Details
diff --git a/core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java
index 9a09302..6cf9de6 100755
--- a/core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/ResourceRepresentation.java
@@ -11,6 +11,7 @@ import java.util.Set;
*/
public class ResourceRepresentation {
protected String self; // link
+ protected String id;
protected String name;
protected String adminUrl;
protected boolean surrogateAuthRequired;
@@ -29,6 +30,14 @@ public class ResourceRepresentation {
this.self = self;
}
+ public String getId() {
+ return id;
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
public String getName() {
return name;
}
diff --git a/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json b/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json
index a1500d1..642af04 100755
--- a/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json
+++ b/examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json
@@ -72,6 +72,7 @@
"resources" : [
{
"name" : "customer-portal",
+ "enabled" : true,
"adminUrl" : "http://localhost:8080/customer-portal/j_admin_request",
"useRealmMappings" : true,
"credentials" : [
@@ -81,6 +82,7 @@
},
{
"name" : "product-portal",
+ "enabled" : true,
"adminUrl" : "http://localhost:8080/product-portal/j_admin_request",
"useRealmMappings" : true,
"credentials" : [
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/saas-login.jsp b/examples/as7-eap-demo/server/src/main/webapp/saas/saas-login.jsp
index a646dee..e11fc81 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/saas-login.jsp
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/saas-login.jsp
@@ -67,7 +67,7 @@
</section>
<section class="info-area">
<h3>Info area</h3>
- <p>Does not have an account? <a href="<%=application.getContextPath()%>/saas/saas-register.html">Register</a>.</p>
+ <p>Does not have an account? <a href="<%=application.getContextPath()%>/saas/saas-register.jsp">Register</a>.</p>
<ul>
<li><strong>Domain:</strong> 10.0.0.1</li>
<li><strong>Zone:</strong> Live</li>
diff --git a/services/src/main/java/org/keycloak/services/managers/ResourceManager.java b/services/src/main/java/org/keycloak/services/managers/ResourceManager.java
index 4db5c17..e1c2ebb 100755
--- a/services/src/main/java/org/keycloak/services/managers/ResourceManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ResourceManager.java
@@ -27,6 +27,7 @@ public class ResourceManager {
public ResourceModel createResource(RealmModel realm, RoleModel loginRole, ResourceRepresentation resourceRep) {
ResourceModel resource = realm.addResource(resourceRep.getName());
+ resource.setEnabled(resourceRep.isEnabled());
resource.setManagementUrl(resourceRep.getAdminUrl());
resource.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired());
resource.updateResource();
@@ -82,16 +83,22 @@ public class ResourceManager {
return createResource(realm, loginRole, resourceRep);
}
- public ResourceRepresentation getResource(ResourceModel resourceModel, boolean bulk) {
+ public void updateResource(ResourceRepresentation rep, ResourceModel resource) {
+ resource.setName(rep.getName());
+ resource.setEnabled(rep.isEnabled());
+ resource.setManagementUrl(rep.getAdminUrl());
+ resource.setSurrogateAuthRequired(rep.isSurrogateAuthRequired());
+ resource.updateResource();
+
+ }
+
+ public ResourceRepresentation toRepresentation(ResourceModel resourceModel) {
ResourceRepresentation rep = new ResourceRepresentation();
+ rep.setId(resourceModel.getId());
rep.setName(resourceModel.getName());
rep.setEnabled(resourceModel.isEnabled());
rep.setAdminUrl(resourceModel.getManagementUrl());
rep.setSurrogateAuthRequired(resourceModel.isSurrogateAuthRequired());
- List<RoleModel> roles = resourceModel.getRoles();
- for (RoleModel role : roles) {
- rep.role(realmManager.toRepresentation(role));
- }
return rep;
}
diff --git a/services/src/main/java/org/keycloak/services/managers/TokenManager.java b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
index 121de14..6072c51 100755
--- a/services/src/main/java/org/keycloak/services/managers/TokenManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
@@ -9,14 +9,10 @@ import org.keycloak.services.models.RealmModel;
import org.keycloak.services.models.ResourceModel;
import org.keycloak.services.models.RoleModel;
import org.keycloak.services.models.UserModel;
-import org.keycloak.services.resources.RealmsResource;
import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.NewCookie;
-import javax.ws.rs.core.UriInfo;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
-import java.net.URI;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -135,7 +131,7 @@ public class TokenManager {
}
if (accessCodeEntry.getResourceRolesRequested().size() > 0) {
- Map<String, ResourceModel> resourceMap = realm.getResourceMap();
+ Map<String, ResourceModel> resourceMap = realm.getResourceNameMap();
for (String resourceName : accessCodeEntry.getResourceRolesRequested().keySet()) {
ResourceModel resource = resourceMap.get(resourceName);
