Prosoft Git

keycloak-aplcache

import spi

10/11/2016 7:33:59 PM
Bill Burke

Bill Burke

Commit: fbaa731

Tree: b93f9ea

Parents: db05dc6

Changes

services/src/main/java/org/keycloak/services/managers/RealmManager.java 8(+8 -0)

services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java 5(+5 -0)

services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java 2(+2 -0)

services/src/main/java/org/keycloak/storage/UserStorageManager.java 52(+42 -10)

Details

services/src/main/java/org/keycloak/services/managers/RealmManager.java 8(+8 -0) 

diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 39abe85..058cdbc 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -49,6 +49,7 @@ import org.keycloak.representations.idm.OAuthClientRepresentation;
 import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.representations.idm.RoleRepresentation;
+import org.keycloak.storage.UserStorageProviderModel;
 
 import java.util.Collections;
 import java.util.HashSet;
@@ -491,6 +492,13 @@ public class RealmManager implements RealmImporter {
             usersSyncManager.notifyToRefreshPeriodicSync(session, realm, fedProvider, false);
         }
 
+        // Refresh periodic sync tasks for configured storageProviders
+        List<UserStorageProviderModel> storageProviders = realm.getUserStorageProviders();
+        UserStorageSyncManager storageSync = new UserStorageSyncManager();
+        for (UserStorageProviderModel provider : storageProviders) {
+            storageSync.notifyToRefreshPeriodicSync(session, realm, provider, false);
+        }
+
         setupAuthorizationServices(realm);
         fireRealmPostCreate(realm);

services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java 5(+5 -0) 

diff --git a/services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java b/services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java
index de0363b..eaca98f 100755
--- a/services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java
@@ -165,6 +165,11 @@ public class UserStorageSyncManager {
 
     // Ensure all cluster nodes are notified
     public void notifyToRefreshPeriodicSync(KeycloakSession session, RealmModel realm, UserStorageProviderModel provider, boolean removed) {
+        UserStorageProviderFactory factory = (UserStorageProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(UserStorageProvider.class, provider.getProviderId());
+        if (!(factory instanceof ImportSynchronization) || !provider.isImportEnabled()) {
+            return;
+
+        }
         UserStorageProviderClusterEvent event = UserStorageProviderClusterEvent.createEvent(removed, realm.getId(), provider);
         session.getProvider(ClusterProvider.class).notify(USER_STORAGE_TASK_KEY, event);
     }

services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java 2(+2 -0) 

diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
index f391b1a..642b5c1 100644
--- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
+++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
@@ -44,6 +44,7 @@ import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.filters.KeycloakTransactionCommitter;
 import org.keycloak.services.managers.ApplianceBootstrap;
 import org.keycloak.services.managers.RealmManager;
+import org.keycloak.services.managers.UserStorageSyncManager;
 import org.keycloak.services.managers.UsersSyncManager;
 import org.keycloak.services.resources.admin.AdminRoot;
 import org.keycloak.services.scheduled.ClearExpiredEvents;
@@ -319,6 +320,7 @@ public class KeycloakApplication extends Application {
             timer.schedule(new ClusterAwareScheduledTaskRunner(sessionFactory, new ClearExpiredEvents(), interval), interval, "ClearExpiredEvents");
             timer.schedule(new ClusterAwareScheduledTaskRunner(sessionFactory, new ClearExpiredUserSessions(), interval), interval, "ClearExpiredUserSessions");
             new UsersSyncManager().bootstrapPeriodic(sessionFactory, timer);
+            new UserStorageSyncManager().bootstrapPeriodic(sessionFactory, timer);
         } finally {
             session.close();
         }

services/src/main/java/org/keycloak/storage/UserStorageManager.java 52(+42 -10) 

diff --git a/services/src/main/java/org/keycloak/storage/UserStorageManager.java b/services/src/main/java/org/keycloak/storage/UserStorageManager.java
index 6061323..94d6232 100755
--- a/services/src/main/java/org/keycloak/storage/UserStorageManager.java
+++ b/services/src/main/java/org/keycloak/storage/UserStorageManager.java
@@ -38,6 +38,8 @@ import org.keycloak.models.cache.CachedUserModel;
 import org.keycloak.models.cache.OnUserCache;
 import org.keycloak.storage.federated.UserFederatedStorageProvider;
 import org.keycloak.credential.CredentialAuthentication;
+import org.keycloak.storage.user.ImportSynchronization;
+import org.keycloak.storage.user.ImportedUserValidation;
 import org.keycloak.storage.user.UserLookupProvider;
 import org.keycloak.storage.user.UserQueryProvider;
 import org.keycloak.storage.user.UserRegistrationProvider;
@@ -225,11 +227,31 @@ public class UserStorageManager implements UserProvider, OnUserCache {
         }
     }
 
