From 032bb8e9cc44284c72a60fc22a7c5a6d7f89ac06 Mon Sep 17 00:00:00 2001 From: vramik Date: Fri, 1 Mar 2024 18:00:14 +0100 Subject: [PATCH] Map Store Removal: Remove obsolete `KeycloakModelUtils.isUsernameCaseSensitive` method Closes #27438 Signed-off-by: vramik --- .../main/java/org/keycloak/models/Constants.java | 3 --- .../models/utils/KeycloakModelUtils.java | 16 ---------------- .../validator/DuplicateUsernameValidator.java | 5 +---- .../validator/UsernameMutationValidator.java | 8 +++----- .../testsuite/federation/UserMapStorage.java | 2 -- 5 files changed, 4 insertions(+), 30 deletions(-) diff --git a/server-spi-private/src/main/java/org/keycloak/models/Constants.java b/server-spi-private/src/main/java/org/keycloak/models/Constants.java index 777e5fbc1c..4c5d535510 100755 --- a/server-spi-private/src/main/java/org/keycloak/models/Constants.java +++ b/server-spi-private/src/main/java/org/keycloak/models/Constants.java @@ -159,9 +159,6 @@ public final class Constants { public static final int MINIMUM_LOA = 0; public static final int NO_LOA = -1; - public static final Boolean REALM_ATTR_USERNAME_CASE_SENSITIVE_DEFAULT = Boolean.FALSE; - public static final String REALM_ATTR_USERNAME_CASE_SENSITIVE = "keycloak.username-search.case-sensitive"; - public static final String SESSION_NOTE_LIGHTWEIGHT_USER = "keycloak.userModel"; public static final String USE_LIGHTWEIGHT_ACCESS_TOKEN_ENABLED = "client.use.lightweight.access.token.enabled"; diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java b/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java index 62f31bfaab..eae0cd0a28 100755 --- a/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java +++ b/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java @@ -81,9 +81,6 @@ import org.keycloak.sessions.RootAuthenticationSessionModel; import java.util.concurrent.atomic.AtomicReference; import java.util.function.Function; -import static org.keycloak.models.Constants.REALM_ATTR_USERNAME_CASE_SENSITIVE; -import static org.keycloak.models.Constants.REALM_ATTR_USERNAME_CASE_SENSITIVE_DEFAULT; - /** * Set of helper methods, which are useful in various model implementations. * @@ -1004,19 +1001,6 @@ public final class KeycloakModelUtils { return SecretGenerator.SECRET_LENGTH_256_BITS; } - /** - * Returns true if given realm has attribute {@link Constants#REALM_ATTR_USERNAME_CASE_SENSITIVE} - * set and its value is true. Otherwise default value of it is returned. The default setting - * can be seen at {@link Constants#REALM_ATTR_USERNAME_CASE_SENSITIVE_DEFAULT}. - * - * @param realm - * @return See the description - * @throws NullPointerException if realm is null - */ - public static boolean isUsernameCaseSensitive(RealmModel realm) { - return realm.getAttribute(REALM_ATTR_USERNAME_CASE_SENSITIVE, REALM_ATTR_USERNAME_CASE_SENSITIVE_DEFAULT); - } - /** * Sets the default groups on the realm * @param session diff --git a/services/src/main/java/org/keycloak/userprofile/validator/DuplicateUsernameValidator.java b/services/src/main/java/org/keycloak/userprofile/validator/DuplicateUsernameValidator.java index c6f1a12524..6f1c4eb03e 100644 --- a/services/src/main/java/org/keycloak/userprofile/validator/DuplicateUsernameValidator.java +++ b/services/src/main/java/org/keycloak/userprofile/validator/DuplicateUsernameValidator.java @@ -22,7 +22,6 @@ import java.util.List; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; -import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.services.messages.Messages; import org.keycloak.services.validation.Validation; import org.keycloak.userprofile.UserProfileAttributeValidationContext; @@ -66,13 +65,11 @@ public class DuplicateUsernameValidator implements SimpleValidator { UserModel user = UserProfileAttributeValidationContext.from(context).getAttributeContext().getUser(); String valueLowercased = value.toLowerCase(); - if (! KeycloakModelUtils.isUsernameCaseSensitive(session.getContext().getRealm())) value = valueLowercased; - RealmModel realm = session.getContext().getRealm(); if (existing != null && (user == null || !existing.getId().equals(user.getId()))) { context.addError(new ValidationError(ID, inputHint, Messages.USERNAME_EXISTS) .setStatusCode(Response.Status.CONFLICT)); - } else if (realm.isLoginWithEmailAllowed() && value.indexOf('@') > 0) { + } else if (realm.isLoginWithEmailAllowed() && valueLowercased.indexOf('@') > 0) { // check the username does not collide with an email existing = session.users().getUserByEmail(realm, valueLowercased); if (existing != null && (user == null || !existing.getId().equals(user.getId()))) { diff --git a/services/src/main/java/org/keycloak/userprofile/validator/UsernameMutationValidator.java b/services/src/main/java/org/keycloak/userprofile/validator/UsernameMutationValidator.java index 4843484877..fa103e0c6c 100644 --- a/services/src/main/java/org/keycloak/userprofile/validator/UsernameMutationValidator.java +++ b/services/src/main/java/org/keycloak/userprofile/validator/UsernameMutationValidator.java @@ -20,7 +20,6 @@ import java.util.List; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; -import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.services.messages.Messages; import org.keycloak.services.validation.Validation; import org.keycloak.userprofile.AttributeContext; @@ -66,11 +65,10 @@ public class UsernameMutationValidator implements SimpleValidator { UserModel user = attributeContext.getUser(); RealmModel realm = context.getSession().getContext().getRealm(); - if (! KeycloakModelUtils.isUsernameCaseSensitive(realm)) value = value.toLowerCase(); - - if (!realm.isEditUsernameAllowed() && user != null && !value.equals(user.getFirstAttribute(UserModel.USERNAME))) { + String valueLowercased = value.toLowerCase(); + if (!realm.isEditUsernameAllowed() && user != null && !valueLowercased.equals(user.getFirstAttribute(UserModel.USERNAME))) { Attributes attributes = attributeContext.getAttributes(); - if (realm.isRegistrationEmailAsUsername() && value.equals(attributes.getFirst(UserModel.EMAIL))) { + if (realm.isRegistrationEmailAsUsername() && valueLowercased.equals(attributes.getFirst(UserModel.EMAIL))) { // if username changed is because email as username is allowed so no validation should happen for update profile // it is expected that username changes when attributes are normalized by the provider return context; diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/UserMapStorage.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/UserMapStorage.java index 9bf5dc7d2e..8676a7cfaa 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/UserMapStorage.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/UserMapStorage.java @@ -49,7 +49,6 @@ import java.util.concurrent.ConcurrentMap; import java.util.concurrent.ConcurrentSkipListSet; import java.util.concurrent.atomic.AtomicInteger; import java.util.stream.Stream; -import org.keycloak.models.utils.KeycloakModelUtils; import static org.keycloak.storage.UserStorageProviderModel.IMPORT_ENABLED; import static org.keycloak.utils.StreamsUtil.paginatedStream; @@ -125,7 +124,6 @@ public class UserMapStorage implements UserLookupProvider, UserStorageProvider, @Override public void setUsername(String innerUsername) { - innerUsername = KeycloakModelUtils.isUsernameCaseSensitive(realm) ? innerUsername : innerUsername.toLowerCase(); if (! Objects.equals(innerUsername, username.toLowerCase())) { throw new RuntimeException("Unsupported"); }