mappers.msadlds;
+
+import org.keycloak.component.ComponentModel;
+import org.keycloak.models.LDAPConstants;
+import org.keycloak.models.RealmModel;
+import org.keycloak.provider.ProviderConfigProperty;
+import org.keycloak.storage.ldap.LDAPStorageProvider;
+import org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper;
+import org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapperFactory;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ * @author <a href="mailto:slawomir@dabek.name">Slawomir Dabek</a>
+ */
+public class MSADLDSUserAccountControlStorageMapperFactory extends AbstractLDAPStorageMapperFactory {
+
+ public static final String PROVIDER_ID = LDAPConstants.MSADLDS_USER_ACCOUNT_CONTROL_MAPPER;
+ protected static final List<ProviderConfigProperty> configProperties = new ArrayList<>();
+
+ static {
+ }
+
+ @Override
+ public String getHelpText() {
+ return "Mapper specific to MSAD LDS. It's able to integrate the MSAD LDS user account state into Keycloak account state (account enabled, password is expired etc). It's using msDS-UserAccountDisabled and pwdLastSet MSAD attributes for that. " +
+ "For example if pwdLastSet is 0, the Keycloak user is required to update password, if msDS-UserAccountDisabled is 'TRUE' the Keycloak user is disabled as well etc. Mapper is also able to handle exception code from LDAP user authentication.";
+ }
+
+ @Override
+ public List<ProviderConfigProperty> getConfigProperties() {
+ return configProperties;
+ }
+
+ @Override
+ public String getId() {
+ return PROVIDER_ID;
+ }
+
+ @Override
+ protected AbstractLDAPStorageMapper createMapper(ComponentModel mapperModel, LDAPStorageProvider federationProvider, RealmModel realm) {
+ return new MSADLDSUserAccountControlStorageMapper(mapperModel, federationProvider, realm);
+ }
+}
diff --git a/federation/ldap/src/main/resources/META-INF/services/org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory b/federation/ldap/src/main/resources/META-INF/services/org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
index 6f3f5ae..3781e87 100644
--- a/federation/ldap/src/main/resources/META-INF/services/org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
+++ b/federation/ldap/src/main/resources/META-INF/services/org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
@@ -20,4 +20,5 @@ org.keycloak.storage.ldap.mappers.HardcodedLDAPRoleStorageMapperFactory
org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapperFactory
org.keycloak.storage.ldap.mappers.membership.role.RoleLDAPStorageMapperFactory
org.keycloak.storage.ldap.mappers.msad.MSADUserAccountControlStorageMapperFactory
+org.keycloak.storage.ldap.mappers.msadlds.MSADLDSUserAccountControlStorageMapperFactory
org.keycloak.storage.ldap.mappers.UserAttributeLDAPStorageMapperFactory
federation/pom.xml 2(+1 -1)
diff --git a/federation/pom.xml b/federation/pom.xml
index 0d592a3..b776664 100755
--- a/federation/pom.xml
+++ b/federation/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
federation/sssd/pom.xml 2(+1 -1)
diff --git a/federation/sssd/pom.xml b/federation/sssd/pom.xml
index 789bbe2..9e4d2c3 100644
--- a/federation/sssd/pom.xml
+++ b/federation/sssd/pom.xml
@@ -4,7 +4,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
integration/admin-client/pom.xml 2(+1 -1)
diff --git a/integration/admin-client/pom.xml b/integration/admin-client/pom.xml
index 3c39246..507619b 100755
--- a/integration/admin-client/pom.xml
+++ b/integration/admin-client/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-integration-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/integration/client-cli/client-cli-dist/pom.xml b/integration/client-cli/client-cli-dist/pom.xml
index b6fdbf3..1b567cb 100755
--- a/integration/client-cli/client-cli-dist/pom.xml
+++ b/integration/client-cli/client-cli-dist/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-client-cli-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-client-cli-dist</artifactId>
diff --git a/integration/client-cli/client-registration-cli/pom.xml b/integration/client-cli/client-registration-cli/pom.xml
index f1f95d0..dc5c210 100755
--- a/integration/client-cli/client-registration-cli/pom.xml
+++ b/integration/client-cli/client-registration-cli/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-client-cli-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
integration/client-cli/pom.xml 2(+1 -1)
diff --git a/integration/client-cli/pom.xml b/integration/client-cli/pom.xml
index 64a78e4..4759514 100644
--- a/integration/client-cli/pom.xml
+++ b/integration/client-cli/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-integration-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak Client CLI</name>
diff --git a/integration/client-registration/pom.xml b/integration/client-registration/pom.xml
index 7e10192..45e4690 100755
--- a/integration/client-registration/pom.xml
+++ b/integration/client-registration/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-integration-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
integration/pom.xml 2(+1 -1)
diff --git a/integration/pom.xml b/integration/pom.xml
index 44422df..863eade 100755
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<name>Keycloak Integration</name>
model/infinispan/pom.xml 2(+1 -1)
diff --git a/model/infinispan/pom.xml b/model/infinispan/pom.xml
index 287dd99..ef3cece 100755
--- a/model/infinispan/pom.xml
+++ b/model/infinispan/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProvider.java b/model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProvider.java
index edfd392..b5f48cd 100644
--- a/model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProvider.java
+++ b/model/infinispan/src/main/java/org/keycloak/keys/infinispan/InfinispanPublicKeyStorageProvider.java
@@ -55,12 +55,13 @@ public class InfinispanPublicKeyStorageProvider implements PublicKeyStorageProvi
private Set<String> invalidations = new HashSet<>();
+ private boolean transactionEnlisted = false;
+
public InfinispanPublicKeyStorageProvider(KeycloakSession session, Cache<String, PublicKeysEntry> keys, Map<String, FutureTask<PublicKeysEntry>> tasksInProgress, int minTimeBetweenRequests) {
this.session = session;
this.keys = keys;
this.tasksInProgress = tasksInProgress;
this.minTimeBetweenRequests = minTimeBetweenRequests;
- session.getTransactionManager().enlistAfterCompletion(getAfterTransaction());
}
@@ -73,6 +74,11 @@ public class InfinispanPublicKeyStorageProvider implements PublicKeyStorageProvi
void addInvalidation(String cacheKey) {
+ if (!transactionEnlisted) {
+ session.getTransactionManager().enlistAfterCompletion(getAfterTransaction());
+ transactionEnlisted = true;
+ }
+
this.invalidations.add(cacheKey);
}
diff --git a/model/infinispan/src/test/java/org/keycloak/keys/infinispan/InfinispanKeyStorageProviderTest.java b/model/infinispan/src/test/java/org/keycloak/keys/infinispan/InfinispanKeyStorageProviderTest.java
index ffd355c..77dd989 100644
--- a/model/infinispan/src/test/java/org/keycloak/keys/infinispan/InfinispanKeyStorageProviderTest.java
+++ b/model/infinispan/src/test/java/org/keycloak/keys/infinispan/InfinispanKeyStorageProviderTest.java
@@ -45,7 +45,6 @@ import org.keycloak.keys.PublicKeyLoader;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
-@Ignore
public class InfinispanKeyStorageProviderTest {
private Map<String, AtomicInteger> counters = new ConcurrentHashMap<>();
model/jpa/pom.xml 2(+1 -1)
diff --git a/model/jpa/pom.xml b/model/jpa/pom.xml
index 8bca064..ea50a66 100755
--- a/model/jpa/pom.xml
+++ b/model/jpa/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
model/mongo/pom.xml 2(+1 -1)
diff --git a/model/mongo/pom.xml b/model/mongo/pom.xml
index 4f3a1c1..6bfb882 100755
--- a/model/mongo/pom.xml
+++ b/model/mongo/pom.xml
@@ -22,7 +22,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
model/pom.xml 2(+1 -1)
diff --git a/model/pom.xml b/model/pom.xml
index 7bbd07e..a89dcb7 100755
--- a/model/pom.xml
+++ b/model/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<name>Keycloak Model Parent</name>
pom.xml 2(+1 -1)
diff --git a/pom.xml b/pom.xml
index 277f016..55bb4f8 100755
--- a/pom.xml
+++ b/pom.xml
@@ -32,7 +32,7 @@
</description>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<packaging>pom</packaging>
<properties>
proxy/launcher/pom.xml 2(+1 -1)
diff --git a/proxy/launcher/pom.xml b/proxy/launcher/pom.xml
index 5821286..7b33d09 100755
--- a/proxy/launcher/pom.xml
+++ b/proxy/launcher/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
proxy/pom.xml 2(+1 -1)
diff --git a/proxy/pom.xml b/proxy/pom.xml
index b21e506..2009021 100755
--- a/proxy/pom.xml
+++ b/proxy/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<name>Model Parent</name>
proxy/proxy-server/pom.xml 2(+1 -1)
diff --git a/proxy/proxy-server/pom.xml b/proxy/proxy-server/pom.xml
index 37d91bd..9d19ccd 100755
--- a/proxy/proxy-server/pom.xml
+++ b/proxy/proxy-server/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
saml-core/pom.xml 2(+1 -1)
diff --git a/saml-core/pom.xml b/saml-core/pom.xml
index 7cb1851..a93790a 100755
--- a/saml-core/pom.xml
+++ b/saml-core/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
saml-core-api/pom.xml 2(+1 -1)
diff --git a/saml-core-api/pom.xml b/saml-core-api/pom.xml
index 914e893..7bdc568 100755
--- a/saml-core-api/pom.xml
+++ b/saml-core-api/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
server-spi/pom.xml 2(+1 -1)
diff --git a/server-spi/pom.xml b/server-spi/pom.xml
index 41a1182..0e8c940 100755
--- a/server-spi/pom.xml
+++ b/server-spi/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/server-spi/src/main/java/org/keycloak/models/ClientSessionModel.java b/server-spi/src/main/java/org/keycloak/models/ClientSessionModel.java
index 6b7e9d5..84fa64e 100755
--- a/server-spi/src/main/java/org/keycloak/models/ClientSessionModel.java
+++ b/server-spi/src/main/java/org/keycloak/models/ClientSessionModel.java
@@ -24,7 +24,6 @@ import java.util.Set;
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public interface ClientSessionModel {
- public static final String ACTION_SIGNATURE = "action_signature";
public String getId();
public RealmModel getRealm();
server-spi-private/pom.xml 2(+1 -1)
diff --git a/server-spi-private/pom.xml b/server-spi-private/pom.xml
index 60c73a3..5551600 100755
--- a/server-spi-private/pom.xml
+++ b/server-spi-private/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/server-spi-private/src/main/java/org/keycloak/broker/provider/BrokeredIdentityContext.java b/server-spi-private/src/main/java/org/keycloak/broker/provider/BrokeredIdentityContext.java
index f7a26e9..f2c8a7a 100755
--- a/server-spi-private/src/main/java/org/keycloak/broker/provider/BrokeredIdentityContext.java
+++ b/server-spi-private/src/main/java/org/keycloak/broker/provider/BrokeredIdentityContext.java
@@ -161,6 +161,10 @@ public class BrokeredIdentityContext {
getContextData().put(Constants.USER_ATTRIBUTES_PREFIX + attributeName, list);
}
+ public void setUserAttribute(String attributeName, List<String> attributeValues) {
+ getContextData().put(Constants.USER_ATTRIBUTES_PREFIX + attributeName, attributeValues);
+ }
+
public String getUserAttribute(String attributeName) {
List<String> userAttribute = (List<String>) getContextData().get(Constants.USER_ATTRIBUTES_PREFIX + attributeName);
if (userAttribute == null || userAttribute.isEmpty()) {
diff --git a/server-spi-private/src/main/java/org/keycloak/models/LDAPConstants.java b/server-spi-private/src/main/java/org/keycloak/models/LDAPConstants.java
index b560e18..08be1c1 100644
--- a/server-spi-private/src/main/java/org/keycloak/models/LDAPConstants.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/LDAPConstants.java
@@ -26,6 +26,7 @@ public class LDAPConstants {
public static final String LDAP_PROVIDER = "ldap";
public static final String MSAD_USER_ACCOUNT_CONTROL_MAPPER = "msad-user-account-control-mapper";
+ public static final String MSADLDS_USER_ACCOUNT_CONTROL_MAPPER = "msad-lds-user-account-control-mapper";
public static final String VENDOR = "vendor";
public static final String VENDOR_RHDS = "rhds";
@@ -93,6 +94,9 @@ public class LDAPConstants {
public static final String GROUP_OF_UNIQUE_NAMES = "groupOfUniqueNames";
public static final String USER_ACCOUNT_CONTROL = "userAccountControl";
public static final String PWD_LAST_SET = "pwdLastSet";
+ public static final String MSDS_USER_ACCOUNT_DISABLED = "msDS-UserAccountDisabled";
+ public static final String MSDS_USER_PASSWORD_NOTREQD = "msDS-UserPasswordNotRequired";
+ public static final String MSDS_USER_PASSWORD_EXPIRED = "msDS-UserPasswordExpired"; // read-only
public static final String COMMA = ",";
public static final String EQUAL = "=";
diff --git a/server-spi-private/src/main/java/org/keycloak/services/managers/ClientSessionCode.java b/server-spi-private/src/main/java/org/keycloak/services/managers/ClientSessionCode.java
index 2710174..1369e27 100755
--- a/server-spi-private/src/main/java/org/keycloak/services/managers/ClientSessionCode.java
+++ b/server-spi-private/src/main/java/org/keycloak/services/managers/ClientSessionCode.java
@@ -18,22 +18,16 @@
package org.keycloak.services.managers;
import org.jboss.logging.Logger;
-import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.Time;
-import org.keycloak.jose.jws.Algorithm;
-import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.ClientTemplateModel;
-import org.keycloak.models.KeyManager;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.utils.KeycloakModelUtils;
-import java.security.PublicKey;
-import java.security.Signature;
import java.util.HashSet;
import java.util.Set;
@@ -43,6 +37,8 @@ import java.util.Set;
*/
public class ClientSessionCode {
+ private static final String ACTIVE_CODE = "active_code";
+
private static final Logger logger = Logger.getLogger(ClientSessionCode.class);
private static final String NEXT_CODE = ClientSessionCode.class.getName() + ".nextCode";
@@ -99,7 +95,7 @@ public class ClientSessionCode {
return result;
}
- if (!verifyCode(code, session, realm, result.clientSession)) {
+ if (!verifyCode(code, result.clientSession)) {
result.illegalHash = true;
return result;
}
@@ -119,7 +115,7 @@ public class ClientSessionCode {
return null;
}
- if (!verifyCode(code, session, realm, clientSession)) {
+ if (!verifyCode(code, clientSession)) {
return null;
}
@@ -215,7 +211,7 @@ public class ClientSessionCode {
public String getCode() {
String nextCode = (String) session.getAttribute(NEXT_CODE + "." + clientSession.getId());
if (nextCode == null) {
- nextCode = generateCode(session, realm, clientSession);
+ nextCode = generateCode(clientSession);
session.setAttribute(NEXT_CODE + "." + clientSession.getId(), nextCode);
} else {
logger.debug("Code already generated for session, using code from session attributes");
@@ -223,30 +219,18 @@ public class ClientSessionCode {
return nextCode;
}
- private static String generateCode(KeycloakSession session, RealmModel realm, ClientSessionModel clientSession) {
+ private static String generateCode(ClientSessionModel clientSession) {
try {
- KeyManager.ActiveKey keys = session.keys().getActiveKey(realm);
-
- String secret = KeycloakModelUtils.generateSecret();
+ String actionId = KeycloakModelUtils.generateSecret();
StringBuilder sb = new StringBuilder();
- sb.append(secret);
+ sb.append(actionId);
sb.append('.');
sb.append(clientSession.getId());
String code = sb.toString();
- Signature signature = RSAProvider.getSignature(Algorithm.RS256);
- signature.initSign(keys.getPrivateKey());
- signature.update(code.getBytes("utf-8"));
-
- sb = new StringBuilder();
-
- sb.append(Base64Url.encode(signature.sign()));
- sb.append('.');
- sb.append(keys.getKid());
-
- clientSession.setNote(ClientSessionModel.ACTION_SIGNATURE, sb.toString());
+ clientSession.setNote(ACTIVE_CODE, code);
return code;
} catch (Exception e) {
@@ -254,24 +238,17 @@ public class ClientSessionCode {
}
}
- private static boolean verifyCode(String code, KeycloakSession session, RealmModel realm, ClientSessionModel clientSession) {
+ private static boolean verifyCode(String code, ClientSessionModel clientSession) {
try {
- String note = clientSession.getNote(ClientSessionModel.ACTION_SIGNATURE);
- if (note == null) {
- logger.debug("Action signature not found in client session");
+ String activeCode = clientSession.getNote(ACTIVE_CODE);
+ if (activeCode == null) {
+ logger.debug("Active code not found in client session");
return false;
}
- clientSession.removeNote(ClientSessionModel.ACTION_SIGNATURE);
-
- String[] signed = note.split("\\.");
-
- PublicKey publicKey = session.keys().getPublicKey(realm, signed[1]);
+ clientSession.removeNote(ACTIVE_CODE);
- Signature verifier = RSAProvider.getSignature(Algorithm.RS256);
- verifier.initVerify(publicKey);
- verifier.update(code.getBytes("utf-8"));
- return verifier.verify(Base64Url.decode(signed[0]));
+ return code.equals(activeCode);
} catch (Exception e) {
throw new RuntimeException(e);
}
services/pom.xml 2(+1 -1)
diff --git a/services/pom.xml b/services/pom.xml
index 5f89ece..ad25f69 100755
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
index 3b409a0..2f23cb8 100755
--- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
@@ -802,7 +802,7 @@ public class AuthenticationProcessor {
*
*/
public void setActionSuccessful() {
- oneActionWasSuccessful = true;
+// oneActionWasSuccessful = true;
}
public Response checkWasSuccessfulBrowserAction() {
diff --git a/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractClaimMapper.java b/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractClaimMapper.java
index feb51b6..f2b5288 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractClaimMapper.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractClaimMapper.java
@@ -76,7 +76,7 @@ public abstract class AbstractClaimMapper extends AbstractIdentityProviderMapper
{
// Search the OIDC UserInfo claim set (if any)
JsonNode profileJsonNode = (JsonNode) context.getContextData().get(OIDCIdentityProvider.USER_INFO);
- String value = AbstractJsonUserAttributeMapper.getJsonValue(profileJsonNode, claim);
+ Object value = AbstractJsonUserAttributeMapper.getJsonValue(profileJsonNode, claim);
if (value != null) return value;
}
return null;
diff --git a/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractJsonUserAttributeMapper.java b/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractJsonUserAttributeMapper.java
index e718a0d..49e145c 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractJsonUserAttributeMapper.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/mappers/AbstractJsonUserAttributeMapper.java
@@ -35,7 +35,7 @@ import java.util.List;
* Abstract class for Social Provider mappers which allow mapping of JSON user profile field into Keycloak user
* attribute. Concrete mapper classes with own ID and provider mapping must be implemented for each social provider who
* uses {@link JsonNode} user profile.
- *
+ *
* @author Vlastimil Elias (velias at redhat dot com)
*/
public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityProviderMapper {
@@ -81,8 +81,8 @@ public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityPr
}
/**
- * Store used profile JsonNode into user context for later use by this mapper. Profile data are dumped into special logger if enabled also to allow investigation of the structure.
- *
+ * Store used profile JsonNode into user context for later use by this mapper. Profile data are dumped into special logger if enabled also to allow investigation of the structure.
+ *
* @param user context to store profile data into
* @param profile to store into context
* @param provider identification of social provider to be used in log dump
@@ -125,9 +125,13 @@ public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityPr
}
attribute = attribute.trim();
- String value = getJsonValue(mapperModel, context);
+ Object value = getJsonValue(mapperModel, context);
if (value != null) {
- context.setUserAttribute(attribute, value);
+ if (value instanceof List) {
+ context.setUserAttribute(attribute, (List<String>) value);
+ } else {
+ context.setUserAttribute(attribute, value.toString());
+ }
}
}
@@ -136,7 +140,7 @@ public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityPr
// we do not update user profile from social provider
}
- protected static String getJsonValue(IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
+ protected static Object getJsonValue(IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
String jsonField = mapperModel.getConfig().get(CONF_JSON_FIELD);
if (jsonField == null || jsonField.trim().isEmpty()) {
@@ -152,7 +156,7 @@ public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityPr
JsonNode profileJsonNode = (JsonNode) context.getContextData().get(CONTEXT_JSON_NODE);
- String value = getJsonValue(profileJsonNode, jsonField);
+ Object value = getJsonValue(profileJsonNode, jsonField);
if (value == null) {
logger.debugf("User profile JSON value '%s' is not available.", jsonField);
@@ -161,7 +165,7 @@ public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityPr
return value;
}
- public static String getJsonValue(JsonNode baseNode, String fieldPath) {
+ public static Object getJsonValue(JsonNode baseNode, String fieldPath) {
logger.debug("Going to process JsonNode path " + fieldPath + " on data " + baseNode);
if (baseNode != null) {
@@ -206,6 +210,20 @@ public abstract class AbstractJsonUserAttributeMapper extends AbstractIdentityPr
}
if (idx < 0) {
+ if (currentNode.isArray()) {
+ List<String> values = new ArrayList<>();
+ for (JsonNode childNode : currentNode) {
+ if (childNode.isTextual()) {
+ values.add(childNode.textValue());
+ } else {
+ logger.warn("JsonNode in array is not text value " + childNode);
+ }
+ }
+ if (values.isEmpty()) {
+ return null;
+ }
+ return arrayIndex == idx? values : null;
+ }
if (!currentNode.isValueNode()) {
logger.debug("JsonNode is not value node for name " + currentFieldName);
return null;
diff --git a/services/src/main/java/org/keycloak/broker/oidc/mappers/UserAttributeMapper.java b/services/src/main/java/org/keycloak/broker/oidc/mappers/UserAttributeMapper.java
index 52ad5de..2e2abca 100755
--- a/services/src/main/java/org/keycloak/broker/oidc/mappers/UserAttributeMapper.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/mappers/UserAttributeMapper.java
@@ -20,14 +20,20 @@ package org.keycloak.broker.oidc.mappers;
import org.keycloak.broker.oidc.KeycloakOIDCIdentityProviderFactory;
import org.keycloak.broker.oidc.OIDCIdentityProviderFactory;
import org.keycloak.broker.provider.BrokeredIdentityContext;
+import org.keycloak.common.util.CollectionUtil;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.provider.ProviderConfigProperty;
+import org.keycloak.saml.common.util.StringUtil;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
+import java.util.Objects;
+import java.util.function.Consumer;
+import java.util.stream.Collectors;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -37,9 +43,12 @@ public class UserAttributeMapper extends AbstractClaimMapper {
public static final String[] COMPATIBLE_PROVIDERS = {KeycloakOIDCIdentityProviderFactory.PROVIDER_ID, OIDCIdentityProviderFactory.PROVIDER_ID};
- private static final List<ProviderConfigProperty> configProperties = new ArrayList<ProviderConfigProperty>();
+ private static final List<ProviderConfigProperty> configProperties = new ArrayList<>();
public static final String USER_ATTRIBUTE = "user.attribute";
+ public static final String EMAIL = "email";
+ public static final String FIRST_NAME = "firstName";
+ public static final String LAST_NAME = "lastName";
static {
ProviderConfigProperty property;
@@ -88,37 +97,63 @@ public class UserAttributeMapper extends AbstractClaimMapper {
@Override
public void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
String attribute = mapperModel.getConfig().get(USER_ATTRIBUTE);
+ if(StringUtil.isNullOrEmpty(attribute)){
+ return;
+ }
Object value = getClaimValue(mapperModel, context);
- if (value != null) {
- if (attribute.equalsIgnoreCase("email")) {
- context.setEmail(value.toString());
- } else if (attribute.equalsIgnoreCase("firstName")) {
- context.setFirstName(value.toString());
- } else if (attribute.equalsIgnoreCase("lastName")) {
- context.setLastName(value.toString());
- } else {
- context.setUserAttribute(attribute, value.toString());
- }
+ List<String> values = toList(value);
+
+ if (EMAIL.equalsIgnoreCase(attribute)) {
+ setIfNotEmpty(context::setEmail, values);
+ } else if (FIRST_NAME.equalsIgnoreCase(attribute)) {
+ setIfNotEmpty(context::setFirstName, values);
+ } else if (LAST_NAME.equalsIgnoreCase(attribute)) {
+ setIfNotEmpty(context::setLastName, values);
+ } else {
+ List<String> valuesToString = values.stream()
+ .filter(Objects::nonNull)
+ .map(Object::toString)
+ .collect(Collectors.toList());
+
+ context.setUserAttribute(attribute, valuesToString);
+ }
+ }
+
+ private void setIfNotEmpty(Consumer<String> consumer, List<String> values) {
+ if (values != null && !values.isEmpty()) {
+ consumer.accept(values.get(0));
}
}
+ private List<String> toList(Object value) {
+ List<Object> values = (value instanceof List)
+ ? (List) value
+ : Collections.singletonList(value);
+ return values.stream()
+ .filter(Objects::nonNull)
+ .map(Object::toString)
+ .collect(Collectors.toList());
+ }
+
@Override
public void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
String attribute = mapperModel.getConfig().get(USER_ATTRIBUTE);
+ if(StringUtil.isNullOrEmpty(attribute)){
+ return;
+ }
Object value = getClaimValue(mapperModel, context);
- String stringValue = null;
- if (value != null) stringValue = value.toString();
- if (attribute.equalsIgnoreCase("email")) {
- user.setEmail(stringValue);
- } else if (attribute.equalsIgnoreCase("firstName")) {
- user.setFirstName(stringValue);
- } else if (attribute.equalsIgnoreCase("lastName")) {
- user.setLastName(stringValue);
+ List<String> values = toList(value);
+ if (EMAIL.equalsIgnoreCase(attribute)) {
+ setIfNotEmpty(user::setEmail, values);
+ } else if (FIRST_NAME.equalsIgnoreCase(attribute)) {
+ setIfNotEmpty(user::setFirstName, values);
+ } else if (LAST_NAME.equalsIgnoreCase(attribute)) {
+ setIfNotEmpty(user::setLastName, values);
} else {
- String current = user.getFirstAttribute(attribute);
- if (stringValue != null && !stringValue.equals(current)) {
- user.setSingleAttribute(attribute, stringValue);
- } else if (value == null) {
+ List<String> current = user.getAttribute(attribute);
+ if (!CollectionUtil.collectionEquals(values, current)) {
+ user.setAttribute(attribute, values);
+ } else if (values.isEmpty()) {
user.removeAttribute(attribute);
}
}
diff --git a/services/src/main/java/org/keycloak/broker/saml/mappers/UserAttributeMapper.java b/services/src/main/java/org/keycloak/broker/saml/mappers/UserAttributeMapper.java
index 70cae07..8a71493 100755
--- a/services/src/main/java/org/keycloak/broker/saml/mappers/UserAttributeMapper.java
+++ b/services/src/main/java/org/keycloak/broker/saml/mappers/UserAttributeMapper.java
@@ -21,17 +21,18 @@ import org.keycloak.broker.provider.AbstractIdentityProviderMapper;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.broker.saml.SAMLEndpoint;
import org.keycloak.broker.saml.SAMLIdentityProviderFactory;
+import org.keycloak.common.util.CollectionUtil;
import org.keycloak.dom.saml.v2.assertion.AssertionType;
import org.keycloak.dom.saml.v2.assertion.AttributeStatementType;
import org.keycloak.dom.saml.v2.assertion.AttributeType;
-import org.keycloak.models.IdentityProviderMapperModel;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.UserModel;
+import org.keycloak.models.*;
import org.keycloak.provider.ProviderConfigProperty;
+import org.keycloak.saml.common.util.StringUtil;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.*;
+import java.util.function.Consumer;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -41,11 +42,14 @@ public class UserAttributeMapper extends AbstractIdentityProviderMapper {
public static final String[] COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID};
- private static final List<ProviderConfigProperty> configProperties = new ArrayList<ProviderConfigProperty>();
+ private static final List<ProviderConfigProperty> configProperties = new ArrayList<>();
public static final String ATTRIBUTE_NAME = "attribute.name";
public static final String ATTRIBUTE_FRIENDLY_NAME = "attribute.friendly.name";
public static final String USER_ATTRIBUTE = "user.attribute";
+ private static final String EMAIL = "email";
+ private static final String FIRST_NAME = "firstName";
+ private static final String LAST_NAME = "lastName";
static {
ProviderConfigProperty property;
@@ -99,61 +103,84 @@ public class UserAttributeMapper extends AbstractIdentityProviderMapper {
@Override
public void preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
String attribute = mapperModel.getConfig().get(USER_ATTRIBUTE);
- String value = getAttribute(mapperModel, context);
- if (value != null) {
- if (attribute.equalsIgnoreCase("email")) {
- context.setEmail(value);
- } else if (attribute.equalsIgnoreCase("firstName")) {
- context.setFirstName(value);
- } else if (attribute.equalsIgnoreCase("lastName")) {
- context.setLastName(value);
+ if (StringUtil.isNullOrEmpty(attribute)) {
+ return;
+ }
+ String attributeName = getAttributeNameFromMapperModel(mapperModel);
+
+ List<String> attributeValuesInContext = findAttributeValuesInContext(attributeName, context);
+ if (!attributeValuesInContext.isEmpty()) {
+ if (attribute.equalsIgnoreCase(EMAIL)) {
+ setIfNotEmpty(context::setEmail, attributeValuesInContext);
+ } else if (attribute.equalsIgnoreCase(FIRST_NAME)) {
+ setIfNotEmpty(context::setFirstName, attributeValuesInContext);
+ } else if (attribute.equalsIgnoreCase(LAST_NAME)) {
+ setIfNotEmpty(context::setLastName, attributeValuesInContext);
} else {
- context.setUserAttribute(attribute, value);
+ context.setUserAttribute(attribute, attributeValuesInContext);
}
}
}
- protected String getAttribute(IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
- String name = mapperModel.getConfig().get(ATTRIBUTE_NAME);
- if (name != null && name.trim().equals("")) name = null;
- String friendly = mapperModel.getConfig().get(ATTRIBUTE_FRIENDLY_NAME);
- if (friendly != null && friendly.trim().equals("")) friendly = null;
- AssertionType assertion = (AssertionType)context.getContextData().get(SAMLEndpoint.SAML_ASSERTION);
- for (AttributeStatementType statement : assertion.getAttributeStatements()) {
- for (AttributeStatementType.ASTChoiceType choice : statement.getAttributes()) {
- AttributeType attr = choice.getAttribute();
- if (name != null && !name.equals(attr.getName())) continue;
- if (friendly != null && !friendly.equals(attr.getFriendlyName())) continue;
-
- List<Object> attributeValue = attr.getAttributeValue();
- if (attributeValue == null || attributeValue.isEmpty()) return null;
- return attributeValue.get(0).toString();
- }
+ private String getAttributeNameFromMapperModel(IdentityProviderMapperModel mapperModel) {
+ String attributeName = mapperModel.getConfig().get(ATTRIBUTE_NAME);
+ if (attributeName == null) {
+ attributeName = mapperModel.getConfig().get(ATTRIBUTE_FRIENDLY_NAME);
+ }
+ return attributeName;
+ }
+
+ private void setIfNotEmpty(Consumer<String> consumer, List<String> values) {
+ if (values != null && !values.isEmpty()) {
+ consumer.accept(values.get(0));
}
- return null;
+ }
+
+ private Predicate<AttributeStatementType.ASTChoiceType> elementWith(String attributeName) {
+ return attributeType -> {
+ AttributeType attribute = attributeType.getAttribute();
+ return Objects.equals(attribute.getName(), attributeName)
+ || Objects.equals(attribute.getFriendlyName(), attributeName);
+ };
+ }
+
+
+ private List<String> findAttributeValuesInContext(String attributeName, BrokeredIdentityContext context) {
+ AssertionType assertion = (AssertionType) context.getContextData().get(SAMLEndpoint.SAML_ASSERTION);
+
+ return assertion.getAttributeStatements().stream()
+ .flatMap(statement -> statement.getAttributes().stream())
+ .filter(elementWith(attributeName))
+ .flatMap(attributeType -> attributeType.getAttribute().getAttributeValue().stream())
+ .filter(Objects::nonNull)
+ .map(Object::toString)
+ .collect(Collectors.toList());
}
@Override
public void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
String attribute = mapperModel.getConfig().get(USER_ATTRIBUTE);
- String value = getAttribute(mapperModel, context);
- if (attribute.equalsIgnoreCase("email")) {
- user.setEmail(value);
- } else if (attribute.equalsIgnoreCase("firstName")) {
- user.setFirstName(value);
- } else if (attribute.equalsIgnoreCase("lastName")) {
- user.setLastName(value);
+ if (StringUtil.isNullOrEmpty(attribute)) {
+ return;
+ }
+ String attributeName = getAttributeNameFromMapperModel(mapperModel);
+ List<String> attributeValuesInContext = findAttributeValuesInContext(attributeName, context);
+ if (attribute.equalsIgnoreCase(EMAIL)) {
+ setIfNotEmpty(user::setEmail, attributeValuesInContext);
+ } else if (attribute.equalsIgnoreCase(FIRST_NAME)) {
+ setIfNotEmpty(user::setFirstName, attributeValuesInContext);
+ } else if (attribute.equalsIgnoreCase(LAST_NAME)) {
+ setIfNotEmpty(user::setLastName, attributeValuesInContext);
} else {
- String current = user.getFirstAttribute(attribute);
- if (value != null && !value.equals(current)) {
- user.setSingleAttribute(attribute, value.toString());
- } else if (value == null) {
+ List<String> currentAttributeValues = user.getAttributes().get(attribute);
+ if (attributeValuesInContext != null
+ && currentAttributeValues != null
+ && !CollectionUtil.collectionEquals(attributeValuesInContext, currentAttributeValues)) {
+ user.setAttribute(attribute, attributeValuesInContext);
+ } else if (attributeValuesInContext == null) {
user.removeAttribute(attribute);
}
}
-
-
-
}
@Override
diff --git a/services/src/main/java/org/keycloak/partialimport/ClientRolesPartialImport.java b/services/src/main/java/org/keycloak/partialimport/ClientRolesPartialImport.java
index 008917d..95fa4a6 100644
--- a/services/src/main/java/org/keycloak/partialimport/ClientRolesPartialImport.java
+++ b/services/src/main/java/org/keycloak/partialimport/ClientRolesPartialImport.java
@@ -103,6 +103,11 @@ public class ClientRolesPartialImport {
return;
}
RoleModel role = client.getRole(getName(roleRep));
+ if (role == null) {
+ // role might not exist if client was just created as part of the
+ // partial import
+ return;
+ }
client.removeRole(role);
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/AddressMapper.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/AddressMapper.java
index 674c9ff..2f40c21 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/AddressMapper.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/AddressMapper.java
@@ -17,14 +17,11 @@
package org.keycloak.protocol.oidc.mappers;
-import org.keycloak.models.ClientSessionModel;
-import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.provider.ProviderConfigProperty;
-import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AddressClaimSet;
import org.keycloak.representations.IDToken;
@@ -34,7 +31,6 @@ import java.util.List;
import java.util.Map;
/**
- * Set the 'name' claim to be first + last name.
