keycloak-aplcache
Changes
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProvider.java 69(+0 -69)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProviderException.java 24(+0 -24)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProviderFactory.java 9(+0 -9)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationProviderManager.java 218(+0 -218)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthenticationSpi.java 27(+0 -27)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthProviderConstants.java 15(+0 -15)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthProviderStatus.java 12(+0 -12)
authentication/authentication-api/src/main/java/org/keycloak/authentication/AuthUser.java 83(+0 -83)
authentication/authentication-api/src/main/resources/META-INF/services/org.keycloak.provider.Spi 1(+0 -1)
authentication/authentication-model/src/main/java/org/keycloak/authentication/model/AbstractModelAuthenticationProvider.java 94(+0 -94)
authentication/authentication-model/src/main/java/org/keycloak/authentication/model/ExternalModelAuthenticationProvider.java 47(+0 -47)
authentication/authentication-model/src/main/java/org/keycloak/authentication/model/ExternalModelAuthenticationProviderFactory.java 32(+0 -32)
authentication/authentication-model/src/main/java/org/keycloak/authentication/model/ModelAuthenticationProvider.java 36(+0 -36)
authentication/authentication-model/src/main/java/org/keycloak/authentication/model/ModelAuthenticationProviderFactory.java 32(+0 -32)
authentication/authentication-model/src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticationProviderFactory 2(+0 -2)
authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.java 140(+0 -140)
authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProviderFactory.java 33(+0 -33)
authentication/authentication-picketlink/src/main/resources/META-INF/services/org.keycloak.authentication.AuthenticationProviderFactory 1(+0 -1)
core/src/main/java/org/keycloak/representations/idm/AuthenticationLinkRepresentation.java 26(+0 -26)
core/src/main/java/org/keycloak/representations/idm/AuthenticationProviderRepresentation.java 56(+0 -56)
dependencies/server-all/pom.xml 10(+0 -10)
dependencies/server-min/pom.xml 12(+0 -12)
examples/providers/pom.xml 1(+0 -1)
export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java 18(+0 -18)
federation/ldap/src/main/java/org/keycloak/federation/ldap/WritableLDAPUserModelDelegate.java 8(+0 -8)
forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/AccountSocialBean.java 2(+1 -1)
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js 179(+0 -179)
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-auth-detail.html 70(+0 -70)
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-auth-list.html 46(+0 -46)
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-ldap.html 88(+0 -88)
forms/common-themes/src/main/resources/theme/admin/base/resources/templates/kc-navigation.html 2(+0 -2)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java 13(+0 -13)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedUser.java 7(+0 -7)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java 25(+0 -25)
model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java 13(+0 -13)
model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java 129(+0 -129)
picketlink/pom.xml 1(+0 -1)
pom.xml 1(+0 -1)
services/pom.xml 6(+0 -6)
services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java 16(+0 -16)
testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java 3(+0 -3)
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/AuthProvidersIntegrationTest.java 227(+0 -227)
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java 2(+1 -1)
testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthenticationManagerTest.java 3(+0 -3)
testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthProvidersConfigTest.java 76(+0 -76)
testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthProvidersExternalModelTest.java 196(+0 -196)
Details
diff --git a/connections/jpa/src/main/resources/META-INF/persistence.xml b/connections/jpa/src/main/resources/META-INF/persistence.xml
index e2c80de..94f1fd0 100755
--- a/connections/jpa/src/main/resources/META-INF/persistence.xml
+++ b/connections/jpa/src/main/resources/META-INF/persistence.xml
@@ -8,11 +8,9 @@
<class>org.keycloak.models.jpa.entities.OAuthClientEntity</class>
<class>org.keycloak.models.jpa.entities.RealmEntity</class>
<class>org.keycloak.models.jpa.entities.RequiredCredentialEntity</class>
- <class>org.keycloak.models.jpa.entities.AuthenticationProviderEntity</class>
<class>org.keycloak.models.jpa.entities.UserFederationProviderEntity</class>
<class>org.keycloak.models.jpa.entities.RoleEntity</class>
<class>org.keycloak.models.jpa.entities.SocialLinkEntity</class>
- <class>org.keycloak.models.jpa.entities.AuthenticationLinkEntity</class>
<class>org.keycloak.models.jpa.entities.UserEntity</class>
<class>org.keycloak.models.jpa.entities.UserRequiredActionEntity</class>
<class>org.keycloak.models.jpa.entities.UserAttributeEntity</class>
diff --git a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
index ba38e99..3bb7e83 100755
--- a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
@@ -54,8 +54,6 @@ public class RealmRepresentation {
protected List<OAuthClientRepresentation> oauthClients;
protected Map<String, String> socialProviders;
protected Map<String, String> smtpServer;
- protected Map<String, String> ldapServer;
- protected List<AuthenticationProviderRepresentation> authenticationProviders;
protected List<UserFederationProviderRepresentation> userFederationProviders;
protected String loginTheme;
protected String accountTheme;
@@ -309,22 +307,6 @@ public class RealmRepresentation {
this.smtpServer = smtpServer;
}
- public Map<String, String> getLdapServer() {
- return ldapServer;
- }
-
- public void setLdapServer(Map<String, String> ldapServer) {
- this.ldapServer = ldapServer;
- }
-
- public List<AuthenticationProviderRepresentation> getAuthenticationProviders() {
- return authenticationProviders;
- }
-
- public void setAuthenticationProviders(List<AuthenticationProviderRepresentation> authenticationProviders) {
- this.authenticationProviders = authenticationProviders;
- }
-
public List<OAuthClientRepresentation> getOauthClients() {
return oauthClients;
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
index 2578983..45cac16 100755
--- a/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
@@ -20,7 +20,6 @@ public class UserRepresentation {
protected String firstName;
protected String lastName;
protected String email;
- protected AuthenticationLinkRepresentation authenticationLink;
protected String federationLink;
protected Map<String, String> attributes;
protected List<CredentialRepresentation> credentials;
@@ -101,14 +100,6 @@ public class UserRepresentation {
this.emailVerified = emailVerified;
}
- public AuthenticationLinkRepresentation getAuthenticationLink() {
- return authenticationLink;
- }
-
- public void setAuthenticationLink(AuthenticationLinkRepresentation authenticationLink) {
- this.authenticationLink = authenticationLink;
- }
-
public Map<String, String> getAttributes() {
return attributes;
}
dependencies/server-all/pom.xml 10(+0 -10)
diff --git a/dependencies/server-all/pom.xml b/dependencies/server-all/pom.xml
index 6316ed9..d36543d 100755
--- a/dependencies/server-all/pom.xml
+++ b/dependencies/server-all/pom.xml
@@ -90,11 +90,6 @@
<!-- authentication api -->
<dependency>
- <groupId>org.keycloak</groupId>
- <artifactId>keycloak-authentication-picketlink</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
<groupId>org.picketlink</groupId>
<artifactId>picketlink-common</artifactId>
</dependency>
@@ -117,11 +112,6 @@
<artifactId>keycloak-picketlink-api</artifactId>
<version>${project.version}</version>
</dependency>
- <dependency>
- <groupId>org.keycloak</groupId>
- <artifactId>keycloak-picketlink-realm</artifactId>
- <version>${project.version}</version>
- </dependency>
<!-- mongo -->
<dependency>
dependencies/server-min/pom.xml 12(+0 -12)
diff --git a/dependencies/server-min/pom.xml b/dependencies/server-min/pom.xml
index 5ae92c6..2586cc9 100755
--- a/dependencies/server-min/pom.xml
+++ b/dependencies/server-min/pom.xml
@@ -112,18 +112,6 @@
<version>${project.version}</version>
</dependency>
- <!-- authentication api -->
- <dependency>
- <groupId>org.keycloak</groupId>
- <artifactId>keycloak-authentication-api</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.keycloak</groupId>
- <artifactId>keycloak-authentication-model</artifactId>
- <version>${project.version}</version>
- </dependency>
-
<!-- timer -->
<dependency>
<groupId>org.keycloak</groupId>
examples/providers/pom.xml 1(+0 -1)
diff --git a/examples/providers/pom.xml b/examples/providers/pom.xml
index 229057d..6844c7c 100755
--- a/examples/providers/pom.xml
+++ b/examples/providers/pom.xml
@@ -27,6 +27,5 @@
<modules>
<module>audit-listener-sysout</module>
<module>audit-provider-mem</module>
- <module>authentication-properties</module>
</modules>
</project>
diff --git a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
index 4c1cc5b..d368280 100755
--- a/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
+++ b/export-import/export-import-api/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
@@ -2,7 +2,6 @@ package org.keycloak.exportimport.util;
import java.io.IOException;