SkeletonKeyToken.Access access = token.addAccess(resourceName).verifyCaller(resource.isSurrogateAuthRequired());
diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java b/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java
index 4884a1f..fe023f7 100755
--- a/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java
+++ b/services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java
@@ -416,7 +416,7 @@ public class RealmAdapter implements RealmModel {
* @return
*/
@Override
- public Map<String, ResourceModel> getResourceMap() {
+ public Map<String, ResourceModel> getResourceNameMap() {
Map<String, ResourceModel> resourceMap = new HashMap<String, ResourceModel>();
for (ResourceModel resource : getResources()) {
resourceMap.put(resource.getName(), resource);
@@ -424,6 +424,24 @@ public class RealmAdapter implements RealmModel {
return resourceMap;
}
+ /**
+ * Makes sure that the resource returned is owned by the realm
+ *
+ * @return
+ */
+ @Override
+ public ResourceModel getResourceById(String id) {
+ RelationshipQuery<ResourceRelationship> query = getRelationshipManager().createRelationshipQuery(ResourceRelationship.class);
+ query.setParameter(ResourceRelationship.REALM, realm.getName());
+ query.setParameter(ResourceRelationship.RESOURCE, id);
+ List<ResourceRelationship> results = query.getResultList();
+ if (results.size() == 0) return null;
+ ResourceData resource = partitionManager.getPartition(ResourceData.class, id);
+ ResourceModel model = new ResourceAdapter(resource, this, partitionManager);
+ return model;
+ }
+
+
@Override
public List<ResourceModel> getResources() {
RelationshipQuery<ResourceRelationship> query = getRelationshipManager().createRelationshipQuery(ResourceRelationship.class);
diff --git a/services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRelationship.java b/services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRelationship.java
index 429ea25..3c48b97 100755
--- a/services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRelationship.java
+++ b/services/src/main/java/org/keycloak/services/models/picketlink/relationships/ResourceRelationship.java
@@ -14,6 +14,7 @@ public class ResourceRelationship extends AbstractAttributedType implements Rela
private static final long serialVersionUID = 1L;
public static final AttributeParameter REALM = new AttributeParameter("realm");
+ public static final AttributeParameter RESOURCE = new AttributeParameter("resource");
public ResourceRelationship() {
}
diff --git a/services/src/main/java/org/keycloak/services/models/RealmModel.java b/services/src/main/java/org/keycloak/services/models/RealmModel.java
index 0f7811d..404f837 100755
--- a/services/src/main/java/org/keycloak/services/models/RealmModel.java
+++ b/services/src/main/java/org/keycloak/services/models/RealmModel.java
@@ -79,7 +79,7 @@ public interface RealmModel {
List<RoleModel> getRoles();
- Map<String, ResourceModel> getResourceMap();
+ Map<String, ResourceModel> getResourceNameMap();
List<ResourceModel> getResources();
@@ -110,4 +110,6 @@ public interface RealmModel {
List<RequiredCredentialModel> getOAuthClientRequiredCredentials();
boolean hasRole(UserModel user, String role);
+
+ ResourceModel getResourceById(String id);
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index 255d59a..bf2a7ca 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -1,5 +1,6 @@
package org.keycloak.services.resources.admin;
+import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.logging.Logger;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
@@ -47,7 +48,13 @@ public class RealmAdminResource {
this.realm = realm;
}
+ @Path("resources")
+ public RealmResourcesResource getResources() {
+ return new RealmResourcesResource(admin, realm);
+ }
+
@GET
+ @NoCache
@Produces("application/json")
public RealmRepresentation getRealm() {
return new Transaction() {
@@ -70,6 +77,7 @@ public class RealmAdminResource {
@Path("roles")
@GET
+ @NoCache
@Produces("application/json")
public List<RoleRepresentation> getRoles() {
return new Transaction() {
@@ -88,6 +96,7 @@ public class RealmAdminResource {
@Path("roles/{id}")
@GET
+ @NoCache
@Produces("application/json")
public RoleRepresentation getRole(final @PathParam("id") String id) {
return new Transaction() {
@@ -147,6 +156,7 @@ public class RealmAdminResource {
@Path("users")
@GET
+ @NoCache
@Produces("application/json")
public List<UserRepresentation> getUsers() {
return null;
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java
index acb6c55..2bb844d 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmResourcesResource.java
@@ -1,13 +1,28 @@
package org.keycloak.services.resources.admin;
+import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.logging.Logger;
import org.keycloak.representations.idm.ResourceRepresentation;
+import org.keycloak.services.managers.RealmManager;
+import org.keycloak.services.managers.ResourceManager;
import org.keycloak.services.models.RealmModel;
+import org.keycloak.services.models.ResourceModel;
import org.keycloak.services.models.UserModel;