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
@@ -43,26 +39,39 @@ public class AddressMapper extends AbstractOIDCProtocolMapper implements OIDCAcc
private static final List<ProviderConfigProperty> configProperties = new ArrayList<ProviderConfigProperty>();
+ public static final String STREET = "street";
+
static {
OIDCAttributeMapperHelper.addIncludeInTokensConfig(configProperties, AddressMapper.class);
+
+ configProperties.add(createConfigProperty(STREET));
+ configProperties.add(createConfigProperty(AddressClaimSet.LOCALITY));
+ configProperties.add(createConfigProperty(AddressClaimSet.REGION));
+ configProperties.add(createConfigProperty(AddressClaimSet.POSTAL_CODE));
+ configProperties.add(createConfigProperty(AddressClaimSet.COUNTRY));
+ configProperties.add(createConfigProperty(AddressClaimSet.FORMATTED));
+ }
+
+ protected static ProviderConfigProperty createConfigProperty(String claimName) {
+ ProviderConfigProperty property = new ProviderConfigProperty();
+ property.setName(getModelPropertyName(claimName));
+ property.setLabel("addressClaim." + claimName + ".label");
+ property.setHelpText("addressClaim." + claimName + ".tooltip");
+ property.setType(ProviderConfigProperty.STRING_TYPE);
+ property.setDefaultValue(claimName);
+ return property;
+ }
+
+ public static String getModelPropertyName(String claimName) {
+ return "user.attribute." + claimName;
}
public static final String PROVIDER_ID = "oidc-address-mapper";
public static ProtocolMapperModel createAddressMapper() {
- Map<String, String> config;
- ProtocolMapperModel address = new ProtocolMapperModel();
- address.setName("address");
- address.setProtocolMapper(PROVIDER_ID);
- address.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
- address.setConsentRequired(true);
- address.setConsentText("${address}");
- config = new HashMap<String, String>();
- config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
- config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
- address.setConfig(config);
- return address;
+ return createAddressMapper(true, true);
}
+
public static ProtocolMapperModel createAddressMapper(boolean idToken, boolean accessToken) {
Map<String, String> config;
ProtocolMapperModel address = new ProtocolMapperModel();
@@ -74,6 +83,14 @@ public class AddressMapper extends AbstractOIDCProtocolMapper implements OIDCAcc
config = new HashMap<String, String>();
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, Boolean.toString(idToken));
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, Boolean.toString(accessToken));
+
+ config.put(getModelPropertyName(STREET), STREET);
+ config.put(getModelPropertyName(AddressClaimSet.LOCALITY), AddressClaimSet.LOCALITY);
+ config.put(getModelPropertyName(AddressClaimSet.REGION), AddressClaimSet.REGION);
+ config.put(getModelPropertyName(AddressClaimSet.POSTAL_CODE), AddressClaimSet.POSTAL_CODE);
+ config.put(getModelPropertyName(AddressClaimSet.COUNTRY), AddressClaimSet.COUNTRY);
+ config.put(getModelPropertyName(AddressClaimSet.FORMATTED), AddressClaimSet.FORMATTED);
+
address.setConfig(config);
return address;
}
@@ -107,12 +124,24 @@ public class AddressMapper extends AbstractOIDCProtocolMapper implements OIDCAcc
protected void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession) {
UserModel user = userSession.getUser();
AddressClaimSet addressSet = new AddressClaimSet();
- addressSet.setStreetAddress(user.getFirstAttribute("street"));
- addressSet.setLocality(user.getFirstAttribute("locality"));
- addressSet.setRegion(user.getFirstAttribute("region"));
- addressSet.setPostalCode(user.getFirstAttribute("postal_code"));
- addressSet.setCountry(user.getFirstAttribute("country"));
+ addressSet.setStreetAddress(getUserModelAttributeValue(user, mappingModel, STREET));
+ addressSet.setLocality(getUserModelAttributeValue(user, mappingModel, AddressClaimSet.LOCALITY));
+ addressSet.setRegion(getUserModelAttributeValue(user, mappingModel, AddressClaimSet.REGION));
+ addressSet.setPostalCode(getUserModelAttributeValue(user, mappingModel, AddressClaimSet.POSTAL_CODE));
+ addressSet.setCountry(getUserModelAttributeValue(user, mappingModel, AddressClaimSet.COUNTRY));
+ addressSet.setFormattedAddress(getUserModelAttributeValue(user, mappingModel, AddressClaimSet.FORMATTED));
token.getOtherClaims().put("address", addressSet);
}
+ private String getUserModelAttributeValue(UserModel user, ProtocolMapperModel mappingModel, String claim) {
+ String modelPropertyName = getModelPropertyName(claim);
+ String userAttrName = mappingModel.getConfig().get(modelPropertyName);
+
+ if (userAttrName == null) {
+ userAttrName = claim;
+ }
+
+ return user.getFirstAttribute(userAttrName);
+ }
+
}
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
index 8b64aef..7b8ba36 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
@@ -25,10 +25,9 @@ import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.IDToken;
import org.keycloak.services.ServicesLogger;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
+import java.util.function.Function;
+import java.util.stream.Collectors;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -70,29 +69,78 @@ public class OIDCAttributeMapperHelper {
ServicesLogger.LOGGER.multipleValuesForMapper(attributeValue.toString(), mappingModel.getName());
}
- attributeValue = valueAsList.get(0);
+ attributeValue = valueAsList;
}
}
String type = mappingModel.getConfig().get(JSON_TYPE);
+ Object converted = convertToType(type, attributeValue);
+ return converted != null ? converted : attributeValue;
+ }
+
+ private static <X, T> List<T> transform(List<X> attributeValue, Function<X, T> mapper) {
+ return attributeValue.stream()
+ .filter(Objects::nonNull)
+ .map(mapper)
+ .collect(Collectors.toList());
+ }
+
+ private static Object convertToType(String type, Object attributeValue) {
if (type == null) return attributeValue;
- if (type.equals("boolean")) {
- if (attributeValue instanceof Boolean) return attributeValue;
- if (attributeValue instanceof String) return Boolean.valueOf((String)attributeValue);
- throw new RuntimeException("cannot map type for token claim");
- } else if (type.equals("String")) {
- if (attributeValue instanceof String) return attributeValue;
- return attributeValue.toString();
- } else if (type.equals("long")) {
- if (attributeValue instanceof Long) return attributeValue;
- if (attributeValue instanceof String) return Long.valueOf((String)attributeValue);
- throw new RuntimeException("cannot map type for token claim");
- } else if (type.equals("int")) {
- if (attributeValue instanceof Integer) return attributeValue;
- if (attributeValue instanceof String) return Integer.valueOf((String)attributeValue);
- throw new RuntimeException("cannot map type for token claim");
+ switch (type) {
+ case "boolean":
+ Boolean booleanObject = getBoolean(attributeValue);
+ if (booleanObject != null) return booleanObject;
+ if (attributeValue instanceof List) {
+ return transform((List<Boolean>) attributeValue, OIDCAttributeMapperHelper::getBoolean);
+ }
+ throw new RuntimeException("cannot map type for token claim");
+ case "String":
+ if (attributeValue instanceof String) return attributeValue;
+ if (attributeValue instanceof List) {
+ return transform((List<String>) attributeValue, OIDCAttributeMapperHelper::getString);
+ }
+ return attributeValue.toString();
+ case "long":
+ Long longObject = getLong(attributeValue);
+ if (longObject != null) return longObject;
+ if (attributeValue instanceof List) {
+ return transform((List<Long>) attributeValue, OIDCAttributeMapperHelper::getLong);
+ }
+ throw new RuntimeException("cannot map type for token claim");
+ case "int":
+ Integer intObject = getInteger(attributeValue);
+ if (intObject != null) return intObject;
+ if (attributeValue instanceof List) {
+ return transform((List<Integer>) attributeValue, OIDCAttributeMapperHelper::getInteger);
+ }
+ throw new RuntimeException("cannot map type for token claim");
+ default:
+ return null;
}
- return attributeValue;
+ }
+
+ private static String getString(Object attributeValue) {
+ return attributeValue.toString();
+ }
+
+
+ private static Long getLong(Object attributeValue) {
+ if (attributeValue instanceof Long) return (Long) attributeValue;
+ if (attributeValue instanceof String) return Long.valueOf((String) attributeValue);
+ return null;
+ }
+
+ private static Integer getInteger(Object attributeValue) {
+ if (attributeValue instanceof Integer) return (Integer) attributeValue;
+ if (attributeValue instanceof String) return Integer.valueOf((String) attributeValue);
+ return null;
+ }
+
+ private static Boolean getBoolean(Object attributeValue) {
+ if (attributeValue instanceof Boolean) return (Boolean) attributeValue;
+ if (attributeValue instanceof String) return Boolean.valueOf((String) attributeValue);
+ return null;
}
public static void mapClaim(IDToken token, ProtocolMapperModel mappingModel, Object attributeValue) {
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java b/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
index c671607..5e48c7b 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
@@ -38,6 +38,7 @@ import org.keycloak.models.GroupModel;
import org.keycloak.models.KeyManager;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
+import org.keycloak.models.ModelException;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
@@ -130,15 +131,24 @@ public class TokenManager {
if (TokenUtil.TOKEN_TYPE_OFFLINE.equals(oldToken.getType())) {
UserSessionManager sessionManager = new UserSessionManager(session);
- clientSession = sessionManager.findOfflineClientSession(realm, oldToken.getClientSession(), oldToken.getSessionState());
+ clientSession = sessionManager.findOfflineClientSession(realm, oldToken.getClientSession());
if (clientSession != null) {
userSession = clientSession.getUserSession();
+ if (userSession == null) {
+ throw new OAuthErrorException(OAuthErrorException.INVALID_GRANT, "Offline user session not found", "Offline user session not found");
+ }
+
+ String userSessionId = oldToken.getSessionState();
+ if (!userSessionId.equals(userSession.getId())) {
+ throw new ModelException("User session don't match. Offline client session " + clientSession.getId() + ", It's user session " + userSession.getId() +
+ " Wanted user session: " + userSessionId);
+ }
+
// Revoke timeouted offline userSession
if (userSession.getLastSessionRefresh() < Time.currentTime() - realm.getOfflineSessionIdleTimeout()) {
sessionManager.revokeOfflineUserSession(userSession);
- userSession = null;
- clientSession = null;
+ throw new OAuthErrorException(OAuthErrorException.INVALID_GRANT, "Offline user session not active", "Offline user session session not active");
}
}
} else {
diff --git a/services/src/main/java/org/keycloak/protocol/saml/mappers/AttributeStatementHelper.java b/services/src/main/java/org/keycloak/protocol/saml/mappers/AttributeStatementHelper.java
index c1cf9c4..423cab9 100755
--- a/services/src/main/java/org/keycloak/protocol/saml/mappers/AttributeStatementHelper.java
+++ b/services/src/main/java/org/keycloak/protocol/saml/mappers/AttributeStatementHelper.java
@@ -52,6 +52,15 @@ public class AttributeStatementHelper {
attributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(attribute));
}
+ public static void addAttributes(AttributeStatementType attributeStatement, ProtocolMapperModel mappingModel,
+ List<String> attributeValues) {
+
+ AttributeType attribute = createAttributeType(mappingModel);
+ attributeValues.forEach(attribute::addAttributeValue);
+
+ attributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(attribute));
+ }
+
public static AttributeType createAttributeType(ProtocolMapperModel mappingModel) {
String attributeName = mappingModel.getConfig().get(SAML_ATTRIBUTE_NAME);
AttributeType attribute = new AttributeType(attributeName);
diff --git a/services/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeStatementMapper.java b/services/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeStatementMapper.java
index 2340191..f29d972 100755
--- a/services/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeStatementMapper.java
+++ b/services/src/main/java/org/keycloak/protocol/saml/mappers/UserAttributeStatementMapper.java
@@ -80,10 +80,9 @@ public class UserAttributeStatementMapper extends AbstractSAMLProtocolMapper imp
public void transformAttributeStatement(AttributeStatementType attributeStatement, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionModel clientSession) {
UserModel user = userSession.getUser();
String attributeName = mappingModel.getConfig().get(ProtocolMapperUtils.USER_ATTRIBUTE);
- String attributeValue = KeycloakModelUtils.resolveFirstAttribute(user, attributeName);
- if (attributeValue == null) return;
- AttributeStatementHelper.addAttribute(attributeStatement, mappingModel, attributeValue);
-
+ List<String> attributeValues = KeycloakModelUtils.resolveAttribute(user, attributeName);
+ if (attributeValues.isEmpty()) return;
+ AttributeStatementHelper.addAttributes(attributeStatement, mappingModel, attributeValues);
}
public static ProtocolMapperModel createAttributeMapper(String name, String userAttribute,
diff --git a/services/src/main/java/org/keycloak/services/managers/ClientManager.java b/services/src/main/java/org/keycloak/services/managers/ClientManager.java
index 1aa9b7f..fec49c9 100644
--- a/services/src/main/java/org/keycloak/services/managers/ClientManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ClientManager.java
@@ -195,6 +195,17 @@ public class ClientManager {
}
}
+ public void clientIdChanged(ClientModel client, String newClientId) {
+ logger.debugf("Updating clientId from '%s' to '%s'", client.getClientId(), newClientId);
+
+ UserModel serviceAccountUser = realmManager.getSession().users().getServiceAccount(client);
+ if (serviceAccountUser != null) {
+ String username = ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + newClientId;
+ serviceAccountUser.setUsername(username);
+ serviceAccountUser.setEmail(username + "@placeholder.org");
+ }
+ }
+
@JsonPropertyOrder({"realm", "realm-public-key", "bearer-only", "auth-server-url", "ssl-required",
"resource", "public-client", "credentials",
"use-resource-role-mappings"})
diff --git a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java
index e3ee409..4c8c2fe 100644
--- a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java
@@ -72,18 +72,8 @@ public class UserSessionManager {
}
// userSessionId is provided from offline token. It's used just to verify if it match the ID from clientSession representation
- public ClientSessionModel findOfflineClientSession(RealmModel realm, String clientSessionId, String userSessionId) {
- ClientSessionModel clientSession = kcSession.sessions().getOfflineClientSession(realm, clientSessionId);
- if (clientSession == null) {
- return null;
- }
-
- if (!userSessionId.equals(clientSession.getUserSession().getId())) {
- throw new ModelException("User session don't match. Offline client session " + clientSession.getId() + ", It's user session " + clientSession.getUserSession().getId() +
- " Wanted user session: " + userSessionId);
- }
-
- return clientSession;
+ public ClientSessionModel findOfflineClientSession(RealmModel realm, String clientSessionId) {
+ return kcSession.sessions().getOfflineClientSession(realm, clientSessionId);
}
public Set<ClientModel> findClientsWithOfflineToken(RealmModel realm, UserModel user) {
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
index 8928568..1275022 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
@@ -158,6 +158,10 @@ public class ClientResource {
new ClientManager(new RealmManager(session)).enableServiceAccount(client);
}
+ if (!rep.getClientId().equals(client.getClientId())) {
+ new ClientManager(new RealmManager(session)).clientIdChanged(client, rep.getClientId());
+ }
+
RepresentationToModel.updateClient(rep, client);
if (Profile.isPreviewEnabled()) {
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/info/ServerInfoAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/info/ServerInfoAdminResource.java
index 8017b04..6c17794 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/info/ServerInfoAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/info/ServerInfoAdminResource.java
@@ -56,8 +56,10 @@ import org.keycloak.theme.Theme;
import org.keycloak.theme.ThemeProvider;
import javax.ws.rs.GET;
+import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
import java.io.IOException;
import java.util.Collections;
import java.util.Comparator;
@@ -83,6 +85,7 @@ public class ServerInfoAdminResource {
* @return
*/
@GET
+ @Produces(MediaType.APPLICATION_JSON)
public ServerInfoRepresentation getInfo() {
ServerInfoRepresentation info = new ServerInfoRepresentation();
info.setSystemInfo(SystemInfoRepresentation.create(session.getKeycloakSessionFactory().getServerStartupTimestamp()));
diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
index 7e0e112..2bdb129 100755
--- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
@@ -96,6 +96,7 @@ public class LoginActionsService {
public static final String REQUIRED_ACTION = "required-action";
public static final String FIRST_BROKER_LOGIN_PATH = "first-broker-login";
public static final String POST_BROKER_LOGIN_PATH = "post-broker-login";
+ public static final String LAST_PROCESSED_CODE = "last_processed_code";
private RealmModel realm;
@@ -323,14 +324,22 @@ public class LoginActionsService {
public Response authenticate(@QueryParam("code") String code,
@QueryParam("execution") String execution) {
event.event(EventType.LOGIN);
- Checks checks = new Checks();
- if (!checks.verifyCode(code, ClientSessionModel.Action.AUTHENTICATE.name(), ClientSessionCode.ActionType.LOGIN)) {
- return checks.response;
+
+ ClientSessionModel clientSession = ClientSessionCode.getClientSession(code, session, realm);
+ if (clientSession != null && code.equals(clientSession.getNote(LAST_PROCESSED_CODE))) {
+ // Allow refresh of previous page
+ } else {
+ Checks checks = new Checks();
+ if (!checks.verifyCode(code, ClientSessionModel.Action.AUTHENTICATE.name(), ClientSessionCode.ActionType.LOGIN)) {
+ return checks.response;
+ }
+
+ ClientSessionCode clientSessionCode = checks.clientCode;
+ clientSession = clientSessionCode.getClientSession();
}
- event.detail(Details.CODE_ID, code);
- ClientSessionCode clientSessionCode = checks.clientCode;
- ClientSessionModel clientSession = clientSessionCode.getClientSession();
+ event.detail(Details.CODE_ID, code);
+ clientSession.setNote(LAST_PROCESSED_CODE, code);
return processAuthentication(execution, clientSession, null);
}
@@ -373,12 +382,21 @@ public class LoginActionsService {
public Response authenticateForm(@QueryParam("code") String code,
@QueryParam("execution") String execution) {
event.event(EventType.LOGIN);
+
+ ClientSessionModel clientSession = ClientSessionCode.getClientSession(code, session, realm);
+ if (clientSession != null && code.equals(clientSession.getNote(LAST_PROCESSED_CODE))) {
+ // Post already processed (refresh) - ignore form post and return next form
+ request.getFormParameters().clear();
+ return authenticate(code, null);
+ }
+
Checks checks = new Checks();
if (!checks.verifyCode(code, ClientSessionModel.Action.AUTHENTICATE.name(), ClientSessionCode.ActionType.LOGIN)) {
return checks.response;
}
final ClientSessionCode clientCode = checks.clientCode;
- final ClientSessionModel clientSession = clientCode.getClientSession();
+ clientSession = clientCode.getClientSession();
+ clientSession.setNote(LAST_PROCESSED_CODE, code);
return processAuthentication(execution, clientSession, null);
}
diff --git a/services/src/test/java/org/keycloak/test/broker/oidc/mappers/AbstractJsonUserAttributeMapperTest.java b/services/src/test/java/org/keycloak/test/broker/oidc/mappers/AbstractJsonUserAttributeMapperTest.java
index 24c4ceb..786a528 100755
--- a/services/src/test/java/org/keycloak/test/broker/oidc/mappers/AbstractJsonUserAttributeMapperTest.java
+++ b/services/src/test/java/org/keycloak/test/broker/oidc/mappers/AbstractJsonUserAttributeMapperTest.java
@@ -24,10 +24,11 @@ import org.junit.Test;
import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper;
import java.io.IOException;
+import java.util.Arrays;
/**
* Unit test for {@link org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper}
- *
+ *
* @author Vlastimil Elias (velias at redhat dot com)
*/
public class AbstractJsonUserAttributeMapperTest {
@@ -58,7 +59,7 @@ public class AbstractJsonUserAttributeMapperTest {
//unknown field returns null
Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_unknown"));
-
+
// we check value is trimmed also!