import java.io.OutputStream;
-import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -18,9 +17,7 @@ import org.codehaus.jackson.JsonFactory;
import org.codehaus.jackson.JsonGenerator;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.SerializationConfig;
-import org.keycloak.exportimport.Strategy;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OAuthClientModel;
@@ -32,7 +29,6 @@ import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.ApplicationRepresentation;
-import org.keycloak.representations.idm.AuthenticationLinkRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
@@ -255,13 +251,6 @@ public class ExportUtils {
public static UserRepresentation exportUser(KeycloakSession session, RealmModel realm, UserModel user) {
UserRepresentation userRep = ModelToRepresentation.toRepresentation(user);
- // AuthenticationLink
- AuthenticationLinkModel authLink = user.getAuthenticationLink();
- if (authLink != null) {
- AuthenticationLinkRepresentation authLinkRepresentation = exportAuthLink(authLink);
- userRep.setAuthenticationLink(authLinkRepresentation);
- }
-
// Social links
Set<SocialLinkModel> socialLinks = session.users().getSocialLinks(user, realm);
List<SocialLinkRepresentation> socialLinkReps = new ArrayList<SocialLinkRepresentation>();
@@ -313,13 +302,6 @@ public class ExportUtils {
return userRep;
}
- public static AuthenticationLinkRepresentation exportAuthLink(AuthenticationLinkModel authLinkModel) {
- AuthenticationLinkRepresentation authLinkRep = new AuthenticationLinkRepresentation();
- authLinkRep.setAuthProvider(authLinkModel.getAuthProvider());
- authLinkRep.setAuthUserId(authLinkModel.getAuthUserId());
- return authLinkRep;
- }
-
public static SocialLinkRepresentation exportSocialLink(SocialLinkModel socialLink) {
SocialLinkRepresentation socialLinkRep = new SocialLinkRepresentation();
socialLinkRep.setSocialProvider(socialLink.getSocialProvider());
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/PartitionManagerRegistry.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/PartitionManagerRegistry.java
index 5c83bda..9992b87 100755
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/PartitionManagerRegistry.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/PartitionManagerRegistry.java
@@ -47,7 +47,7 @@ public class PartitionManagerRegistry {
* @param ldapConfig from realm
* @return PartitionManager instance based on LDAP store
*/
- protected PartitionManager createPartitionManager(Map<String,String> ldapConfig) {
+ public static PartitionManager createPartitionManager(Map<String,String> ldapConfig) {
IdentityConfigurationBuilder builder = new IdentityConfigurationBuilder();
Properties connectionProps = new Properties();
@@ -114,13 +114,13 @@ public class PartitionManagerRegistry {
return new DefaultPartitionManager(identityConfigs);
}
- private void checkSystemProperty(String name, String defaultValue) {
+ private static void checkSystemProperty(String name, String defaultValue) {
if (System.getProperty(name) == null) {
System.setProperty(name, defaultValue);
}
}
- private String getNameOfLDAPAttribute(String systemPropertyName, String defaultAttrName, String defaultAttrNameInActiveDirectory, boolean activeDirectory) {
+ private static String getNameOfLDAPAttribute(String systemPropertyName, String defaultAttrName, String defaultAttrNameInActiveDirectory, boolean activeDirectory) {
// System property has biggest priority if available
String sysProperty = System.getProperty(systemPropertyName);
if (sysProperty != null) {
@@ -131,7 +131,7 @@ public class PartitionManagerRegistry {
}
// Parse array of strings like [ "inetOrgPerson", "organizationalPerson" ] from the string like: "inetOrgPerson, organizationalPerson"
- private String[] getUserObjectClasses(Map<String,String> ldapConfig) {
+ private static String[] getUserObjectClasses(Map<String,String> ldapConfig) {
String objClassesCfg = ldapConfig.get(LDAPConstants.USER_OBJECT_CLASSES);
String objClassesStr = (objClassesCfg != null && objClassesCfg.length() > 0) ? objClassesCfg.trim() : "inetOrgPerson, organizationalPerson";
diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/WritableLDAPUserModelDelegate.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/WritableLDAPUserModelDelegate.java
index a98d2b8..9a68f6a 100755
--- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/WritableLDAPUserModelDelegate.java
+++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/WritableLDAPUserModelDelegate.java
@@ -1,12 +1,8 @@
package org.keycloak.federation.ldap;
import org.jboss.logging.Logger;
-import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.ModelException;
-import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.UserModelDelegate;
import org.picketlink.idm.IdentityManagementException;
@@ -16,10 +12,6 @@ import org.picketlink.idm.credential.TOTPCredential;
import org.picketlink.idm.model.basic.BasicModel;
import org.picketlink.idm.model.basic.User;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
diff --git a/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/AccountSocialBean.java b/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/AccountSocialBean.java
index ad2786c..51d71c9 100755
--- a/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/AccountSocialBean.java
+++ b/forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/AccountSocialBean.java
@@ -53,7 +53,7 @@ public class AccountSocialBean {
}
// Removing last social provider is not possible if you don't have other possibility to authenticate
- this.removeLinkPossible = availableLinks > 1 || user.getAuthenticationLink() != null;
+ this.removeLinkPossible = availableLinks > 1 || user.getFederationLink() != null;
}
private SocialLinkModel getSocialLink(Set<SocialLinkModel> userSocialLinks, String socialProviderId) {
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
index 94970f4..1bbfcf6 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
@@ -161,15 +161,6 @@ module.config([ '$routeProvider', function($routeProvider) {
},
controller : 'RealmSMTPSettingsCtrl'
})
- .when('/realms/:realm/ldap-settings', {
- templateUrl : 'partials/realm-ldap.html',
- resolve : {
- realm : function(RealmLoader) {
- return RealmLoader();
- }
- },
- controller : 'RealmLDAPSettingsCtrl'
- })
.when('/realms/:realm/audit', {
templateUrl : 'partials/realm-audit.html',
resolve : {
@@ -194,39 +185,6 @@ module.config([ '$routeProvider', function($routeProvider) {
},
controller : 'RealmAuditCtrl'
})
- .when('/realms/:realm/auth-settings', {
- templateUrl : 'partials/realm-auth-list.html',
- resolve : {
- realm : function(RealmLoader) {
- return RealmLoader();
- }
- },
- controller : 'RealmAuthSettingsCtrl'
- })
- .when('/realms/:realm/auth-settings/create', {
- templateUrl : 'partials/realm-auth-detail.html',
- resolve : {
- realm : function(RealmLoader) {
- return RealmLoader();
- },
- serverInfo : function(ServerInfoLoader) {
- return ServerInfoLoader();
- }
- },
- controller : 'RealmAuthSettingsDetailCtrl'
- })
- .when('/realms/:realm/auth-settings/:index', {
- templateUrl : 'partials/realm-auth-detail.html',
- resolve : {
- realm : function(RealmLoader) {
- return RealmLoader();
- },
- serverInfo : function(ServerInfoLoader) {
- return ServerInfoLoader();
- }
- },
- controller : 'RealmAuthSettingsDetailCtrl'
- })
.when('/create/user/:realm', {
templateUrl : 'partials/user-detail.html',
resolve : {
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js
index 03df9a7..8d456be 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js
@@ -891,185 +891,6 @@ module.controller('RealmSMTPSettingsCtrl', function($scope, Current, Realm, real
}
});
-module.controller('RealmLDAPSettingsCtrl', function($scope, $location, Notifications, Realm, realm, RealmLDAPConnectionTester) {
- console.log('RealmLDAPSettingsCtrl');
-
- $scope.ldapVendors = [
- { "id": "ad", "name": "Active Directory" },
- { "id": "rhds", "name": "Red Hat Directory Server" },
- { "id": "other", "name": "Other" }
- ];
-
- $scope.usernameLDAPAttributes = [
- "uid", "cn", "sAMAccountName"
- ];
-
- $scope.realm = realm;
-
- var oldCopy = angular.copy($scope.realm);
- $scope.changed = false;
-
- $scope.lastVendor = realm.ldapServer.vendor;
-
- $scope.$watch('realm', function() {
- if (!angular.equals($scope.realm, oldCopy)) {
- $scope.changed = true;
- }
-
- if (!angular.equals($scope.realm.ldapServer.vendor, $scope.lastVendor)) {
- console.log("LDAP vendor changed");
- $scope.lastVendor = $scope.realm.ldapServer.vendor;
-
- if ($scope.lastVendor === "ad") {
- $scope.realm.ldapServer.usernameLDAPAttribute = "cn";
- $scope.realm.ldapServer.userObjectClasses = "person, organizationalPerson";
- } else {
- $scope.realm.ldapServer.usernameLDAPAttribute = "uid";
- $scope.realm.ldapServer.userObjectClasses = "inetOrgPerson, organizationalPerson";
- }
- }
- }, true);
-
- $scope.save = function() {
- var realmCopy = angular.copy($scope.realm);
- $scope.changed = false;
- Realm.update(realmCopy, function () {
- $location.url("/realms/" + realm.realm + "/ldap-settings");
- Notifications.success("Your changes have been saved to the realm.");
- });
- };
-
- $scope.reset = function() {
- $scope.realm = angular.copy(oldCopy);
- $scope.changed = false;
- $scope.lastVendor = $scope.realm.ldapServer.vendor;
- };
-
- var initConnectionTest = function(testAction, ldapConfig) {
- return {
- action: testAction,
- realm: $scope.realm.realm,
