diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 1aff2ed..a0e1235 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -21,7 +21,9 @@ import org.keycloak.models.utils.DefaultAuthenticationFlows;
import org.keycloak.models.utils.DefaultRequiredActions;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.RepresentationToModel;
+import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.timer.TimerProvider;
@@ -267,13 +269,27 @@ public class RealmManager {
setupMasterAdminManagement(realm);
if (!hasRealmAdminManagementClient(rep)) setupRealmAdminManagement(realm);
if (!hasAccountManagementClient(rep)) setupAccountManagement(realm);
- if (!hasImpersonationServiceClient(rep)) setupImpersonationService(realm);
+
+ boolean postponeImpersonationSetup = false;
+ if (!hasImpersonationServiceClient(rep)) {
+ if (hasRealmAdminManagementClient(rep)) {
+ postponeImpersonationSetup = true;
+ } else {
+ setupImpersonationService(realm);
+ }
+ }
if (!hasBrokerClient(rep)) setupBrokerService(realm);
if (!hasAdminConsoleClient(rep)) setupAdminConsole(realm);
RepresentationToModel.importRealm(session, rep, realm);
+ // Could happen when migrating from older version and I have exported JSON file, which contains "realm-management" client but not "impersonation" client
+ // I need to postpone impersonation because it needs "realm-management" client and it's roles set
+ if (postponeImpersonationSetup) {
+ setupImpersonationService(realm);
+ }
+
setupAuthenticationFlows(realm);
setupRequiredActions(realm);
@@ -287,50 +303,49 @@ public class RealmManager {
}
private boolean hasRealmAdminManagementClient(RealmRepresentation rep) {
- if (rep.getClients() == null) return false;
- for (ClientRepresentation clientRep : rep.getClients()) {
- if (clientRep.getClientId().equals(getRealmAdminClientId(rep))) {
- return true;
- }
- }
- return false;
+ String realmAdminClientId = getRealmAdminClientId(rep);
+ return hasClient(rep, realmAdminClientId);
}
private boolean hasAccountManagementClient(RealmRepresentation rep) {
- if (rep.getClients() == null) return false;
- for (ClientRepresentation clientRep : rep.getClients()) {
- if (clientRep.getClientId().equals(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID)) {
- return true;
- }
- }
- return false;
+ return hasClient(rep, Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
}
private boolean hasImpersonationServiceClient(RealmRepresentation rep) {
- if (rep.getClients() == null) return false;
- for (ClientRepresentation clientRep : rep.getClients()) {
- if (clientRep.getClientId().equals(Constants.IMPERSONATION_SERVICE_CLIENT_ID)) {
- return true;
- }
- }
- return false;
+ return hasClient(rep, Constants.IMPERSONATION_SERVICE_CLIENT_ID);
}
private boolean hasBrokerClient(RealmRepresentation rep) {
- if (rep.getClients() == null) return false;
- for (ClientRepresentation clientRep : rep.getClients()) {
- if (clientRep.getClientId().equals(Constants.BROKER_SERVICE_CLIENT_ID)) {
- return true;
- }
- }
- return false;
+ return hasClient(rep, Constants.BROKER_SERVICE_CLIENT_ID);
}
private boolean hasAdminConsoleClient(RealmRepresentation rep) {
- if (rep.getClients() == null) return false;
- for (ClientRepresentation clientRep : rep.getClients()) {
- if (clientRep.getClientId().equals(Constants.ADMIN_CONSOLE_CLIENT_ID)) {
- return true;
+ return hasClient(rep, Constants.ADMIN_CONSOLE_CLIENT_ID);
+ }
+
+ private boolean hasClient(RealmRepresentation rep, String clientId) {
+ if (rep.getClients() != null) {
+ for (ClientRepresentation clientRep : rep.getClients()) {
+ if (clientRep.getClientId().equals(clientId)) {
+ return true;
+ }
}
}
+
+ // TODO: Just for compatibility with old versions. Should be removed later...
+ if (rep.getApplications() != null) {
+ for (ApplicationRepresentation clientRep : rep.getApplications()) {
+ if (clientRep.getName().equals(clientId)) {
+ return true;
+ }
+ }
+ }
+ if (rep.getOauthClients() != null) {
+ for (OAuthClientRepresentation clientRep : rep.getOauthClients()) {
+ if (clientRep.getName().equals(clientId)) {
+ return true;
+ }
+ }
+ }
+
return false;
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
index 2d14b4b..5b5a611 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@@ -168,12 +168,8 @@ public class RealmsAdminResource {
for (InputPart inputPart : inputParts) {
// inputPart.getBody doesn't work as content-type is wrong, and inputPart.setMediaType is not supported on AS7 (RestEasy 2.3.2.Final)
rep = JsonSerialization.readValue(inputPart.getBodyAsString(), RealmRepresentation.class);
- RealmModel realm;
- try {
- realm = realmManager.importRealm(rep);
- } catch (ModelDuplicateException e) {
- return ErrorResponse.exists("Realm " + rep.getRealm() + " already exists");
- }
+
+ RealmModel realm = realmManager.importRealm(rep);
grantPermissionsToRealmCreator(realm);