Assert.assertEquals("v1", AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value1"));
Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_empty"));
@@ -95,14 +96,14 @@ public class AbstractJsonUserAttributeMapperTest {
public void getJsonValue_simpleArray() throws JsonProcessingException, IOException {
// array field itself returns null if no index is provided
- Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array"));
+ Assert.assertEquals(Arrays.asList("a1", "a2"), AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array"));
// outside index returns null
Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array[2]"));
//corect index
Assert.assertEquals("a1", AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array[0]"));
Assert.assertEquals("a2", AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array[1]"));
-
+
//incorrect array constructs
Assert.assertNull(AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array[]"));
Assert.assertNull(AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "value_array]"));
@@ -125,7 +126,7 @@ public class AbstractJsonUserAttributeMapperTest {
Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "nesta.a.av1"));
Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "nesta.a].av1"));
Assert.assertEquals(null, AbstractJsonUserAttributeMapper.getJsonValue(getJsonNode(), "nesta.a[.av1"));
-
+
}
}
testsuite/integration/pom.xml 2(+1 -1)
diff --git a/testsuite/integration/pom.xml b/testsuite/integration/pom.xml
index 94283a9..131b7cc 100755
--- a/testsuite/integration/pom.xml
+++ b/testsuite/integration/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java
index b9f4f2a..fb4b3af 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java
@@ -107,7 +107,7 @@ public class UserSessionProviderOfflineTest {
// Assert all previously saved offline sessions found
for (Map.Entry<String, String> entry : offlineSessions.entrySet()) {
- Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey(), entry.getValue()) != null);
+ Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey()) != null);
UserSessionModel offlineSession = session.sessions().getUserSession(realm, entry.getValue());
boolean found = false;
@@ -187,7 +187,7 @@ public class UserSessionProviderOfflineTest {
resetSession();
- ClientSessionModel offlineClientSession = sessionManager.findOfflineClientSession(fooRealm, clientSession.getId(), userSession.getId());
+ ClientSessionModel offlineClientSession = sessionManager.findOfflineClientSession(fooRealm, clientSession.getId());
Assert.assertEquals("foo-app", offlineClientSession.getClient().getClientId());
Assert.assertEquals("user3", offlineClientSession.getUserSession().getUser().getUsername());
Assert.assertEquals(offlineClientSession.getId(), offlineClientSession.getUserSession().getClientSessions().get(0).getId());
@@ -206,7 +206,7 @@ public class UserSessionProviderOfflineTest {
// Assert nothing loaded
fooRealm = session.realms().getRealm("foo");
- Assert.assertNull(sessionManager.findOfflineClientSession(fooRealm, clientSession.getId(), userSession.getId()));
+ Assert.assertNull(sessionManager.findOfflineClientSession(fooRealm, clientSession.getId()));
Assert.assertEquals(0, session.sessions().getOfflineSessionsCount(fooRealm, fooRealm.getClientByClientId("foo-app")));
// Cleanup
@@ -338,7 +338,7 @@ public class UserSessionProviderOfflineTest {
// Assert all previously saved offline sessions found
for (Map.Entry<String, String> entry : offlineSessions.entrySet()) {
- Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey(), entry.getValue()) != null);
+ Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey()) != null);
}
UserSessionModel session0 = session.sessions().getOfflineUserSession(realm, origSessions[0].getId());
@@ -379,9 +379,9 @@ public class UserSessionProviderOfflineTest {
for (Map.Entry<String, String> entry : offlineSessions.entrySet()) {
String userSessionId = entry.getValue();
if (userSessionId.equals(session1.getId())) {
- Assert.assertFalse(sessionManager.findOfflineClientSession(realm, entry.getKey(), userSessionId) != null);
+ Assert.assertFalse(sessionManager.findOfflineClientSession(realm, entry.getKey()) != null);
} else {
- Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey(), userSessionId) != null);
+ Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey()) != null);
}
}
Assert.assertEquals(1, persister.getUserSessionsCount(true));
@@ -394,7 +394,7 @@ public class UserSessionProviderOfflineTest {
resetSession();
for (Map.Entry<String, String> entry : offlineSessions.entrySet()) {
- Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey(), entry.getValue()) == null);
+ Assert.assertTrue(sessionManager.findOfflineClientSession(realm, entry.getKey()) == null);
}
Assert.assertEquals(0, persister.getUserSessionsCount(true));
diff --git a/testsuite/integration-arquillian/pom.xml b/testsuite/integration-arquillian/pom.xml
index ccd3e12..5f7fe92 100644
--- a/testsuite/integration-arquillian/pom.xml
+++ b/testsuite/integration-arquillian/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-testsuite-pom</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/as7/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/as7/pom.xml
index 94af0b3..39d567b 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/as7/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/as7/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/eap/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/eap/pom.xml
index 7eff562..61a085a 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/eap/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/eap/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/eap6/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/eap6/pom.xml
index 853845c..2a47b31 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/eap6/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/eap6/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/eap6-fuse/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/eap6-fuse/pom.xml
index e60fbc1..60fc6a2 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/eap6-fuse/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/eap6-fuse/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml
index 49f0162..a2c6b4a 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/relative/eap/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/relative/eap/pom.xml
index b0a62e0..360b73f 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/relative/eap/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/relative/eap/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss-relative</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/relative/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/relative/pom.xml
index 767b21b..131fb8d 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/relative/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/relative/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/relative/wildfly/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/relative/wildfly/pom.xml
index 2fe4ad2..04b75f9 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/relative/wildfly/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/relative/wildfly/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss-relative</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/wildfly/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/wildfly/pom.xml
index 9f2b285..7c59b10 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/wildfly/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/wildfly/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/wildfly8/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/wildfly8/pom.xml
index d59b465..5ea9125 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/wildfly8/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/wildfly8/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/wildfly9/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/wildfly9/pom.xml
index e6612fa..d1b80e9 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/wildfly9/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/wildfly9/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/karaf/fuse61/pom.xml b/testsuite/integration-arquillian/servers/app-server/karaf/fuse61/pom.xml
index 52b44ec..e6fb8dd 100644
--- a/testsuite/integration-arquillian/servers/app-server/karaf/fuse61/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/karaf/fuse61/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/karaf/fuse62/pom.xml b/testsuite/integration-arquillian/servers/app-server/karaf/fuse62/pom.xml
index 6379104..126f03e 100644
--- a/testsuite/integration-arquillian/servers/app-server/karaf/fuse62/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/karaf/fuse62/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/karaf/fuse63/pom.xml b/testsuite/integration-arquillian/servers/app-server/karaf/fuse63/pom.xml
index 22a48d1..ea1eadf 100644
--- a/testsuite/integration-arquillian/servers/app-server/karaf/fuse63/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/karaf/fuse63/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/karaf/karaf3/pom.xml b/testsuite/integration-arquillian/servers/app-server/karaf/karaf3/pom.xml
index aed028f..c5a56a9 100644
--- a/testsuite/integration-arquillian/servers/app-server/karaf/karaf3/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/karaf/karaf3/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/karaf/pom.xml b/testsuite/integration-arquillian/servers/app-server/karaf/pom.xml
index b9eb252..e57d3c7 100644
--- a/testsuite/integration-arquillian/servers/app-server/karaf/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/karaf/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/pom.xml b/testsuite/integration-arquillian/servers/app-server/pom.xml
index 12b674b..b2c217b 100644
--- a/testsuite/integration-arquillian/servers/app-server/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/tomcat/pom.xml b/testsuite/integration-arquillian/servers/app-server/tomcat/pom.xml
index 21d4477..2e90fa6 100644
--- a/testsuite/integration-arquillian/servers/app-server/tomcat/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/tomcat/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat7/pom.xml b/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat7/pom.xml
index 62cdea9..71982b6 100644
--- a/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat7/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat7/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-tomcat</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat8/pom.xml b/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat8/pom.xml
index 126041c..79b6090 100644
--- a/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat8/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat8/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-tomcat</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat9/pom.xml b/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat9/pom.xml
index e461d62..47ff0c9 100644
--- a/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat9/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/tomcat/tomcat9/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-tomcat</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/eap/pom.xml b/testsuite/integration-arquillian/servers/auth-server/jboss/eap/pom.xml
index 2601da6..b5bc27a 100644
--- a/testsuite/integration-arquillian/servers/auth-server/jboss/eap/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/jboss/eap/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-auth-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml b/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml
index 9263389..7e54e46 100644
--- a/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-auth-server</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/wildfly/pom.xml b/testsuite/integration-arquillian/servers/auth-server/jboss/wildfly/pom.xml
index 3ecf670..e2958f6 100644
--- a/testsuite/integration-arquillian/servers/auth-server/jboss/wildfly/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/jboss/wildfly/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-auth-server-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/pom.xml b/testsuite/integration-arquillian/servers/auth-server/pom.xml
index 232d6a6..56e9a0f 100644
--- a/testsuite/integration-arquillian/servers/auth-server/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/pom.xml b/testsuite/integration-arquillian/servers/auth-server/services/pom.xml
index 12fc608..afc7081 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/services/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-auth-server</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml
index 9793358..e40a806 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-auth-server-services</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-testsuite-providers</artifactId>
diff --git a/testsuite/integration-arquillian/servers/auth-server/undertow/pom.xml b/testsuite/integration-arquillian/servers/auth-server/undertow/pom.xml
index ff476ed..2793df4 100644
--- a/testsuite/integration-arquillian/servers/auth-server/undertow/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/undertow/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-auth-server</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/KeycloakOnUndertow.java b/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/KeycloakOnUndertow.java
index 9d29973..bdbd4d9 100644
--- a/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/KeycloakOnUndertow.java
+++ b/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/KeycloakOnUndertow.java
@@ -50,8 +50,8 @@ import javax.servlet.ServletException;
import java.lang.reflect.Field;
import java.util.Collection;
-import java.util.HashMap;
import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
public class KeycloakOnUndertow implements DeployableContainer<KeycloakOnUndertowConfiguration> {
@@ -61,7 +61,7 @@ public class KeycloakOnUndertow implements DeployableContainer<KeycloakOnUnderto
private KeycloakOnUndertowConfiguration configuration;
private KeycloakSessionFactory sessionFactory;
- Map<String, String> deployedArchivesToContextPath = new HashMap<>();
+ Map<String, String> deployedArchivesToContextPath = new ConcurrentHashMap<>();
private DeploymentInfo createAuthServerDeploymentInfo() {
ResteasyDeployment deployment = new ResteasyDeployment();
diff --git a/testsuite/integration-arquillian/servers/migration/pom.xml b/testsuite/integration-arquillian/servers/migration/pom.xml
index 13fb3b4..6b76f94 100644
--- a/testsuite/integration-arquillian/servers/migration/pom.xml
+++ b/testsuite/integration-arquillian/servers/migration/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/pom.xml b/testsuite/integration-arquillian/servers/pom.xml
index 2bea37c..7117c15 100644
--- a/testsuite/integration-arquillian/servers/pom.xml
+++ b/testsuite/integration-arquillian/servers/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/servers/wildfly-balancer/pom.xml b/testsuite/integration-arquillian/servers/wildfly-balancer/pom.xml
index f14cd09..f3270e0 100644
--- a/testsuite/integration-arquillian/servers/wildfly-balancer/pom.xml
+++ b/testsuite/integration-arquillian/servers/wildfly-balancer/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/test-apps/app-profile-jee/pom.xml b/testsuite/integration-arquillian/test-apps/app-profile-jee/pom.xml
index d9d031a..e8ff1c4 100644
--- a/testsuite/integration-arquillian/test-apps/app-profile-jee/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/app-profile-jee/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-test-app-profile-jee</artifactId>
diff --git a/testsuite/integration-arquillian/test-apps/hello-world-authz-service/pom.xml b/testsuite/integration-arquillian/test-apps/hello-world-authz-service/pom.xml
index 1d41d2e..5d575d9 100755
--- a/testsuite/integration-arquillian/test-apps/hello-world-authz-service/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/hello-world-authz-service/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>hello-world-authz-service</artifactId>
diff --git a/testsuite/integration-arquillian/test-apps/js-console/pom.xml b/testsuite/integration-arquillian/test-apps/js-console/pom.xml
index 6ba97ca..73093aa 100755
--- a/testsuite/integration-arquillian/test-apps/js-console/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/js-console/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/test-apps/js-database/pom.xml b/testsuite/integration-arquillian/test-apps/js-database/pom.xml
index 513c057..3d746e4 100644
--- a/testsuite/integration-arquillian/test-apps/js-database/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/js-database/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian-test-apps</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/pom.xml b/testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/pom.xml
index 8439fc0..abdb7d6 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-authz-policy/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps-photoz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/pom.xml b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/pom.xml
index 82fd69f..e17a37b 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps-photoz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/pom.xml b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/pom.xml
index 1351553..bd272b5 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps-photoz-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/pom.xml b/testsuite/integration-arquillian/test-apps/photoz/pom.xml
index 71db385..4a880b2 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/photoz/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-test-apps-photoz-parent</artifactId>
diff --git a/testsuite/integration-arquillian/test-apps/pom.xml b/testsuite/integration-arquillian/test-apps/pom.xml
index 4d74389..cacb0ac 100644
--- a/testsuite/integration-arquillian/test-apps/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/test-apps/servlet-authz/pom.xml b/testsuite/integration-arquillian/test-apps/servlet-authz/pom.xml
index 249d47e..724df70 100755
--- a/testsuite/integration-arquillian/test-apps/servlet-authz/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/servlet-authz/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>servlet-authz-app</artifactId>
diff --git a/testsuite/integration-arquillian/test-apps/servlets/pom.xml b/testsuite/integration-arquillian/test-apps/servlets/pom.xml
index cab0c28..9159c73 100644
--- a/testsuite/integration-arquillian/test-apps/servlets/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/servlets/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian-test-apps</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/filter/AdapterActionsFilter.java b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/filter/AdapterActionsFilter.java
index 1bfbb3e..3b3cc49 100644
--- a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/filter/AdapterActionsFilter.java
+++ b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/filter/AdapterActionsFilter.java
@@ -23,12 +23,14 @@ import org.keycloak.adapters.AdapterDeploymentContext;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.rotation.JWKPublicKeyLocator;
import org.keycloak.common.util.Time;
+import org.keycloak.common.util.reflections.Reflections;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
+import java.lang.reflect.Field;
/**
* Filter to handle "special" requests to perform actions on adapter side (for example setting time offset )
@@ -38,7 +40,7 @@ import java.io.PrintWriter;
public class AdapterActionsFilter implements Filter {
public static final String TIME_OFFSET_PARAM = "timeOffset";
- public static final String RESET_PUBLIC_KEY_PARAM = "resetPublicKey";
+ public static final String RESET_DEPLOYMENT_PARAM = "resetDeployment";
private static final Logger log = Logger.getLogger(AdapterActionsFilter.class);
@@ -54,19 +56,28 @@ public class AdapterActionsFilter implements Filter {
//Accept timeOffset as argument to enforce timeouts
String timeOffsetParam = request.getParameter(TIME_OFFSET_PARAM);
- String resetPublicKey = request.getParameter(RESET_PUBLIC_KEY_PARAM);
+ String resetDeploymentParam = request.getParameter(RESET_DEPLOYMENT_PARAM);
if (timeOffsetParam != null && !timeOffsetParam.isEmpty()) {
int timeOffset = Integer.parseInt(timeOffsetParam);
log.infof("Time offset updated to %d for application %s", timeOffset, servletReq.getRequestURI());
Time.setOffset(timeOffset);
writeResponse(servletResp, "Offset set successfully");
- } else if (resetPublicKey != null && !resetPublicKey.isEmpty()) {
+ } else if (resetDeploymentParam != null && !resetDeploymentParam.isEmpty()) {
AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext) request.getServletContext().getAttribute(AdapterDeploymentContext.class.getName());
- KeycloakDeployment deployment = deploymentContext.resolveDeployment(null);
- deployment.setPublicKeyLocator(new JWKPublicKeyLocator());
- log.infof("Restarted publicKey locator for application %s", servletReq.getRequestURI());
- writeResponse(servletResp, "PublicKeyLocator restarted successfully");
+
+ Field field = Reflections.findDeclaredField(AdapterDeploymentContext.class, "deployment");
+ Reflections.setAccessible(field);
+ KeycloakDeployment deployment = (KeycloakDeployment) Reflections.getFieldValue(field, deploymentContext);
+
+ Time.setOffset(0);
+ deployment.setNotBefore(0);
+ if (deployment.getPublicKeyLocator() instanceof JWKPublicKeyLocator) {
+ deployment.setPublicKeyLocator(new JWKPublicKeyLocator());
+ }
+
+ log.infof("Restarted PublicKeyLocator, notBefore and timeOffset for application %s", servletReq.getRequestURI());
+ writeResponse(servletResp, "Restarted PublicKeyLocator, notBefore and timeOffset successfully");
} else {
// Continue request
chain.doFilter(request, response);
diff --git a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/AbstractShowTokensServlet.java b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/AbstractShowTokensServlet.java
index 3707172..6db5922 100644
--- a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/AbstractShowTokensServlet.java
+++ b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/AbstractShowTokensServlet.java
@@ -49,6 +49,7 @@ public abstract class AbstractShowTokensServlet extends HttpServlet {
return new StringBuilder("<span id=\"accessToken\">" + accessTokenPretty + "</span>")
.append("<span id=\"refreshToken\">" + refreshTokenPretty + "</span>")
+ .append("<span id=\"accessTokenString\">" + ctx.getTokenString() + "</span>")
.toString();
}
diff --git a/testsuite/integration-arquillian/test-apps/test-apps-dist/pom.xml b/testsuite/integration-arquillian/test-apps/test-apps-dist/pom.xml
index f4790c1..0ce3451 100644
--- a/testsuite/integration-arquillian/test-apps/test-apps-dist/pom.xml
+++ b/testsuite/integration-arquillian/test-apps/test-apps-dist/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian-test-apps</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/tests/base/pom.xml b/testsuite/integration-arquillian/tests/base/pom.xml
index a0eb15c..a945047 100644
--- a/testsuite/integration-arquillian/tests/base/pom.xml
+++ b/testsuite/integration-arquillian/tests/base/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/AbstractShowTokensPage.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/AbstractShowTokensPage.java
index ea7ef6f..64d0de2 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/AbstractShowTokensPage.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/AbstractShowTokensPage.java
@@ -38,6 +38,9 @@ public abstract class AbstractShowTokensPage extends AbstractPageWithInjectedUrl
@FindBy(id = "refreshToken")
private WebElement refreshToken;
+ @FindBy(id = "accessTokenString")
+ private WebElement accessTokenString;
+
public AccessToken getAccessToken() {
try {
@@ -51,13 +54,25 @@ public abstract class AbstractShowTokensPage extends AbstractPageWithInjectedUrl
return null;
}
+
public RefreshToken getRefreshToken() {
try {
return JsonSerialization.readValue(refreshToken.getText(), RefreshToken.class);
} catch (IOException e) {
e.printStackTrace();
} catch (NoSuchElementException nsee) {
- log.warn("No idToken element found on the page");
+ log.warn("No refreshToken element found on the page");
+ }
+
+ return null;
+ }
+
+
+ public String getAccessTokenString() {
+ try {
+ return accessTokenString.getText();
+ } catch (NoSuchElementException nsee) {
+ log.warn("No accessTokenString element found on the page");
}
return null;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java
index a40275f..cc018d2 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java
@@ -111,14 +111,17 @@ public abstract class AbstractServletsAdapterTest extends AbstractAdapterTest {
testRealmPage.setAuthRealm(DEMO);
}
- protected void setAdapterAndServerTimeOffset(int timeOffset, String servletUri) {
+ protected void setAdapterAndServerTimeOffset(int timeOffset, String... servletUris) {
setTimeOffset(timeOffset);
- String timeOffsetUri = UriBuilder.fromUri(servletUri)
- .queryParam(AdapterActionsFilter.TIME_OFFSET_PARAM, timeOffset)
- .build().toString();
- driver.navigate().to(timeOffsetUri);
- WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
+ for (String servletUri : servletUris) {
+ String timeOffsetUri = UriBuilder.fromUri(servletUri)
+ .queryParam(AdapterActionsFilter.TIME_OFFSET_PARAM, timeOffset)
+ .build().toString();
+
+ driver.navigate().to(timeOffsetUri);
+ WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
+ }
}
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java
index 0ad81d5..a9ce39a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java
@@ -27,10 +27,4 @@ public abstract class AbstractDemoFilterServletAdapterTest extends AbstractDemoS
}
- @Test
- @Override
- @Ignore
- public void testClientWithJwksUri() {
-
- }
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java
index f57b858..fde26a1 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java
@@ -27,17 +27,13 @@ import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.common.Version;
-import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.Time;
import org.keycloak.constants.AdapterConstants;
-import org.keycloak.keys.KeyProvider;
-import org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.VersionRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
-import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
@@ -67,7 +63,6 @@ import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriBuilder;
import java.io.File;
import java.io.IOException;
import java.net.URI;
@@ -86,7 +81,6 @@ import static org.junit.Assert.assertTrue;
import org.keycloak.testsuite.adapter.page.CustomerPortalNoConf;
import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
-import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
import static org.keycloak.testsuite.util.WaitUtils.pause;
import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
@@ -141,7 +135,7 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd
@Deployment(name = CustomerDb.DEPLOYMENT_NAME)
protected static WebArchive customerDb() {
- return servletDeployment(CustomerDb.DEPLOYMENT_NAME, CustomerDatabaseServlet.class);
+ return servletDeployment(CustomerDb.DEPLOYMENT_NAME, AdapterActionsFilter.class, CustomerDatabaseServlet.class);
}
@Deployment(name = CustomerDbErrorPage.DEPLOYMENT_NAME)
@@ -218,97 +212,6 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd
}
@Test
- public void testRealmKeyRotationWithNewKeyDownload() throws Exception {
- // Login success first
- tokenMinTTLPage.navigateTo();
- testRealmLoginPage.form().waitForUsernameInputPresent();
- assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
- testRealmLoginPage.form().login("bburke@redhat.com", "password");
- assertCurrentUrlEquals(tokenMinTTLPage);
-
- AccessToken token = tokenMinTTLPage.getAccessToken();
- Assert.assertEquals("bburke@redhat.com", token.getPreferredUsername());
-
- // Logout
- String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder())
- .queryParam(OAuth2Constants.REDIRECT_URI, tokenMinTTLPage.toString())
- .build("demo").toString();
- driver.navigate().to(logoutUri);
-
- // Generate new realm key
- String realmId = adminClient.realm(DEMO).toRepresentation().getId();
- ComponentRepresentation keys = new ComponentRepresentation();
- keys.setName("generated");
- keys.setProviderType(KeyProvider.class.getName());
- keys.setProviderId("rsa-generated");
- keys.setParentId(realmId);
- keys.setConfig(new MultivaluedHashMap<>());
- keys.getConfig().putSingle("priority", "100");
- Response response = adminClient.realm(DEMO).components().add(keys);
- assertEquals(201, response.getStatus());
- response.close();
-
- String adapterActionsUrl = tokenMinTTLPage.toString() + "/unsecured/foo";
- setAdapterAndServerTimeOffset(300, adapterActionsUrl);
-
- // Try to login. Should work now due to realm key change
- tokenMinTTLPage.navigateTo();
- testRealmLoginPage.form().waitForUsernameInputPresent();
- assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
- testRealmLoginPage.form().login("bburke@redhat.com", "password");
- assertCurrentUrlEquals(tokenMinTTLPage);
- token = tokenMinTTLPage.getAccessToken();
- Assert.assertEquals("bburke@redhat.com", token.getPreferredUsername());
- driver.navigate().to(logoutUri);
-
- // Revert public keys change
- String timeOffsetUri = UriBuilder.fromUri(adapterActionsUrl)
- .queryParam(AdapterActionsFilter.RESET_PUBLIC_KEY_PARAM, "true")
- .build().toString();
- driver.navigate().to(timeOffsetUri);
- waitUntilElement(By.tagName("body")).is().visible();
-
- setAdapterAndServerTimeOffset(0, adapterActionsUrl);
- }
-
- @Test
- public void testClientWithJwksUri() throws Exception {
- // Set client to bad JWKS URI
- ClientResource clientResource = ApiUtil.findClientResourceByClientId(testRealmResource(), "secure-portal");
- ClientRepresentation client = clientResource.toRepresentation();
- OIDCAdvancedConfigWrapper wrapper = OIDCAdvancedConfigWrapper.fromClientRepresentation(client);
- wrapper.setUseJwksUrl(true);
- wrapper.setJwksUrl(securePortal + "/bad-jwks-url");
- clientResource.update(client);
-
- // Login should fail at the code-to-token
- securePortal.navigateTo();
- assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
- testRealmLoginPage.form().login("bburke@redhat.com", "password");
- String pageSource = driver.getPageSource();
- assertCurrentUrlStartsWith(securePortal);
- assertFalse(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
-
- // Set client to correct JWKS URI
- client = clientResource.toRepresentation();
- wrapper = OIDCAdvancedConfigWrapper.fromClientRepresentation(client);
- wrapper.setUseJwksUrl(true);
- wrapper.setJwksUrl(securePortal + "/" + AdapterConstants.K_JWKS);
- clientResource.update(client);
-
- // Login to secure-portal should be fine now. Client keys downloaded from JWKS URI
- securePortal.navigateTo();
- assertCurrentUrlEquals(securePortal);
- pageSource = driver.getPageSource();
- assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
-
- // Logout
- String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder())
- .queryParam(OAuth2Constants.REDIRECT_URI, securePortal.toString()).build("demo").toString();
- driver.navigate().to(logoutUri);
- }
-
- @Test
public void testLoginSSOAndLogout() {
// test login to customer-portal which does a bearer request to customer-db
customerPortal.navigateTo();
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractOIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractOIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..8c42b99
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractOIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,346 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter.servlet;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.concurrent.TimeUnit;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriBuilder;
+
+import org.apache.http.HttpEntity;
+import org.apache.http.HttpResponse;
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.graphene.page.Page;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.admin.client.resource.ClientResource;
+import org.keycloak.common.util.MultivaluedHashMap;
+import org.keycloak.common.util.StreamUtil;
+import org.keycloak.common.util.Time;
+import org.keycloak.constants.AdapterConstants;
+import org.keycloak.keys.KeyProvider;
+import org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper;
+import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
+import org.keycloak.representations.AccessToken;
+import org.keycloak.representations.adapters.action.GlobalRequestResult;
+import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.ComponentRepresentation;
+import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
+import org.keycloak.testsuite.adapter.filter.AdapterActionsFilter;
+import org.keycloak.testsuite.adapter.page.CustomerDb;
+import org.keycloak.testsuite.adapter.page.SecurePortal;
+import org.keycloak.testsuite.adapter.page.TokenMinTTLPage;
+import org.keycloak.testsuite.admin.ApiUtil;
+import org.keycloak.testsuite.util.URLAssert;
+import org.openqa.selenium.By;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO;
+import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
+import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
+import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
+import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
+
+/**
+ * Tests related to public key rotation for OIDC adapter
+ *
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class AbstractOIDCPublicKeyRotationAdapterTest extends AbstractServletsAdapterTest {
+
+ @Page
+ private SecurePortal securePortal;
+
+ @Page
+ private TokenMinTTLPage tokenMinTTLPage;
+
+ @Page
+ private CustomerDb customerDb;
+
+ @Deployment(name = SecurePortal.DEPLOYMENT_NAME)
+ protected static WebArchive securePortal() {
+ return servletDeployment(SecurePortal.DEPLOYMENT_NAME, CallAuthenticatedServlet.class);
+ }
+
+ @Deployment(name = TokenMinTTLPage.DEPLOYMENT_NAME)
+ protected static WebArchive tokenMinTTLPage() {
+ return servletDeployment(TokenMinTTLPage.DEPLOYMENT_NAME, AdapterActionsFilter.class, AbstractShowTokensServlet.class, TokenMinTTLServlet.class, ErrorServlet.class);
+ }
+
+ @Deployment(name = CustomerDb.DEPLOYMENT_NAME)
+ protected static WebArchive customerDb() {
+ return servletDeployment(CustomerDb.DEPLOYMENT_NAME, AdapterActionsFilter.class, CustomerDatabaseServlet.class);
+ }
+
+
+
+
+ @Before
+ public void beforeRotationAdapterTest() {
+ // Delete all cookies from token-min-ttl page to be sure we are logged out
+ tokenMinTTLPage.navigateTo();
+ driver.manage().deleteAllCookies();
+ }
+
+
+ @Test
+ public void testRealmKeyRotationWithNewKeyDownload() throws Exception {
+ // Login success first
+ loginToTokenMinTtlApp();
+
+ // Logout
+ String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder())
+ .queryParam(OAuth2Constants.REDIRECT_URI, tokenMinTTLPage.toString())
+ .build("demo").toString();
+ driver.navigate().to(logoutUri);
+ assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+
+ // Generate new realm key
+ generateNewRealmKey();
+
+ // Try to login again. It should fail now because not yet allowed to download new keys
+ tokenMinTTLPage.navigateTo();
+ testRealmLoginPage.form().waitForUsernameInputPresent();
+ assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+ testRealmLoginPage.form().login("bburke@redhat.com", "password");
+ URLAssert.assertCurrentUrlStartsWith(driver, tokenMinTTLPage.getInjectedUrl().toString());
+ Assert.assertNull(tokenMinTTLPage.getAccessToken());
+
+ driver.navigate().to(logoutUri);
+ assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+
+ setAdapterAndServerTimeOffset(300, tokenMinTTLPage.toString() + "/unsecured/foo");
+
+ // Try to login. Should work now due to realm key change
+ loginToTokenMinTtlApp();
+ driver.navigate().to(logoutUri);
+
+ // Revert public keys change
+ resetKeycloakDeploymentForAdapter(tokenMinTTLPage.toString() + "/unsecured/foo");
+ }
+
+
+ @Test
+ public void testClientWithJwksUri() throws Exception {
+ // Set client to bad JWKS URI
+ ClientResource clientResource = ApiUtil.findClientResourceByClientId(testRealmResource(), "secure-portal");
+ ClientRepresentation client = clientResource.toRepresentation();
+ OIDCAdvancedConfigWrapper wrapper = OIDCAdvancedConfigWrapper.fromClientRepresentation(client);
+ wrapper.setUseJwksUrl(true);
+ wrapper.setJwksUrl(securePortal + "/bad-jwks-url");
+ clientResource.update(client);
+
+ // Login should fail at the code-to-token
+ securePortal.navigateTo();
+ assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+ testRealmLoginPage.form().login("bburke@redhat.com", "password");
+ String pageSource = driver.getPageSource();
+ assertCurrentUrlStartsWith(securePortal);
+ assertFalse(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
+
+ // Set client to correct JWKS URI
+ client = clientResource.toRepresentation();
+ wrapper = OIDCAdvancedConfigWrapper.fromClientRepresentation(client);
+ wrapper.setUseJwksUrl(true);
+ wrapper.setJwksUrl(securePortal + "/" + AdapterConstants.K_JWKS);
+ clientResource.update(client);
+
+ // Login to secure-portal should be fine now. Client keys downloaded from JWKS URI
+ securePortal.navigateTo();
+ assertCurrentUrlEquals(securePortal);
+ pageSource = driver.getPageSource();
+ assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
+
+ // Logout
+ String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder())
+ .queryParam(OAuth2Constants.REDIRECT_URI, securePortal.toString()).build("demo").toString();
+ driver.navigate().to(logoutUri);
+ }
+
+
+ // KEYCLOAK-3824: Test for public-key-cache-ttl
+ @Test
+ public void testPublicKeyCacheTtl() {
+ // increase accessTokenLifespan to 1200
+ RealmRepresentation demoRealm = adminClient.realm(DEMO).toRepresentation();
+ demoRealm.setAccessTokenLifespan(1200);
+ adminClient.realm(DEMO).update(demoRealm);
+
+ // authenticate in tokenMinTTL app
+ loginToTokenMinTtlApp();
+ String accessTokenString = tokenMinTTLPage.getAccessTokenString();
+
+ // Send REST request to customer-db app. I should be successfully authenticated
+ int status = invokeRESTEndpoint(accessTokenString);
+ Assert.assertEquals(200, status);
+
+ // Re-generate realm public key and remove the old key
+ String oldKeyId = getActiveKeyId();
+ generateNewRealmKey();
+ adminClient.realm(DEMO).components().component(oldKeyId).remove();
+
+ // Send REST request to the customer-db app. Should be still succcessfully authenticated as the JWKPublicKeyLocator cache is still valid
+ status = invokeRESTEndpoint(accessTokenString);
+ Assert.assertEquals(200, status);
+
+ // TimeOffset to 900 on the REST app side. Token is still valid (1200) but JWKPublicKeyLocator should try to download new key (public-key-cache-ttl=600)