- connectionUrl: ldapConfig.connectionUrl,
- bindDn: ldapConfig.bindDn,
- bindCredential: ldapConfig.bindCredential
- };
- };
-
- $scope.testConnection = function() {
- console.log('RealmLDAPSettingsCtrl: testConnection');
- RealmLDAPConnectionTester.get(initConnectionTest("testConnection", $scope.realm.ldapServer), function() {
- Notifications.success("LDAP connection successful.");
- }, function() {
- Notifications.error("Error when trying to connect to LDAP. See server.log for details.");
- });
- }
-
- $scope.testAuthentication = function() {
- console.log('RealmLDAPSettingsCtrl: testAuthentication');
- RealmLDAPConnectionTester.get(initConnectionTest("testAuthentication", $scope.realm.ldapServer), function() {
- Notifications.success("LDAP authentication successful.");
- }, function() {
- Notifications.error("LDAP authentication failed. See server.log for details");
- });
- }
-});
-
-module.controller('RealmAuthSettingsCtrl', function($scope, realm) {
- console.log('RealmAuthSettingsCtrl');
-
- $scope.realm = realm;
- $scope.authenticationProviders = realm.authenticationProviders;
-});
-
-module.controller('RealmAuthSettingsDetailCtrl', function($scope, $routeParams, $location, Notifications, Dialog, Realm, realm, serverInfo) {
- console.log('RealmAuthSettingsDetailCtrl');
-
- $scope.realm = realm;
- $scope.availableProviders = serverInfo.authProviders;
- $scope.availableProviderNames = Object.keys(serverInfo.authProviders);
-
- $scope.create = !$routeParams.index;
- $scope.changed = false;
-
- if ($scope.create) {
- $scope.authProvider = {
- passwordUpdateSupported: true,
- config: {}
- };
-
- $scope.authProviderOptionNames = [];
- } else {
- $scope.authProvider = realm.authenticationProviders[ $routeParams.index ];
- if (!$scope.authProvider.config) {
- $scope.authProvider.config = {};
- }
-
- $scope.authProviderOptionNames = serverInfo.authProviders[ $scope.authProvider.providerName ];
- $scope.authProviderIndex = $routeParams.index;
- }
-
- var oldCopy = angular.copy($scope.authProvider);
- $scope.$watch('authProvider', function() {
- if (!angular.equals($scope.authProvider, oldCopy)) {
- $scope.changed = true;
- }
- }, true);
-
- $scope.changeAuthProvider = function() {
- console.log('RealmAuthSettingsDetailCtrl: provider changed to ' + $scope.authProvider.providerName);
- $scope.authProviderOptionNames = serverInfo.authProviders[ $scope.authProvider.providerName ];
- }
-
- $scope.cancel = function() {
- $location.url("/realms/" + realm.realm + "/auth-settings");
- }
-
- $scope.reset = function() {
- $scope.authProvider = angular.copy(oldCopy);
- $scope.changed = false;
- }
-
- $scope.save = function() {
- if (!$scope.authProvider.providerName) {
- console.log('RealmAuthSettingsDetailCtrl: no provider selected. Skip creation');
- return;
- }
-
- console.log('RealmAuthSettingsDetailCtrl: creating provider ' + $scope.authProvider.providerName);
- var realmCopy = angular.copy($scope.realm);
- if (!realmCopy.authenticationProviders) {
- realmCopy.authenticationProviders = [];
- }
-
- if ($scope.create) {
- realmCopy.authenticationProviders.push($scope.authProvider);
- } else {
- realmCopy.authenticationProviders[ $scope.authProviderIndex ] = $scope.authProvider;
- }
-
- $scope.changed = false;
- Realm.update(realmCopy, function () {
- $location.url("/realms/" + realm.realm + "/auth-settings");
- Notifications.success("Authentication provider has been saved.");
- });
- };
-
- $scope.remove = function() {
- Dialog.confirmDelete($scope.realm.authenticationProviders.providerName, 'authentication Provider', function() {
- console.log('RealmAuthSettingsDetailCtrl: deleting provider ' + $scope.authProvider.providerName);
-
- var realmCopy = angular.copy($scope.realm);
- realmCopy.authenticationProviders.splice($scope.authProviderIndex, 1);
-
- $scope.changed = false;
- Realm.update(realmCopy, function () {
- $location.url("/realms/" + realm.realm + "/auth-settings");
- Notifications.success("Authentication provider has been deleted.");
- });
- });
- };
-});
-
module.controller('RealmAuditCtrl', function($scope, auditConfig, RealmAudit, RealmAuditEvents, realm, serverInfo, $location, Notifications, TimeUnit, Dialog) {
$scope.realm = realm;
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
index 2b17931..66441dd 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
@@ -564,7 +564,7 @@ module.controller('LDAPCtrl', function($scope, $location, Notifications, Dialog,
$scope.testAuthentication = function() {
console.log('LDAPCtrl: testAuthentication');
- RealmLDAPConnectionTester.get(initConnectionTest("testAuthentication", $scope.realm.ldapServer), function() {
+ RealmLDAPConnectionTester.get(initConnectionTest("testAuthentication", $scope.instance.config), function() {
Notifications.success("LDAP authentication successful.");
}, function() {
Notifications.error("LDAP authentication failed. See server.log for details");
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/templates/kc-navigation.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/templates/kc-navigation.html
index 4268729..d684fc5 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/templates/kc-navigation.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/templates/kc-navigation.html
@@ -6,6 +6,4 @@
<li ng-class="{active: path[2] == 'required-credentials'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/required-credentials">Credentials</a></li>
<li ng-class="{active: path[2] == 'keys-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/keys-settings">Keys</a></li>
<li ng-class="{active: path[2] == 'smtp-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/smtp-settings">Email</a></li>
- <li ng-class="{active: path[2] == 'ldap-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/ldap-settings">Ldap</a></li>
- <li ng-class="{active: path[2] == 'auth-settings'}" data-ng-show="access.viewRealm"><a href="#/realms/{{realm.realm}}/auth-settings">Authentication</a></li>
</ul>
\ No newline at end of file
diff --git a/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java b/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
index 59ac516..8d3779b 100755
--- a/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
+++ b/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
@@ -50,12 +50,10 @@ public class RealmEntity extends AbstractIdentifiableEntity {
private List<String> defaultRoles = new ArrayList<String>();
private List<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
- private List<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
private List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
private Map<String, String> smtpConfig = new HashMap<String, String>();
private Map<String, String> socialConfig = new HashMap<String, String>();
- private Map<String, String> ldapServerConfig = new HashMap<String, String>();
private boolean auditEnabled;
private long auditExpiration;
@@ -319,14 +317,6 @@ public class RealmEntity extends AbstractIdentifiableEntity {
this.requiredCredentials = requiredCredentials;
}
- public List<AuthenticationProviderEntity> getAuthenticationProviders() {
- return authenticationProviders;
- }
-
- public void setAuthenticationProviders(List<AuthenticationProviderEntity> authenticationProviders) {
- this.authenticationProviders = authenticationProviders;
- }
-
public Map<String, String> getSmtpConfig() {
return smtpConfig;
}
@@ -343,14 +333,6 @@ public class RealmEntity extends AbstractIdentifiableEntity {
this.socialConfig = socialConfig;
}
- public Map<String, String> getLdapServerConfig() {
- return ldapServerConfig;
- }
-
- public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
- this.ldapServerConfig = ldapServerConfig;
- }
-
public boolean isAuditEnabled() {
return auditEnabled;
}
diff --git a/model/api/src/main/java/org/keycloak/models/entities/UserEntity.java b/model/api/src/main/java/org/keycloak/models/entities/UserEntity.java
index 9aa0b0b..50be198 100755
--- a/model/api/src/main/java/org/keycloak/models/entities/UserEntity.java
+++ b/model/api/src/main/java/org/keycloak/models/entities/UserEntity.java
@@ -27,7 +27,6 @@ public class UserEntity extends AbstractIdentifiableEntity {
private List<UserModel.RequiredAction> requiredActions;
private List<CredentialEntity> credentials = new ArrayList<CredentialEntity>();
private List<SocialLinkEntity> socialLinks;
- private AuthenticationLinkEntity authenticationLink;
private String federationLink;
public String getUsername() {
@@ -134,14 +133,6 @@ public class UserEntity extends AbstractIdentifiableEntity {
this.socialLinks = socialLinks;
}
- public AuthenticationLinkEntity getAuthenticationLink() {
- return authenticationLink;
- }
-
- public void setAuthenticationLink(AuthenticationLinkEntity authenticationLink) {
- this.authenticationLink = authenticationLink;
- }
-
public String getFederationLink() {
return federationLink;
}
diff --git a/model/api/src/main/java/org/keycloak/models/KeycloakSession.java b/model/api/src/main/java/org/keycloak/models/KeycloakSession.java
index 506d211..3dc38e5 100755
--- a/model/api/src/main/java/org/keycloak/models/KeycloakSession.java
+++ b/model/api/src/main/java/org/keycloak/models/KeycloakSession.java
@@ -51,7 +51,7 @@ public interface KeycloakSession {
*
* @return
*/
- UserProvider users();
+ UserFederationManager users();
/**
* Keycloak user storage. Non-federated, but possibly cache (if it is on) view of users.
