libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Storing default AuthenticationProvider at the realm creation time

Browse source
This commit is contained in:
mposolda 2014-03-28 19:57:25 +01:00
parent 1c218c8e9b
commit 05cd8a82e5
11 changed files with 49 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
model/api/src/main/java/org/keycloak/models/AuthenticationProviderModel.java
View file

@ -1,5 +1,6 @@
package org.keycloak.models;
import java.util.Collections;
import java.util.Map;
/**
@ -7,6 +8,8 @@ import java.util.Map;
*/
public class AuthenticationProviderModel {
public static final AuthenticationProviderModel DEFAULT_PROVIDER = new AuthenticationProviderModel("model", true, Collections.EMPTY_MAP);
private String providerName;
private boolean passwordUpdateSupported = true;
private Map<String, String> config;

14
model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
View file

@ -38,6 +38,8 @@ import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@ -814,7 +816,15 @@ public class RealmAdapter implements RealmModel {
@Override
public List<AuthenticationProviderModel> getAuthenticationProviders() {
Collection<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
List<AuthenticationProviderEntity> entities = realm.getAuthenticationProviders();
Collections.sort(entities, new Comparator<AuthenticationProviderEntity>() {
@Override
public int compare(AuthenticationProviderEntity o1, AuthenticationProviderEntity o2) {
return o1.getPriority() - o2.getPriority();
}
});
List<AuthenticationProviderModel> result = new ArrayList<AuthenticationProviderModel>();
for (AuthenticationProviderEntity entity : entities) {
result.add(new AuthenticationProviderModel(entity.getProviderName(), entity.isPasswordUpdateSupported(), entity.getConfig()));
@ -826,11 +836,13 @@ public class RealmAdapter implements RealmModel {
@Override
public void setAuthenticationProviders(List<AuthenticationProviderModel> authenticationProviders) {
List<AuthenticationProviderEntity> newEntities = new ArrayList<AuthenticationProviderEntity>();
int counter = 1;
for (AuthenticationProviderModel model : authenticationProviders) {
AuthenticationProviderEntity entity = new AuthenticationProviderEntity();
entity.setProviderName(model.getProviderName());
entity.setPasswordUpdateSupported(model.isPasswordUpdateSupported());
entity.setConfig(model.getConfig());
entity.setPriority(counter++);
newEntities.add(entity);
}

9
model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
View file

@ -25,6 +25,7 @@ public class AuthenticationProviderEntity {
private String providerName;
private boolean passwordUpdateSupported;
private int priority;
@ElementCollection
@MapKeyColumn(name="name")
@ -56,6 +57,14 @@ public class AuthenticationProviderEntity {
this.passwordUpdateSupported = passwordUpdateSupported;
}
public int getPriority() {
return priority;
}
public void setPriority(int priority) {
this.priority = priority;
}
public Map<String, String> getConfig() {
return config;
}

7
model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
View file

@ -17,6 +17,7 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -67,7 +68,7 @@ public class RealmEntity {
@OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
@JoinTable(name="AuthProviders")
Collection<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
List<AuthenticationProviderEntity> authenticationProviders = new ArrayList<AuthenticationProviderEntity>();
@OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
Collection<ApplicationEntity> applications = new ArrayList<ApplicationEntity>();
@ -244,11 +245,11 @@ public class RealmEntity {
this.requiredCredentials = requiredCredentials;
}
public Collection<AuthenticationProviderEntity> getAuthenticationProviders() {
public List<AuthenticationProviderEntity> getAuthenticationProviders() {
return authenticationProviders;
}
public void setAuthenticationProviders(Collection<AuthenticationProviderEntity> authenticationProviders) {
public void setAuthenticationProviders(List<AuthenticationProviderEntity> authenticationProviders) {
this.authenticationProviders = authenticationProviders;
}

2
model/tests/src/test/java/org/keycloak/model/test/AuthProvidersExternalModelTest.java
View file

@ -49,6 +49,8 @@ public class AuthProvidersExternalModelTest extends AbstractModelTest {
realm2 = realmManager.createRealm("realm2");
realm1.addRequiredCredential(CredentialRepresentation.PASSWORD);
realm2.addRequiredCredential(CredentialRepresentation.PASSWORD);
realm1.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
realm2.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
UserModel john = realm1.addUser("john");
john.setEnabled(true);