+ setAdapterAndServerTimeOffset(900, customerDb.toString() + "/unsecured/foo");
+
+ // Send REST request. New request to the publicKey cache should be sent, and key is no longer returned as token contains the old kid
+ status = invokeRESTEndpoint(accessTokenString);
+ Assert.assertEquals(401, status);
+
+ // Revert public keys change and time offset
+ resetKeycloakDeploymentForAdapter(customerDb.toString() + "/unsecured/foo");
+ resetKeycloakDeploymentForAdapter(tokenMinTTLPage.toString() + "/unsecured/foo");
+ }
+
+
+ // KEYCLOAK-3823: Test that sending notBefore policy invalidates JWKPublicKeyLocator cache
+ @Test
+ public void testPublicKeyCacheInvalidatedWhenPushedNotBefore() {
+ driver.manage().timeouts().pageLoadTimeout(1000, TimeUnit.SECONDS);
+
+ // increase accessTokenLifespan to 1200
+ RealmRepresentation demoRealm = adminClient.realm(DEMO).toRepresentation();
+ demoRealm.setAccessTokenLifespan(1200);
+ adminClient.realm(DEMO).update(demoRealm);
+
+ // authenticate in tokenMinTTL app
+ loginToTokenMinTtlApp();
+ String accessTokenString = tokenMinTTLPage.getAccessTokenString();
+
+ // Generate new realm public key
+ String oldKeyId = getActiveKeyId();
+ generateNewRealmKey();
+
+ // Send REST request to customer-db app. It should be successfully authenticated even that token is signed by the old key
+ int status = invokeRESTEndpoint(accessTokenString);
+ Assert.assertEquals(200, status);
+
+ // Remove the old realm key now
+ adminClient.realm(DEMO).components().component(oldKeyId).remove();
+
+ // Set some offset to ensure pushing notBefore will pass
+ setAdapterAndServerTimeOffset(130, customerDb.toString() + "/unsecured/foo", tokenMinTTLPage.toString() + "/unsecured/foo");
+
+ // Send notBefore policy from the realm
+ demoRealm.setNotBefore(Time.currentTime() - 1);
+ adminClient.realm(DEMO).update(demoRealm);
+ GlobalRequestResult result = adminClient.realm(DEMO).pushRevocation();
+ Assert.assertTrue(result.getSuccessRequests().contains(customerDb.toString()));
+
+ // Send REST request. New request to the publicKey cache should be sent, and key is no longer returned as token contains the old kid
+ status = invokeRESTEndpoint(accessTokenString);
+ Assert.assertEquals(401, status);
+
+ // Revert public keys change and time offset
+ resetKeycloakDeploymentForAdapter(customerDb.toString() + "/unsecured/foo");
+ resetKeycloakDeploymentForAdapter(tokenMinTTLPage.toString() + "/unsecured/foo");
+ }
+
+
+ // HELPER METHODS
+
+ private void loginToTokenMinTtlApp() {
+ tokenMinTTLPage.navigateTo();
+ testRealmLoginPage.form().waitForUsernameInputPresent();
+ assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
+ testRealmLoginPage.form().login("bburke@redhat.com", "password");
+ assertCurrentUrlEquals(tokenMinTTLPage);
+
+ AccessToken token = tokenMinTTLPage.getAccessToken();
+ Assert.assertEquals("bburke@redhat.com", token.getPreferredUsername());
+ }
+
+
+ private void generateNewRealmKey() {
+ String realmId = adminClient.realm(DEMO).toRepresentation().getId();
+
+ ComponentRepresentation keys = new ComponentRepresentation();
+ keys.setName("generated");
+ keys.setProviderType(KeyProvider.class.getName());
+ keys.setProviderId("rsa-generated");
+ keys.setParentId(realmId);
+ keys.setConfig(new MultivaluedHashMap<>());
+ keys.getConfig().putSingle("priority", "150");
+ Response response = adminClient.realm(DEMO).components().add(keys);
+ assertEquals(201, response.getStatus());
+ response.close();
+ }
+
+ private String getActiveKeyId() {
+ String realmId = adminClient.realm(DEMO).toRepresentation().getId();
+ return adminClient.realm(DEMO).components().query(realmId, KeyProvider.class.getName())
+ .get(0).getId();
+ }
+
+
+ private int invokeRESTEndpoint(String accessTokenString) {
+
+ HttpClient client = new DefaultHttpClient();
+ try {
+ String restUrl = customerDb.toString();
+ HttpGet get = new HttpGet(restUrl);
+ get.addHeader("Authorization", "Bearer " + accessTokenString);
+ try {
+ HttpResponse response = client.execute(get);
+ int status = response.getStatusLine().getStatusCode();
+ if (status != 200) {
+ return status;
+ }
+
+ HttpEntity entity = response.getEntity();
+ InputStream is = entity.getContent();
+ try {
+ String body = StreamUtil.readString(is);
+ Assert.assertTrue(body.contains("Stian Thorgersen") && body.contains("Bill Burke"));
+ return status;
+ } finally {
+ is.close();
+ }
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ } finally {
+ client.getConnectionManager().shutdown();
+ }
+ }
+
+
+ private void resetKeycloakDeploymentForAdapter(String adapterActionsUrl) {
+ String timeOffsetUri = UriBuilder.fromUri(adapterActionsUrl)
+ .queryParam(AdapterActionsFilter.RESET_DEPLOYMENT_PARAM, "true")
+ .build().toString();
+ driver.navigate().to(timeOffsetUri);
+ waitUntilElement(By.tagName("body")).is().visible();
+ }
+
+
+}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..0dfd99c
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter.undertow.servlet;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("auth-server-undertow")
+public class UndertowOIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventTest.java
index 2d48ccc..3d33fdc 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventTest.java
@@ -19,11 +19,17 @@ package org.keycloak.testsuite.admin.event;
import org.junit.Before;
import org.junit.Test;
+import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.admin.client.resource.UsersResource;
+import org.keycloak.events.EventType;
+import org.keycloak.events.admin.OperationType;
import org.keycloak.representations.idm.AdminEventRepresentation;
import org.keycloak.representations.idm.AuthDetailsRepresentation;
+import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.admin.ApiUtil;
+import org.keycloak.testsuite.util.UserBuilder;
import java.util.Arrays;
import java.util.Collections;
@@ -127,4 +133,22 @@ public class AdminEventTest extends AbstractEventTest {
List<AdminEventRepresentation> events = testRealmResource().getAdminEvents(Arrays.asList("CREATE"), realmName(), null, null, null, null, null, null, null, null);
assertEquals(2, events.size());
}
+
+ @Test
+ public void defaultMaxResults() {
+ RealmResource realm = adminClient.realms().realm("test");
+ AdminEventRepresentation event = new AdminEventRepresentation();
+ event.setOperationType(OperationType.CREATE.toString());
+ event.setAuthDetails(new AuthDetailsRepresentation());
+ event.setRealmId(realm.toRepresentation().getId());
+
+ for (int i = 0; i < 110; i++) {
+ testingClient.testing("test").onAdminEvent(event, false);
+ }
+
+ assertEquals(100, realm.getAdminEvents(null, null, null, null, null, null, null, null, null, null).size());
+ assertEquals(105, realm.getAdminEvents(null, null, null, null, null, null, null, null, 0, 105).size());
+ assertTrue(realm.getAdminEvents(null, null, null, null, null, null, null, null, 0, 1000).size() >= 110);
+ }
+
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/LoginEventsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/LoginEventsTest.java
index a4fa8be..dc0d787 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/LoginEventsTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/LoginEventsTest.java
@@ -20,8 +20,13 @@ package org.keycloak.testsuite.admin.event;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Before;
import org.junit.Test;
+import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.admin.client.resource.UsersResource;
+import org.keycloak.events.EventBuilder;
+import org.keycloak.events.EventType;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.testsuite.console.page.events.LoginEvents;
+import org.keycloak.testsuite.util.UserBuilder;
import java.util.Arrays;
import java.util.List;
@@ -128,6 +133,22 @@ public class LoginEventsTest extends AbstractEventTest {
assertEquals(2, filteredEvents.size());
}
+ @Test
+ public void defaultMaxResults() {
+ RealmResource realm = adminClient.realms().realm("test");
+ EventRepresentation event = new EventRepresentation();
+ event.setRealmId(realm.toRepresentation().getId());
+ event.setType(EventType.LOGIN.toString());
+
+ for (int i = 0; i < 110; i++) {
+ testingClient.testing("test").onEvent(event);
+ }
+
+ assertEquals(100, realm.getEvents(null, null, null, null, null, null, null, null).size());
+ assertEquals(105, realm.getEvents(null, null, null, null, null, null, 0, 105).size());
+ assertTrue(realm.getEvents(null, null, null, null, null, null, 0, 1000).size() >= 110);
+ }
+
/*
Removed this test because it takes too long. The default interval for
event cleanup is 15 minutes (900 seconds). I don't have time to figure out
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupMappersTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupMappersTest.java
index d61a517..a1e6b0a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupMappersTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupMappersTest.java
@@ -32,10 +32,10 @@ import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
-import java.util.HashMap;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
+
+import static org.hamcrest.CoreMatchers.hasItems;
+import static org.hamcrest.MatcherAssert.assertThat;
/**
* @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
@@ -119,7 +119,7 @@ public class GroupMappersTest extends AbstractGroupTest {
Assert.assertNotNull(groups);
Assert.assertTrue(groups.size() == 1);
Assert.assertEquals("topGroup", groups.get(0));
- Assert.assertEquals("true", token.getOtherClaims().get("topAttribute"));
+ Assert.assertEquals(Collections.singletonList("true"), token.getOtherClaims().get("topAttribute"));
}
{
UserRepresentation user = realm.users().search("level2GroupUser", -1, -1).get(0);
@@ -132,8 +132,8 @@ public class GroupMappersTest extends AbstractGroupTest {
Assert.assertNotNull(groups);
Assert.assertTrue(groups.size() == 1);
Assert.assertEquals("level2group", groups.get(0));
- Assert.assertEquals("true", token.getOtherClaims().get("topAttribute"));
- Assert.assertEquals("true", token.getOtherClaims().get("level2Attribute"));
+ Assert.assertEquals(Collections.singletonList("true"), token.getOtherClaims().get("topAttribute"));
+ Assert.assertEquals(Collections.singletonList("true"), token.getOtherClaims().get("level2Attribute"));
}
}
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
index 1f0274e..d16626f 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
@@ -19,8 +19,11 @@ package org.keycloak.testsuite.admin.group;
import org.junit.Assert;
import org.junit.Test;
+import org.keycloak.admin.client.resource.GroupResource;
+import org.keycloak.admin.client.resource.GroupsResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.RoleMappingResource;
+import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.Constants;
@@ -578,4 +581,28 @@ public class GroupTest extends AbstractGroupTest {
assertThat(userClient.realms().findAll(), // Any admin operation will do
not(empty()));
}
+
+ @Test
+ public void defaultMaxResults() {
+ GroupsResource groups = adminClient.realms().realm("test").groups();
+ Response response = groups.add(GroupBuilder.create().name("test").build());
+ String groupId = ApiUtil.getCreatedId(response);
+ response.close();
+
+ GroupResource group = groups.group(groupId);
+
+ UsersResource users = adminClient.realms().realm("test").users();
+
+ for (int i = 0; i < 110; i++) {
+ Response r = users.create(UserBuilder.create().username("test-" + i).build());
+ String userId = ApiUtil.getCreatedId(r);
+ r.close();
+
+ users.get(userId).joinGroup(groupId);
+ }
+
+ assertEquals(100, group.members(null, null).size());
+ assertEquals(105, group.members(0, 105).size());
+ assertEquals(110, group.members(0, 1000).size());
+ }
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java
index 545fbff..5b4777b 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java
@@ -28,6 +28,7 @@ import org.keycloak.admin.client.resource.IdentityProviderResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.RoleMappingResource;
import org.keycloak.admin.client.resource.UserResource;
+import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.Constants;
@@ -847,6 +848,19 @@ public class UserTest extends AbstractAdminTest {
assertNames(roles.clientLevel(clientUuid).listAll(), "client-composite");
}
+ @Test
+ public void defaultMaxResults() {
+ UsersResource users = adminClient.realms().realm("test").users();
+
+ for (int i = 0; i < 110; i++) {
+ users.create(UserBuilder.create().username("test-" + i).build()).close();
+ }
+
+ assertEquals(100, users.search("test", null, null).size());
+ assertEquals(105, users.search("test", 0, 105).size());
+ assertEquals(111, users.search("test", 0, 1000).size());
+ }
+
private void switchEditUsernameAllowedOn() {
RealmRepresentation rep = realm.toRepresentation();
rep.setEditUsernameAllowed(true);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractUserAttributeMapperTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractUserAttributeMapperTest.java
index 2e5c4c6..f5e9d2e 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractUserAttributeMapperTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractUserAttributeMapperTest.java
@@ -238,7 +238,6 @@ public abstract class AbstractUserAttributeMapperTest extends AbstractBaseBroker
}
@Test
- @Ignore("Unignore to test KEYCLOAK-3648")
public void testBasicMappingMultipleValues() {
testValueMapping(ImmutableMap.<String, List<String>>builder()
.put(ATTRIBUTE_TO_MAP_NAME, ImmutableList.<String>builder().add("value 1").add("value 2").build())
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
index 06ebacd..15a8b6b 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
@@ -127,6 +127,26 @@ public class LoginTotpTest extends TestRealmKeycloakTest {
events.expectLogin().assertEvent();
}
+ // KEYCLOAK-3835
+ @Test
+ public void loginWithTotpRefreshTotpPage() throws Exception {
+ loginPage.open();
+ loginPage.login("test-user@localhost", "password");
+
+ Assert.assertTrue(loginTotpPage.isCurrent());
+
+ // Refresh TOTP page
+ driver.navigate().refresh();
+
+ System.out.println(driver.getPageSource());
+
+ loginTotpPage.login(totp.generateTOTP("totpSecret"));
+
+ Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+
+ events.expectLogin().assertEvent();
+ }
+
@Test
public void loginWithTotpCancel() throws Exception {
loginPage.open();
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
index 36cab0b..223a3f6 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
@@ -285,7 +285,7 @@ public class OfflineTokenTest extends AbstractKeycloakTest {
oauth.scope(OAuth2Constants.OFFLINE_ACCESS);
oauth.clientId("offline-client");
OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("secret1", "test-user@localhost", "password");
- tokenResponse.getErrorDescription();
+ Assert.assertNull(tokenResponse.getErrorDescription());
AccessToken token = oauth.verifyToken(tokenResponse.getAccessToken());
String offlineTokenString = tokenResponse.getRefreshToken();
RefreshToken offlineToken = oauth.verifyRefreshToken(offlineTokenString);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OIDCProtocolMappersTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OIDCProtocolMappersTest.java
index ac86d20..b896588 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OIDCProtocolMappersTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OIDCProtocolMappersTest.java
@@ -29,7 +29,9 @@ import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ProtocolMappersResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
+import org.keycloak.protocol.oidc.mappers.AddressMapper;
import org.keycloak.representations.AccessToken;
+import org.keycloak.representations.AddressClaimSet;
import org.keycloak.representations.IDToken;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
@@ -96,11 +98,13 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
user.singleAttribute("street", "5 Yawkey Way");
user.singleAttribute("locality", "Boston");
- user.singleAttribute("region", "MA");
+ user.singleAttribute("region_some", "MA"); // Custom name for userAttribute name, which will be mapped to region
user.singleAttribute("postal_code", "02115");
user.singleAttribute("country", "USA");
+ user.singleAttribute("formatted", "6 Foo Street");
user.singleAttribute("phone", "617-777-6666");
+
List<String> departments = Arrays.asList("finance", "development");
user.getAttributes().put("departments", departments);
userResource.update(user);
@@ -108,6 +112,9 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
ProtocolMapperRepresentation mapper = createAddressMapper(true, true);
+ mapper.getConfig().put(AddressMapper.getModelPropertyName(AddressClaimSet.REGION), "region_some");
+ mapper.getConfig().put(AddressMapper.getModelPropertyName(AddressClaimSet.COUNTRY), "country_some");
+ mapper.getConfig().remove(AddressMapper.getModelPropertyName(AddressClaimSet.POSTAL_CODE)); // Even if we remove protocolMapper config property, it should still default to postal_code
app.getProtocolMappers().createMapper(mapper);
ProtocolMapperRepresentation hard = createHardcodedClaim("hard", "hard", "coded", "String", false, null, true, true);
@@ -131,14 +138,15 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
assertEquals(idToken.getAddress().getLocality(), "Boston");
assertEquals(idToken.getAddress().getRegion(), "MA");
assertEquals(idToken.getAddress().getPostalCode(), "02115");
- assertEquals(idToken.getAddress().getCountry(), "USA");
+ assertNull(idToken.getAddress().getCountry()); // Null because we changed userAttribute name to "country_some", but user contains "country"
+ assertEquals(idToken.getAddress().getFormattedAddress(), "6 Foo Street");
assertNotNull(idToken.getOtherClaims().get("home_phone"));
- assertEquals("617-777-6666", idToken.getOtherClaims().get("home_phone"));
+ assertThat((List<String>) idToken.getOtherClaims().get("home_phone"), hasItems("617-777-6666"));
assertEquals("coded", idToken.getOtherClaims().get("hard"));
Map nested = (Map) idToken.getOtherClaims().get("nested");
assertEquals("coded-nested", nested.get("hard"));
nested = (Map) idToken.getOtherClaims().get("home");
- assertEquals("617-777-6666", nested.get("phone"));
+ assertThat((List<String>) nested.get("phone"), hasItems("617-777-6666"));
List<String> departments = (List<String>) idToken.getOtherClaims().get("department");
assertEquals(2, departments.size());
assertTrue(departments.contains("finance") && departments.contains("development"));
@@ -150,14 +158,15 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
assertEquals(accessToken.getAddress().getLocality(), "Boston");
assertEquals(accessToken.getAddress().getRegion(), "MA");
assertEquals(accessToken.getAddress().getPostalCode(), "02115");
- assertEquals(accessToken.getAddress().getCountry(), "USA");
+ assertNull(idToken.getAddress().getCountry()); // Null because we changed userAttribute name to "country_some", but user contains "country"
+ assertEquals(idToken.getAddress().getFormattedAddress(), "6 Foo Street");
assertNotNull(accessToken.getOtherClaims().get("home_phone"));
- assertEquals("617-777-6666", accessToken.getOtherClaims().get("home_phone"));
+ assertThat((List<String>) accessToken.getOtherClaims().get("home_phone"), hasItems("617-777-6666"));
assertEquals("coded", accessToken.getOtherClaims().get("hard"));
nested = (Map) accessToken.getOtherClaims().get("nested");
assertEquals("coded-nested", nested.get("hard"));
nested = (Map) accessToken.getOtherClaims().get("home");
- assertEquals("617-777-6666", nested.get("phone"));
+ assertThat((List<String>) nested.get("phone"), hasItems("617-777-6666"));
departments = (List<String>) idToken.getOtherClaims().get("department");
assertEquals(2, departments.size());
assertTrue(departments.contains("finance") && departments.contains("development"));
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ServiceAccountTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ServiceAccountTest.java
index c3b05cb..cfd7907 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ServiceAccountTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ServiceAccountTest.java
@@ -232,14 +232,14 @@ public class ServiceAccountTest extends AbstractKeycloakTest {
RefreshToken refreshToken = oauth.verifyRefreshToken(response.getRefreshToken());
Assert.assertEquals("updated-client", accessToken.getOtherClaims().get(ServiceAccountConstants.CLIENT_ID));
- // Username still same. Client ID changed
+ // Username updated after client ID changed
events.expectClientLogin()
.client("updated-client")
.user(userId)
.session(accessToken.getSessionState())
.detail(Details.TOKEN_ID, accessToken.getId())
.detail(Details.REFRESH_TOKEN_ID, refreshToken.getId())
- .detail(Details.USERNAME, ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + "service-account-cl")
+ .detail(Details.USERNAME, ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + "updated-client")
.assertEvent();
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/keycloak.json
index 3620170..400fac3 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/keycloak.json
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/keycloak.json
@@ -1,10 +1,10 @@
{
"realm" : "demo",
"resource" : "customer-db",
- "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url": "http://localhost:8180/auth",
"ssl-required" : "external",
"bearer-only" : true,
- "enable-cors" : true
+ "enable-cors" : true,
+ "public-key-cache-ttl": 600
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml
index cebfe6f..56ed0e7 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml
@@ -23,11 +23,22 @@
<module-name>customer-db</module-name>
+
+ <filter>
+ <filter-name>AdapterActionsFilter</filter-name>
+ <filter-class>org.keycloak.testsuite.adapter.filter.AdapterActionsFilter</filter-class>
+ </filter>
+
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
</servlet>
+ <filter-mapping>
+ <filter-name>AdapterActionsFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
@@ -42,6 +53,12 @@
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Unsecured</web-resource-name>
+ <url-pattern>/unsecured/*</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
<login-config>
<auth-method>KEYCLOAK</auth-method>
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json
index d65fa94..b1f70e2 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json
@@ -118,6 +118,13 @@
],
"clients": [
{
+ "clientId": "customer-db",
+ "enabled": true,
+ "adminUrl": "/customer-db",
+ "baseUrl": "/customer-db",
+ "bearerOnly": true
+ },
+ {
"clientId": "customer-portal",
"enabled": true,
"adminUrl": "/customer-portal",
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/secure-portal/WEB-INF/keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/secure-portal/WEB-INF/keycloak.json
index de290de..f3fa1a5 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/secure-portal/WEB-INF/keycloak.json
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/secure-portal/WEB-INF/keycloak.json
@@ -1,6 +1,5 @@
{
"realm": "demo",
- "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url": "http://localhost:8180/auth",
"ssl-required": "external",
"resource": "secure-portal",
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/pom.xml
index 832de00..807e22f 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-as7</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/src/test/java/org/keycloak/testsuite/adapter/AS7OIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/src/test/java/org/keycloak/testsuite/adapter/AS7OIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..50cc0e9
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/as7/src/test/java/org/keycloak/testsuite/adapter/AS7OIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("app-server-as7")
+public class AS7OIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/pom.xml
index 54e8084..7f828eb 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-eap</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/src/test/java/org/keycloak/testsuite/adapter/EAPOIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/src/test/java/org/keycloak/testsuite/adapter/EAPOIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..df936d8
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap/src/test/java/org/keycloak/testsuite/adapter/EAPOIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("app-server-eap")
+public class EAPOIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/pom.xml
index c8b9bd5..0cc9426 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-eap6</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/src/test/java/org/keycloak/testsuite/adapter/EAP6OIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/src/test/java/org/keycloak/testsuite/adapter/EAP6OIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..607ead8
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/src/test/java/org/keycloak/testsuite/adapter/EAP6OIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("app-server-eap6")
+public class EAP6OIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6-fuse/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6-fuse/pom.xml
index d59e6b0..9e3588e 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6-fuse/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/eap6-fuse/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-eap6-fuse</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/pom.xml
index 17a362f..1c6e70e 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/eap/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/eap/pom.xml
index 3581186..038c40e 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/eap/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/eap/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss-relative</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-relative-eap</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/pom.xml
index 16b40b5..9fd8858 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<packaging>pom</packaging>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/wildfly/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/wildfly/pom.xml
index 8899d0a..34d2d61 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/wildfly/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/relative/wildfly/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss-relative</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-relative-wildfly</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/pom.xml
index fb46217..6d6f0f9 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-wildfly</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/WildflyOIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/WildflyOIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..d54889b
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/WildflyOIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("app-server-wildfly")
+public class WildflyOIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/pom.xml
index f08f7b9..c0901a5 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-wildfly8</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/src/test/java/org/keycloak/testsuite/adapter/Wildfly8OIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/src/test/java/org/keycloak/testsuite/adapter/Wildfly8OIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..0cad5fc
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly8/src/test/java/org/keycloak/testsuite/adapter/Wildfly8OIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("app-server-wildfly8")
+public class Wildfly8OIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/pom.xml
index 73aba18..afd4c65 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-jboss</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-wildfly9</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/src/test/java/org/keycloak/testsuite/adapter/Wildfly9OIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/src/test/java/org/keycloak/testsuite/adapter/Wildfly9OIDCPublicKeyRotationAdapterTest.java
new file mode 100644
index 0000000..a1b8118
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly9/src/test/java/org/keycloak/testsuite/adapter/Wildfly9OIDCPublicKeyRotationAdapterTest.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.adapter;
+
+import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest;
+import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+@AppServerContainer("app-server-wildfly9")
+public class Wildfly9OIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest {
+}
diff --git a/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse61/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse61/pom.xml
index 56e177c..f6b75ca 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse61/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse61/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-fuse61</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse62/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse62/pom.xml
index c5a7eb8..d7a3636 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse62/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse62/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-fuse62</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse63/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse63/pom.xml
index ec311a6..2265346 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse63/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/karaf/fuse63/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-fuse63</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/karaf/karaf3/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/karaf/karaf3/pom.xml
index 91a4b54..0e6eb39 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/karaf/karaf3/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/karaf/karaf3/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-karaf</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-karaf3</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/karaf/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/karaf/pom.xml
index 6393b23..02ba176 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/karaf/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/karaf/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-karaf</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/pom.xml
index 646a919..2f722f7 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/tomcat/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/tomcat/pom.xml
index c0e89f1..64fe6bf 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/tomcat/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/tomcat/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat7/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat7/pom.xml
index f565843..b67fb8f 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat7/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat7/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-tomcat7</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat8/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat8/pom.xml
index 1f32e6d..67ce9fc 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat8/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat8/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-tomcat8</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat9/pom.xml b/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat9/pom.xml
index 90ceb8e..96876e6 100644
--- a/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat9/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/adapters/tomcat/tomcat9/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-adapters-tomcat9</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/clean-start/pom.xml b/testsuite/integration-arquillian/tests/other/clean-start/pom.xml
index d164e6a..6c975c9 100644
--- a/testsuite/integration-arquillian/tests/other/clean-start/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/clean-start/pom.xml
@@ -23,7 +23,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-smoke-clean-start</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/console/pom.xml b/testsuite/integration-arquillian/tests/other/console/pom.xml
index 77d18aa..5390cf0 100644
--- a/testsuite/integration-arquillian/tests/other/console/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/console/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-console</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/console_no_users/pom.xml b/testsuite/integration-arquillian/tests/other/console_no_users/pom.xml
index cf29acd..a48b81d 100644
--- a/testsuite/integration-arquillian/tests/other/console_no_users/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/console_no_users/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-console-no-users</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/jpa-performance/pom.xml b/testsuite/integration-arquillian/tests/other/jpa-performance/pom.xml
index 171cc64..a72798b 100644
--- a/testsuite/integration-arquillian/tests/other/jpa-performance/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/jpa-performance/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-jpa-performance</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/mod_auth_mellon/pom.xml b/testsuite/integration-arquillian/tests/other/mod_auth_mellon/pom.xml
index b2bd630..77272e2 100644
--- a/testsuite/integration-arquillian/tests/other/mod_auth_mellon/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/mod_auth_mellon/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-other-mod_auth_mellon</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/nodejs_adapter/pom.xml b/testsuite/integration-arquillian/tests/other/nodejs_adapter/pom.xml
index 2e3d915..b7f0689 100644
--- a/testsuite/integration-arquillian/tests/other/nodejs_adapter/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/nodejs_adapter/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests-other</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-nodejs-adapter</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/pom.xml b/testsuite/integration-arquillian/tests/other/pom.xml
index ae956fa..4838f7e 100644
--- a/testsuite/integration-arquillian/tests/other/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-tests</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>integration-arquillian-tests-other</artifactId>
diff --git a/testsuite/integration-arquillian/tests/other/sssd/pom.xml b/testsuite/integration-arquillian/tests/other/sssd/pom.xml
index 8269427..5c0abdb 100644
--- a/testsuite/integration-arquillian/tests/other/sssd/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/sssd/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian-tests-other</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index bb9e838..ce348e9 100755
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -24,7 +24,7 @@
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<packaging>pom</packaging>
diff --git a/testsuite/integration-arquillian/test-utils/pom.xml b/testsuite/integration-arquillian/test-utils/pom.xml
index 5fb3607..5e179e1 100644
--- a/testsuite/integration-arquillian/test-utils/pom.xml
+++ b/testsuite/integration-arquillian/test-utils/pom.xml
@@ -5,7 +5,7 @@
<parent>
<artifactId>integration-arquillian</artifactId>
<groupId>org.keycloak.testsuite</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/jetty/jetty81/pom.xml 2(+1 -1)
diff --git a/testsuite/jetty/jetty81/pom.xml b/testsuite/jetty/jetty81/pom.xml
index 9fcabbf..4fa3829 100755
--- a/testsuite/jetty/jetty81/pom.xml
+++ b/testsuite/jetty/jetty81/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/jetty/jetty91/pom.xml 2(+1 -1)
diff --git a/testsuite/jetty/jetty91/pom.xml b/testsuite/jetty/jetty91/pom.xml
index da1d2b8..b24c1e6 100755
--- a/testsuite/jetty/jetty91/pom.xml
+++ b/testsuite/jetty/jetty91/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/jetty/jetty92/pom.xml 2(+1 -1)
diff --git a/testsuite/jetty/jetty92/pom.xml b/testsuite/jetty/jetty92/pom.xml
index d55eee7..a3df7a6 100755
--- a/testsuite/jetty/jetty92/pom.xml
+++ b/testsuite/jetty/jetty92/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/jetty/jetty93/pom.xml 2(+1 -1)
diff --git a/testsuite/jetty/jetty93/pom.xml b/testsuite/jetty/jetty93/pom.xml
index eb2ba4f..b686d2e 100644
--- a/testsuite/jetty/jetty93/pom.xml
+++ b/testsuite/jetty/jetty93/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/jetty/pom.xml 2(+1 -1)
diff --git a/testsuite/jetty/pom.xml b/testsuite/jetty/pom.xml
index 2c59a7d..d51e880 100755
--- a/testsuite/jetty/pom.xml
+++ b/testsuite/jetty/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<name>Keycloak SAML Jetty Testsuite Integration</name>
testsuite/pom.xml 2(+1 -1)
diff --git a/testsuite/pom.xml b/testsuite/pom.xml
index fb0c228..eb7da68 100755
--- a/testsuite/pom.xml
+++ b/testsuite/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/proxy/pom.xml 2(+1 -1)
diff --git a/testsuite/proxy/pom.xml b/testsuite/proxy/pom.xml
index 7530893..603cc2e 100755
--- a/testsuite/proxy/pom.xml
+++ b/testsuite/proxy/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/tomcat6/pom.xml 2(+1 -1)
diff --git a/testsuite/tomcat6/pom.xml b/testsuite/tomcat6/pom.xml
index 5e3b7a0..b008373 100755
--- a/testsuite/tomcat6/pom.xml
+++ b/testsuite/tomcat6/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/tomcat7/pom.xml 2(+1 -1)
diff --git a/testsuite/tomcat7/pom.xml b/testsuite/tomcat7/pom.xml
index eb0d3f0..a5f9b35 100755
--- a/testsuite/tomcat7/pom.xml
+++ b/testsuite/tomcat7/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
testsuite/tomcat8/pom.xml 2(+1 -1)
diff --git a/testsuite/tomcat8/pom.xml b/testsuite/tomcat8/pom.xml
index d0c206b..21395da 100755
--- a/testsuite/tomcat8/pom.xml
+++ b/testsuite/tomcat8/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
themes/pom.xml 2(+1 -1)
diff --git a/themes/pom.xml b/themes/pom.xml
index fa98402..0e1ecd6 100755
--- a/themes/pom.xml
+++ b/themes/pom.xml
@@ -4,7 +4,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
index 29f1465..8cf09f3 100644
--- a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
+++ b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
@@ -170,8 +170,18 @@ sectorIdentifierUri.label=Sector Identifier URI
sectorIdentifierUri.tooltip=Providers that use pairwise sub values and support Dynamic Client Registration SHOULD use the sector_identifier_uri parameter. It provides a way for a group of websites under common administrative control to have consistent pairwise sub values independent of the individual domain names. It also provides a way for Clients to change redirect_uri domains without having to reregister all of their users.
pairwiseSubAlgorithmSalt.label=Salt
pairwiseSubAlgorithmSalt.tooltip=Salt used when calculating the pairwise subject identifier. If left blank, a salt will be generated.