diff --git a/model/api/src/main/java/org/keycloak/models/RealmModel.java b/model/api/src/main/java/org/keycloak/models/RealmModel.java
index 1fe666d..633756f 100755
--- a/model/api/src/main/java/org/keycloak/models/RealmModel.java
+++ b/model/api/src/main/java/org/keycloak/models/RealmModel.java
@@ -159,14 +159,6 @@ public interface RealmModel extends RoleContainerModel {
void setSocialConfig(Map<String, String> socialConfig);
- Map<String, String> getLdapServerConfig();
-
- void setLdapServerConfig(Map<String, String> ldapServerConfig);
-
- List<AuthenticationProviderModel> getAuthenticationProviders();
-
- void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders);
-
List<UserFederationProviderModel> getUserFederationProviders();
UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName);
diff --git a/model/api/src/main/java/org/keycloak/models/UserFederationManager.java b/model/api/src/main/java/org/keycloak/models/UserFederationManager.java
index aa197d2..489fb4e 100755
--- a/model/api/src/main/java/org/keycloak/models/UserFederationManager.java
+++ b/model/api/src/main/java/org/keycloak/models/UserFederationManager.java
@@ -302,16 +302,27 @@ public class UserFederationManager implements UserProvider {
session.userStorage().preRemove(realm, role);
}
+ public void updateCredential(RealmModel realm, UserModel user, UserCredentialModel credential) {
+ if (credential.getType().equals(UserCredentialModel.PASSWORD)) {
+ if (realm.getPasswordPolicy() != null) {
+ String error = realm.getPasswordPolicy().validate(credential.getValue());
+ if (error != null) throw new ModelException(error);
+ }
+ }
+ user.updateCredential(credential);
+ }
+
@Override
public boolean validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input) {
UserFederationProvider link = getFederationLink(realm, user);
if (link != null) {
validateUser(realm, user);
- if (link.getSupportedCredentialTypes(user).size() > 0) {
+ Set<String> supportedCredentialTypes = link.getSupportedCredentialTypes(user);
+ if (supportedCredentialTypes.size() > 0) {
List<UserCredentialModel> fedCreds = new ArrayList<UserCredentialModel>();
List<UserCredentialModel> localCreds = new ArrayList<UserCredentialModel>();
for (UserCredentialModel cred : input) {
- if (fedCreds.contains(cred.getType())) {
+ if (supportedCredentialTypes.contains(cred.getType())) {
fedCreds.add(cred);
} else {
localCreds.add(cred);
diff --git a/model/api/src/main/java/org/keycloak/models/UserModel.java b/model/api/src/main/java/org/keycloak/models/UserModel.java
index 52f398e..1047ad2 100755
--- a/model/api/src/main/java/org/keycloak/models/UserModel.java
+++ b/model/api/src/main/java/org/keycloak/models/UserModel.java
@@ -64,12 +64,6 @@ public interface UserModel {
void updateCredentialDirectly(UserCredentialValueModel cred);
- AuthenticationLinkModel getAuthenticationLink();
-
- void setAuthenticationLink(AuthenticationLinkModel authenticationLink);
-
-
-
Set<RoleModel> getRealmRoleMappings();
Set<RoleModel> getApplicationRoleMappings(ApplicationModel app);
boolean hasRole(RoleModel role);
diff --git a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
index b6495ab..c201a77 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -1,7 +1,6 @@
package org.keycloak.models.utils;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClaimMask;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientSessionModel;
@@ -17,7 +16,6 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.ApplicationRepresentation;
-import org.keycloak.representations.idm.AuthenticationProviderRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
@@ -107,7 +105,6 @@ public class ModelToRepresentation {
rep.setAccessCodeLifespanUserAction(realm.getAccessCodeLifespanUserAction());
rep.setSmtpServer(realm.getSmtpConfig());
rep.setSocialProviders(realm.getSocialConfig());
- rep.setLdapServer(realm.getLdapServerConfig());
rep.setAccountTheme(realm.getAccountTheme());
rep.setLoginTheme(realm.getLoginTheme());
rep.setAdminTheme(realm.getAdminTheme());
@@ -133,18 +130,6 @@ public class ModelToRepresentation {
}
}
- List<AuthenticationProviderModel> authProviderModels = realm.getAuthenticationProviders();
- if (authProviderModels.size() > 0) {
- List<AuthenticationProviderRepresentation> authProviderReps = new ArrayList<AuthenticationProviderRepresentation>();
- for (AuthenticationProviderModel model : authProviderModels) {
- AuthenticationProviderRepresentation authProvRep = new AuthenticationProviderRepresentation();
- authProvRep.setProviderName(model.getProviderName());
- authProvRep.setPasswordUpdateSupported(model.isPasswordUpdateSupported());
- authProvRep.setConfig(model.getConfig());
- authProviderReps.add(authProvRep);
- }
- rep.setAuthenticationProviders(authProviderReps);
- }
List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders();
if (fedProviderModels.size() > 0) {
List<UserFederationProviderRepresentation> fedProviderReps = new ArrayList<UserFederationProviderRepresentation>();
diff --git a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
index c7ab432..ca22cf0 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
@@ -3,8 +3,6 @@ package org.keycloak.models.utils;
import net.iharder.Base64;
import org.jboss.logging.Logger;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClaimMask;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserFederationProviderModel;
@@ -20,8 +18,6 @@ import org.keycloak.models.UserModel;
import org.keycloak.enums.SslRequired;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.ApplicationRepresentation;
-import org.keycloak.representations.idm.AuthenticationLinkRepresentation;
-import org.keycloak.representations.idm.AuthenticationProviderRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
@@ -34,7 +30,6 @@ import org.keycloak.representations.idm.UserRepresentation;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
@@ -204,18 +199,6 @@ public class RepresentationToModel {
if (rep.getSocialProviders() != null) {
newRealm.setSocialConfig(new HashMap(rep.getSocialProviders()));
}
- if (rep.getLdapServer() != null) {
- newRealm.setLdapServerConfig(new HashMap(rep.getLdapServer()));
- }
-
- if (rep.getAuthenticationProviders() != null) {
- List<AuthenticationProviderModel> authProviderModels = convertAuthenticationProviders(rep.getAuthenticationProviders());
- newRealm.setAuthenticationProviders(authProviderModels);
- } else {
- List<AuthenticationProviderModel> authProviderModels = Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER);
- newRealm.setAuthenticationProviders(authProviderModels);
- }
-
if (rep.getUserFederationProviders() != null) {
List<UserFederationProviderModel> providerModels = convertFederationProviders(rep.getUserFederationProviders());
newRealm.setUserFederationProviders(providerModels);
@@ -280,14 +263,6 @@ public class RepresentationToModel {
realm.setSocialConfig(new HashMap(rep.getSocialProviders()));
}
- if (rep.getLdapServer() != null) {
- realm.setLdapServerConfig(new HashMap(rep.getLdapServer()));
- }
- if (rep.getAuthenticationProviders() != null) {
- List<AuthenticationProviderModel> authProviderModels = convertAuthenticationProviders(rep.getAuthenticationProviders());
- realm.setAuthenticationProviders(authProviderModels);
- }
-
if (rep.getUserFederationProviders() != null) {
List<UserFederationProviderModel> providerModels = convertFederationProviders(rep.getUserFederationProviders());
realm.setUserFederationProviders(providerModels);
@@ -305,17 +280,6 @@ public class RepresentationToModel {
}
- private static List<AuthenticationProviderModel> convertAuthenticationProviders(List<AuthenticationProviderRepresentation> authenticationProviders) {
- List<AuthenticationProviderModel> result = new ArrayList<AuthenticationProviderModel>();
-
- for (AuthenticationProviderRepresentation representation : authenticationProviders) {
- AuthenticationProviderModel model = new AuthenticationProviderModel(representation.getProviderName(),
- representation.isPasswordUpdateSupported(), representation.getConfig());
- result.add(model);
- }
- return result;
- }
-
private static List<UserFederationProviderModel> convertFederationProviders(List<UserFederationProviderRepresentation> providers) {
List<UserFederationProviderModel> result = new ArrayList<UserFederationProviderModel>();
@@ -624,11 +588,6 @@ public class RepresentationToModel {
updateCredential(user, cred);
}
}
- if (userRep.getAuthenticationLink() != null) {
- AuthenticationLinkRepresentation link = userRep.getAuthenticationLink();
- AuthenticationLinkModel authLink = new AuthenticationLinkModel(link.getAuthProvider(), link.getAuthUserId());
- user.setAuthenticationLink(authLink);
- }
if (userRep.getSocialLinks() != null) {
for (SocialLinkRepresentation socialLink : userRep.getSocialLinks()) {
SocialLinkModel mappingModel = new SocialLinkModel(socialLink.getSocialProvider(), socialLink.getSocialUserId(), socialLink.getSocialUsername());
diff --git a/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java b/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java
index cabdc56..90f54bd 100755
--- a/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/UserModelDelegate.java
@@ -1,7 +1,6 @@
package org.keycloak.models.utils;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
@@ -148,16 +147,6 @@ public class UserModelDelegate implements UserModel {
}
@Override
- public AuthenticationLinkModel getAuthenticationLink() {
- return delegate.getAuthenticationLink();
- }
-
- @Override
- public void setAuthenticationLink(AuthenticationLinkModel authenticationLink) {
- delegate.setAuthenticationLink(authenticationLink);
- }
-
- @Override
public Set<RoleModel> getRealmRoleMappings() {
return delegate.getRealmRoleMappings();
}
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
index 6900ad3..fc8cc0b 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
@@ -1,7 +1,6 @@
package org.keycloak.models.cache.entities;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.OAuthClientModel;
@@ -65,12 +64,10 @@ public class CachedRealm {
private String masterAdminApp;
private List<RequiredCredentialModel> requiredCredentials = new ArrayList<RequiredCredentialModel>();
- private List<AuthenticationProviderModel> authenticationProviders = new ArrayList<AuthenticationProviderModel>();
private List<UserFederationProviderModel> userFederationProviders = new ArrayList<UserFederationProviderModel>();
private Map<String, String> smtpConfig = new HashMap<String, String>();
private Map<String, String> socialConfig = new HashMap<String, String>();
- private Map<String, String> ldapServerConfig = new HashMap<String, String>();
private boolean auditEnabled;
private long auditExpiration;
@@ -122,12 +119,10 @@ public class CachedRealm {
