KEYCLOAK-18466 Configure HTTP client timeouts for adapters - change property names

adapters/oidc/adapter-core/src/test/resources/keycloak-http-client.json

@@ -3,6 +3,6 @@
   "resource": "customer-portal",
   "auth-server-url": "https://localhost:8443/auth",
   "public-client": true,
-  "socket-timeout": 2000,
+  "socket-timeout-millis": 2000,
-  "connection-timeout": 6000
+  "connection-timeout-millis": 6000
 }

adapters/oidc/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/SharedAttributeDefinitons.java

@@ -83,20 +83,20 @@ class SharedAttributeDefinitons {
                     .setValidator(new IntRangeValidator(0, true))
                     .build();
     protected static final SimpleAttributeDefinition SOCKET_TIMEOUT =
-            new SimpleAttributeDefinitionBuilder("socket-timeout", ModelType.LONG, true)
+            new SimpleAttributeDefinitionBuilder("socket-timeout-millis", ModelType.LONG, true)
-                    .setXmlName("socket-timeout")
+                    .setXmlName("socket-timeout-millis")
                     .setAllowExpression(true)
                     .setValidator(new LongRangeValidator(-1L, true))
                     .build();
     protected static final SimpleAttributeDefinition CONNECTION_TTL =
-            new SimpleAttributeDefinitionBuilder("connection-ttl", ModelType.LONG, true)
+            new SimpleAttributeDefinitionBuilder("connection-ttl-millis", ModelType.LONG, true)
-                    .setXmlName("connection-ttl")
+                    .setXmlName("connection-ttl-millis")
                     .setAllowExpression(true)
                     .setValidator(new LongRangeValidator(-1L, true))
                     .build();
     protected static final SimpleAttributeDefinition CONNECTION_TIMEOUT =
-            new SimpleAttributeDefinitionBuilder("connection-timeout", ModelType.LONG, true)
+            new SimpleAttributeDefinitionBuilder("connection-timeout-millis", ModelType.LONG, true)
-                    .setXmlName("connection-timeout")
+                    .setXmlName("connection-timeout-millis")
                     .setAllowExpression(true)
                     .setValidator(new LongRangeValidator(-1L, true))
                     .build();

adapters/oidc/as7-eap6/as7-subsystem/src/main/resources/schema/keycloak_1_2.xsd

@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+  ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
+  ~ and other contributors as indicated by the @author tags.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+           targetNamespace="urn:jboss:domain:keycloak:1.2"
+           xmlns="urn:jboss:domain:keycloak:1.2"
+           elementFormDefault="qualified"
+           attributeFormDefault="unqualified"
+           version="1.0">
+
+    <!-- The subsystem root element -->
+    <xs:element name="subsystem" type="subsystem-type"/>
+
+    <xs:complexType name="subsystem-type">
+        <xs:annotation>
+            <xs:documentation>
+                <![CDATA[
+                    The Keycloak adapter subsystem, used to register deployments managed by Keycloak
+                ]]>
+            </xs:documentation>
+        </xs:annotation>
+        <xs:choice minOccurs="0" maxOccurs="unbounded">
+            <xs:element name="realm" maxOccurs="unbounded" minOccurs="0" type="realm-type"/>
+            <xs:element name="secure-deployment" maxOccurs="unbounded" minOccurs="0" type="secure-deployment-type"/>
+        </xs:choice>
+    </xs:complexType>
+
+    <xs:complexType name="realm-type">
+        <xs:all>
+            <xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
+            <xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+            <xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="verify-token-audience" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+        </xs:all>
+        <xs:attribute name="name" type="xs:string" use="required">
+            <xs:annotation>
+                <xs:documentation>The name of the realm.</xs:documentation>
+            </xs:annotation>
+        </xs:attribute>
+    </xs:complexType>
+    
+    <xs:complexType name="secure-deployment-type">
+        <xs:all>
+            <xs:element name="client-keystore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="client-keystore" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="enable-cors" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="use-resource-role-mappings" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
+            <xs:element name="realm" type="xs:string" minOccurs="1" maxOccurs="1"/>
+            <xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="resource" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="truststore" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="truststore-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="public-client" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="realm-public-key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+            <xs:element name="credential" type="credential-type" minOccurs="1" maxOccurs="1"/>
+            <xs:element name="auth-server-url-for-backend-requests" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="always-refresh-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="register-node-at-startup" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="register-node-period" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="token-store" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="principal-attribute" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="enable-basic-auth" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="turn-off-change-session-id-on-login" type="xs:boolean" minOccurs="0" maxOccurs="1" />
+            <xs:element name="token-minimum-time-to-live" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="min-time-between-jwks-requests" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="public-key-cache-ttl" type="xs:integer" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="proxy-url" type="xs:string" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="verify-token-audience" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
+        </xs:all>
+        <xs:attribute name="name" type="xs:string" use="required">
+            <xs:annotation>
+                <xs:documentation>The name of the realm.</xs:documentation>
+            </xs:annotation>
+        </xs:attribute>
+    </xs:complexType>
+
+    <xs:complexType name="credential-type" mixed="true">
+        <xs:sequence maxOccurs="unbounded" minOccurs="0">
+            <xs:any processContents="lax"></xs:any>
+        </xs:sequence>
+        <xs:attribute name="name" type="xs:string" use="required" />
+    </xs:complexType>
+</xs:schema>

adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/SharedAttributeDefinitons.java

@@ -83,20 +83,20 @@ public class SharedAttributeDefinitons {
                     .setValidator(new IntRangeValidator(0, true))
                     .build();
     protected static final SimpleAttributeDefinition SOCKET_TIMEOUT =
-            new SimpleAttributeDefinitionBuilder("socket-timeout", ModelType.LONG, true)
+            new SimpleAttributeDefinitionBuilder("socket-timeout-millis", ModelType.LONG, true)
-                    .setXmlName("socket-timeout")
+                    .setXmlName("socket-timeout-millis")
                     .setAllowExpression(true)
                     .setValidator(new LongRangeValidator(-1L, true))
                     .build();
     protected static final SimpleAttributeDefinition CONNECTION_TTL =
-            new SimpleAttributeDefinitionBuilder("connection-ttl", ModelType.LONG, true)
+            new SimpleAttributeDefinitionBuilder("connection-ttl-millis", ModelType.LONG, true)
-                    .setXmlName("connection-ttl")
+                    .setXmlName("connection-ttl-millis")
                     .setAllowExpression(true)
                     .setValidator(new LongRangeValidator(-1L, true))
                     .build();
     protected static final SimpleAttributeDefinition CONNECTION_TIMEOUT =
-            new SimpleAttributeDefinitionBuilder("connection-timeout", ModelType.LONG, true)
+            new SimpleAttributeDefinitionBuilder("connection-timeout-millis", ModelType.LONG, true)
-                    .setXmlName("connection-timeout")
+                    .setXmlName("connection-timeout-millis")
                     .setAllowExpression(true)
                     .setValidator(new LongRangeValidator(-1L, true))
                     .build();

adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/org/keycloak/subsystem/adapter/extension/LocalDescriptions.properties

@@ -35,9 +35,9 @@ keycloak.realm.allow-any-hostname=SSL Setting
 keycloak.realm.truststore=Truststore used for adapter client HTTPS requests
 keycloak.realm.truststore-password=Password of the Truststore
 keycloak.realm.connection-pool-size=Connection pool size for the client used by the adapter
-keycloak.realm.socket-timeout=Timeout for socket waiting for data in milliseconds
+keycloak.realm.socket-timeout-millis=Timeout for socket waiting for data in milliseconds
-keycloak.realm.connection-ttl=Connection time to live in milliseconds
+keycloak.realm.connection-ttl-millis=Connection time to live in milliseconds
-keycloak.realm.connection-timeout=Timeout for establishing the connection with the remote host in milliseconds
+keycloak.realm.connection-timeout-millis=Timeout for establishing the connection with the remote host in milliseconds
 keycloak.realm.enable-cors=Enable Keycloak CORS support
 keycloak.realm.client-keystore=n/a
 keycloak.realm.client-keystore-password=n/a
@@ -71,9 +71,9 @@ keycloak.secure-deployment.allow-any-hostname=SSL Setting
 keycloak.secure-deployment.truststore=Truststore used for adapter client HTTPS requests
 keycloak.secure-deployment.truststore-password=Password of the Truststore
 keycloak.secure-deployment.connection-pool-size=Connection pool size for the client used by the adapter
-keycloak.secure-deployment.socket-timeout=Timeout for socket waiting for data in milliseconds
+keycloak.secure-deployment.socket-timeout-millis=Timeout for socket waiting for data in milliseconds
-keycloak.secure-deployment.connection-ttl=Connection time to live in milliseconds
+keycloak.secure-deployment.connection-ttl-millis=Connection time to live in milliseconds
-keycloak.secure-deployment.connection-timeout=Timeout for establishing the connection with the remote host in milliseconds
+keycloak.secure-deployment.connection-timeout-millis=Timeout for establishing the connection with the remote host in milliseconds
 keycloak.secure-deployment.resource=Application name
 keycloak.secure-deployment.use-resource-role-mappings=Use resource level permissions from token
 keycloak.secure-deployment.credentials=Adapter credentials
@@ -119,9 +119,9 @@ keycloak.secure-server.allow-any-hostname=SSL Setting
 keycloak.secure-server.truststore=Truststore used for adapter client HTTPS requests
 keycloak.secure-server.truststore-password=Password of the Truststore
 keycloak.secure-server.connection-pool-size=Connection pool size for the client used by the adapter
-keycloak.secure-server.socket-timeout=Timeout for socket waiting for data in milliseconds
+keycloak.secure-server.socket-timeout-millis=Timeout for socket waiting for data in milliseconds
-keycloak.secure-server.connection-ttl=Connection time to live in milliseconds
+keycloak.secure-server.connection-ttl-millis=Connection time to live in milliseconds
-keycloak.secure-server.connection-timeout=Timeout for establishing the connection with the remote host in milliseconds
+keycloak.secure-server.connection-timeout-millis=Timeout for establishing the connection with the remote host in milliseconds
 keycloak.secure-server.resource=Application name
 keycloak.secure-server.use-resource-role-mappings=Use resource level permissions from token
 keycloak.secure-server.credentials=Adapter credentials