+    protected UserModel importValidation(RealmModel realm, UserModel user) {
+        if (user == null || user.getFederationLink() == null) return user;
+        UserStorageProvider provider = getStorageProvider(session, realm, user.getFederationLink());
+        if (provider != null && provider instanceof ImportedUserValidation) {
+            return ((ImportedUserValidation)provider).validate(realm, user);
+        } else {
+            return user;
+        }
+
+    }
+
+    protected List<UserModel> importValidation(RealmModel realm, List<UserModel> users) {
+        List<UserModel> tmp = new LinkedList<>();
+        for (UserModel user : users) {
+            tmp.add(importValidation(realm, user));
+        }
+        return tmp;
+    }
+
     @Override
     public UserModel getUserById(String id, RealmModel realm) {
         StorageId storageId = new StorageId(id);
         if (storageId.getProviderId() == null) {
-            return localStorage().getUserById(id, realm);
+            UserModel user = localStorage().getUserById(id, realm);
+            return importValidation(realm, user);
         }
         UserLookupProvider provider = (UserLookupProvider)getStorageProvider(session, realm, storageId.getProviderId());
         return provider.getUserById(id, realm);
@@ -243,7 +265,9 @@ public class UserStorageManager implements UserProvider, OnUserCache {
     @Override
     public UserModel getUserByUsername(String username, RealmModel realm) {
         UserModel user = localStorage().getUserByUsername(username, realm);
-        if (user != null) return user;
+        if (user != null) {
+            return importValidation(realm, user);
+        }
         for (UserLookupProvider provider : getStorageProviders(session, realm, UserLookupProvider.class)) {
             user = provider.getUserByUsername(username, realm);
             if (user != null) return user;
@@ -257,7 +281,9 @@ public class UserStorageManager implements UserProvider, OnUserCache {
         if (user != null) return user;
         for (UserLookupProvider provider : getStorageProviders(session, realm, UserLookupProvider.class)) {
             user = provider.getUserByEmail(email, realm);
-            if (user != null) return user;
+            if (user != null) {
+                return importValidation(realm, user);
+            }
         }
         return null;
     }
@@ -266,7 +292,7 @@ public class UserStorageManager implements UserProvider, OnUserCache {
     public UserModel getUserByFederatedIdentity(FederatedIdentityModel socialLink, RealmModel realm) {
         UserModel user = localStorage().getUserByFederatedIdentity(socialLink, realm);
         if (user != null) {
-            return user;
+            return importValidation(realm, user);
         }
         if (getFederatedStorage() == null) return null;
         String id = getFederatedStorage().getUserByFederatedIdentity(socialLink, realm);
@@ -354,7 +380,7 @@ public class UserStorageManager implements UserProvider, OnUserCache {
 
     @Override
     public List<UserModel> getUsers(final RealmModel realm, int firstResult, int maxResults, final boolean includeServiceAccounts) {
-        return query((provider, first, max) -> {
+        List<UserModel> results =  query((provider, first, max) -> {
             if (provider instanceof UserProvider) { // it is local storage
                 return ((UserProvider) provider).getUsers(realm, first, max, includeServiceAccounts);
             } else if (provider instanceof UserQueryProvider) {
@@ -364,6 +390,7 @@ public class UserStorageManager implements UserProvider, OnUserCache {
             return Collections.EMPTY_LIST;
         }
         , realm, firstResult, maxResults);
+        return importValidation(realm, results);
     }
 
     @Override
@@ -373,23 +400,26 @@ public class UserStorageManager implements UserProvider, OnUserCache {
 
     @Override
     public List<UserModel> searchForUser(String search, RealmModel realm, int firstResult, int maxResults) {
-        return query((provider, first, max) -> {
+        List<UserModel> results = query((provider, first, max) -> {
             if (provider instanceof UserQueryProvider) {
                 return ((UserQueryProvider)provider).searchForUser(search, realm, first, max);
 
             }
             return Collections.EMPTY_LIST;
         }, realm, firstResult, maxResults);
+        return importValidation(realm, results);
+
     }
 
     @Override
     public List<UserModel> searchForUser(Map<String, String> attributes, RealmModel realm) {
-        return searchForUser(attributes, realm, 0, Integer.MAX_VALUE - 1);
+        List<UserModel> results = searchForUser(attributes, realm, 0, Integer.MAX_VALUE - 1);
+        return importValidation(realm, results);
     }
 
     @Override
     public List<UserModel> searchForUser(Map<String, String> attributes, RealmModel realm, int firstResult, int maxResults) {
-        return query((provider, first, max) -> {
+        List<UserModel> results = query((provider, first, max) -> {
             if (provider instanceof UserQueryProvider) {
                 return ((UserQueryProvider)provider).searchForUser(attributes, realm, first, max);
 
@@ -397,6 +427,8 @@ public class UserStorageManager implements UserProvider, OnUserCache {
             return Collections.EMPTY_LIST;
         }
         , realm, firstResult, maxResults);
+        return importValidation(realm, results);
+
     }
 
     @Override
@@ -417,7 +449,7 @@ public class UserStorageManager implements UserProvider, OnUserCache {
             }
             return Collections.EMPTY_LIST;
         }, realm,0, Integer.MAX_VALUE - 1);
-        return results;
+        return importValidation(realm, results);
     }
 
     @Override
@@ -472,7 +504,7 @@ public class UserStorageManager implements UserProvider, OnUserCache {
             }
             return Collections.EMPTY_LIST;
         }, realm, firstResult, maxResults);
-        return results;
+        return importValidation(realm, results);
     }

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github