emailTheme = model.getEmailTheme();
requiredCredentials = model.getRequiredCredentials();
- authenticationProviders = model.getAuthenticationProviders();
userFederationProviders = model.getUserFederationProviders();
smtpConfig.putAll(model.getSmtpConfig());
socialConfig.putAll(model.getSocialConfig());
- ldapServerConfig.putAll(model.getLdapServerConfig());
auditEnabled = model.isAuditEnabled();
auditExpiration = model.getAuditExpiration();
@@ -292,14 +287,6 @@ public class CachedRealm {
return socialConfig;
}
- public Map<String, String> getLdapServerConfig() {
- return ldapServerConfig;
- }
-
- public List<AuthenticationProviderModel> getAuthenticationProviders() {
- return authenticationProviders;
- }
-
public String getLoginTheme() {
return loginTheme;
}
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedUser.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedUser.java
index a376012..1e247a7 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedUser.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedUser.java
@@ -1,6 +1,5 @@
package org.keycloak.models.cache.entities;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialValueModel;
@@ -27,7 +26,6 @@ public class CachedUser {
private List<UserCredentialValueModel> credentials = new LinkedList<UserCredentialValueModel>();
private boolean enabled;
private boolean totp;
- private AuthenticationLinkModel authenticationLink;
private String federationLink;
private Map<String, String> attributes = new HashMap<String, String>();
private Set<UserModel.RequiredAction> requiredActions = new HashSet<UserModel.RequiredAction>();
@@ -47,7 +45,6 @@ public class CachedUser {
this.totp = user.isTotp();
this.federationLink = user.getFederationLink();
this.requiredActions.addAll(user.getRequiredActions());
- this.authenticationLink = user.getAuthenticationLink();
for (RoleModel role : user.getRoleMappings()) {
roleMappings.add(role.getId());
}
@@ -101,10 +98,6 @@ public class CachedUser {
return roleMappings;
}
- public AuthenticationLinkModel getAuthenticationLink() {
- return authenticationLink;
- }
-
public String getFederationLink() {
return federationLink;
}
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
index 7964c9d..a8f1d61 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
@@ -2,7 +2,6 @@ package org.keycloak.models.cache;
import org.keycloak.Config;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.OAuthClientModel;
@@ -583,30 +582,6 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public Map<String, String> getLdapServerConfig() {
- if (updated != null) return updated.getLdapServerConfig();
- return cached.getLdapServerConfig();
- }
-
- @Override
- public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
- getDelegateForUpdate();
- updated.setLdapServerConfig(ldapServerConfig);
- }
-
- @Override
- public List<AuthenticationProviderModel> getAuthenticationProviders() {
- if (updated != null) return updated.getAuthenticationProviders();
- return cached.getAuthenticationProviders();
- }
-
- @Override
- public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
- getDelegateForUpdate();
- updated.setAuthenticationProviders(authenticationProviders);
- }
-
- @Override
public List<UserFederationProviderModel> getUserFederationProviders() {
if (updated != null) return updated.getUserFederationProviders();
return cached.getUserFederationProviders();
diff --git a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java
index 9f4ffe3..14aea05 100755
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/UserAdapter.java
@@ -1,7 +1,6 @@
package org.keycloak.models.cache;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
@@ -192,18 +191,6 @@ public class UserAdapter implements UserModel {
}
@Override
- public AuthenticationLinkModel getAuthenticationLink() {
- if (updated != null) return updated.getAuthenticationLink();
- return cached.getAuthenticationLink();
- }
-
- @Override
- public void setAuthenticationLink(AuthenticationLinkModel authenticationLink) {
- getDelegateForUpdate();
- updated.setAuthenticationLink(authenticationLink);
- }
-
- @Override
public String getFederationLink() {
if (updated != null) return updated.getFederationLink();
return cached.getFederationLink();
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
index edf244d..39e35c1 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
@@ -112,9 +112,6 @@ public class RealmEntity {
Collection<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
- @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
- List<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
-
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="FED_PROVIDERS")
List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
@@ -138,12 +135,6 @@ public class RealmEntity {
@CollectionTable(name="REALM_SOCIAL_CONFIG", joinColumns={ @JoinColumn(name="REALM_ID") })
protected Map<String, String> socialConfig = new HashMap<String, String>();
- @ElementCollection
- @MapKeyColumn(name="NAME")
- @Column(name="VALUE")
- @CollectionTable(name="REALM_LDAP_CONFIG", joinColumns={ @JoinColumn(name="REALM_ID") })
- protected Map<String, String> ldapServerConfig = new HashMap<String, String>();
-
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="REALM_DEFAULT_ROLES", joinColumns = { @JoinColumn(name="REALM_ID")}, inverseJoinColumns = { @JoinColumn(name="ROLE_ID")})
protected Collection<RoleEntity> defaultRoles = new ArrayList<RoleEntity>();
@@ -314,14 +305,6 @@ public class RealmEntity {
this.requiredCredentials = requiredCredentials;
}
- public List<AuthenticationProviderEntity> getAuthenticationProviders() {
- return authenticationProviders;
- }
-
- public void setAuthenticationProviders(List<AuthenticationProviderEntity> authenticationProviders) {
- this.authenticationProviders = authenticationProviders;
- }
-
public Collection<ApplicationEntity> getApplications() {
return applications;
}
@@ -361,14 +344,6 @@ public class RealmEntity {
this.socialConfig = socialConfig;
}
- public Map<String, String> getLdapServerConfig() {
- return ldapServerConfig;
- }
-
- public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
- this.ldapServerConfig = ldapServerConfig;
- }
-
public Collection<RoleEntity> getDefaultRoles() {
return defaultRoles;
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java
index 31e139a..9180184 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java
@@ -85,9 +85,6 @@ public class UserEntity {
@Column(name="federation_link")
protected String federationLink;
- @OneToMany(cascade = CascadeType.REMOVE, orphanRemoval = true, mappedBy="user")
- protected Collection<AuthenticationLinkEntity> authenticationLink;
-
public String getId() {
return id;
}
@@ -193,14 +190,6 @@ public class UserEntity {
this.credentials = credentials;
}
- public Collection<AuthenticationLinkEntity> getAuthenticationLink() {
- return authenticationLink;
- }
-
- public void setAuthenticationLink(Collection<AuthenticationLinkEntity> authenticationLink) {
- this.authenticationLink = authenticationLink;
- }
-
public String getFederationLink() {
return federationLink;
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
index b3e5bf7..326c3aa 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
@@ -8,7 +8,6 @@ import org.keycloak.models.SocialLinkModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
-import org.keycloak.models.jpa.entities.AuthenticationLinkEntity;
import org.keycloak.models.jpa.entities.SocialLinkEntity;
import org.keycloak.models.jpa.entities.UserEntity;
import org.keycloak.models.utils.CredentialValidation;
@@ -80,11 +79,6 @@ public class JpaUserProvider implements UserProvider {
private void removeUser(UserEntity user) {
em.createNamedQuery("deleteUserRoleMappingsByUser").setParameter("user", user).executeUpdate();
em.createNamedQuery("deleteSocialLinkByUser").setParameter("user", user).executeUpdate();
- if (user.getAuthenticationLink() != null) {
- for (AuthenticationLinkEntity l : user.getAuthenticationLink()) {
- em.remove(l);
- }
- }
em.remove(user);
}
@@ -127,8 +121,6 @@ public class JpaUserProvider implements UserProvider {
.setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteUserAttributesByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
- num = em.createNamedQuery("deleteAuthenticationLinksByRealm")
- .setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteUsersByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index aaab7fe..9822e98 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -1,7 +1,6 @@
package org.keycloak.models.jpa;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.enums.SslRequired;
@@ -13,7 +12,6 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.jpa.entities.ApplicationEntity;
-import org.keycloak.models.jpa.entities.AuthenticationProviderEntity;
import org.keycloak.models.jpa.entities.OAuthClientEntity;
import org.keycloak.models.jpa.entities.RealmEntity;
import org.keycloak.models.jpa.entities.RequiredCredentialEntity;
@@ -661,74 +659,6 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public Map<String, String> getLdapServerConfig() {
- return realm.getLdapServerConfig();
- }
-
- @Override
- public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
- realm.setLdapServerConfig(ldapServerConfig);
- em.flush();
- }
-
- @Override
- public List<AuthenticationProviderModel> getAuthenticationProviders() {
- List<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
- List<AuthenticationProviderEntity> copy = new ArrayList<AuthenticationProviderEntity>();
- for (AuthenticationProviderEntity entity : entities) {
- copy.add(entity);
-
- }
- Collections.sort(copy, new Comparator<AuthenticationProviderEntity>() {
-
- @Override
- public int compare(AuthenticationProviderEntity o1, AuthenticationProviderEntity o2) {
- return o1.getPriority() - o2.getPriority();
- }
-
- });
- List<AuthenticationProviderModel> result = new ArrayList<AuthenticationProviderModel>();
- for (AuthenticationProviderEntity entity : copy) {
- result.add(new AuthenticationProviderModel(entity.getProviderName(), entity.isPasswordUpdateSupported(), entity.getConfig()));
- }
-
- return result;
- }
-
- @Override
- public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
- List<AuthenticationProviderEntity> newEntities = new ArrayList<AuthenticationProviderEntity>();
- int counter = 1;
- for (AuthenticationProviderModel model : authenticationProviders) {
- AuthenticationProviderEntity entity = new AuthenticationProviderEntity();
- entity.setRealm(realm);
- entity.setProviderName(model.getProviderName());
- entity.setPasswordUpdateSupported(model.isPasswordUpdateSupported());
- entity.setConfig(model.getConfig());
- entity.setPriority(counter++);
- newEntities.add(entity);