4
model/tests/src/test/java/org/keycloak/model/test/AuthenticationManagerTest.java
View file

@ -3,6 +3,7 @@ package org.keycloak.model.test;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
@ -14,6 +15,8 @@ import org.keycloak.services.managers.AuthenticationManager.AuthenticationStatus
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.MultivaluedMap;
import java.util.Arrays;
import java.util.UUID;
public class AuthenticationManagerTest extends AbstractModelTest {
@ -138,6 +141,7 @@ public class AuthenticationManagerTest extends AbstractModelTest {
realm.setPublicKeyPem("0234234");
realm.setAccessTokenLifespan(1000);
realm.addRequiredCredential(CredentialRepresentation.PASSWORD);
realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
am = new AuthenticationManager();

4
services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
View file

@ -1,8 +1,11 @@
package org.keycloak.services.managers;
import java.util.Arrays;
import org.jboss.resteasy.logging.Logger;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.Config;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
@ -58,6 +61,7 @@ public class ApplianceBootstrap {
realm.setSslNotRequired(true);
realm.setRegistrationAllowed(false);
manager.generateRealmKeys(realm);
realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
ApplicationModel adminConsole = new ApplicationManager(manager).createApplication(realm, Constants.ADMIN_CONSOLE_APPLICATION);
adminConsole.setBaseUrl("/auth/admin/index.html");

4
services/src/main/java/org/keycloak/services/managers/RealmManager.java
View file

@ -37,6 +37,7 @@ import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
@ -411,6 +412,9 @@ public class RealmManager {
if (rep.getAuthenticationProviders() != null) {
List<AuthenticationProviderModel> authProviderModels = convertAuthenticationProviders(rep.getAuthenticationProviders());
newRealm.setAuthenticationProviders(authProviderModels);
} else {
List<AuthenticationProviderModel> authProviderModels = Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER);
newRealm.setAuthenticationProviders(authProviderModels);
}
}

3
spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthProviderConstants.java
View file

@ -5,12 +5,11 @@ package org.keycloak.spi.authentication;
*/
public class AuthProviderConstants {
// Model is default provider. See AuthenticationProviderModel.DEFAULT_PROVIDER
public static final String PROVIDER_NAME_MODEL = "model";
public static final String PROVIDER_NAME_EXTERNAL_MODEL = "externalModel";
public static final String PROVIDER_NAME_PICKETLINK = "picketlink";
public static final String DEFAULT_PROVIDER = PROVIDER_NAME_MODEL;
// Used in external-model provider
public static final String EXTERNAL_REALM_ID = "externalRealmId";
}

5
spi/authentication-spi/src/main/java/org/keycloak/spi/authentication/AuthenticationProviderManager.java
View file

@ -22,7 +22,6 @@ import org.keycloak.util.ProviderLoader;
public class AuthenticationProviderManager {
private static final Logger logger = Logger.getLogger(AuthenticationProviderManager.class);
private static final AuthenticationProviderModel DEFAULT_PROVIDER = new AuthenticationProviderModel(AuthProviderConstants.PROVIDER_NAME_MODEL, true, Collections.EMPTY_MAP);
private final RealmModel realm;
private final Map<String, AuthenticationProvider> delegates;
@ -122,8 +121,8 @@ public class AuthenticationProviderManager {
// Use model based authentication of current realm by default
if (configuredProviders == null || configuredProviders.isEmpty()) {
configuredProviders = new ArrayList<AuthenticationProviderModel>();
configuredProviders.add(DEFAULT_PROVIDER);
configuredProviders = Collections.EMPTY_LIST;
logger.warnf("No authentication providers found");
}
return configuredProviders;

3
testsuite/integration/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
View file

@ -27,6 +27,7 @@ import org.junit.Rule;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
@ -44,6 +45,7 @@ import org.keycloak.testsuite.rule.WebRule;
import org.openqa.selenium.WebDriver;
import java.security.PublicKey;
import java.util.Arrays;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@ -66,6 +68,7 @@ public class CompositeRoleTest {
realm.setSslNotRequired(true);
realm.setEnabled(true);
realm.addRequiredCredential(UserCredentialModel.PASSWORD);
realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
final RoleModel realmRole1 = realm.addRole("REALM_ROLE_1");
final RoleModel realmRole2 = realm.addRole("REALM_ROLE_2");
final RoleModel realmRole3 = realm.addRole("REALM_ROLE_3");