-
-
+addressClaim.street.label=User Attribute Name for Street
+addressClaim.street.tooltip=Name of User Attribute, which will be used to map to 'street_address' subclaim inside 'address' token claim. Defaults to 'street' .
+addressClaim.locality.label=User Attribute Name for Locality
+addressClaim.locality.tooltip=Name of User Attribute, which will be used to map to 'locality' subclaim inside 'address' token claim. Defaults to 'locality' .
+addressClaim.region.label=User Attribute Name for Region
+addressClaim.region.tooltip=Name of User Attribute, which will be used to map to 'region' subclaim inside 'address' token claim. Defaults to 'region' .
+addressClaim.postal_code.label=User Attribute Name for Postal Code
+addressClaim.postal_code.tooltip=Name of User Attribute, which will be used to map to 'postal_code' subclaim inside 'address' token claim. Defaults to 'postal_code' .
+addressClaim.country.label=User Attribute Name for Country
+addressClaim.country.tooltip=Name of User Attribute, which will be used to map to 'country' subclaim inside 'address' token claim. Defaults to 'country' .
+addressClaim.formatted.label=User Attribute Name for Formatted Address
+addressClaim.formatted.tooltip=Name of User Attribute, which will be used to map to 'formatted' subclaim inside 'address' token claim. Defaults to 'formatted' .
# client details
clients.tooltip=Clients are trusted browser apps and web services in a realm. These clients can request a login. You can also define client specific roles.
diff --git a/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js b/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
index 5e6bdba..e451339 100644
--- a/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
@@ -2638,13 +2638,21 @@ module.controller('RealmImportCtrl', function($scope, realm, $route,
$scope.itemCount = function(section) {
if (!$scope.importing) return 0;
if ($scope.hasRealmRoles() && (section === 'roles.realm')) return $scope.fileContent.roles.realm.length;
- if ($scope.hasClientRoles() && (section === 'roles.client')) return Object.keys($scope.fileContent.roles.client).length;
+ if ($scope.hasClientRoles() && (section === 'roles.client')) return clientRolesCount($scope.fileContent.roles.client);
if (!$scope.fileContent.hasOwnProperty(section)) return 0;
return $scope.fileContent[section].length;
}
+ clientRolesCount = function(clientRoles) {
+ var total = 0;
+ for (var clientName in clientRoles) {
+ total += clientRoles[clientName].length;
+ }
+ return total;
+ }
+
$scope.hasResources = function() {
return ($scope.importUsers && $scope.hasArray('users')) ||
($scope.importGroups && $scope.hasArray('groups')) ||
diff --git a/themes/src/main/resources/theme/base/admin/resources/js/services.js b/themes/src/main/resources/theme/base/admin/resources/js/services.js
index d70ade2..b8cb2a3 100755
--- a/themes/src/main/resources/theme/base/admin/resources/js/services.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/services.js
@@ -197,6 +197,9 @@ module.factory('ComponentUtils', function() {
var utils = {};
utils.addLastEmptyValueToMultivaluedLists = function(properties, config) {
+ if (!properties) {
+ return;
+ }
for (var i=0 ; i<properties.length ; i++) {
var prop = properties[i];
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mapper-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mapper-detail.html
index a7c54f8..a6b6c5e 100755
--- a/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mapper-detail.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mapper-detail.html
@@ -1,7 +1,8 @@
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
<ol class="breadcrumb">
<li><a href="#/realms/{{realm.realm}}/identity-provider-settings">{{:: 'identity-providers' | translate}}</a></li>
- <li><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.displayName}}</a></li>
+ <li ng-show="identityProvider.diaplayName"><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.displayName}}</a></li>
+ <li ng-show="!identityProvider.diaplayName"><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.alias}}</a></li>
<li><a href="#/realms/{{realm.realm}}/identity-provider-mappers/{{identityProvider.alias}}/mappers">{{:: 'identity-provider-mappers' | translate}}</a></li>
<li class="active" data-ng-show="create">{{:: 'create-identity-provider-mapper' | translate}}</li>
<li class="active" data-ng-hide="create">{{mapper.name|capitalize}}</li>
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mappers.html b/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mappers.html
index 89bea67..c7c136b 100755
--- a/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mappers.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/identity-provider-mappers.html
@@ -1,7 +1,9 @@
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2">
<ol class="breadcrumb">
<li><a href="#/realms/{{realm.realm}}/identity-provider-settings">{{:: 'identity-providers' | translate}}</a></li>
- <li>{{identityProvider.displayName}}</li>
+ <li data-ng-show="identityProvider.displayName"><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.displayName}}</a></li>
+ <li data-ng-show="!identityProvider.displayName"><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.alias}}</a></li>
+ <li>{{:: 'mappers' | translate}}</li>
</ol>
<kc-tabs-identity-provider></kc-tabs-identity-provider>
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-export.html b/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-export.html
index 78645d2..742cdf4 100755
--- a/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-export.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/realm-identity-provider-export.html
@@ -1,7 +1,9 @@
<div class="col-sm-9 col-md-10 col-sm-push-3 col-md-push-2" data-ng-init="initProvider()">
<ol class="breadcrumb">
<li><a href="#/realms/{{realm.realm}}/identity-provider-settings">{{:: 'identity-providers' | translate}}</a></li>
- <li>{{identityProvider.displayName}}</li>
+ <li data-ng-show="identityProvider.displayName"><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.displayName}}</a></li>
+ <li data-ng-show="!identityProvider.displayName"><a href="#/realms/{{realm.realm}}/identity-provider-settings/provider/{{identityProvider.providerId}}/{{identityProvider.alias}}">{{identityProvider.alias}}</a></li>
+ <li>{{:: 'export' | translate}}</li>
</ol>
<kc-tabs-identity-provider></kc-tabs-identity-provider>
diff --git a/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload.js b/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload.js
new file mode 100644
index 0000000..0daaa69
--- /dev/null
+++ b/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload.js
@@ -0,0 +1,156 @@
+/**!
+ * AngularJS file upload/drop directive with http post and progress
+ * @author Danial <danial.farid@gmail.com>
+ * @version 1.1.10
+ */
+(function() {
+
+var angularFileUpload = angular.module('angularFileUpload', []);
+
+angularFileUpload.service('$upload', ['$http', '$rootScope', '$timeout', function($http, $rootScope, $timeout) {
+ this.upload = function(config) {
+ config.method = config.method || 'POST';
+ config.headers = config.headers || {};
+ config.headers['Content-Type'] = undefined;
+ config.transformRequest = config.transformRequest || $http.defaults.transformRequest;
+ var formData = new FormData();
+ if (config.data) {
+ for (var key in config.data) {
+ var val = config.data[key];
+ if (!config.formDataAppender) {
+ if (typeof config.transformRequest == 'function') {
+ val = config.transformRequest(val);
+ } else {
+ for (var i = 0; i < config.transformRequest.length; i++) {
+ var fn = config.transformRequest[i];
+ if (typeof fn == 'function') {
+ val = fn(val);
+ }
+ }
+ }
+ formData.append(key, val);
+ } else {
+ config.formDataAppender(formData, key, val);
+ }
+ }
+ }
+ config.transformRequest = angular.identity;
+ formData.append(config.fileFormDataName || 'file', config.file, config.file.name);
+
+ formData['__setXHR_'] = function(xhr) {
+ config.__XHR = xhr;
+ xhr.upload.addEventListener('progress', function(e) {
+ if (config.progress) {
+ $timeout(function() {
+ config.progress(e);
+ });
+ }
+ }, false);
+ //fix for firefox not firing upload progress end
+ xhr.upload.addEventListener('load', function(e) {
+ if (e.lengthComputable) {
+ $timeout(function() {
+ config.progress(e);
+ });
+ }
+ }, false);
+ };
+
+ config.data = formData;
+
+ var promise = $http(config);
+
+ promise.progress = function(fn) {
+ config.progress = fn;
+ return promise;
+ };
+
+ promise.abort = function() {
+ if (config.__XHR) {
+ $timeout(function() {
+ config.__XHR.abort();
+ });
+ }
+ return promise;
+ };
+ promise.then = (function(promise, origThen) {
+ return function(s, e, p) {
+ config.progress = p || config.progress;
+ origThen.apply(promise, [s, e, p]);
+ return promise;
+ };
+ })(promise, promise.then);
+
+ return promise;
+ };
+}]);
+
+angularFileUpload.directive('ngFileSelect', [ '$parse', '$http', '$timeout', function($parse, $http, $timeout) {
+ return function(scope, elem, attr) {
+ var fn = $parse(attr['ngFileSelect']);
+ elem.bind('change', function(evt) {
+ var files = [], fileList, i;
+ fileList = evt.target.files;
+ if (fileList != null) {
+ for (i = 0; i < fileList.length; i++) {
+ files.push(fileList.item(i));
+ }
+ }
+ $timeout(function() {
+ fn(scope, {
+ $files : files,
+ $event : evt
+ });
+ });
+ });
+ elem.bind('click', function(){
+ this.value = null;
+ });
+ };
+} ]);
+
+angularFileUpload.directive('ngFileDropAvailable', [ '$parse', '$http', '$timeout', function($parse, $http, $timeout) {
+ return function(scope, elem, attr) {
+ if ('draggable' in document.createElement('span')) {
+ var fn = $parse(attr['ngFileDropAvailable']);
+ $timeout(function() {
+ fn(scope);
+ });
+ }
+ };
+} ]);
+
+angularFileUpload.directive('ngFileDrop', [ '$parse', '$http', '$timeout', function($parse, $http, $timeout) {
+ return function(scope, elem, attr) {
+ if ('draggable' in document.createElement('span')) {
+ var fn = $parse(attr['ngFileDrop']);
+ elem[0].addEventListener("dragover", function(evt) {
+ evt.stopPropagation();
+ evt.preventDefault();
+ elem.addClass(attr['ngFileDragOverClass'] || "dragover");
+ }, false);
+ elem[0].addEventListener("dragleave", function(evt) {
+ elem.removeClass(attr['ngFileDragOverClass'] || "dragover");
+ }, false);
+ elem[0].addEventListener("drop", function(evt) {
+ evt.stopPropagation();
+ evt.preventDefault();
+ elem.removeClass(attr['ngFileDragOverClass'] || "dragover");
+ var files = [], fileList = evt.dataTransfer.files, i;
+ if (fileList != null) {
+ for (i = 0; i < fileList.length; i++) {
+ files.push(fileList.item(i));
+ }
+ }
+ $timeout(function() {
+ fn(scope, {
+ $files : files,
+ $event : evt
+ });
+ });
+ }, false);
+ }
+ };
+} ]);
+
+})();
diff --git a/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-html5-shim.js b/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-html5-shim.js
new file mode 100644
index 0000000..16ef155
--- /dev/null
+++ b/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-html5-shim.js
@@ -0,0 +1,25 @@
+/**!
+ * AngularJS file upload shim for angular XHR HTML5 browsers
+ * @author Danial <danial.farid@gmail.com>
+ * @version 1.1.10
+ */
+if (window.XMLHttpRequest) {
+ if (window.FormData) {
+ // allow access to Angular XHR private field: https://github.com/angular/angular.js/issues/1934
+ XMLHttpRequest = (function(origXHR) {
+ return function() {
+ var xhr = new origXHR();
+ xhr.send = (function(orig) {
+ return function() {
+ if (arguments[0] instanceof FormData && arguments[0].__setXHR_) {
+ var formData = arguments[0];
+ formData.__setXHR_(xhr);
+ }
+ orig.apply(xhr, arguments);
+ }
+ })(xhr.send);
+ return xhr;
+ }
+ })(XMLHttpRequest);
+ }
+}
diff --git a/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-shim.js b/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-shim.js
new file mode 100644
index 0000000..f526e58
--- /dev/null
+++ b/themes/src/main/resources/theme/keycloak/common/resources/lib/fileupload/angular-file-upload-shim.js
@@ -0,0 +1,215 @@
+/**!
+ * AngularJS file upload shim for HTML5 FormData
+ * @author Danial <danial.farid@gmail.com>
+ * @version 1.1.10
+ */
+(function() {
+
+if (window.XMLHttpRequest) {
+ if (window.FormData) {
+ // allow access to Angular XHR private field: https://github.com/angular/angular.js/issues/1934
+ XMLHttpRequest = (function(origXHR) {
+ return function() {
+ var xhr = new origXHR();
+ xhr.send = (function(orig) {
+ return function() {
+ if (arguments[0] instanceof FormData && arguments[0].__setXHR_) {
+ var formData = arguments[0];
+ formData.__setXHR_(xhr);
+ }
+ orig.apply(xhr, arguments);
+ }
+ })(xhr.send);
+ return xhr;
+ }
+ })(XMLHttpRequest);
+ } else {
+ XMLHttpRequest = (function(origXHR) {
+ return function() {
+ var xhr = new origXHR();
+ var origSend = xhr.send;
+ xhr.__requestHeaders = [];
+ xhr.open = (function(orig) {
+ xhr.upload = {
+ addEventListener: function(t, fn, b) {
+ if (t == 'progress') {
+ xhr.__progress = fn;
+ }
+ }
+ };
+ return function(m, url, b) {
+ orig.apply(xhr, [m, url, b]);
+ xhr.__url = url;
+ }
+ })(xhr.open);
+ xhr.getResponseHeader = (function(orig) {
+ return function(h) {
+ return xhr.__fileApiXHR ? xhr.__fileApiXHR.getResponseHeader(h) : orig.apply(xhr, [h]);
+ }
+ })(xhr.getResponseHeader);
+ xhr.getAllResponseHeaders = (function(orig) {
+ return function() {
+ return xhr.__fileApiXHR ? xhr.__fileApiXHR.getAllResponseHeaders() : orig.apply(xhr);
+ }
+ })(xhr.getAllResponseHeaders);
+ xhr.abort = (function(orig) {
+ return function() {
+ return xhr.__fileApiXHR ? xhr.__fileApiXHR.abort() : (orig == null ? null : orig.apply(xhr));
+ }
+ })(xhr.abort);
+ xhr.send = function() {
+ if (arguments[0] != null && arguments[0].__isShim && arguments[0].__setXHR_) {
+ var formData = arguments[0];
+ if (arguments[0].__setXHR_) {
+ var formData = arguments[0];
+ formData.__setXHR_(xhr);
+ }
+ var config = {
+ url: xhr.__url,
+ complete: function(err, fileApiXHR) {
+ Object.defineProperty(xhr, 'status', {get: function() {return fileApiXHR.status}});
+ Object.defineProperty(xhr, 'statusText', {get: function() {return fileApiXHR.statusText}});
+ Object.defineProperty(xhr, 'readyState', {get: function() {return 4}});
+ Object.defineProperty(xhr, 'response', {get: function() {return fileApiXHR.response}});
+ Object.defineProperty(xhr, 'responseText', {get: function() {return fileApiXHR.responseText}});
+ xhr.__fileApiXHR = fileApiXHR;
+ xhr.onreadystatechange();
+ },
+ progress: function(e) {
+ xhr.__progress(e);
+ },
+ headers: xhr.__requestHeaders
+ }
+ config.data = {};
+ config.files = {}
+ for (var i = 0; i < formData.data.length; i++) {
+ var item = formData.data[i];
+ if (item.val != null && item.val.name != null && item.val.size != null && item.val.type != null) {
+ config.files[item.key] = item.val;
+ } else {
+ config.data[item.key] = item.val;
+ }
+ }
+
+ setTimeout(function() {
+ xhr.__fileApiXHR = FileAPI.upload(config);
+ }, 1);
+ } else {
+ origSend.apply(xhr, arguments);
+ }
+ }
+ return xhr;
+ }
+ })(XMLHttpRequest);
+ }
+}
+
+if (!window.FormData) {
+ var hasFlash = false;
+ try {
+ var fo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash');
+ if (fo) hasFlash = true;
+ } catch(e) {
+ if (navigator.mimeTypes["application/x-shockwave-flash"] != undefined) hasFlash = true;
+ }
+ var wrapFileApi = function(elem) {
+ if (!elem.__isWrapped && (elem.getAttribute('ng-file-select') != null || elem.getAttribute('data-ng-file-select') != null)) {
+ var wrap = document.createElement('div');
+ wrap.innerHTML = '<div class="js-fileapi-wrapper" style="position:relative; overflow:hidden"></div>';
+ wrap = wrap.firstChild;
+ var parent = elem.parentNode;
+ parent.insertBefore(wrap, elem);
+ parent.removeChild(elem);
+ wrap.appendChild(elem);
+ if (!hasFlash) {
+ wrap.appendChild(document.createTextNode('Flash is required'));
+ }
+ elem.__isWrapped = true;
+ }
+ };
+ var changeFnWrapper = function(fn) {
+ return function(evt) {
+ var files = FileAPI.getFiles(evt);
+ if (!evt.target) {
+ evt.target = {};
+ }
+ evt.target.files = files;
+ evt.target.files.item = function(i) {
+ return evt.target.files[i] || null;
+ }
+ fn(evt);
+ };
+ };
+ var isFileChange = function(elem, e) {
+ return (e.toLowerCase() === 'change' || e.toLowerCase() === 'onchange') && elem.getAttribute('type') == 'file';
+ }
+ if (HTMLInputElement.prototype.addEventListener) {
+ HTMLInputElement.prototype.addEventListener = (function(origAddEventListener) {
+ return function(e, fn, b, d) {
+ if (isFileChange(this, e)) {
+ wrapFileApi(this);
+ origAddEventListener.apply(this, [e, changeFnWrapper(fn), b, d]);
+ } else {
+ origAddEventListener.apply(this, [e, fn, b, d]);
+ }
+ }
+ })(HTMLInputElement.prototype.addEventListener);
+ }
+ if (HTMLInputElement.prototype.attachEvent) {
+ HTMLInputElement.prototype.attachEvent = (function(origAttachEvent) {
+ return function(e, fn) {
+ if (isFileChange(this, e)) {
+ wrapFileApi(this);
+ origAttachEvent.apply(this, [e, changeFnWrapper(fn)]);
+ } else {
+ origAttachEvent.apply(this, [e, fn]);
+ }
+ }
+ })(HTMLInputElement.prototype.attachEvent);
+ }
+
+ window.FormData = FormData = function() {
+ return {
+ append: function(key, val, name) {
+ this.data.push({
+ key: key,
+ val: val,
+ name: name
+ });
+ },
+ data: [],
+ __isShim: true
+ };
+ };
+
+ (function () {
+ //load FileAPI
+ if (!window.FileAPI || !FileAPI.upload) {
+ var base = '', script = document.createElement('script'), allScripts = document.getElementsByTagName('script'), i, index, src;
+ if (window.FileAPI && window.FileAPI.jsPath) {
+ base = window.FileAPI.jsPath;
+ } else {
+ for (i = 0; i < allScripts.length; i++) {
+ src = allScripts[i].src;
+ index = src.indexOf('angular-file-upload-shim.js')
+ if (index == -1) {
+ index = src.indexOf('angular-file-upload-shim.min.js');
+ }
+ if (index > -1) {
+ base = src.substring(0, index);
+ break;
+ }
+ }
+ }
+
+ if (!window.FileAPI || FileAPI.staticPath == null) {
+ FileAPI = {
+ staticPath: base
+ }
+ }
+
+ script.setAttribute('src', base + "FileAPI.min.js");
+ document.getElementsByTagName('head')[0].appendChild(script);
+ }
+ })();
+}})();
\ No newline at end of file
diff --git a/themes/src/main/resources/theme/keycloak/common/resources/lib/select2-3.4.1/select2.js b/themes/src/main/resources/theme/keycloak/common/resources/lib/select2-3.4.1/select2.js
new file mode 100644
index 0000000..a496071
--- /dev/null
+++ b/themes/src/main/resources/theme/keycloak/common/resources/lib/select2-3.4.1/select2.js
@@ -0,0 +1,3137 @@
+/*
+Copyright 2012 Igor Vaynberg
+
+Version: 3.4.1 Timestamp: Thu Jun 27 18:02:10 PDT 2013
+
+This software is licensed under the Apache License, Version 2.0 (the "Apache License") or the GNU
+General Public License version 2 (the "GPL License"). You may choose either license to govern your
+use of this software only upon the condition that you accept all of the terms of either the Apache
+License or the GPL License.
+
+You may obtain a copy of the Apache License and the GPL License at:
+
+ http://www.apache.org/licenses/LICENSE-2.0
+ http://www.gnu.org/licenses/gpl-2.0.html
+
+Unless required by applicable law or agreed to in writing, software distributed under the
+Apache License or the GPL Licesnse is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+CONDITIONS OF ANY KIND, either express or implied. See the Apache License and the GPL License for
+the specific language governing permissions and limitations under the Apache License and the GPL License.
+*/
+(function ($) {
+ if(typeof $.fn.each2 == "undefined") {
+ $.fn.extend({
+ /*
+ * 4-10 times faster .each replacement
+ * use it carefully, as it overrides jQuery context of element on each iteration
+ */
+ each2 : function (c) {
+ var j = $([0]), i = -1, l = this.length;
+ while (
+ ++i < l
+ && (j.context = j[0] = this[i])
+ && c.call(j[0], i, j) !== false //"this"=DOM, i=index, j=jQuery object
+ );
+ return this;
+ }
+ });
+ }
+})(jQuery);
+
+(function ($, undefined) {
+ "use strict";
+ /*global document, window, jQuery, console */
+
+ if (window.Select2 !== undefined) {
+ return;
+ }
+
+ var KEY, AbstractSelect2, SingleSelect2, MultiSelect2, nextUid, sizer,
+ lastMousePosition={x:0,y:0}, $document, scrollBarDimensions,
+
+ KEY = {
+ TAB: 9,
+ ENTER: 13,
+ ESC: 27,
+ SPACE: 32,
+ LEFT: 37,
+ UP: 38,
+ RIGHT: 39,
+ DOWN: 40,
+ SHIFT: 16,
+ CTRL: 17,
+ ALT: 18,
+ PAGE_UP: 33,
+ PAGE_DOWN: 34,
+ HOME: 36,
+ END: 35,
+ BACKSPACE: 8,
+ DELETE: 46,
+ isArrow: function (k) {
+ k = k.which ? k.which : k;
+ switch (k) {
+ case KEY.LEFT:
+ case KEY.RIGHT:
+ case KEY.UP:
+ case KEY.DOWN:
+ return true;
+ }
+ return false;
+ },
+ isControl: function (e) {
+ var k = e.which;
+ switch (k) {
+ case KEY.SHIFT:
+ case KEY.CTRL:
+ case KEY.ALT:
+ return true;
+ }
+
+ if (e.metaKey) return true;
+
+ return false;
+ },
+ isFunctionKey: function (k) {
+ k = k.which ? k.which : k;
+ return k >= 112 && k <= 123;
+ }
+ },
+ MEASURE_SCROLLBAR_TEMPLATE = "<div class='select2-measure-scrollbar'></div>";
+
+ $document = $(document);
+
+ nextUid=(function() { var counter=1; return function() { return counter++; }; }());
+
+ function indexOf(value, array) {
+ var i = 0, l = array.length;
+ for (; i < l; i = i + 1) {
+ if (equal(value, array[i])) return i;
+ }
+ return -1;
+ }
+
+ function measureScrollbar () {
+ var $template = $( MEASURE_SCROLLBAR_TEMPLATE );
+ $template.appendTo('body');
+
+ var dim = {
+ width: $template.width() - $template[0].clientWidth,
+ height: $template.height() - $template[0].clientHeight
+ };
+ $template.remove();
+
+ return dim;
+ }
+
+ /**
+ * Compares equality of a and b
+ * @param a
+ * @param b
+ */
+ function equal(a, b) {
+ if (a === b) return true;
+ if (a === undefined || b === undefined) return false;
+ if (a === null || b === null) return false;
+ // Check whether 'a' or 'b' is a string (primitive or object).
+ // The concatenation of an empty string (+'') converts its argument to a string's primitive.
+ if (a.constructor === String) return a+'' === b+''; // a+'' - in case 'a' is a String object
+ if (b.constructor === String) return b+'' === a+''; // b+'' - in case 'b' is a String object
+ return false;
+ }
+
+ /**
+ * Splits the string into an array of values, trimming each value. An empty array is returned for nulls or empty
+ * strings
+ * @param string
+ * @param separator
+ */
+ function splitVal(string, separator) {
+ var val, i, l;
+ if (string === null || string.length < 1) return [];
+ val = string.split(separator);
+ for (i = 0, l = val.length; i < l; i = i + 1) val[i] = $.trim(val[i]);
+ return val;
+ }
+
+ function getSideBorderPadding(element) {
+ return element.outerWidth(false) - element.width();
+ }
+
+ function installKeyUpChangeEvent(element) {
+ var key="keyup-change-value";
+ element.on("keydown", function () {
+ if ($.data(element, key) === undefined) {
+ $.data(element, key, element.val());
+ }
+ });
+ element.on("keyup", function () {
+ var val= $.data(element, key);
+ if (val !== undefined && element.val() !== val) {
+ $.removeData(element, key);
+ element.trigger("keyup-change");
+ }
+ });
+ }
+
+ $document.on("mousemove", function (e) {
+ lastMousePosition.x = e.pageX;
+ lastMousePosition.y = e.pageY;
+ });
+
+ /**
+ * filters mouse events so an event is fired only if the mouse moved.
+ *
+ * filters out mouse events that occur when mouse is stationary but
+ * the elements under the pointer are scrolled.
+ */
+ function installFilteredMouseMove(element) {
+ element.on("mousemove", function (e) {
+ var lastpos = lastMousePosition;
+ if (lastpos === undefined || lastpos.x !== e.pageX || lastpos.y !== e.pageY) {
+ $(e.target).trigger("mousemove-filtered", e);
+ }
+ });
+ }
+
+ /**
+ * Debounces a function. Returns a function that calls the original fn function only if no invocations have been made
+ * within the last quietMillis milliseconds.
+ *
+ * @param quietMillis number of milliseconds to wait before invoking fn
+ * @param fn function to be debounced
+ * @param ctx object to be used as this reference within fn
+ * @return debounced version of fn
+ */
+ function debounce(quietMillis, fn, ctx) {
+ ctx = ctx || undefined;
+ var timeout;
+ return function () {
+ var args = arguments;
+ window.clearTimeout(timeout);
+ timeout = window.setTimeout(function() {
+ fn.apply(ctx, args);
+ }, quietMillis);
+ };
+ }
+
+ /**
+ * A simple implementation of a thunk
+ * @param formula function used to lazily initialize the thunk
+ * @return {Function}
+ */
+ function thunk(formula) {
+ var evaluated = false,
+ value;
+ return function() {
+ if (evaluated === false) { value = formula(); evaluated = true; }
+ return value;
+ };
+ };
+
+ function installDebouncedScroll(threshold, element) {
+ var notify = debounce(threshold, function (e) { element.trigger("scroll-debounced", e);});
+ element.on("scroll", function (e) {
+ if (indexOf(e.target, element.get()) >= 0) notify(e);
+ });
+ }
+
+ function focus($el) {
+ if ($el[0] === document.activeElement) return;
+
+ /* set the focus in a 0 timeout - that way the focus is set after the processing
+ of the current event has finished - which seems like the only reliable way
+ to set focus */
+ window.setTimeout(function() {
+ var el=$el[0], pos=$el.val().length, range;
+
+ $el.focus();
+
+ /* make sure el received focus so we do not error out when trying to manipulate the caret.
+ sometimes modals or others listeners may steal it after its set */
+ if ($el.is(":visible") && el === document.activeElement) {
+
+ /* after the focus is set move the caret to the end, necessary when we val()
+ just before setting focus */
+ if(el.setSelectionRange)
+ {
+ el.setSelectionRange(pos, pos);
+ }
+ else if (el.createTextRange) {
+ range = el.createTextRange();
+ range.collapse(false);
+ range.select();
+ }
+ }
+ }, 0);
+ }
+
+ function getCursorInfo(el) {
+ el = $(el)[0];
+ var offset = 0;
+ var length = 0;
+ if ('selectionStart' in el) {
+ offset = el.selectionStart;
+ length = el.selectionEnd - offset;
+ } else if ('selection' in document) {
+ el.focus();
+ var sel = document.selection.createRange();
+ length = document.selection.createRange().text.length;
+ sel.moveStart('character', -el.value.length);
+ offset = sel.text.length - length;
+ }
+ return { offset: offset, length: length };
+ }
+
+ function killEvent(event) {
+ event.preventDefault();
+ event.stopPropagation();
+ }
+ function killEventImmediately(event) {
+ event.preventDefault();
+ event.stopImmediatePropagation();
+ }
+
+ function measureTextWidth(e) {
+ if (!sizer){
+ var style = e[0].currentStyle || window.getComputedStyle(e[0], null);
+ sizer = $(document.createElement("div")).css({
+ position: "absolute",
+ left: "-10000px",
+ top: "-10000px",
+ display: "none",
+ fontSize: style.fontSize,
+ fontFamily: style.fontFamily,
+ fontStyle: style.fontStyle,
+ fontWeight: style.fontWeight,
+ letterSpacing: style.letterSpacing,
+ textTransform: style.textTransform,
+ whiteSpace: "nowrap"
+ });
+ sizer.attr("class","select2-sizer");
+ $("body").append(sizer);
+ }
+ sizer.text(e.val());
+ return sizer.width();
+ }
+
+ function syncCssClasses(dest, src, adapter) {
+ var classes, replacements = [], adapted;
+
+ classes = dest.attr("class");
+ if (classes) {
+ classes = '' + classes; // for IE which returns object
+ $(classes.split(" ")).each2(function() {
+ if (this.indexOf("select2-") === 0) {
+ replacements.push(this);
+ }
+ });
+ }
+ classes = src.attr("class");
+ if (classes) {
+ classes = '' + classes; // for IE which returns object
+ $(classes.split(" ")).each2(function() {
+ if (this.indexOf("select2-") !== 0) {
+ adapted = adapter(this);
+ if (adapted) {
+ replacements.push(this);
+ }
+ }
+ });
+ }
+ dest.attr("class", replacements.join(" "));
+ }
+
+
+ function markMatch(text, term, markup, escapeMarkup) {
+ var match=text.toUpperCase().indexOf(term.toUpperCase()),
+ tl=term.length;
+
+ if (match<0) {
+ markup.push(escapeMarkup(text));
+ return;
+ }
+
+ markup.push(escapeMarkup(text.substring(0, match)));
+ markup.push("<span class='select2-match'>");
+ markup.push(escapeMarkup(text.substring(match, match + tl)));
+ markup.push("</span>");
+ markup.push(escapeMarkup(text.substring(match + tl, text.length)));
+ }
+
+ function defaultEscapeMarkup(markup) {
+ var replace_map = {
+ '\\': '\',
+ '&': '&',
+ '<': '<',
+ '>': '>',
+ '"': '"',
+ "'": ''',
+ "/": '/'
+ };
+
+ return String(markup).replace(/[&<>"'\/\\]/g, function (match) {
+ return replace_map[match];
+ });
+ }
+
+ /**
+ * Produces an ajax-based query function
+ *
+ * @param options object containing configuration paramters
+ * @param options.params parameter map for the transport ajax call, can contain such options as cache, jsonpCallback, etc. see $.ajax
+ * @param options.transport function that will be used to execute the ajax request. must be compatible with parameters supported by $.ajax
+ * @param options.url url for the data
+ * @param options.data a function(searchTerm, pageNumber, context) that should return an object containing query string parameters for the above url.