- }
-
- // Remove all existing first
- Collection<AuthenticationProviderEntity> existing = realm.getAuthenticationProviders();
- Collection<AuthenticationProviderEntity> copy = new ArrayList<AuthenticationProviderEntity>(existing);
- for (AuthenticationProviderEntity apToRemove : copy) {
- existing.remove(apToRemove);
- em.remove(apToRemove);
- }
-
- em.flush();
-
- // Now create all new providers
- for (AuthenticationProviderEntity apToAdd : newEntities) {
- existing.add(apToAdd);
- em.persist(apToAdd);
- }
-
- em.flush();
- }
-
- @Override
public List<UserFederationProviderModel> getUserFederationProviders() {
List<UserFederationProviderEntity> entities = realm.getUserFederationProviders();
List<UserFederationProviderEntity> copy = new ArrayList<UserFederationProviderEntity>();
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java
index 949efba..5ef06fa 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/UserAdapter.java
@@ -1,7 +1,6 @@
package org.keycloak.models.jpa;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
@@ -9,7 +8,6 @@ import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
-import org.keycloak.models.jpa.entities.AuthenticationLinkEntity;
import org.keycloak.models.jpa.entities.CredentialEntity;
import org.keycloak.models.jpa.entities.UserAttributeEntity;
import org.keycloak.models.jpa.entities.UserEntity;
@@ -21,11 +19,9 @@ import org.keycloak.models.utils.Pbkdf2PasswordEncoder;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.util.ArrayList;
-import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
-import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -384,36 +380,6 @@ public class UserAdapter implements UserModel {
}
@Override
- public AuthenticationLinkModel getAuthenticationLink() {
- Collection<AuthenticationLinkEntity> col = user.getAuthenticationLink();
- if (col == null || col.isEmpty()) {
- return null;
- }
- AuthenticationLinkEntity authLinkEntity = col.iterator().next();
- return new AuthenticationLinkModel(authLinkEntity.getAuthProvider(), authLinkEntity.getAuthUserId());
- }
-
- @Override
- public void setAuthenticationLink(AuthenticationLinkModel authenticationLink) {
- AuthenticationLinkEntity entity = new AuthenticationLinkEntity();
- entity.setAuthProvider(authenticationLink.getAuthProvider());
- entity.setAuthUserId(authenticationLink.getAuthUserId());
- entity.setUser(user);
-
- if (user.getAuthenticationLink() == null) {
- user.setAuthenticationLink(new LinkedList<AuthenticationLinkEntity>());
- } else if (!user.getAuthenticationLink().isEmpty()) {
- AuthenticationLinkEntity old = user.getAuthenticationLink().iterator().next();
- user.getAuthenticationLink().clear();
- em.remove(old);
- }
-
- user.getAuthenticationLink().add(entity);
- em.persist(entity);
- em.flush();
- }
-
- @Override
public String getFederationLink() {
return user.getFederationLink();
}
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
index 0b549ab..ea75bb1 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@@ -5,7 +5,6 @@ import com.mongodb.QueryBuilder;
import org.jboss.logging.Logger;
import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.entities.UserFederationProviderEntity;
@@ -16,7 +15,6 @@ import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
-import org.keycloak.models.entities.AuthenticationProviderEntity;
import org.keycloak.models.entities.RequiredCredentialEntity;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.mongo.keycloak.entities.MongoApplicationEntity;
@@ -759,43 +757,6 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
}
@Override
- public Map<String, String> getLdapServerConfig() {
- return realm.getLdapServerConfig();
- }
-
- @Override
- public void setLdapServerConfig(Map<String, String> ldapServerConfig) {
- realm.setLdapServerConfig(ldapServerConfig);
- updateRealm();
- }
-
- @Override
- public List<AuthenticationProviderModel> getAuthenticationProviders() {
- List<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
- List<AuthenticationProviderModel> result = new ArrayList<AuthenticationProviderModel>();
- for (AuthenticationProviderEntity entity : entities) {
- result.add(new AuthenticationProviderModel(entity.getProviderName(), entity.isPasswordUpdateSupported(), entity.getConfig()));
- }
-
- return result;
- }
-
- @Override
- public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
- List<AuthenticationProviderEntity> entities = new ArrayList<AuthenticationProviderEntity>();
- for (AuthenticationProviderModel model : authenticationProviders) {
- AuthenticationProviderEntity entity = new AuthenticationProviderEntity();
- entity.setProviderName(model.getProviderName());
- entity.setPasswordUpdateSupported(model.isPasswordUpdateSupported());
- entity.setConfig(model.getConfig());
- entities.add(entity);
- }
-
- realm.setAuthenticationProviders(entities);
- updateRealm();
- }
-
- @Override
public UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName) {
UserFederationProviderEntity entity = new UserFederationProviderEntity();
entity.setId(KeycloakModelUtils.generateId());
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
index 1d30a5b..746e1bc 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
@@ -2,7 +2,6 @@ package org.keycloak.models.mongo.keycloak.adapters;
import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
@@ -10,7 +9,6 @@ import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
-import org.keycloak.models.entities.AuthenticationLinkEntity;
import org.keycloak.models.entities.CredentialEntity;
import org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity;
import org.keycloak.models.mongo.keycloak.entities.MongoUserEntity;
@@ -342,27 +340,6 @@ public class UserAdapter extends AbstractMongoAdapter<MongoUserEntity> implement
}
@Override
- public AuthenticationLinkModel getAuthenticationLink() {
- AuthenticationLinkEntity authLinkEntity = user.getAuthenticationLink();
-
- if (authLinkEntity == null) {
- return null;
- } else {
- return new AuthenticationLinkModel(authLinkEntity.getAuthProvider(), authLinkEntity.getAuthUserId());
- }
- }
-
- @Override
- public void setAuthenticationLink(AuthenticationLinkModel authenticationLink) {
- AuthenticationLinkEntity authLinkEntity = new AuthenticationLinkEntity();
- authLinkEntity.setAuthProvider(authenticationLink.getAuthProvider());
- authLinkEntity.setAuthUserId(authenticationLink.getAuthUserId());
- user.setAuthenticationLink(authLinkEntity);
-
- getMongoStore().updateEntity(user, invocationContext);
- }
-
- @Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || !(o instanceof UserModel)) return false;
picketlink/pom.xml 1(+0 -1)
diff --git a/picketlink/pom.xml b/picketlink/pom.xml
index dc07ca5..30d9b06 100755
--- a/picketlink/pom.xml
+++ b/picketlink/pom.xml
@@ -17,7 +17,6 @@
<modules>
<module>keycloak-picketlink-api</module>
- <module>keycloak-picketlink-realm</module>
</modules>
pom.xml 1(+0 -1)
diff --git a/pom.xml b/pom.xml
index 65cf8bd..6e8c88d 100755
--- a/pom.xml
+++ b/pom.xml
@@ -96,7 +96,6 @@
<modules>
<module>audit</module>
- <module>authentication</module>
<module>core</module>
<module>core-jaxrs</module>
<module>connections</module>
services/pom.xml 6(+0 -6)
diff --git a/services/pom.xml b/services/pom.xml
index 0f82346..d52cf59 100755
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -75,12 +75,6 @@
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
- <artifactId>keycloak-authentication-api</artifactId>
- <version>${project.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.keycloak</groupId>
<artifactId>keycloak-social-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
index b6b55c8..bf17429 100755
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
@@ -127,7 +127,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
@Override
- public UserProvider users() {
+ public UserFederationManager users() {
return federationManager;
}
diff --git a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
index 4d149a5..559a39d 100755
--- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
@@ -4,7 +4,6 @@ import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
@@ -16,7 +15,6 @@ import org.keycloak.enums.SslRequired;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.CredentialRepresentation;
-import java.util.Arrays;
import java.util.Collections;
/**
@@ -61,7 +59,6 @@ public class ApplianceBootstrap {
realm.setSslRequired(SslRequired.EXTERNAL);
realm.setRegistrationAllowed(false);
KeycloakModelUtils.generateRealmKeys(realm);
- realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
realm.setAuditListeners(Collections.singleton("jboss-logging"));
@@ -70,7 +67,7 @@ public class ApplianceBootstrap {
UserCredentialModel password = new UserCredentialModel();
password.setType(UserCredentialModel.PASSWORD);
password.setValue("admin");
- adminUser.updateCredential(password);
+ session.users().updateCredential(realm, adminUser, password);
adminUser.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
RoleModel adminRole = realm.getRole(AdminRoles.ADMIN);
diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
index e6cd6c9..b4e68c4 100755
--- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
@@ -3,11 +3,7 @@ package org.keycloak.services.managers;
import org.jboss.logging.Logger;
import org.keycloak.RSATokenVerifier;
import org.keycloak.VerificationException;
-import org.keycloak.authentication.AuthProviderStatus;
-import org.keycloak.authentication.AuthUser;
-import org.keycloak.authentication.AuthenticationProviderManager;
import org.keycloak.jose.jws.JWSBuilder;
-import org.keycloak.models.AuthenticationLinkModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
@@ -29,6 +25,8 @@ import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.UriInfo;
import java.net.URI;
import java.util.HashSet;
+import java.util.LinkedList;
+import java.util.List;
import java.util.Set;
/**
@@ -257,20 +255,8 @@ public class AuthenticationManager {
UserModel user = KeycloakModelUtils.findUserByNameOrEmail(session, realm, username);
if (user == null) {
- AuthUser authUser = AuthenticationProviderManager.getManager(realm, session).getUser(username);
- if (authUser != null) {
- // Create new user and link him with authentication provider
- user = session.users().addUser(realm, authUser.getUsername());
- user.setEnabled(true);
- user.setFirstName(authUser.getFirstName());
- user.setLastName(authUser.getLastName());
- user.setEmail(authUser.getEmail());
- user.setAuthenticationLink(new AuthenticationLinkModel(authUser.getProviderName(), authUser.getId()));
- logger.info("User " + authUser.getUsername() + " created in Keycloak and linked with provider " + authUser.getProviderName());
- } else {
- logger.warn("User " + username + " not found");