+import org.keycloak.services.resources.Transaction;
+import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
+import javax.ws.rs.NotFoundException;
+import javax.ws.rs.POST;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+import java.util.ArrayList;
import java.util.List;
/**
@@ -26,7 +41,68 @@ public class RealmResourcesResource {
@GET
@Produces(MediaType.APPLICATION_JSON)
- List<ResourceRepresentation> getResources() {
- return null;
+ @NoCache
+ public List<ResourceRepresentation> getResources() {
+ return new Transaction() {
+ @Override
+ protected List<ResourceRepresentation> callImpl() {
+ List<ResourceRepresentation> rep = new ArrayList<ResourceRepresentation>();
+ List<ResourceModel> resourceModels = realm.getResources();
+ ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
+ for (ResourceModel resourceModel : resourceModels) {
+ rep.add(resourceManager.toRepresentation(resourceModel));
+ }
+ return rep;
+ }
+ }.call();
+ }
+
+ @POST
+ @Consumes(MediaType.APPLICATION_JSON)
+ public Response createResource(final @Context UriInfo uriInfo, final ResourceRepresentation rep) {
+ return new Transaction() {
+ @Override
+ protected Response callImpl() {
+ ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
+ ResourceModel resourceModel = resourceManager.createResource(realm, rep);
+ return Response.created(uriInfo.getAbsolutePathBuilder().path(resourceModel.getId()).build()).build();
+ }
+ }.call();
+ }
+
+ @Path("{id}")
+ @PUT
+ @Consumes(MediaType.APPLICATION_JSON)
+ public void update(final @PathParam("id") String id, final ResourceRepresentation rep) {
+ new Transaction() {
+ @Override
+ protected void runImpl() {
+ ResourceModel resourceModel = realm.getResourceById(id);
+ if (resourceModel == null) {
+ throw new NotFoundException();
+ }
+ ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
+ resourceManager.updateResource(rep, resourceModel);
+ }
+ }.run();
+ }
+
+
+ @Path("{id}")
+ @GET
+ @NoCache
+ @Produces(MediaType.APPLICATION_JSON)
+ public ResourceRepresentation getResource(final @PathParam("id") String id) {
+ return new Transaction() {
+ @Override
+ protected ResourceRepresentation callImpl() {
+ ResourceModel resourceModel = realm.getResourceById(id);
+ if (resourceModel == null) {
+ throw new NotFoundException();
+ }
+ ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
+ return resourceManager.toRepresentation(resourceModel);
+ }
+ }.call();
}
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
index 7980877..015f150 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@@ -1,5 +1,6 @@
package org.keycloak.services.resources.admin;
+import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.logging.Logger;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
@@ -49,6 +50,7 @@ public class RealmsAdminResource {
}
@GET
+ @NoCache
@Produces("application/json")
public Response getRealms() {
return new Transaction() {
diff --git a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
index bef77ff..ab12f38 100755
--- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
@@ -1,5 +1,6 @@
package org.keycloak.services.resources;
+import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.logging.Logger;
import org.keycloak.representations.idm.PublishedRealmRepresentation;
import org.keycloak.services.models.KeycloakSession;
@@ -37,6 +38,7 @@ public class PublicRealmResource {
}
@GET
+ @NoCache
@Produces("application/json")
public PublishedRealmRepresentation getRealm(@PathParam("realm") String id) {
return new Transaction() {
@@ -47,6 +49,7 @@ public class PublicRealmResource {
}
@GET
+ @NoCache
@Path("html")
@Produces("text/html")
public String getRealmHtml(@PathParam("realm") String id) {
diff --git a/services/src/main/java/org/keycloak/services/resources/TokenService.java b/services/src/main/java/org/keycloak/services/resources/TokenService.java
index ba4d265..4f295fe 100755
--- a/services/src/main/java/org/keycloak/services/resources/TokenService.java
+++ b/services/src/main/java/org/keycloak/services/resources/TokenService.java
@@ -1,5 +1,6 @@
package org.keycloak.services.resources;
+import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.jose.jws.JWSBuilder;
import org.jboss.resteasy.jose.jws.JWSInput;
import org.jboss.resteasy.jose.jws.crypto.RSAProvider;
@@ -381,6 +382,7 @@ public class TokenService extends AbstractLoginService {
@Path("logout")
@GET
+ @NoCache
public Response logout(final @QueryParam("redirect_uri") String redirectUri) {
return new Transaction() {
protected Response callImpl() {
diff --git a/services/src/test/resources/testrealm.json b/services/src/test/resources/testrealm.json
index c0bf2eb..7239086 100755
--- a/services/src/test/resources/testrealm.json
+++ b/services/src/test/resources/testrealm.json
@@ -76,6 +76,7 @@
"resources" : [
{
"name" : "Application",
+ "enabled" : true,
"roles" : [
{ "name" : "admin" },
{ "name" : "user" }
@@ -97,8 +98,9 @@
}
]
},
- {
+ {
"name" : "OtherApp",
+ "enabled" : true,
"roles" : [
{ "name" : "admin" },
{ "name" : "user" }