+ * @param options.dataType request data type: ajax, jsonp, other datatatypes supported by jQuery's $.ajax function or the transport function if specified
+ * @param options.quietMillis (optional) milliseconds to wait before making the ajaxRequest, helps debounce the ajax function if invoked too often
+ * @param options.results a function(remoteData, pageNumber) that converts data returned form the remote request to the format expected by Select2.
+ * The expected format is an object containing the following keys:
+ * results array of objects that will be used as choices
+ * more (optional) boolean indicating whether there are more results available
+ * Example: {results:[{id:1, text:'Red'},{id:2, text:'Blue'}], more:true}
+ */
+ function ajax(options) {
+ var timeout, // current scheduled but not yet executed request
+ requestSequence = 0, // sequence used to drop out-of-order responses
+ handler = null,
+ quietMillis = options.quietMillis || 100,
+ ajaxUrl = options.url,
+ self = this;
+
+ return function (query) {
+ window.clearTimeout(timeout);
+ timeout = window.setTimeout(function () {
+ requestSequence += 1; // increment the sequence
+ var requestNumber = requestSequence, // this request's sequence number
+ data = options.data, // ajax data function
+ url = ajaxUrl, // ajax url string or function
+ transport = options.transport || $.fn.select2.ajaxDefaults.transport,
+ // deprecated - to be removed in 4.0 - use params instead
+ deprecated = {
+ type: options.type || 'GET', // set type of request (GET or POST)
+ cache: options.cache || false,
+ jsonpCallback: options.jsonpCallback||undefined,
+ dataType: options.dataType||"json"
+ },
+ params = $.extend({}, $.fn.select2.ajaxDefaults.params, deprecated);
+
+ data = data ? data.call(self, query.term, query.page, query.context) : null;
+ url = (typeof url === 'function') ? url.call(self, query.term, query.page, query.context) : url;
+
+ if (handler) { handler.abort(); }
+
+ if (options.params) {
+ if ($.isFunction(options.params)) {
+ $.extend(params, options.params.call(self));
+ } else {
+ $.extend(params, options.params);
+ }
+ }
+
+ $.extend(params, {
+ url: url,
+ dataType: options.dataType,
+ data: data,
+ success: function (data) {
+ if (requestNumber < requestSequence) {
+ return;
+ }
+ // TODO - replace query.page with query so users have access to term, page, etc.
+ var results = options.results(data, query.page);
+ query.callback(results);
+ }
+ });
+ handler = transport.call(self, params);
+ }, quietMillis);
+ };
+ }
+
+ /**
+ * Produces a query function that works with a local array
+ *
+ * @param options object containing configuration parameters. The options parameter can either be an array or an
+ * object.
+ *
+ * If the array form is used it is assumed that it contains objects with 'id' and 'text' keys.
+ *
+ * If the object form is used ti is assumed that it contains 'data' and 'text' keys. The 'data' key should contain
+ * an array of objects that will be used as choices. These objects must contain at least an 'id' key. The 'text'
+ * key can either be a String in which case it is expected that each element in the 'data' array has a key with the
+ * value of 'text' which will be used to match choices. Alternatively, text can be a function(item) that can extract
+ * the text.
+ */
+ function local(options) {
+ var data = options, // data elements
+ dataText,
+ tmp,
+ text = function (item) { return ""+item.text; }; // function used to retrieve the text portion of a data item that is matched against the search
+
+ if ($.isArray(data)) {
+ tmp = data;
+ data = { results: tmp };
+ }
+
+ if ($.isFunction(data) === false) {
+ tmp = data;
+ data = function() { return tmp; };
+ }
+
+ var dataItem = data();
+ if (dataItem.text) {
+ text = dataItem.text;
+ // if text is not a function we assume it to be a key name
+ if (!$.isFunction(text)) {
+ dataText = dataItem.text; // we need to store this in a separate variable because in the next step data gets reset and data.text is no longer available
+ text = function (item) { return item[dataText]; };
+ }
+ }
+
+ return function (query) {
+ var t = query.term, filtered = { results: [] }, process;
+ if (t === "") {
+ query.callback(data());
+ return;
+ }
+
+ process = function(datum, collection) {
+ var group, attr;
+ datum = datum[0];
+ if (datum.children) {
+ group = {};
+ for (attr in datum) {
+ if (datum.hasOwnProperty(attr)) group[attr]=datum[attr];
+ }
+ group.children=[];
+ $(datum.children).each2(function(i, childDatum) { process(childDatum, group.children); });
+ if (group.children.length || query.matcher(t, text(group), datum)) {
+ collection.push(group);
+ }
+ } else {
+ if (query.matcher(t, text(datum), datum)) {
+ collection.push(datum);
+ }
+ }
+ };
+
+ $(data().results).each2(function(i, datum) { process(datum, filtered.results); });
+ query.callback(filtered);
+ };
+ }
+
+ // TODO javadoc
+ function tags(data) {
+ var isFunc = $.isFunction(data);
+ return function (query) {
+ var t = query.term, filtered = {results: []};
+ $(isFunc ? data() : data).each(function () {
+ var isObject = this.text !== undefined,
+ text = isObject ? this.text : this;
+ if (t === "" || query.matcher(t, text)) {
+ filtered.results.push(isObject ? this : {id: this, text: this});
+ }
+ });
+ query.callback(filtered);
+ };
+ }
+
+ /**
+ * Checks if the formatter function should be used.
+ *
+ * Throws an error if it is not a function. Returns true if it should be used,
+ * false if no formatting should be performed.
+ *
+ * @param formatter
+ */
+ function checkFormatter(formatter, formatterName) {
+ if ($.isFunction(formatter)) return true;
+ if (!formatter) return false;
+ throw new Error(formatterName +" must be a function or a falsy value");
+ }
+
+ function evaluate(val) {
+ return $.isFunction(val) ? val() : val;
+ }
+
+ function countResults(results) {
+ var count = 0;
+ $.each(results, function(i, item) {
+ if (item.children) {
+ count += countResults(item.children);
+ } else {
+ count++;
+ }
+ });
+ return count;
+ }
+
+ /**
+ * Default tokenizer. This function uses breaks the input on substring match of any string from the
+ * opts.tokenSeparators array and uses opts.createSearchChoice to create the choice object. Both of those
+ * two options have to be defined in order for the tokenizer to work.
+ *
+ * @param input text user has typed so far or pasted into the search field
+ * @param selection currently selected choices
+ * @param selectCallback function(choice) callback tho add the choice to selection
+ * @param opts select2's opts
+ * @return undefined/null to leave the current input unchanged, or a string to change the input to the returned value
+ */
+ function defaultTokenizer(input, selection, selectCallback, opts) {
+ var original = input, // store the original so we can compare and know if we need to tell the search to update its text
+ dupe = false, // check for whether a token we extracted represents a duplicate selected choice
+ token, // token
+ index, // position at which the separator was found
+ i, l, // looping variables
+ separator; // the matched separator
+
+ if (!opts.createSearchChoice || !opts.tokenSeparators || opts.tokenSeparators.length < 1) return undefined;
+
+ while (true) {
+ index = -1;
+
+ for (i = 0, l = opts.tokenSeparators.length; i < l; i++) {
+ separator = opts.tokenSeparators[i];
+ index = input.indexOf(separator);
+ if (index >= 0) break;
+ }
+
+ if (index < 0) break; // did not find any token separator in the input string, bail
+
+ token = input.substring(0, index);
+ input = input.substring(index + separator.length);
+
+ if (token.length > 0) {
+ token = opts.createSearchChoice.call(this, token, selection);
+ if (token !== undefined && token !== null && opts.id(token) !== undefined && opts.id(token) !== null) {
+ dupe = false;
+ for (i = 0, l = selection.length; i < l; i++) {
+ if (equal(opts.id(token), opts.id(selection[i]))) {
+ dupe = true; break;
+ }
+ }
+
+ if (!dupe) selectCallback(token);
+ }
+ }
+ }
+
+ if (original!==input) return input;
+ }
+
+ /**
+ * Creates a new class
+ *
+ * @param superClass
+ * @param methods
+ */
+ function clazz(SuperClass, methods) {
+ var constructor = function () {};
+ constructor.prototype = new SuperClass;
+ constructor.prototype.constructor = constructor;
+ constructor.prototype.parent = SuperClass.prototype;
+ constructor.prototype = $.extend(constructor.prototype, methods);
+ return constructor;
+ }
+
+ AbstractSelect2 = clazz(Object, {
+
+ // abstract
+ bind: function (func) {
+ var self = this;
+ return function () {
+ func.apply(self, arguments);
+ };
+ },
+
+ // abstract
+ init: function (opts) {
+ var results, search, resultsSelector = ".select2-results", disabled, readonly;
+
+ // prepare options
+ this.opts = opts = this.prepareOpts(opts);
+
+ this.id=opts.id;
+
+ // destroy if called on an existing component
+ if (opts.element.data("select2") !== undefined &&
+ opts.element.data("select2") !== null) {
+ opts.element.data("select2").destroy();
+ }
+
+ this.container = this.createContainer();
+
+ this.containerId="s2id_"+(opts.element.attr("id") || "autogen"+nextUid());
+ this.containerSelector="#"+this.containerId.replace(/([;&,\.\+\*\~':"\!\^#$%@\[\]\(\)=>\|])/g, '\\$1');
+ this.container.attr("id", this.containerId);
+
+ // cache the body so future lookups are cheap
+ this.body = thunk(function() { return opts.element.closest("body"); });
+
+ syncCssClasses(this.container, this.opts.element, this.opts.adaptContainerCssClass);
+
+ this.container.css(evaluate(opts.containerCss));
+ this.container.addClass(evaluate(opts.containerCssClass));
+
+ this.elementTabIndex = this.opts.element.attr("tabindex");
+
+ // swap container for the element
+ this.opts.element
+ .data("select2", this)
+ .attr("tabindex", "-1")
+ .before(this.container);
+ this.container.data("select2", this);
+
+ this.dropdown = this.container.find(".select2-drop");
+ this.dropdown.addClass(evaluate(opts.dropdownCssClass));
+ this.dropdown.data("select2", this);
+
+ this.results = results = this.container.find(resultsSelector);
+ this.search = search = this.container.find("input.select2-input");
+
+ this.resultsPage = 0;
+ this.context = null;
+
+ // initialize the container
+ this.initContainer();
+
+ installFilteredMouseMove(this.results);
+ this.dropdown.on("mousemove-filtered touchstart touchmove touchend", resultsSelector, this.bind(this.highlightUnderEvent));
+
+ installDebouncedScroll(80, this.results);
+ this.dropdown.on("scroll-debounced", resultsSelector, this.bind(this.loadMoreIfNeeded));
+
+ // do not propagate change event from the search field out of the component
+ $(this.container).on("change", ".select2-input", function(e) {e.stopPropagation();});
+ $(this.dropdown).on("change", ".select2-input", function(e) {e.stopPropagation();});
+
+ // if jquery.mousewheel plugin is installed we can prevent out-of-bounds scrolling of results via mousewheel
+ if ($.fn.mousewheel) {
+ results.mousewheel(function (e, delta, deltaX, deltaY) {
+ var top = results.scrollTop(), height;
+ if (deltaY > 0 && top - deltaY <= 0) {
+ results.scrollTop(0);
+ killEvent(e);
+ } else if (deltaY < 0 && results.get(0).scrollHeight - results.scrollTop() + deltaY <= results.height()) {
+ results.scrollTop(results.get(0).scrollHeight - results.height());
+ killEvent(e);
+ }
+ });
+ }
+
+ installKeyUpChangeEvent(search);
+ search.on("keyup-change input paste", this.bind(this.updateResults));
+ search.on("focus", function () { search.addClass("select2-focused"); });
+ search.on("blur", function () { search.removeClass("select2-focused");});
+
+ this.dropdown.on("mouseup", resultsSelector, this.bind(function (e) {
+ if ($(e.target).closest(".select2-result-selectable").length > 0) {
+ this.highlightUnderEvent(e);
+ this.selectHighlighted(e);
+ }
+ }));
+
+ // trap all mouse events from leaving the dropdown. sometimes there may be a modal that is listening
+ // for mouse events outside of itself so it can close itself. since the dropdown is now outside the select2's
+ // dom it will trigger the popup close, which is not what we want
+ this.dropdown.on("click mouseup mousedown", function (e) { e.stopPropagation(); });
+
+ if ($.isFunction(this.opts.initSelection)) {
+ // initialize selection based on the current value of the source element
+ this.initSelection();
+
+ // if the user has provided a function that can set selection based on the value of the source element
+ // we monitor the change event on the element and trigger it, allowing for two way synchronization
+ this.monitorSource();
+ }
+
+ if (opts.maximumInputLength !== null) {
+ this.search.attr("maxlength", opts.maximumInputLength);
+ }
+
+ var disabled = opts.element.prop("disabled");
+ if (disabled === undefined) disabled = false;
+ this.enable(!disabled);
+
+ var readonly = opts.element.prop("readonly");
+ if (readonly === undefined) readonly = false;
+ this.readonly(readonly);
+
+ // Calculate size of scrollbar
+ scrollBarDimensions = scrollBarDimensions || measureScrollbar();
+
+ this.autofocus = opts.element.prop("autofocus")
+ opts.element.prop("autofocus", false);
+ if (this.autofocus) this.focus();
+ },
+
+ // abstract
+ destroy: function () {
+ var element=this.opts.element, select2 = element.data("select2");
+
+ if (this.propertyObserver) { delete this.propertyObserver; this.propertyObserver = null; }
+
+ if (select2 !== undefined) {
+ select2.container.remove();
+ select2.dropdown.remove();
+ element
+ .removeClass("select2-offscreen")
+ .removeData("select2")
+ .off(".select2")
+ .prop("autofocus", this.autofocus || false);
+ if (this.elementTabIndex) {
+ element.attr({tabindex: this.elementTabIndex});
+ } else {
+ element.removeAttr("tabindex");
+ }
+ element.show();
+ }
+ },
+
+ // abstract
+ optionToData: function(element) {
+ if (element.is("option")) {
+ return {
+ id:element.prop("value"),
+ text:element.text(),
+ element: element.get(),
+ css: element.attr("class"),
+ disabled: element.prop("disabled"),
+ locked: equal(element.attr("locked"), "locked") || equal(element.data("locked"), true)
+ };
+ } else if (element.is("optgroup")) {
+ return {
+ text:element.attr("label"),
+ children:[],
+ element: element.get(),
+ css: element.attr("class")
+ };
+ }
+ },
+
+ // abstract
+ prepareOpts: function (opts) {
+ var element, select, idKey, ajaxUrl, self = this;
+
+ element = opts.element;
+
+ if (element.get(0).tagName.toLowerCase() === "select") {
+ this.select = select = opts.element;
+ }
+
+ if (select) {
+ // these options are not allowed when attached to a select because they are picked up off the element itself
+ $.each(["id", "multiple", "ajax", "query", "createSearchChoice", "initSelection", "data", "tags"], function () {
+ if (this in opts) {
+ throw new Error("Option '" + this + "' is not allowed for Select2 when attached to a <select> element.");
+ }
+ });
+ }
+
+ opts = $.extend({}, {
+ populateResults: function(container, results, query) {
+ var populate, data, result, children, id=this.opts.id;
+
+ populate=function(results, container, depth) {
+
+ var i, l, result, selectable, disabled, compound, node, label, innerContainer, formatted;
+
+ results = opts.sortResults(results, container, query);
+
+ for (i = 0, l = results.length; i < l; i = i + 1) {
+
+ result=results[i];
+
+ disabled = (result.disabled === true);
+ selectable = (!disabled) && (id(result) !== undefined);
+
+ compound=result.children && result.children.length > 0;
+
+ node=$("<li></li>");
+ node.addClass("select2-results-dept-"+depth);
+ node.addClass("select2-result");
+ node.addClass(selectable ? "select2-result-selectable" : "select2-result-unselectable");
+ if (disabled) { node.addClass("select2-disabled"); }
+ if (compound) { node.addClass("select2-result-with-children"); }
+ node.addClass(self.opts.formatResultCssClass(result));
+
+ label=$(document.createElement("div"));
+ label.addClass("select2-result-label");
+
+ formatted=opts.formatResult(result, label, query, self.opts.escapeMarkup);
+ if (formatted!==undefined) {
+ label.html(formatted);
+ }
+
+ node.append(label);
+
+ if (compound) {
+
+ innerContainer=$("<ul></ul>");
+ innerContainer.addClass("select2-result-sub");
+ populate(result.children, innerContainer, depth+1);
+ node.append(innerContainer);
+ }
+
+ node.data("select2-data", result);
+ container.append(node);
+ }
+ };
+
+ populate(results, container, 0);
+ }
+ }, $.fn.select2.defaults, opts);
+
+ if (typeof(opts.id) !== "function") {
+ idKey = opts.id;
+ opts.id = function (e) { return e[idKey]; };
+ }
+
+ if ($.isArray(opts.element.data("select2Tags"))) {
+ if ("tags" in opts) {
+ throw "tags specified as both an attribute 'data-select2-tags' and in options of Select2 " + opts.element.attr("id");
+ }
+ opts.tags=opts.element.data("select2Tags");
+ }
+
+ if (select) {
+ opts.query = this.bind(function (query) {
+ var data = { results: [], more: false },
+ term = query.term,
+ children, placeholderOption, process;
+
+ process=function(element, collection) {
+ var group;
+ if (element.is("option")) {
+ if (query.matcher(term, element.text(), element)) {
+ collection.push(self.optionToData(element));
+ }
+ } else if (element.is("optgroup")) {
+ group=self.optionToData(element);
+ element.children().each2(function(i, elm) { process(elm, group.children); });
+ if (group.children.length>0) {
+ collection.push(group);
+ }
+ }
+ };
+
+ children=element.children();
+
+ // ignore the placeholder option if there is one
+ if (this.getPlaceholder() !== undefined && children.length > 0) {
+ placeholderOption = this.getPlaceholderOption();
+ if (placeholderOption) {
+ children=children.not(placeholderOption);
+ }
+ }
+
+ children.each2(function(i, elm) { process(elm, data.results); });
+
+ query.callback(data);
+ });
+ // this is needed because inside val() we construct choices from options and there id is hardcoded
+ opts.id=function(e) { return e.id; };
+ opts.formatResultCssClass = function(data) { return data.css; };
+ } else {
+ if (!("query" in opts)) {
+
+ if ("ajax" in opts) {
+ ajaxUrl = opts.element.data("ajax-url");
+ if (ajaxUrl && ajaxUrl.length > 0) {
+ opts.ajax.url = ajaxUrl;
+ }
+ opts.query = ajax.call(opts.element, opts.ajax);
+ } else if ("data" in opts) {
+ opts.query = local(opts.data);
+ } else if ("tags" in opts) {
+ opts.query = tags(opts.tags);
+ if (opts.createSearchChoice === undefined) {
+ opts.createSearchChoice = function (term) { return {id: term, text: term}; };
+ }
+ if (opts.initSelection === undefined) {
+ opts.initSelection = function (element, callback) {
+ var data = [];
+ $(splitVal(element.val(), opts.separator)).each(function () {
+ var id = this, text = this, tags=opts.tags;
+ if ($.isFunction(tags)) tags=tags();
+ $(tags).each(function() { if (equal(this.id, id)) { text = this.text; return false; } });
+ data.push({id: id, text: text});
+ });
+
+ callback(data);
+ };
+ }
+ }
+ }
+ }
+ if (typeof(opts.query) !== "function") {
+ throw "query function not defined for Select2 " + opts.element.attr("id");
+ }
+
+ return opts;
+ },
+
+ /**
+ * Monitor the original element for changes and update select2 accordingly
+ */
+ // abstract
+ monitorSource: function () {
+ var el = this.opts.element, sync;
+
+ el.on("change.select2", this.bind(function (e) {
+ if (this.opts.element.data("select2-change-triggered") !== true) {
+ this.initSelection();
+ }
+ }));
+
+ sync = this.bind(function () {
+
+ var enabled, readonly, self = this;
+
+ // sync enabled state
+ var disabled = el.prop("disabled");
+ if (disabled === undefined) disabled = false;
+ this.enable(!disabled);
+
+ var readonly = el.prop("readonly");
+ if (readonly === undefined) readonly = false;
+ this.readonly(readonly);
+
+ syncCssClasses(this.container, this.opts.element, this.opts.adaptContainerCssClass);
+ this.container.addClass(evaluate(this.opts.containerCssClass));
+
+ syncCssClasses(this.dropdown, this.opts.element, this.opts.adaptDropdownCssClass);
+ this.dropdown.addClass(evaluate(this.opts.dropdownCssClass));
+
+ });
+
+ // mozilla and IE
+ el.on("propertychange.select2 DOMAttrModified.select2", sync);
+
+
+ // hold onto a reference of the callback to work around a chromium bug
+ if (this.mutationCallback === undefined) {
+ this.mutationCallback = function (mutations) {
+ mutations.forEach(sync);
+ }
+ }
+
+ // safari and chrome
+ if (typeof WebKitMutationObserver !== "undefined") {
+ if (this.propertyObserver) { delete this.propertyObserver; this.propertyObserver = null; }
+ this.propertyObserver = new WebKitMutationObserver(this.mutationCallback);
+ this.propertyObserver.observe(el.get(0), { attributes:true, subtree:false });
+ }
+ },
+
+ // abstract
+ triggerSelect: function(data) {
+ var evt = $.Event("select2-selecting", { val: this.id(data), object: data });
+ this.opts.element.trigger(evt);
+ return !evt.isDefaultPrevented();
+ },
+
+ /**
+ * Triggers the change event on the source element
+ */
+ // abstract
+ triggerChange: function (details) {
+
+ details = details || {};
+ details= $.extend({}, details, { type: "change", val: this.val() });
+ // prevents recursive triggering
+ this.opts.element.data("select2-change-triggered", true);
+ this.opts.element.trigger(details);
+ this.opts.element.data("select2-change-triggered", false);
+
+ // some validation frameworks ignore the change event and listen instead to keyup, click for selects
+ // so here we trigger the click event manually
+ this.opts.element.click();
+
+ // ValidationEngine ignorea the change event and listens instead to blur
+ // so here we trigger the blur event manually if so desired
+ if (this.opts.blurOnChange)
+ this.opts.element.blur();
+ },
+
+ //abstract
+ isInterfaceEnabled: function()
+ {
+ return this.enabledInterface === true;
+ },
+
+ // abstract
+ enableInterface: function() {
+ var enabled = this._enabled && !this._readonly,
+ disabled = !enabled;
+
+ if (enabled === this.enabledInterface) return false;
+
+ this.container.toggleClass("select2-container-disabled", disabled);
+ this.close();
+ this.enabledInterface = enabled;
+
+ return true;
+ },
+
+ // abstract
+ enable: function(enabled) {
+ if (enabled === undefined) enabled = true;
+ if (this._enabled === enabled) return false;
+ this._enabled = enabled;
+
+ this.opts.element.prop("disabled", !enabled);
+ this.enableInterface();
+ return true;
+ },
+
+ // abstract
+ readonly: function(enabled) {
+ if (enabled === undefined) enabled = false;
+ if (this._readonly === enabled) return false;
+ this._readonly = enabled;
+
+ this.opts.element.prop("readonly", enabled);
+ this.enableInterface();
+ return true;
+ },
+
+ // abstract
+ opened: function () {
+ return this.container.hasClass("select2-dropdown-open");
+ },
+
+ // abstract
+ positionDropdown: function() {
+ var $dropdown = this.dropdown,
+ offset = this.container.offset(),
+ height = this.container.outerHeight(false),
+ width = this.container.outerWidth(false),
+ dropHeight = $dropdown.outerHeight(false),
+ viewPortRight = $(window).scrollLeft() + $(window).width(),
+ viewportBottom = $(window).scrollTop() + $(window).height(),
+ dropTop = offset.top + height,
+ dropLeft = offset.left,
+ enoughRoomBelow = dropTop + dropHeight <= viewportBottom,
+ enoughRoomAbove = (offset.top - dropHeight) >= this.body().scrollTop(),
+ dropWidth = $dropdown.outerWidth(false),
+ enoughRoomOnRight = dropLeft + dropWidth <= viewPortRight,
+ aboveNow = $dropdown.hasClass("select2-drop-above"),
+ bodyOffset,
+ above,
+ css,
+ resultsListNode;
+
+ if (this.opts.dropdownAutoWidth) {
+ resultsListNode = $('.select2-results', $dropdown)[0];
+ $dropdown.addClass('select2-drop-auto-width');
+ $dropdown.css('width', '');
+ // Add scrollbar width to dropdown if vertical scrollbar is present
+ dropWidth = $dropdown.outerWidth(false) + (resultsListNode.scrollHeight === resultsListNode.clientHeight ? 0 : scrollBarDimensions.width);
+ dropWidth > width ? width = dropWidth : dropWidth = width;
+ enoughRoomOnRight = dropLeft + dropWidth <= viewPortRight;
+ }
+ else {
+ this.container.removeClass('select2-drop-auto-width');
+ }
+
+ //console.log("below/ droptop:", dropTop, "dropHeight", dropHeight, "sum", (dropTop+dropHeight)+" viewport bottom", viewportBottom, "enough?", enoughRoomBelow);
+ //console.log("above/ offset.top", offset.top, "dropHeight", dropHeight, "top", (offset.top-dropHeight), "scrollTop", this.body().scrollTop(), "enough?", enoughRoomAbove);
+
+ // fix positioning when body has an offset and is not position: static
+ if (this.body().css('position') !== 'static') {
+ bodyOffset = this.body().offset();
+ dropTop -= bodyOffset.top;
+ dropLeft -= bodyOffset.left;
+ }
+
+ // always prefer the current above/below alignment, unless there is not enough room
+ if (aboveNow) {
+ above = true;
+ if (!enoughRoomAbove && enoughRoomBelow) above = false;
+ } else {
+ above = false;
+ if (!enoughRoomBelow && enoughRoomAbove) above = true;
+ }
+
+ if (!enoughRoomOnRight) {
+ dropLeft = offset.left + width - dropWidth;
+ }
+
+ if (above) {
+ dropTop = offset.top - dropHeight;
+ this.container.addClass("select2-drop-above");
+ $dropdown.addClass("select2-drop-above");
+ }
+ else {
+ this.container.removeClass("select2-drop-above");
+ $dropdown.removeClass("select2-drop-above");
+ }
+
+ css = $.extend({
+ top: dropTop,
+ left: dropLeft,
+ width: width
+ }, evaluate(this.opts.dropdownCss));
+
+ $dropdown.css(css);
+ },
+
+ // abstract
+ shouldOpen: function() {
+ var event;
+
+ if (this.opened()) return false;
+
+ if (this._enabled === false || this._readonly === true) return false;
+
+ event = $.Event("select2-opening");
+ this.opts.element.trigger(event);
+ return !event.isDefaultPrevented();
+ },
+
+ // abstract
+ clearDropdownAlignmentPreference: function() {
+ // clear the classes used to figure out the preference of where the dropdown should be opened
+ this.container.removeClass("select2-drop-above");
+ this.dropdown.removeClass("select2-drop-above");
+ },
+
+ /**
+ * Opens the dropdown
+ *
+ * @return {Boolean} whether or not dropdown was opened. This method will return false if, for example,
+ * the dropdown is already open, or if the 'open' event listener on the element called preventDefault().