- return AuthenticationStatus.INVALID_USER;
- }
+ logger.warn("User " + username + " not found");
+ return AuthenticationStatus.INVALID_USER;
}
if (!checkEnabled(user)) {
@@ -284,11 +270,13 @@ public class AuthenticationManager {
}
if (types.contains(CredentialRepresentation.PASSWORD)) {
+ List<UserCredentialModel> credentials = new LinkedList<UserCredentialModel>();
String password = formData.getFirst(CredentialRepresentation.PASSWORD);
if (password == null) {
logger.warn("Password not provided");
return AuthenticationStatus.MISSING_PASSWORD;
}
+ credentials.add(UserCredentialModel.password(password));
if (user.isTotp()) {
String token = formData.getFirst(CredentialRepresentation.TOTP);
@@ -296,21 +284,14 @@ public class AuthenticationManager {
logger.warn("TOTP token not provided");
return AuthenticationStatus.MISSING_TOTP;
}
+ credentials.add(UserCredentialModel.totp(token));
- logger.debug("validating TOTP");
- if (!session.users().validCredentials(realm, user, UserCredentialModel.totp(token))) {
- return AuthenticationStatus.INVALID_CREDENTIALS;
- }
- }
+ }
logger.debug("validating password for user: " + username);
- AuthProviderStatus authStatus = AuthenticationProviderManager.getManager(realm, session).validatePassword(user, password);
- if (authStatus == AuthProviderStatus.INVALID_CREDENTIALS) {
- logger.debug("invalid password for user: " + username);
+ if (!session.users().validCredentials(realm, user, credentials)) {
return AuthenticationStatus.INVALID_CREDENTIALS;
- } else if (authStatus == AuthProviderStatus.FAILED) {
- return AuthenticationStatus.FAILED;
}
if (!user.getRequiredActions().isEmpty()) {
@@ -324,6 +305,9 @@ public class AuthenticationManager {
logger.warn("Secret not provided");
return AuthenticationStatus.MISSING_PASSWORD;
}
+ if (!session.users().validCredentials(realm, user, UserCredentialModel.secret(secret))) {
+ return AuthenticationStatus.INVALID_CREDENTIALS;
+ }
if (!user.getRequiredActions().isEmpty()) {
return AuthenticationStatus.ACTIONS_REQUIRED;
} else {
diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java
index e89777a..b02ff59 100755
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@@ -33,13 +33,8 @@ import org.keycloak.audit.AuditProvider;
import org.keycloak.audit.Details;
import org.keycloak.audit.Event;
import org.keycloak.audit.EventType;
-import org.keycloak.authentication.AuthProviderStatus;
-import org.keycloak.authentication.AuthenticationProviderException;
-import org.keycloak.authentication.AuthenticationProviderManager;
import org.keycloak.models.AccountRoles;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.Constants;
@@ -146,7 +141,6 @@ public class AccountService {
account = session.getProvider(AccountProvider.class).setRealm(realm).setUriInfo(uriInfo);
- boolean passwordUpdateSupported = false;
AuthenticationManager.AuthResult authResult = authManager.authenticateIdentityCookie(session, realm, uriInfo, clientConnection, headers);
if (authResult != null) {
auth = new Auth(realm, authResult.getToken(), authResult.getUser(), application, true);
@@ -173,16 +167,12 @@ public class AccountService {
account.setUser(auth.getUser());
- AuthenticationLinkModel authLinkModel = auth.getUser().getAuthenticationLink();
- if (authLinkModel != null) {
- AuthenticationProviderModel authProviderModel = AuthenticationProviderManager.getConfiguredProviderModel(realm, authLinkModel.getAuthProvider());
- passwordUpdateSupported = authProviderModel.isPasswordUpdateSupported();
- }
}
boolean auditEnabled = auditProvider != null && realm.isAuditEnabled();
- account.setFeatures(realm.isSocial(), auditEnabled, passwordUpdateSupported);
+ // todo find out from federation if password is updatable
+ account.setFeatures(realm.isSocial(), auditEnabled, true);
}
public static UriBuilder accountServiceBaseUrl(UriInfo uriInfo) {
@@ -428,7 +418,7 @@ public class AccountService {
UserCredentialModel credentials = new UserCredentialModel();
credentials.setType(CredentialRepresentation.TOTP);
credentials.setValue(totpSecret);
- user.updateCredential(credentials);
+ session.users().updateCredential(realm, user, credentials);
user.setTotp(true);
@@ -471,19 +461,18 @@ public class AccountService {
return account.setError(Messages.INVALID_PASSWORD_CONFIRM).createResponse(AccountPages.PASSWORD);
}
- AuthenticationProviderManager authProviderManager = AuthenticationProviderManager.getManager(realm, session);
+ UserCredentialModel cred = UserCredentialModel.password(password);
if (Validation.isEmpty(password)) {
return account.setError(Messages.MISSING_PASSWORD).createResponse(AccountPages.PASSWORD);
- } else if (authProviderManager.validatePassword(user, password) != AuthProviderStatus.SUCCESS) {
- return account.setError(Messages.INVALID_PASSWORD_EXISTING).createResponse(AccountPages.PASSWORD);
+ } else {
+ if (!session.users().validCredentials(realm, user, cred)) {
+ return account.setError(Messages.INVALID_PASSWORD_EXISTING).createResponse(AccountPages.PASSWORD);
+ }
}
try {
- boolean passwordUpdateSuccess = authProviderManager.updatePassword(user, passwordNew);
- if (!passwordUpdateSuccess) {
- return account.setError("Password update failed").createResponse(AccountPages.PASSWORD);
- }
- } catch (AuthenticationProviderException ape) {
+ session.users().updateCredential(realm, user, UserCredentialModel.password(passwordNew));
+ } catch (Exception ape) {
return account.setError(ape.getMessage()).createResponse(AccountPages.PASSWORD);
}
@@ -539,7 +528,7 @@ public class AccountService {
if (link != null) {
// Removing last social provider is not possible if you don't have other possibility to authenticate
- if (session.users().getSocialLinks(user, realm).size() > 1 || user.getAuthenticationLink() != null) {
+ if (session.users().getSocialLinks(user, realm).size() > 1 || user.getFederationLink() != null) {
session.users().removeSocialLink(realm, user, providerId);
logger.debug("Social provider " + providerId + " removed successfully from user " + user.getUsername());
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
index b023a11..e1b3105 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ServerInfoAdminResource.java
@@ -1,8 +1,6 @@
package org.keycloak.services.resources.admin;
import org.keycloak.audit.AuditListener;
-import org.keycloak.authentication.AuthenticationProvider;
-import org.keycloak.freemarker.ExtendingThemeManager;
import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeProvider;
import org.keycloak.models.KeycloakSession;
@@ -36,7 +34,6 @@ public class ServerInfoAdminResource {
ServerInfoRepresentation info = new ServerInfoRepresentation();
setSocialProviders(info);
setThemes(info);
- setAuthProviders(info);
setAuditListeners(info);
return info;
}
@@ -61,14 +58,6 @@ public class ServerInfoAdminResource {
Collections.sort(info.socialProviders);
}
- private void setAuthProviders(ServerInfoRepresentation info) {
- info.authProviders = new HashMap<String, List<String>>();
- Iterable<AuthenticationProvider> authProviders = session.getAllProviders(AuthenticationProvider.class);
- for (AuthenticationProvider authProvider : authProviders) {
- info.authProviders.put(authProvider.getName(), authProvider.getAvailableOptions());
- }
- }
-
private void setAuditListeners(ServerInfoRepresentation info) {
info.auditListeners = new LinkedList<String>();
@@ -84,7 +73,6 @@ public class ServerInfoAdminResource {
private List<String> socialProviders;
- private Map<String, List<String>> authProviders;
private List<String> auditListeners;
@@ -99,10 +87,6 @@ public class ServerInfoAdminResource {
return socialProviders;
}
- public Map<String, List<String>> getAuthProviders() {
- return authProviders;
- }
-
public List<String> getAuditListeners() {
return auditListeners;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
index 52f8436..f39e28f 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@@ -766,7 +766,7 @@ public class UsersResource {
}
UserCredentialModel cred = RepresentationToModel.convertCredential(pass);
- user.updateCredential(cred);
+ session.users().updateCredential(realm, user, cred);
user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
}
diff --git a/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java b/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
index 402664e..5d598e6 100755
--- a/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
@@ -28,8 +28,6 @@ import org.keycloak.audit.Audit;
import org.keycloak.audit.Details;
import org.keycloak.audit.Errors;
import org.keycloak.audit.EventType;
-import org.keycloak.authentication.AuthenticationProviderException;
-import org.keycloak.authentication.AuthenticationProviderManager;
import org.keycloak.email.EmailException;
import org.keycloak.email.EmailProvider;
import org.keycloak.login.LoginFormsProvider;
@@ -167,7 +165,7 @@ public class RequiredActionsService {
UserCredentialModel credentials = new UserCredentialModel();
credentials.setType(CredentialRepresentation.TOTP);
credentials.setValue(totpSecret);
- user.updateCredential(credentials);
+ session.users().updateCredential(realm, user, credentials);
user.setTotp(true);
@@ -205,11 +203,8 @@ public class RequiredActionsService {
}
try {
- boolean updateSuccessful = AuthenticationProviderManager.getManager(realm, session).updatePassword(user, passwordNew);
- if (!updateSuccessful) {
- return loginForms.setError("Password update failed").createResponse(RequiredAction.UPDATE_PASSWORD);
- }
- } catch (AuthenticationProviderException ape) {
+ session.users().updateCredential(realm, user, UserCredentialModel.password(passwordNew));
+ } catch (Exception ape) {
return loginForms.setError(ape.getMessage()).createResponse(RequiredAction.UPDATE_PASSWORD);
}
diff --git a/services/src/main/java/org/keycloak/services/resources/TokenService.java b/services/src/main/java/org/keycloak/services/resources/TokenService.java
index 625055f..db6df78 100755
--- a/services/src/main/java/org/keycloak/services/resources/TokenService.java
+++ b/services/src/main/java/org/keycloak/services/resources/TokenService.java
@@ -17,8 +17,6 @@ import org.keycloak.audit.Audit;
import org.keycloak.audit.Details;
import org.keycloak.audit.Errors;
import org.keycloak.audit.EventType;
-import org.keycloak.authentication.AuthenticationProviderException;
-import org.keycloak.authentication.AuthenticationProviderManager;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.ClientModel;
@@ -639,10 +637,8 @@ public class TokenService {
return Flows.forms(session, realm, uriInfo).setError(error).setFormData(formData).createRegistration();
}
- AuthenticationProviderManager authenticationProviderManager = AuthenticationProviderManager.getManager(realm, session);
-
// Validate that user with this username doesn't exist in realm or any authentication provider
- if (session.users().getUserByUsername(username, realm) != null || authenticationProviderManager.getUser(username) != null) {
+ if (session.users().getUserByUsername(username, realm) != null) {
audit.error(Errors.USERNAME_IN_USE);
return Flows.forms(session, realm, uriInfo).setError(Messages.USERNAME_EXISTS).setFormData(formData).createRegistration();
}
@@ -660,11 +656,11 @@ public class TokenService {
credentials.setValue(formData.getFirst("password"));
boolean passwordUpdateSuccessful;
- String passwordUpdateError;
+ String passwordUpdateError = null;
try {
- passwordUpdateSuccessful = AuthenticationProviderManager.getManager(realm, session).updatePassword(user, formData.getFirst("password"));
- passwordUpdateError = "Password update failed";
- } catch (AuthenticationProviderException ape) {
+ session.users().updateCredential(realm, user, UserCredentialModel.password(formData.getFirst("password")));
+ passwordUpdateSuccessful = true;
+ } catch (Exception ape) {
passwordUpdateSuccessful = false;
passwordUpdateError = ape.getMessage();
}
diff --git a/testsuite/integration/src/main/java/org/keycloak/testutils/LDAPEmbeddedServer.java b/testsuite/integration/src/main/java/org/keycloak/testutils/LDAPEmbeddedServer.java
index 0f7a69b..c5e02c8 100755
--- a/testsuite/integration/src/main/java/org/keycloak/testutils/LDAPEmbeddedServer.java
+++ b/testsuite/integration/src/main/java/org/keycloak/testutils/LDAPEmbeddedServer.java
@@ -135,7 +135,6 @@ public class LDAPEmbeddedServer extends AbstractLDAPTest {
ldapConfig.put(LDAPConstants.BIND_CREDENTIAL, getBindCredential());
ldapConfig.put(LDAPConstants.USER_DN_SUFFIX, getUserDnSuffix());
ldapConfig.put(LDAPConstants.VENDOR, getVendor());
- realm.setLdapServerConfig(ldapConfig);
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
index 1978122..d2656b7 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
@@ -33,7 +33,6 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.ApplicationRepresentation;
-import org.keycloak.representations.idm.AuthenticationProviderRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
@@ -279,22 +278,6 @@ public class AdminAPITest {
Assert.assertEquals(rep.getSocialProviders(), storedRealm.getSocialProviders());
}
- if (rep.getLdapServer() != null) {
- Assert.assertEquals(rep.getLdapServer(), storedRealm.getLdapServer());
- }
- if (rep.getAuthenticationProviders() != null) {
- Set<AuthenticationProviderRepresentation> set = new HashSet<AuthenticationProviderRepresentation>();
- for (AuthenticationProviderRepresentation authRep : rep.getAuthenticationProviders()) {
- set.add(authRep);
- }
- Set<AuthenticationProviderRepresentation> storedSet = new HashSet<AuthenticationProviderRepresentation>();
- if (storedRealm.getAuthenticationProviders() != null) {
- for (AuthenticationProviderRepresentation authRep : storedRealm.getAuthenticationProviders()) {
- storedSet.add(authRep);
- }
- }
- Assert.assertEquals(set, storedSet);
- }
}
protected void testCreateRealm(String path) {
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
index d37cc6b..3a6acd1 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
@@ -28,7 +28,6 @@ import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
@@ -48,7 +47,6 @@ import org.keycloak.testsuite.rule.WebRule;
import org.openqa.selenium.WebDriver;
import java.security.PublicKey;
-import java.util.Arrays;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -71,7 +69,6 @@ public class CompositeRoleTest {
realm.setSslRequired(SslRequired.EXTERNAL);
realm.setEnabled(true);
realm.addRequiredCredential(UserCredentialModel.PASSWORD);
- realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
final RoleModel realmRole1 = realm.addRole("REALM_ROLE_1");
final RoleModel realmRole2 = realm.addRole("REALM_ROLE_2");
final RoleModel realmRole3 = realm.addRole("REALM_ROLE_3");
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java
index 73959d0..52d19d2 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/FederationProvidersIntegrationTest.java
@@ -76,7 +76,7 @@ public class FederationProvidersIntegrationTest {
// Configure LDAP
ldapRule.getEmbeddedServer().setupLdapInRealm(appRealm);
- LDAPTestUtils.setLdapPassword(session, appRealm, "johnkeycloak", "password");
+ LDAPTestUtils.setLdapPassword(ldapConfig, "johnkeycloak", "password");
}
});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/LDAPTestUtils.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/LDAPTestUtils.java
old mode 100644
new mode 100755
index b7cdeaf..fa9f703
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/LDAPTestUtils.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/LDAPTestUtils.java
@@ -1,23 +1,27 @@
package org.keycloak.testsuite;
-import org.keycloak.authentication.picketlink.PicketlinkAuthenticationProvider;
+import org.keycloak.federation.ldap.PartitionManagerRegistry;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.picketlink.IdentityManagerProvider;
import org.picketlink.idm.IdentityManager;
+import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.model.basic.BasicModel;
import org.picketlink.idm.model.basic.User;
+import java.util.Map;
+
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
*/
public class LDAPTestUtils {
- public static void setLdapPassword(KeycloakSession session, RealmModel realm, String username, String password) {
+ public static void setLdapPassword(Map<String, String> ldapConfig, String username, String password) {
// Update password directly in ldap. It's workaround, but LDIF import doesn't seem to work on windows for ApacheDS
try {
- IdentityManager identityManager = new PicketlinkAuthenticationProvider(session.getProvider(IdentityManagerProvider.class)).getIdentityManager(realm);
+ PartitionManager partitionManager = PartitionManagerRegistry.createPartitionManager(ldapConfig);
+ IdentityManager identityManager = partitionManager.createIdentityManager();
User user = BasicModel.getUser(identityManager, username);
identityManager.updateCredential(user, new Password(password.toCharArray()));
} catch (Exception e) {
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthenticationManagerTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthenticationManagerTest.java
index b74ef18..a2742b5 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthenticationManagerTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AuthenticationManagerTest.java
@@ -5,7 +5,6 @@ import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
@@ -18,7 +17,6 @@ import org.keycloak.services.managers.AuthenticationManager.AuthenticationStatus
import org.keycloak.services.managers.BruteForceProtector;
import javax.ws.rs.core.MultivaluedMap;
-import java.util.Arrays;
import java.util.UUID;
public class AuthenticationManagerTest extends AbstractModelTest {
@@ -163,7 +161,6 @@ public class AuthenticationManagerTest extends AbstractModelTest {
realm.setPublicKeyPem("0234234");
realm.setAccessTokenLifespan(1000);
realm.addRequiredCredential(CredentialRepresentation.PASSWORD);
- realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
protector = ResteasyProviderFactory.getContextData(BruteForceProtector.class);
am = new AuthenticationManager(protector);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
index f512c76..31ccdf1 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ImportTest.java
@@ -4,10 +4,7 @@ import org.junit.Assert;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;
-import org.keycloak.authentication.AuthProviderConstants;
import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.AuthenticationLinkModel;
-import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
@@ -197,32 +194,6 @@ public class ImportTest extends AbstractModelTest {
Assert.assertEquals("abc", socialConfig.get("google.key"));
Assert.assertEquals("def", socialConfig.get("google.secret"));
- // Test ldap config
- Map<String, String> ldapConfig = realm.getLdapServerConfig();
- Assert.assertTrue(ldapConfig.size() == 6);
- Assert.assertEquals("ldap://localhost:10389", ldapConfig.get("connectionUrl"));
- Assert.assertEquals("dc=keycloak,dc=org", ldapConfig.get("baseDn"));
- Assert.assertEquals("ou=People,dc=keycloak,dc=org", ldapConfig.get("userDnSuffix"));
- Assert.assertEquals("other", ldapConfig.get("vendor"));
-
- // Test authentication providers
- List<AuthenticationProviderModel> authProviderModels = realm.getAuthenticationProviders();
- Assert.assertTrue(authProviderModels.size() == 3);
- AuthenticationProviderModel authProv1 = authProviderModels.get(0);
- AuthenticationProviderModel authProv2 = authProviderModels.get(1);
- AuthenticationProviderModel authProv3 = authProviderModels.get(2);
- Assert.assertEquals(AuthProviderConstants.PROVIDER_NAME_MODEL, authProv1.getProviderName());
- Assert.assertTrue(authProv1.isPasswordUpdateSupported());
- Assert.assertEquals(AuthProviderConstants.PROVIDER_NAME_EXTERNAL_MODEL, authProv2.getProviderName());
- Assert.assertFalse(authProv2.isPasswordUpdateSupported());
- Assert.assertEquals("trustedRealm", authProv2.getConfig().get("externalRealmId"));
- Assert.assertEquals(AuthProviderConstants.PROVIDER_NAME_PICKETLINK, authProv3.getProviderName());
- Assert.assertTrue(authProv3.isPasswordUpdateSupported());
-
- // Test authentication linking
- AuthenticationLinkModel authLink = socialUser.getAuthenticationLink();
- Assert.assertEquals(AuthProviderConstants.PROVIDER_NAME_PICKETLINK, authLink.getAuthProvider());
- Assert.assertEquals("myUser1", authLink.getAuthUserId());
}
@Test
diff --git a/testsuite/integration/src/test/resources/model/testrealm.json b/testsuite/integration/src/test/resources/model/testrealm.json
index 1e9ff54..f6b212c 100755
--- a/testsuite/integration/src/test/resources/model/testrealm.json
+++ b/testsuite/integration/src/test/resources/model/testrealm.json
@@ -12,34 +12,10 @@
"host": "localhost",
"port":"3025"
},
- "ldapServer": {
- "connectionUrl": "ldap://localhost:10389",
- "baseDn": "dc=keycloak,dc=org",
- "userDnSuffix": "ou=People,dc=keycloak,dc=org",
- "bindDn": "uid=admin,ou=system",
- "bindCredential": "secret",
- "vendor": "other"
- },
"socialProviders": {
"google.key": "abc",
"google.secret": "def"
},
- "authenticationProviders": [
- {
- "providerName": "model"
- },
- {
- "providerName": "externalModel",
- "passwordUpdateSupported": false,
- "config": {
- "externalRealmId": "trustedRealm"
- }
- },
- {
- "providerName": "picketlink",
- "passwordUpdateSupported": true
- }
- ],
"users": [
{
"username": "wburke",
@@ -86,10 +62,6 @@
{
"username": "mySocialUser",
"enabled": true,
- "authenticationLink": {
- "authProvider": "picketlink",
- "authUserId": "myUser1"
- },
"socialLinks": [
{
"socialProvider": "facebook",