+ */
+ // abstract
+ open: function () {
+
+ if (!this.shouldOpen()) return false;
+
+ this.opening();
+
+ return true;
+ },
+
+ /**
+ * Performs the opening of the dropdown
+ */
+ // abstract
+ opening: function() {
+ var cid = this.containerId,
+ scroll = "scroll." + cid,
+ resize = "resize."+cid,
+ orient = "orientationchange."+cid,
+ mask, maskCss;
+
+ this.container.addClass("select2-dropdown-open").addClass("select2-container-active");
+
+ this.clearDropdownAlignmentPreference();
+
+ if(this.dropdown[0] !== this.body().children().last()[0]) {
+ this.dropdown.detach().appendTo(this.body());
+ }
+
+ // create the dropdown mask if doesnt already exist
+ mask = $("#select2-drop-mask");
+ if (mask.length == 0) {
+ mask = $(document.createElement("div"));
+ mask.attr("id","select2-drop-mask").attr("class","select2-drop-mask");
+ mask.hide();
+ mask.appendTo(this.body());
+ mask.on("mousedown touchstart click", function (e) {
+ var dropdown = $("#select2-drop"), self;
+ if (dropdown.length > 0) {
+ self=dropdown.data("select2");
+ if (self.opts.selectOnBlur) {
+ self.selectHighlighted({noFocus: true});
+ }
+ self.close();
+ e.preventDefault();
+ e.stopPropagation();
+ }
+ });
+ }
+
+ // ensure the mask is always right before the dropdown
+ if (this.dropdown.prev()[0] !== mask[0]) {
+ this.dropdown.before(mask);
+ }
+
+ // move the global id to the correct dropdown
+ $("#select2-drop").removeAttr("id");
+ this.dropdown.attr("id", "select2-drop");
+
+ // show the elements
+ maskCss=_makeMaskCss();
+
+ mask.css(maskCss).show();
+
+ this.dropdown.show();
+ this.positionDropdown();
+
+ this.dropdown.addClass("select2-drop-active");
+
+ // attach listeners to events that can change the position of the container and thus require
+ // the position of the dropdown to be updated as well so it does not come unglued from the container
+ var that = this;
+ this.container.parents().add(window).each(function () {
+ $(this).on(resize+" "+scroll+" "+orient, function (e) {
+ var maskCss=_makeMaskCss();
+ $("#select2-drop-mask").css(maskCss);
+ that.positionDropdown();
+ });
+ });
+
+ function _makeMaskCss() {
+ return {
+ width : Math.max(document.documentElement.scrollWidth, $(window).width()),
+ height : Math.max(document.documentElement.scrollHeight, $(window).height())
+ }
+ }
+ },
+
+ // abstract
+ close: function () {
+ if (!this.opened()) return;
+
+ var cid = this.containerId,
+ scroll = "scroll." + cid,
+ resize = "resize."+cid,
+ orient = "orientationchange."+cid;
+
+ // unbind event listeners
+ this.container.parents().add(window).each(function () { $(this).off(scroll).off(resize).off(orient); });
+
+ this.clearDropdownAlignmentPreference();
+
+ $("#select2-drop-mask").hide();
+ this.dropdown.removeAttr("id"); // only the active dropdown has the select2-drop id
+ this.dropdown.hide();
+ this.container.removeClass("select2-dropdown-open");
+ this.results.empty();
+
+
+ this.clearSearch();
+ this.search.removeClass("select2-active");
+ this.opts.element.trigger($.Event("select2-close"));
+ },
+
+ /**
+ * Opens control, sets input value, and updates results.
+ */
+ // abstract
+ externalSearch: function (term) {
+ this.open();
+ this.search.val(term);
+ this.updateResults(false);
+ },
+
+ // abstract
+ clearSearch: function () {
+
+ },
+
+ //abstract
+ getMaximumSelectionSize: function() {
+ return evaluate(this.opts.maximumSelectionSize);
+ },
+
+ // abstract
+ ensureHighlightVisible: function () {
+ var results = this.results, children, index, child, hb, rb, y, more;
+
+ index = this.highlight();
+
+ if (index < 0) return;
+
+ if (index == 0) {
+
+ // if the first element is highlighted scroll all the way to the top,
+ // that way any unselectable headers above it will also be scrolled
+ // into view
+
+ results.scrollTop(0);
+ return;
+ }
+
+ children = this.findHighlightableChoices().find('.select2-result-label');
+
+ child = $(children[index]);
+
+ hb = child.offset().top + child.outerHeight(true);
+
+ // if this is the last child lets also make sure select2-more-results is visible
+ if (index === children.length - 1) {
+ more = results.find("li.select2-more-results");
+ if (more.length > 0) {
+ hb = more.offset().top + more.outerHeight(true);
+ }
+ }
+
+ rb = results.offset().top + results.outerHeight(true);
+ if (hb > rb) {
+ results.scrollTop(results.scrollTop() + (hb - rb));
+ }
+ y = child.offset().top - results.offset().top;
+
+ // make sure the top of the element is visible
+ if (y < 0 && child.css('display') != 'none' ) {
+ results.scrollTop(results.scrollTop() + y); // y is negative
+ }
+ },
+
+ // abstract
+ findHighlightableChoices: function() {
+ return this.results.find(".select2-result-selectable:not(.select2-selected):not(.select2-disabled)");
+ },
+
+ // abstract
+ moveHighlight: function (delta) {
+ var choices = this.findHighlightableChoices(),
+ index = this.highlight();
+
+ while (index > -1 && index < choices.length) {
+ index += delta;
+ var choice = $(choices[index]);
+ if (choice.hasClass("select2-result-selectable") && !choice.hasClass("select2-disabled") && !choice.hasClass("select2-selected")) {
+ this.highlight(index);
+ break;
+ }
+ }
+ },
+
+ // abstract
+ highlight: function (index) {
+ var choices = this.findHighlightableChoices(),
+ choice,
+ data;
+
+ if (arguments.length === 0) {
+ return indexOf(choices.filter(".select2-highlighted")[0], choices.get());
+ }
+
+ if (index >= choices.length) index = choices.length - 1;
+ if (index < 0) index = 0;
+
+ this.results.find(".select2-highlighted").removeClass("select2-highlighted");
+
+ choice = $(choices[index]);
+ choice.addClass("select2-highlighted");
+
+ this.ensureHighlightVisible();
+
+ data = choice.data("select2-data");
+ if (data) {
+ this.opts.element.trigger({ type: "select2-highlight", val: this.id(data), choice: data });
+ }
+ },
+
+ // abstract
+ countSelectableResults: function() {
+ return this.findHighlightableChoices().length;
+ },
+
+ // abstract
+ highlightUnderEvent: function (event) {
+ var el = $(event.target).closest(".select2-result-selectable");
+ if (el.length > 0 && !el.is(".select2-highlighted")) {
+ var choices = this.findHighlightableChoices();
+ this.highlight(choices.index(el));
+ } else if (el.length == 0) {
+ // if we are over an unselectable item remove al highlights
+ this.results.find(".select2-highlighted").removeClass("select2-highlighted");
+ }
+ },
+
+ // abstract
+ loadMoreIfNeeded: function () {
+ var results = this.results,
+ more = results.find("li.select2-more-results"),
+ below, // pixels the element is below the scroll fold, below==0 is when the element is starting to be visible
+ offset = -1, // index of first element without data
+ page = this.resultsPage + 1,
+ self=this,
+ term=this.search.val(),
+ context=this.context;
+
+ if (more.length === 0) return;
+ below = more.offset().top - results.offset().top - results.height();
+
+ if (below <= this.opts.loadMorePadding) {
+ more.addClass("select2-active");
+ this.opts.query({
+ element: this.opts.element,
+ term: term,
+ page: page,
+ context: context,
+ matcher: this.opts.matcher,
+ callback: this.bind(function (data) {
+
+ // ignore a response if the select2 has been closed before it was received
+ if (!self.opened()) return;
+
+
+ self.opts.populateResults.call(this, results, data.results, {term: term, page: page, context:context});
+ self.postprocessResults(data, false, false);
+
+ if (data.more===true) {
+ more.detach().appendTo(results).text(self.opts.formatLoadMore(page+1));
+ window.setTimeout(function() { self.loadMoreIfNeeded(); }, 10);
+ } else {
+ more.remove();
+ }
+ self.positionDropdown();
+ self.resultsPage = page;
+ self.context = data.context;
+ })});
+ }
+ },
+
+ /**
+ * Default tokenizer function which does nothing
+ */
+ tokenize: function() {
+
+ },
+
+ /**
+ * @param initial whether or not this is the call to this method right after the dropdown has been opened
+ */
+ // abstract
+ updateResults: function (initial) {
+ var search = this.search,
+ results = this.results,
+ opts = this.opts,
+ data,
+ self = this,
+ input,
+ term = search.val(),
+ lastTerm=$.data(this.container, "select2-last-term");
+
+ // prevent duplicate queries against the same term
+ if (initial !== true && lastTerm && equal(term, lastTerm)) return;
+
+ $.data(this.container, "select2-last-term", term);
+
+ // if the search is currently hidden we do not alter the results
+ if (initial !== true && (this.showSearchInput === false || !this.opened())) {
+ return;
+ }
+
+ function postRender() {
+ search.removeClass("select2-active");
+ self.positionDropdown();
+ }
+
+ function render(html) {
+ results.html(html);
+ postRender();
+ }
+
+ var maxSelSize = this.getMaximumSelectionSize();
+ if (maxSelSize >=1) {
+ data = this.data();
+ if ($.isArray(data) && data.length >= maxSelSize && checkFormatter(opts.formatSelectionTooBig, "formatSelectionTooBig")) {
+ render("<li class='select2-selection-limit'>" + opts.formatSelectionTooBig(maxSelSize) + "</li>");
+ return;
+ }
+ }
+
+ if (search.val().length < opts.minimumInputLength) {
+ if (checkFormatter(opts.formatInputTooShort, "formatInputTooShort")) {
+ render("<li class='select2-no-results'>" + opts.formatInputTooShort(search.val(), opts.minimumInputLength) + "</li>");
+ } else {
+ render("");
+ }
+ if (initial && this.showSearch) this.showSearch(true);
+ return;
+ }
+
+ if (opts.maximumInputLength && search.val().length > opts.maximumInputLength) {
+ if (checkFormatter(opts.formatInputTooLong, "formatInputTooLong")) {
+ render("<li class='select2-no-results'>" + opts.formatInputTooLong(search.val(), opts.maximumInputLength) + "</li>");
+ } else {
+ render("");
+ }
+ return;
+ }
+
+ if (opts.formatSearching && this.findHighlightableChoices().length === 0) {
+ render("<li class='select2-searching'>" + opts.formatSearching() + "</li>");
+ }
+
+ search.addClass("select2-active");
+
+ // give the tokenizer a chance to pre-process the input
+ input = this.tokenize();
+ if (input != undefined && input != null) {
+ search.val(input);
+ }
+
+ this.resultsPage = 1;
+
+ opts.query({
+ element: opts.element,
+ term: search.val(),
+ page: this.resultsPage,
+ context: null,
+ matcher: opts.matcher,
+ callback: this.bind(function (data) {
+ var def; // default choice
+
+ // ignore a response if the select2 has been closed before it was received
+ if (!this.opened()) {
+ this.search.removeClass("select2-active");
+ return;
+ }
+
+ // save context, if any
+ this.context = (data.context===undefined) ? null : data.context;
+ // create a default choice and prepend it to the list
+ if (this.opts.createSearchChoice && search.val() !== "") {
+ def = this.opts.createSearchChoice.call(self, search.val(), data.results);
+ if (def !== undefined && def !== null && self.id(def) !== undefined && self.id(def) !== null) {
+ if ($(data.results).filter(
+ function () {
+ return equal(self.id(this), self.id(def));
+ }).length === 0) {
+ data.results.unshift(def);
+ }
+ }
+ }
+
+ if (data.results.length === 0 && checkFormatter(opts.formatNoMatches, "formatNoMatches")) {
+ render("<li class='select2-no-results'>" + opts.formatNoMatches(search.val()) + "</li>");
+ return;
+ }
+
+ results.empty();
+ self.opts.populateResults.call(this, results, data.results, {term: search.val(), page: this.resultsPage, context:null});
+
+ if (data.more === true && checkFormatter(opts.formatLoadMore, "formatLoadMore")) {
+ results.append("<li class='select2-more-results'>" + self.opts.escapeMarkup(opts.formatLoadMore(this.resultsPage)) + "</li>");
+ window.setTimeout(function() { self.loadMoreIfNeeded(); }, 10);
+ }
+
+ this.postprocessResults(data, initial);
+
+ postRender();
+
+ this.opts.element.trigger({ type: "select2-loaded", items: data });
+ })});
+ },
+
+ // abstract
+ cancel: function () {
+ this.close();
+ },
+
+ // abstract
+ blur: function () {
+ // if selectOnBlur == true, select the currently highlighted option
+ if (this.opts.selectOnBlur)
+ this.selectHighlighted({noFocus: true});
+
+ this.close();
+ this.container.removeClass("select2-container-active");
+ // synonymous to .is(':focus'), which is available in jquery >= 1.6
+ if (this.search[0] === document.activeElement) { this.search.blur(); }
+ this.clearSearch();
+ this.selection.find(".select2-search-choice-focus").removeClass("select2-search-choice-focus");
+ },
+
+ // abstract
+ focusSearch: function () {
+ focus(this.search);
+ },
+
+ // abstract
+ selectHighlighted: function (options) {
+ var index=this.highlight(),
+ highlighted=this.results.find(".select2-highlighted"),
+ data = highlighted.closest('.select2-result').data("select2-data");
+
+ if (data) {
+ this.highlight(index);
+ this.onSelect(data, options);
+ } else if (options && options.noFocus) {
+ this.close();
+ }
+ },
+
+ // abstract
+ getPlaceholder: function () {
+ var placeholderOption;
+ return this.opts.element.attr("placeholder") ||
+ this.opts.element.attr("data-placeholder") || // jquery 1.4 compat
+ this.opts.element.data("placeholder") ||
+ this.opts.placeholder ||
+ ((placeholderOption = this.getPlaceholderOption()) !== undefined ? placeholderOption.text() : undefined);
+ },
+
+ // abstract
+ getPlaceholderOption: function() {
+ if (this.select) {
+ var firstOption = this.select.children().first();
+ if (this.opts.placeholderOption !== undefined ) {
+ //Determine the placeholder option based on the specified placeholderOption setting
+ return (this.opts.placeholderOption === "first" && firstOption) ||
+ (typeof this.opts.placeholderOption === "function" && this.opts.placeholderOption(this.select));
+ } else if (firstOption.text() === "" && firstOption.val() === "") {
+ //No explicit placeholder option specified, use the first if it's blank
+ return firstOption;
+ }
+ }
+ },
+
+ /**
+ * Get the desired width for the container element. This is
+ * derived first from option `width` passed to select2, then
+ * the inline 'style' on the original element, and finally
+ * falls back to the jQuery calculated element width.
+ */
+ // abstract
+ initContainerWidth: function () {
+ function resolveContainerWidth() {
+ var style, attrs, matches, i, l;
+
+ if (this.opts.width === "off") {
+ return null;
+ } else if (this.opts.width === "element"){
+ return this.opts.element.outerWidth(false) === 0 ? 'auto' : this.opts.element.outerWidth(false) + 'px';
+ } else if (this.opts.width === "copy" || this.opts.width === "resolve") {
+ // check if there is inline style on the element that contains width
+ style = this.opts.element.attr('style');
+ if (style !== undefined) {
+ attrs = style.split(';');
+ for (i = 0, l = attrs.length; i < l; i = i + 1) {
+ matches = attrs[i].replace(/\s/g, '')
+ .match(/width:(([-+]?([0-9]*\.)?[0-9]+)(px|em|ex|%|in|cm|mm|pt|pc))/i);
+ if (matches !== null && matches.length >= 1)
+ return matches[1];
+ }
+ }
+
+ if (this.opts.width === "resolve") {
+ // next check if css('width') can resolve a width that is percent based, this is sometimes possible
+ // when attached to input type=hidden or elements hidden via css
+ style = this.opts.element.css('width');
+ if (style.indexOf("%") > 0) return style;
+
+ // finally, fallback on the calculated width of the element
+ return (this.opts.element.outerWidth(false) === 0 ? 'auto' : this.opts.element.outerWidth(false) + 'px');
+ }
+
+ return null;
+ } else if ($.isFunction(this.opts.width)) {
+ return this.opts.width();
+ } else {
+ return this.opts.width;
+ }
+ };
+
+ var width = resolveContainerWidth.call(this);
+ if (width !== null) {
+ this.container.css("width", width);
+ }
+ }
+ });
+
+ SingleSelect2 = clazz(AbstractSelect2, {
+
+ // single
+
+ createContainer: function () {
+ var container = $(document.createElement("div")).attr({
+ "class": "select2-container"
+ }).html([
+ "<a href='javascript:void(0)' onclick='return false;' class='select2-choice' tabindex='-1'>",
+ " <span class='select2-chosen'> </span><abbr class='select2-search-choice-close'></abbr>",
+ " <span class='select2-arrow'><b></b></span>",
+ "</a>",
+ "<input class='select2-focusser select2-offscreen' type='text'/>",
+ "<div class='select2-drop select2-display-none'>",
+ " <div class='select2-search'>",
+ " <input type='text' autocomplete='off' autocorrect='off' autocapitalize='off' spellcheck='false' class='select2-input'/>",
+ " </div>",
+ " <ul class='select2-results'>",
+ " </ul>",
+ "</div>"].join(""));
+ return container;
+ },
+
+ // single
+ enableInterface: function() {
+ if (this.parent.enableInterface.apply(this, arguments)) {
+ this.focusser.prop("disabled", !this.isInterfaceEnabled());
+ }
+ },
+
+ // single
+ opening: function () {
+ var el, range, len;
+
+ if (this.opts.minimumResultsForSearch >= 0) {
+ this.showSearch(true);
+ }
+
+ this.parent.opening.apply(this, arguments);
+
+ if (this.showSearchInput !== false) {
+ // IE appends focusser.val() at the end of field :/ so we manually insert it at the beginning using a range
+ // all other browsers handle this just fine
+
+ this.search.val(this.focusser.val());
+ }
+ this.search.focus();
+ // move the cursor to the end after focussing, otherwise it will be at the beginning and
+ // new text will appear *before* focusser.val()
+ el = this.search.get(0);
+ if (el.createTextRange) {
+ range = el.createTextRange();
+ range.collapse(false);
+ range.select();
+ } else if (el.setSelectionRange) {
+ len = this.search.val().length;
+ el.setSelectionRange(len, len);
+ }
+
+ this.focusser.prop("disabled", true).val("");
+ this.updateResults(true);
+ this.opts.element.trigger($.Event("select2-open"));
+ },
+
+ // single
+ close: function () {
+ if (!this.opened()) return;
+ this.parent.close.apply(this, arguments);
+ this.focusser.removeAttr("disabled");
+ this.focusser.focus();
+ },
+
+ // single
+ focus: function () {
+ if (this.opened()) {
+ this.close();
+ } else {
+ this.focusser.removeAttr("disabled");
+ this.focusser.focus();
+ }
+ },
+
+ // single
+ isFocused: function () {
+ return this.container.hasClass("select2-container-active");
+ },
+
+ // single
+ cancel: function () {
+ this.parent.cancel.apply(this, arguments);
+ this.focusser.removeAttr("disabled");
+ this.focusser.focus();
+ },
+
+ // single
+ initContainer: function () {
+
+ var selection,
+ container = this.container,
+ dropdown = this.dropdown;
+
+ if (this.opts.minimumResultsForSearch < 0) {
+ this.showSearch(false);
+ } else {
+ this.showSearch(true);
+ }
+
+ this.selection = selection = container.find(".select2-choice");
+
+ this.focusser = container.find(".select2-focusser");
+
+ // rewrite labels from original element to focusser
+ this.focusser.attr("id", "s2id_autogen"+nextUid());
+
+ $("label[for='" + this.opts.element.attr("id") + "']")
+ .attr('for', this.focusser.attr('id'));
+
+ this.focusser.attr("tabindex", this.elementTabIndex);
+
+ this.search.on("keydown", this.bind(function (e) {
+ if (!this.isInterfaceEnabled()) return;
+
+ if (e.which === KEY.PAGE_UP || e.which === KEY.PAGE_DOWN) {
+ // prevent the page from scrolling
+ killEvent(e);
+ return;
+ }
+
+ switch (e.which) {
+ case KEY.UP:
+ case KEY.DOWN:
+ this.moveHighlight((e.which === KEY.UP) ? -1 : 1);
+ killEvent(e);
+ return;
+ case KEY.ENTER:
+ this.selectHighlighted();
+ killEvent(e);
+ return;
+ case KEY.TAB:
+ this.selectHighlighted({noFocus: true});
+ return;
+ case KEY.ESC:
+ this.cancel(e);
+ killEvent(e);
+ return;
+ }
+ }));
+
+ this.search.on("blur", this.bind(function(e) {
+ // a workaround for chrome to keep the search field focussed when the scroll bar is used to scroll the dropdown.
+ // without this the search field loses focus which is annoying
+ if (document.activeElement === this.body().get(0)) {
+ window.setTimeout(this.bind(function() {
+ this.search.focus();
+ }), 0);
+ }
+ }));
+
+ this.focusser.on("keydown", this.bind(function (e) {
+ if (!this.isInterfaceEnabled()) return;
+
+ if (e.which === KEY.TAB || KEY.isControl(e) || KEY.isFunctionKey(e) || e.which === KEY.ESC) {
+ return;
+ }
+
+ if (this.opts.openOnEnter === false && e.which === KEY.ENTER) {
+ killEvent(e);
+ return;
+ }
+
+ if (e.which == KEY.DOWN || e.which == KEY.UP
+ || (e.which == KEY.ENTER && this.opts.openOnEnter)) {
+
+ if (e.altKey || e.ctrlKey || e.shiftKey || e.metaKey) return;
+
+ this.open();
+ killEvent(e);
+ return;
+ }
+
+ if (e.which == KEY.DELETE || e.which == KEY.BACKSPACE) {
+ if (this.opts.allowClear) {
+ this.clear();
+ }
+ killEvent(e);
+ return;
+ }
+ }));
+
+
+ installKeyUpChangeEvent(this.focusser);
+ this.focusser.on("keyup-change input", this.bind(function(e) {
+ if (this.opts.minimumResultsForSearch >= 0) {
+ e.stopPropagation();
+ if (this.opened()) return;
+ this.open();
+ }
+ }));
+
+ selection.on("mousedown", "abbr", this.bind(function (e) {
+ if (!this.isInterfaceEnabled()) return;
+ this.clear();
+ killEventImmediately(e);
+ this.close();
+ this.selection.focus();
+ }));
+
+ selection.on("mousedown", this.bind(function (e) {
+
+ if (!this.container.hasClass("select2-container-active")) {
+ this.opts.element.trigger($.Event("select2-focus"));
+ }
+
+ if (this.opened()) {
+ this.close();
+ } else if (this.isInterfaceEnabled()) {
+ this.open();
+ }
+
+ killEvent(e);
+ }));
+
+ dropdown.on("mousedown", this.bind(function() { this.search.focus(); }));
+
+ selection.on("focus", this.bind(function(e) {
+ killEvent(e);
+ }));
+
+ this.focusser.on("focus", this.bind(function(){
+ if (!this.container.hasClass("select2-container-active")) {
+ this.opts.element.trigger($.Event("select2-focus"));
+ }
+ this.container.addClass("select2-container-active");
+ })).on("blur", this.bind(function() {
+ if (!this.opened()) {
+ this.container.removeClass("select2-container-active");
+ this.opts.element.trigger($.Event("select2-blur"));
+ }
+ }));
+ this.search.on("focus", this.bind(function(){
+ if (!this.container.hasClass("select2-container-active")) {
+ this.opts.element.trigger($.Event("select2-focus"));
+ }
+ this.container.addClass("select2-container-active");
+ }));
+
+ this.initContainerWidth();
+ this.opts.element.addClass("select2-offscreen");
+ this.setPlaceholder();
+
+ },
+
+ // single
+ clear: function(triggerChange) {
+ var data=this.selection.data("select2-data");
+ if (data) { // guard against queued quick consecutive clicks
+ var placeholderOption = this.getPlaceholderOption();
+ this.opts.element.val(placeholderOption ? placeholderOption.val() : "");
+ this.selection.find(".select2-chosen").empty();
+ this.selection.removeData("select2-data");
+ this.setPlaceholder();
+
+ if (triggerChange !== false){
+ this.opts.element.trigger({ type: "select2-removed", val: this.id(data), choice: data });
+ this.triggerChange({removed:data});
+ }
+ }
+ },
+
+ /**
+ * Sets selection based on source element's value
+ */
+ // single
+ initSelection: function () {
+ var selected;
+ if (this.isPlaceholderOptionSelected()) {
+ this.updateSelection([]);
+ this.close();
+ this.setPlaceholder();
+ } else {
+ var self = this;
+ this.opts.initSelection.call(null, this.opts.element, function(selected){
+ if (selected !== undefined && selected !== null) {
+ self.updateSelection(selected);
+ self.close();
+ self.setPlaceholder();
+ }
+ });
+ }
+ },
+
+ isPlaceholderOptionSelected: function() {
+ var placeholderOption;
+ return ((placeholderOption = this.getPlaceholderOption()) !== undefined && placeholderOption.is(':selected')) ||
+ (this.opts.element.val() === "") ||
+ (this.opts.element.val() === undefined) ||
+ (this.opts.element.val() === null);
+ },
+
+ // single
+ prepareOpts: function () {
+ var opts = this.parent.prepareOpts.apply(this, arguments),
+ self=this;
+
+ if (opts.element.get(0).tagName.toLowerCase() === "select") {
+ // install the selection initializer
+ opts.initSelection = function (element, callback) {
+ var selected = element.find(":selected");
+ // a single select box always has a value, no need to null check 'selected'
+ callback(self.optionToData(selected));
+ };
+ } else if ("data" in opts) {
+ // install default initSelection when applied to hidden input and data is local
+ opts.initSelection = opts.initSelection || function (element, callback) {
+ var id = element.val();
+ //search in data by id, storing the actual matching item
+ var match = null;
+ opts.query({
+ matcher: function(term, text, el){
+ var is_match = equal(id, opts.id(el));
+ if (is_match) {
+ match = el;
+ }
+ return is_match;
+ },
+ callback: !$.isFunction(callback) ? $.noop : function() {
+ callback(match);
+ }
+ });
+ };
+ }
+
+ return opts;
+ },
+
+ // single
+ getPlaceholder: function() {
+ // if a placeholder is specified on a single select without a valid placeholder option ignore it
+ if (this.select) {
+ if (this.getPlaceholderOption() === undefined) {
+ return undefined;
+ }
+ }
+
+ return this.parent.getPlaceholder.apply(this, arguments);
+ },
+
+ // single
+ setPlaceholder: function () {
+ var placeholder = this.getPlaceholder();
+
+ if (this.isPlaceholderOptionSelected() && placeholder !== undefined) {
+
+ // check for a placeholder option if attached to a select
+ if (this.select && this.getPlaceholderOption() === undefined) return;
+
+ this.selection.find(".select2-chosen").html(this.opts.escapeMarkup(placeholder));
+
+ this.selection.addClass("select2-default");
+
+ this.container.removeClass("select2-allowclear");
+ }
+ },
+
+ // single
+ postprocessResults: function (data, initial, noHighlightUpdate) {
+ var selected = 0, self = this, showSearchInput = true;
+
+ // find the selected element in the result list
+
+ this.findHighlightableChoices().each2(function (i, elm) {
+ if (equal(self.id(elm.data("select2-data")), self.opts.element.val())) {
+ selected = i;
+ return false;
+ }
+ });
+
+ // and highlight it
+ if (noHighlightUpdate !== false) {
+ if (initial === true && selected >= 0) {
+ this.highlight(selected);
+ } else {
+ this.highlight(0);
+ }
+ }
+
+ // hide the search box if this is the first we got the results and there are enough of them for search
+
+ if (initial === true) {
+ var min = this.opts.minimumResultsForSearch;
+ if (min >= 0) {
+ this.showSearch(countResults(data.results) >= min);
+ }
+ }
+ },
+
+ // single
+ showSearch: function(showSearchInput) {
+ if (this.showSearchInput === showSearchInput) return;
+
+ this.showSearchInput = showSearchInput;
+
+ this.dropdown.find(".select2-search").toggleClass("select2-search-hidden", !showSearchInput);
+ this.dropdown.find(".select2-search").toggleClass("select2-offscreen", !showSearchInput);
+ //add "select2-with-searchbox" to the container if search box is shown
+ $(this.dropdown, this.container).toggleClass("select2-with-searchbox", showSearchInput);
+ },
+
+ // single
+ onSelect: function (data, options) {
+
+ if (!this.triggerSelect(data)) { return; }
+
+ var old = this.opts.element.val(),
+ oldData = this.data();
+
+ this.opts.element.val(this.id(data));
+ this.updateSelection(data);
+
+ this.opts.element.trigger({ type: "select2-selected", val: this.id(data), choice: data });
+
+ this.close();
+
+ if (!options || !options.noFocus)
+ this.selection.focus();
+
+ if (!equal(old, this.id(data))) { this.triggerChange({added:data,removed:oldData}); }
+ },
+
+ // single
+ updateSelection: function (data) {
+
+ var container=this.selection.find(".select2-chosen"), formatted, cssClass;
+
+ this.selection.data("select2-data", data);
+
+ container.empty();
+ formatted=this.opts.formatSelection(data, container, this.opts.escapeMarkup);
+ if (formatted !== undefined) {
+ container.append(formatted);
+ }
+ cssClass=this.opts.formatSelectionCssClass(data, container);
+ if (cssClass !== undefined) {
+ container.addClass(cssClass);
+ }
+
+ this.selection.removeClass("select2-default");
+
+ if (this.opts.allowClear && this.getPlaceholder() !== undefined) {
+ this.container.addClass("select2-allowclear");
+ }
+ },
+
+ // single
+ val: function () {
+ var val,
+ triggerChange = false,
+ data = null,
+ self = this,
+ oldData = this.data();
+
+ if (arguments.length === 0) {
+ return this.opts.element.val();
+ }
+
+ val = arguments[0];
+
+ if (arguments.length > 1) {
+ triggerChange = arguments[1];
+ }
+
+ if (this.select) {
+ this.select
+ .val(val)
+ .find(":selected").each2(function (i, elm) {
+ data = self.optionToData(elm);
+ return false;
+ });
+ this.updateSelection(data);
+ this.setPlaceholder();
+ if (triggerChange) {
+ this.triggerChange({added: data, removed:oldData});
+ }
+ } else {
+ // val is an id. !val is true for [undefined,null,'',0] - 0 is legal
+ if (!val && val !== 0) {
+ this.clear(triggerChange);
+ return;
+ }
+ if (this.opts.initSelection === undefined) {
+ throw new Error("cannot call val() if initSelection() is not defined");
+ }
+ this.opts.element.val(val);
+ this.opts.initSelection(this.opts.element, function(data){
+ self.opts.element.val(!data ? "" : self.id(data));
+ self.updateSelection(data);
+ self.setPlaceholder();
+ if (triggerChange) {
+ self.triggerChange({added: data, removed:oldData});
+ }
+ });
+ }
+ },
+
+ // single
+ clearSearch: function () {
+ this.search.val("");
+ this.focusser.val("");
+ },
+
+ // single
+ data: function(value, triggerChange) {
+ var data;
+
+ if (arguments.length === 0) {
+ data = this.selection.data("select2-data");
+ if (data == undefined) data = null;
+ return data;
+ } else {
+ if (!value || value === "") {
+ this.clear(triggerChange);
+ } else {
+ data = this.data();
+ this.opts.element.val(!value ? "" : this.id(value));
+ this.updateSelection(value);
+ if (triggerChange) {
+ this.triggerChange({added: value, removed:data});
+ }
+ }
+ }
+ }
+ });
+
+ MultiSelect2 = clazz(AbstractSelect2, {
+
+ // multi
+ createContainer: function () {
+ var container = $(document.createElement("div")).attr({
+ "class": "select2-container select2-container-multi"
+ }).html([
+ "<ul class='select2-choices'>",
+ " <li class='select2-search-field'>",
+ " <input type='text' autocomplete='off' autocorrect='off' autocapitilize='off' spellcheck='false' class='select2-input'>",
+ " </li>",
+ "</ul>",
+ "<div class='select2-drop select2-drop-multi select2-display-none'>",
+ " <ul class='select2-results'>",
+ " </ul>",
+ "</div>"].join(""));
+ return container;
+ },
+
+ // multi
+ prepareOpts: function () {
+ var opts = this.parent.prepareOpts.apply(this, arguments),
+ self=this;
+
+ // TODO validate placeholder is a string if specified
+
+ if (opts.element.get(0).tagName.toLowerCase() === "select") {
+ // install sthe selection initializer
+ opts.initSelection = function (element, callback) {
+
+ var data = [];
+
+ element.find(":selected").each2(function (i, elm) {
+ data.push(self.optionToData(elm));
+ });
+ callback(data);
+ };
+ } else if ("data" in opts) {
+ // install default initSelection when applied to hidden input and data is local
+ opts.initSelection = opts.initSelection || function (element, callback) {
+ var ids = splitVal(element.val(), opts.separator);
+ //search in data by array of ids, storing matching items in a list
+ var matches = [];
+ opts.query({
+ matcher: function(term, text, el){
+ var is_match = $.grep(ids, function(id) {
+ return equal(id, opts.id(el));
+ }).length;
+ if (is_match) {
+ matches.push(el);
+ }
+ return is_match;
+ },
+ callback: !$.isFunction(callback) ? $.noop : function() {
+ // reorder matches based on the order they appear in the ids array because right now
+ // they are in the order in which they appear in data array
+ var ordered = [];
+ for (var i = 0; i < ids.length; i++) {
+ var id = ids[i];
+ for (var j = 0; j < matches.length; j++) {
+ var match = matches[j];
+ if (equal(id, opts.id(match))) {
+ ordered.push(match);
+ matches.splice(j, 1);
+ break;
+ }
+ }
+ }
+ callback(ordered);
+ }
+ });
+ };
+ }
+
+ return opts;
+ },
+
+ selectChoice: function (choice) {
+
+ var selected = this.container.find(".select2-search-choice-focus");
+ if (selected.length && choice && choice[0] == selected[0]) {
+
+ } else {
+ if (selected.length) {
+ this.opts.element.trigger("choice-deselected", selected);
+ }
+ selected.removeClass("select2-search-choice-focus");
+ if (choice && choice.length) {
+ this.close();
+ choice.addClass("select2-search-choice-focus");
+ this.opts.element.trigger("choice-selected", choice);
+ }
+ }
+ },
+
+ // multi
+ initContainer: function () {
+
+ var selector = ".select2-choices", selection;
+
+ this.searchContainer = this.container.find(".select2-search-field");
+ this.selection = selection = this.container.find(selector);
+
+ var _this = this;
+ this.selection.on("mousedown", ".select2-search-choice", function (e) {
+ //killEvent(e);
+ _this.search[0].focus();
+ _this.selectChoice($(this));
+ })
+
+ // rewrite labels from original element to focusser
+ this.search.attr("id", "s2id_autogen"+nextUid());
+ $("label[for='" + this.opts.element.attr("id") + "']")
+ .attr('for', this.search.attr('id'));
+
+ this.search.on("input paste", this.bind(function() {
+ if (!this.isInterfaceEnabled()) return;
+ if (!this.opened()) {
+ this.open();
+ }
+ }));
+
+ this.search.attr("tabindex", this.elementTabIndex);
+
+ this.keydowns = 0;
+ this.search.on("keydown", this.bind(function (e) {
+ if (!this.isInterfaceEnabled()) return;
+
+ ++this.keydowns;
+ var selected = selection.find(".select2-search-choice-focus");
+ var prev = selected.prev(".select2-search-choice:not(.select2-locked)");
+ var next = selected.next(".select2-search-choice:not(.select2-locked)");
+ var pos = getCursorInfo(this.search);
+
+ if (selected.length &&
+ (e.which == KEY.LEFT || e.which == KEY.RIGHT || e.which == KEY.BACKSPACE || e.which == KEY.DELETE || e.which == KEY.ENTER)) {
+ var selectedChoice = selected;
+ if (e.which == KEY.LEFT && prev.length) {
+ selectedChoice = prev;
+ }
+ else if (e.which == KEY.RIGHT) {
+ selectedChoice = next.length ? next : null;
+ }
+ else if (e.which === KEY.BACKSPACE) {
+ this.unselect(selected.first());
+ this.search.width(10);
+ selectedChoice = prev.length ? prev : next;
+ } else if (e.which == KEY.DELETE) {
+ this.unselect(selected.first());
+ this.search.width(10);
+ selectedChoice = next.length ? next : null;
+ } else if (e.which == KEY.ENTER) {
+ selectedChoice = null;
+ }
+
+ this.selectChoice(selectedChoice);
+ killEvent(e);
+ if (!selectedChoice || !selectedChoice.length) {
+ this.open();
+ }
+ return;
+ } else if (((e.which === KEY.BACKSPACE && this.keydowns == 1)
+ || e.which == KEY.LEFT) && (pos.offset == 0 && !pos.length)) {
+
+ this.selectChoice(selection.find(".select2-search-choice:not(.select2-locked)").last());
+ killEvent(e);
+ return;
+ } else {
+ this.selectChoice(null);
+ }
+
+ if (this.opened()) {
+ switch (e.which) {
+ case KEY.UP:
+ case KEY.DOWN:
+ this.moveHighlight((e.which === KEY.UP) ? -1 : 1);
+ killEvent(e);
+ return;
+ case KEY.ENTER:
+ this.selectHighlighted();
+ killEvent(e);
+ return;
+ case KEY.TAB:
+ this.selectHighlighted({noFocus:true});
+ this.close();
+ return;
+ case KEY.ESC:
+ this.cancel(e);
+ killEvent(e);
+ return;
+ }
+ }
+
+ if (e.which === KEY.TAB || KEY.isControl(e) || KEY.isFunctionKey(e)
+ || e.which === KEY.BACKSPACE || e.which === KEY.ESC) {
+ return;
+ }
+
+ if (e.which === KEY.ENTER) {
+ if (this.opts.openOnEnter === false) {
+ return;
+ } else if (e.altKey || e.ctrlKey || e.shiftKey || e.metaKey) {
+ return;
+ }
+ }
+
+ this.open();
+
+ if (e.which === KEY.PAGE_UP || e.which === KEY.PAGE_DOWN) {
+ // prevent the page from scrolling
+ killEvent(e);
+ }
+
+ if (e.which === KEY.ENTER) {
+ // prevent form from being submitted
+ killEvent(e);
+ }
+
+ }));
+
+ this.search.on("keyup", this.bind(function (e) {
+ this.keydowns = 0;
+ this.resizeSearch();
+ })
+ );
+
+ this.search.on("blur", this.bind(function(e) {
+ this.container.removeClass("select2-container-active");
+ this.search.removeClass("select2-focused");
+ this.selectChoice(null);
+ if (!this.opened()) this.clearSearch();
+ e.stopImmediatePropagation();
+ this.opts.element.trigger($.Event("select2-blur"));
+ }));
+
+ this.container.on("click", selector, this.bind(function (e) {
+ if (!this.isInterfaceEnabled()) return;
+ if ($(e.target).closest(".select2-search-choice").length > 0) {
+ // clicked inside a select2 search choice, do not open
+ return;
+ }
+ this.selectChoice(null);
+ this.clearPlaceholder();
+ if (!this.container.hasClass("select2-container-active")) {
+ this.opts.element.trigger($.Event("select2-focus"));
+ }
+ this.open();
+ this.focusSearch();
+ e.preventDefault();
+ }));
+
+ this.container.on("focus", selector, this.bind(function () {
+ if (!this.isInterfaceEnabled()) return;
+ if (!this.container.hasClass("select2-container-active")) {
+ this.opts.element.trigger($.Event("select2-focus"));
+ }
+ this.container.addClass("select2-container-active");
+ this.dropdown.addClass("select2-drop-active");
+ this.clearPlaceholder();
+ }));
+
+ this.initContainerWidth();
+ this.opts.element.addClass("select2-offscreen");
+
+ // set the placeholder if necessary
+ this.clearSearch();
+ },
+
+ // multi
+ enableInterface: function() {
+ if (this.parent.enableInterface.apply(this, arguments)) {
+ this.search.prop("disabled", !this.isInterfaceEnabled());
+ }
+ },
+
+ // multi
+ initSelection: function () {
+ var data;
+ if (this.opts.element.val() === "" && this.opts.element.text() === "") {
+ this.updateSelection([]);
+ this.close();
+ // set the placeholder if necessary
+ this.clearSearch();
+ }
+ if (this.select || this.opts.element.val() !== "") {
+ var self = this;
+ this.opts.initSelection.call(null, this.opts.element, function(data){
+ if (data !== undefined && data !== null) {
+ self.updateSelection(data);
+ self.close();
+ // set the placeholder if necessary
+ self.clearSearch();
+ }
+ });
+ }
+ },
+
+ // multi
+ clearSearch: function () {
+ var placeholder = this.getPlaceholder(),
+ maxWidth = this.getMaxSearchWidth();
+
+ if (placeholder !== undefined && this.getVal().length === 0 && this.search.hasClass("select2-focused") === false) {
+ this.search.val(placeholder).addClass("select2-default");
+ // stretch the search box to full width of the container so as much of the placeholder is visible as possible
+ // we could call this.resizeSearch(), but we do not because that requires a sizer and we do not want to create one so early because of a firefox bug, see #944
+ this.search.width(maxWidth > 0 ? maxWidth : this.container.css("width"));
+ } else {
+ this.search.val("").width(10);
+ }
+ },
+
+ // multi
+ clearPlaceholder: function () {
+ if (this.search.hasClass("select2-default")) {
+ this.search.val("").removeClass("select2-default");
+ }
+ },
+
+ // multi
+ opening: function () {
+ this.clearPlaceholder(); // should be done before super so placeholder is not used to search
+ this.resizeSearch();
+
+ this.parent.opening.apply(this, arguments);
+
+ this.focusSearch();
+
+ this.updateResults(true);
+ this.search.focus();
+ this.opts.element.trigger($.Event("select2-open"));
+ },
+
+ // multi
+ close: function () {
+ if (!this.opened()) return;
+ this.parent.close.apply(this, arguments);
+ },
+
+ // multi
+ focus: function () {
+ this.close();
+ this.search.focus();
+ },
+
+ // multi
+ isFocused: function () {
+ return this.search.hasClass("select2-focused");
+ },
+
+ // multi
+ updateSelection: function (data) {
+ var ids = [], filtered = [], self = this;
+
+ // filter out duplicates
+ $(data).each(function () {
+ if (indexOf(self.id(this), ids) < 0) {
+ ids.push(self.id(this));
+ filtered.push(this);
+ }
+ });
+ data = filtered;
+
+ this.selection.find(".select2-search-choice").remove();
+ $(data).each(function () {
+ self.addSelectedChoice(this);
+ });
+ self.postprocessResults();
+ },
+
+ // multi
+ tokenize: function() {
+ var input = this.search.val();
+ input = this.opts.tokenizer.call(this, input, this.data(), this.bind(this.onSelect), this.opts);
+ if (input != null && input != undefined) {
+ this.search.val(input);
+ if (input.length > 0) {
+ this.open();
+ }
+ }
+
+ },
+
+ // multi
+ onSelect: function (data, options) {
+
+ if (!this.triggerSelect(data)) { return; }
+
+ this.addSelectedChoice(data);
+
+ this.opts.element.trigger({ type: "selected", val: this.id(data), choice: data });
+
+ if (this.select || !this.opts.closeOnSelect) this.postprocessResults();
+
+ if (this.opts.closeOnSelect) {
+ this.close();
+ this.search.width(10);
+ } else {
+ if (this.countSelectableResults()>0) {
+ this.search.width(10);
+ this.resizeSearch();
+ if (this.getMaximumSelectionSize() > 0 && this.val().length >= this.getMaximumSelectionSize()) {
+ // if we reached max selection size repaint the results so choices
+ // are replaced with the max selection reached message
+ this.updateResults(true);
+ }
+ this.positionDropdown();
+ } else {
+ // if nothing left to select close
+ this.close();
+ this.search.width(10);
+ }
+ }
+
+ // since its not possible to select an element that has already been
+ // added we do not need to check if this is a new element before firing change
+ this.triggerChange({ added: data });
+
+ if (!options || !options.noFocus)
+ this.focusSearch();
+ },
+
+ // multi
+ cancel: function () {
+ this.close();
+ this.focusSearch();
+ },
+
+ addSelectedChoice: function (data) {
+ var enableChoice = !data.locked,
+ enabledItem = $(
+ "<li class='select2-search-choice'>" +
+ " <div></div>" +
+ " <a href='#' onclick='return false;' class='select2-search-choice-close' tabindex='-1'></a>" +
+ "</li>"),
+ disabledItem = $(
+ "<li class='select2-search-choice select2-locked'>" +
+ "<div></div>" +
+ "</li>");
+ var choice = enableChoice ? enabledItem : disabledItem,
+ id = this.id(data),
+ val = this.getVal(),
+ formatted,
+ cssClass;
+
+ formatted=this.opts.formatSelection(data, choice.find("div"), this.opts.escapeMarkup);
+ if (formatted != undefined) {
+ choice.find("div").replaceWith("<div>"+formatted+"</div>");
+ }
+ cssClass=this.opts.formatSelectionCssClass(data, choice.find("div"));
+ if (cssClass != undefined) {
+ choice.addClass(cssClass);
+ }
+
+ if(enableChoice){
+ choice.find(".select2-search-choice-close")
+ .on("mousedown", killEvent)
+ .on("click dblclick", this.bind(function (e) {
+ if (!this.isInterfaceEnabled()) return;
+
+ $(e.target).closest(".select2-search-choice").fadeOut('fast', this.bind(function(){
+ this.unselect($(e.target));
+ this.selection.find(".select2-search-choice-focus").removeClass("select2-search-choice-focus");
+ this.close();
+ this.focusSearch();
+ })).dequeue();
+ killEvent(e);
+ })).on("focus", this.bind(function () {
+ if (!this.isInterfaceEnabled()) return;
+ this.container.addClass("select2-container-active");
+ this.dropdown.addClass("select2-drop-active");
+ }));
+ }
+
+ choice.data("select2-data", data);
+ choice.insertBefore(this.searchContainer);
+
+ val.push(id);
+ this.setVal(val);
+ },
+
+ // multi
+ unselect: function (selected) {
+ var val = this.getVal(),
+ data,
+ index;
+
+ selected = selected.closest(".select2-search-choice");
+
+ if (selected.length === 0) {
+ throw "Invalid argument: " + selected + ". Must be .select2-search-choice";
+ }
+
+ data = selected.data("select2-data");
+
+ if (!data) {
+ // prevent a race condition when the 'x' is clicked really fast repeatedly the event can be queued
+ // and invoked on an element already removed
+ return;
+ }
+
+ index = indexOf(this.id(data), val);
+
+ if (index >= 0) {
+ val.splice(index, 1);
+ this.setVal(val);
+ if (this.select) this.postprocessResults();
+ }
+ selected.remove();
+
+ this.opts.element.trigger({ type: "removed", val: this.id(data), choice: data });
+ this.triggerChange({ removed: data });
+ },
+
+ // multi
+ postprocessResults: function (data, initial, noHighlightUpdate) {
+ var val = this.getVal(),
+ choices = this.results.find(".select2-result"),
+ compound = this.results.find(".select2-result-with-children"),
+ self = this;
+
+ choices.each2(function (i, choice) {
+ var id = self.id(choice.data("select2-data"));
+ if (indexOf(id, val) >= 0) {
+ choice.addClass("select2-selected");
+ // mark all children of the selected parent as selected
+ choice.find(".select2-result-selectable").addClass("select2-selected");
+ }
+ });
+
+ compound.each2(function(i, choice) {
+ // hide an optgroup if it doesnt have any selectable children
+ if (!choice.is('.select2-result-selectable')
+ && choice.find(".select2-result-selectable:not(.select2-selected)").length === 0) {
+ choice.addClass("select2-selected");
+ }
+ });
+
+ if (this.highlight() == -1 && noHighlightUpdate !== false){
+ self.highlight(0);
+ }
+
+ //If all results are chosen render formatNoMAtches
+ if(!this.opts.createSearchChoice && !choices.filter('.select2-result:not(.select2-selected)').length > 0){
+ if(!data || data && !data.more && this.results.find(".select2-no-results").length === 0) {
+ if (checkFormatter(self.opts.formatNoMatches, "formatNoMatches")) {
+ this.results.append("<li class='select2-no-results'>" + self.opts.formatNoMatches(self.search.val()) + "</li>");
+ }
+ }
+ }
+
+ },
+
+ // multi
+ getMaxSearchWidth: function() {
+ return this.selection.width() - getSideBorderPadding(this.search);
+ },
+
+ // multi
+ resizeSearch: function () {
+ var minimumWidth, left, maxWidth, containerLeft, searchWidth,
+ sideBorderPadding = getSideBorderPadding(this.search);
+
+ minimumWidth = measureTextWidth(this.search) + 10;
+
+ left = this.search.offset().left;
+
+ maxWidth = this.selection.width();
+ containerLeft = this.selection.offset().left;
+
+ searchWidth = maxWidth - (left - containerLeft) - sideBorderPadding;
+
+ if (searchWidth < minimumWidth) {
+ searchWidth = maxWidth - sideBorderPadding;
+ }
+
+ if (searchWidth < 40) {
+ searchWidth = maxWidth - sideBorderPadding;
+ }
+
+ if (searchWidth <= 0) {
+ searchWidth = minimumWidth;
+ }
+
+ this.search.width(searchWidth);
+ },
+
+ // multi
+ getVal: function () {
+ var val;
+ if (this.select) {
+ val = this.select.val();
+ return val === null ? [] : val;
+ } else {
+ val = this.opts.element.val();
+ return splitVal(val, this.opts.separator);
+ }
+ },
+
+ // multi
+ setVal: function (val) {
+ var unique;
+ if (this.select) {
+ this.select.val(val);
+ } else {
+ unique = [];
+ // filter out duplicates
+ $(val).each(function () {
+ if (indexOf(this, unique) < 0) unique.push(this);
+ });
+ this.opts.element.val(unique.length === 0 ? "" : unique.join(this.opts.separator));
+ }
+ },
+
+ // multi
+ buildChangeDetails: function (old, current) {
+ var current = current.slice(0),
+ old = old.slice(0);
+
+ // remove intersection from each array
+ for (var i = 0; i < current.length; i++) {
+ for (var j = 0; j < old.length; j++) {
+ if (equal(this.opts.id(current[i]), this.opts.id(old[j]))) {
+ current.splice(i, 1);
+ i--;
+ old.splice(j, 1);
+ j--;
+ }
+ }
+ }
+
+ return {added: current, removed: old};
+ },
+
+
+ // multi
+ val: function (val, triggerChange) {
+ var oldData, self=this, changeDetails;
+
+ if (arguments.length === 0) {
+ return this.getVal();
+ }
+
+ oldData=this.data();
+ if (!oldData.length) oldData=[];
+
+ // val is an id. !val is true for [undefined,null,'',0] - 0 is legal
+ if (!val && val !== 0) {
+ this.opts.element.val("");
+ this.updateSelection([]);
+ this.clearSearch();
+ if (triggerChange) {
+ this.triggerChange({added: this.data(), removed: oldData});
+ }
+ return;
+ }
+
+ // val is a list of ids
+ this.setVal(val);
+
+ if (this.select) {
+ this.opts.initSelection(this.select, this.bind(this.updateSelection));
+ if (triggerChange) {
+ this.triggerChange(this.buildChangeDetails(oldData, this.data()));
+ }
+ } else {
+ if (this.opts.initSelection === undefined) {
+ throw new Error("val() cannot be called if initSelection() is not defined");
+ }
+
+ this.opts.initSelection(this.opts.element, function(data){
+ var ids=$.map(data, self.id);
+ self.setVal(ids);
+ self.updateSelection(data);
+ self.clearSearch();
+ if (triggerChange) {
+ self.triggerChange(this.buildChangeDetails(oldData, this.data()));
+ }
+ });
+ }
+ this.clearSearch();
+ },
+
+ // multi
+ onSortStart: function() {
+ if (this.select) {
+ throw new Error("Sorting of elements is not supported when attached to <select>. Attach to <input type='hidden'/> instead.");
+ }
+
+ // collapse search field into 0 width so its container can be collapsed as well
+ this.search.width(0);
+ // hide the container
+ this.searchContainer.hide();
+ },
+
+ // multi
+ onSortEnd:function() {
+
+ var val=[], self=this;
+
+ // show search and move it to the end of the list
+ this.searchContainer.show();
+ // make sure the search container is the last item in the list
+ this.searchContainer.appendTo(this.searchContainer.parent());
+ // since we collapsed the width in dragStarted, we resize it here
+ this.resizeSearch();
+
+ // update selection
+ this.selection.find(".select2-search-choice").each(function() {
+ val.push(self.opts.id($(this).data("select2-data")));
+ });
+ this.setVal(val);
+ this.triggerChange();
+ },
+
+ // multi
+ data: function(values, triggerChange) {
+ var self=this, ids, old;
+ if (arguments.length === 0) {
+ return this.selection
+ .find(".select2-search-choice")
+ .map(function() { return $(this).data("select2-data"); })
+ .get();
+ } else {
+ old = this.data();
+ if (!values) { values = []; }
+ ids = $.map(values, function(e) { return self.opts.id(e); });
+ this.setVal(ids);
+ this.updateSelection(values);
+ this.clearSearch();
+ if (triggerChange) {
+ this.triggerChange(this.buildChangeDetails(old, this.data()));
+ }
+ }
+ }
+ });
+
+ $.fn.select2 = function () {
+
+ var args = Array.prototype.slice.call(arguments, 0),
+ opts,
+ select2,
+ method, value, multiple,
+ allowedMethods = ["val", "destroy", "opened", "open", "close", "focus", "isFocused", "container", "dropdown", "onSortStart", "onSortEnd", "enable", "readonly", "positionDropdown", "data", "search"],
+ valueMethods = ["val", "opened", "isFocused", "container", "data"],
+ methodsMap = { search: "externalSearch" };
+
+ this.each(function () {
+ if (args.length === 0 || typeof(args[0]) === "object") {
+ opts = args.length === 0 ? {} : $.extend({}, args[0]);
+ opts.element = $(this);
+
+ if (opts.element.get(0).tagName.toLowerCase() === "select") {
+ multiple = opts.element.prop("multiple");
+ } else {
+ multiple = opts.multiple || false;
+ if ("tags" in opts) {opts.multiple = multiple = true;}
+ }
+
+ select2 = multiple ? new MultiSelect2() : new SingleSelect2();
+ select2.init(opts);
+ } else if (typeof(args[0]) === "string") {
+
+ if (indexOf(args[0], allowedMethods) < 0) {
+ throw "Unknown method: " + args[0];
+ }
+
+ value = undefined;
+ select2 = $(this).data("select2");
+ if (select2 === undefined) return;
+
+ method=args[0];
+
+ if (method === "container") {
+ value = select2.container;
+ } else if (method === "dropdown") {
+ value = select2.dropdown;
+ } else {
+ if (methodsMap[method]) method = methodsMap[method];
+
+ value = select2[method].apply(select2, args.slice(1));
+ }
+ if (indexOf(args[0], valueMethods) >= 0) {
+ return false;
+ }
+ } else {
+ throw "Invalid arguments to select2 plugin: " + args;
+ }
+ });
+ return (value === undefined) ? this : value;
+ };
+
+ // plugin defaults, accessible to users
+ $.fn.select2.defaults = {
+ width: "copy",
+ loadMorePadding: 0,
+ closeOnSelect: true,
+ openOnEnter: true,
+ containerCss: {},
+ dropdownCss: {},
+ containerCssClass: "",
+ dropdownCssClass: "",
+ formatResult: function(result, container, query, escapeMarkup) {
+ var markup=[];
+ markMatch(result.text, query.term, markup, escapeMarkup);
+ return markup.join("");
+ },
+ formatSelection: function (data, container, escapeMarkup) {
+ return data ? escapeMarkup(data.text) : undefined;
+ },
+ sortResults: function (results, container, query) {
+ return results;
+ },
+ formatResultCssClass: function(data) {return undefined;},
+ formatSelectionCssClass: function(data, container) {return undefined;},
+ formatNoMatches: function () { return "No matches found"; },
+ formatInputTooShort: function (input, min) { var n = min - input.length; return "Please enter " + n + " more character" + (n == 1? "" : "s"); },
+ formatInputTooLong: function (input, max) { var n = input.length - max; return "Please delete " + n + " character" + (n == 1? "" : "s"); },
+ formatSelectionTooBig: function (limit) { return "You can only select " + limit + " item" + (limit == 1 ? "" : "s"); },
+ formatLoadMore: function (pageNumber) { return "Loading more results..."; },
+ formatSearching: function () { return "Searching..."; },
+ minimumResultsForSearch: 0,
+ minimumInputLength: 0,
+ maximumInputLength: null,
+ maximumSelectionSize: 0,
+ id: function (e) { return e.id; },
+ matcher: function(term, text) {
+ return (''+text).toUpperCase().indexOf((''+term).toUpperCase()) >= 0;
+ },
+ separator: ",",
+ tokenSeparators: [],
+ tokenizer: defaultTokenizer,
+ escapeMarkup: defaultEscapeMarkup,
+ blurOnChange: false,
+ selectOnBlur: false,
+ adaptContainerCssClass: function(c) { return c; },
+ adaptDropdownCssClass: function(c) { return null; }
+ };
+
+ $.fn.select2.ajaxDefaults = {
+ transport: $.ajax,
+ params: {
+ type: "GET",
+ cache: false,
+ dataType: "json"
+ }
+ };
+
+ // exports
+ window.Select2 = {
+ query: {
+ ajax: ajax,
+ local: local,
+ tags: tags
+ }, util: {
+ debounce: debounce,
+ markMatch: markMatch,
+ escapeMarkup: defaultEscapeMarkup
+ }, "class": {
+ "abstract": AbstractSelect2,
+ "single": SingleSelect2,
+ "multi": MultiSelect2
+ }
+ };
+
+}(jQuery));
travis-run-tests.sh 23(+12 -11)
diff --git a/travis-run-tests.sh b/travis-run-tests.sh
index 2c6ee29..4ce246e 100755
--- a/travis-run-tests.sh
+++ b/travis-run-tests.sh
@@ -5,26 +5,27 @@ if [ $1 == "old" ]; then
fi
if [ $1 == "group1" ]; then
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.a**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.ad*.**.*Test
fi
if [ $1 == "group2" ]; then
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.b**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.cli**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.com**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.ac*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.b*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.cli*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.com*.**.*Test
fi
if [ $1 == "group3" ]; then
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.d**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.e**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.f**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.i**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.d*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.e*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.f*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.i*.**.*Test
fi
if [ $1 == "group4" ]; then
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.k**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.m**.*Test
- mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.o**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.k*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.m*.**.*Test
+ mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.testsuite.o*.**.*Test
mvn test -B -f testsuite/integration-arquillian/tests/base -Dtest=org.keycloak.*Test
fi
util/embedded-ldap/pom.xml 2(+1 -1)
diff --git a/util/embedded-ldap/pom.xml b/util/embedded-ldap/pom.xml
index f29a78d..e92ee08 100644
--- a/util/embedded-ldap/pom.xml
+++ b/util/embedded-ldap/pom.xml
@@ -21,7 +21,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
util/pom.xml 2(+1 -1)
diff --git a/util/pom.xml b/util/pom.xml
index 81152d3..7e2619c 100644
--- a/util/pom.xml
+++ b/util/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
wildfly/adduser/pom.xml 2(+1 -1)
diff --git a/wildfly/adduser/pom.xml b/wildfly/adduser/pom.xml
index d5ced6a..8c67c18 100755
--- a/wildfly/adduser/pom.xml
+++ b/wildfly/adduser/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-wildfly-adduser</artifactId>
wildfly/extensions/pom.xml 2(+1 -1)
diff --git a/wildfly/extensions/pom.xml b/wildfly/extensions/pom.xml
index ef4fd22..99b80a2 100755
--- a/wildfly/extensions/pom.xml
+++ b/wildfly/extensions/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-wildfly-extensions</artifactId>
wildfly/pom.xml 2(+1 -1)
diff --git a/wildfly/pom.xml b/wildfly/pom.xml
index 9845d63..0e9f5f1 100755
--- a/wildfly/pom.xml
+++ b/wildfly/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<name>Keycloak WildFly Integration</name>
wildfly/server-subsystem/pom.xml 2(+1 -1)
diff --git a/wildfly/server-subsystem/pom.xml b/wildfly/server-subsystem/pom.xml
index e79a1e2..c8f2d69 100755
--- a/wildfly/server-subsystem/pom.xml
+++ b/wildfly/server-subsystem/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wildfly-parent</artifactId>
- <version>2.4.1.Final-SNAPSHOT</version>
+ <version>2.5.0.Final-SNAPSHOT</version>
</parent>
<artifactId>keycloak-wildfly-server-subsystem</artifactId>