adapters/oidc/wildfly/wildfly-subsystem/src/main/resources/schema/wildfly-keycloak_1_2.xsd

@@ -53,9 +53,9 @@
             <xs:element name="allow-any-hostname" type="xs:boolean" minOccurs="0" maxOccurs="1" />
             <xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
             <xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="socket-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="connection-ttl" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="connection-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
             <xs:element name="cors-max-age" type="xs:integer" minOccurs="0" maxOccurs="1"/>
             <xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
             <xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
@@ -104,9 +104,9 @@
             <xs:element name="client-key-password" type="xs:string" minOccurs="0" maxOccurs="1"/>
             <xs:element name="public-client" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
             <xs:element name="connection-pool-size" type="xs:integer" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="socket-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="socket-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="connection-ttl" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-ttl-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="connection-timeout" type="xs:long" minOccurs="0" maxOccurs="1"/>
+            <xs:element name="connection-timeout-millis" type="xs:long" minOccurs="0" maxOccurs="1"/>
             <xs:element name="expose-token" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
             <xs:element name="ssl-required" type="xs:string" minOccurs="0" maxOccurs="1" />
             <xs:element name="confidential-port" type="xs:integer" minOccurs="0" maxOccurs="1" />

adapters/oidc/wildfly/wildfly-subsystem/src/test/java/org/keycloak/subsystem/adapter/extension/SubsystemParsingTestCase.java

@@ -16,6 +16,7 @@
  */
 package org.keycloak.subsystem.adapter.extension;
 
+import org.hamcrest.CoreMatchers;
 import org.jboss.as.controller.PathAddress;
 import org.jboss.as.controller.PathElement;
 import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
@@ -30,6 +31,8 @@ import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.util.Map;
 
+import static org.hamcrest.MatcherAssert.assertThat;
+
 
 /**
  * Tests all management expects for subsystem, parsing, marshaling, model definition and other
@@ -147,6 +150,42 @@ public class SubsystemParsingTestCase extends AbstractSubsystemBaseTest {
         Assert.assertEquals("api/$1", entry.getValue());
     }
 
+    @Test
+    public void testJsonHttpClientAttributes() {
+        KeycloakAdapterConfigService service = KeycloakAdapterConfigService.getInstance();
+
+        // add a secure deployment
+        PathAddress addr = PathAddress.pathAddress(PathElement.pathElement("subsystem", "keycloak"), PathElement.pathElement("secure-deployment", "foo"));
+        ModelNode deploymentOp = new ModelNode();
+        deploymentOp.get(ModelDescriptionConstants.OP_ADDR).set(addr.toModelNode());
+
+        ModelNode deployment = new ModelNode();
+        deployment.get("realm").set("demo");
+        deployment.get("resource").set("customer-portal");
+
+        deployment.get(SharedAttributeDefinitons.SOCKET_TIMEOUT.getName()).set(3000L);
+        deployment.get(SharedAttributeDefinitons.CONNECTION_TIMEOUT.getName()).set(5000L);
+        deployment.get(SharedAttributeDefinitons.CONNECTION_TTL.getName()).set(1000L);
+
+        service.addSecureDeployment(deploymentOp, deployment, false);
+
+        // get the subsystem config as JSON
+        String jsonConfig = service.getJSON("foo");
+
+        // attempt to create an adapter config instance from the subsystem JSON config
+        AdapterConfig config = KeycloakDeploymentBuilder.loadAdapterConfig(new ByteArrayInputStream(jsonConfig.getBytes()));
+        assertThat(config, CoreMatchers.notNullValue());
+
+        assertThat(config.getSocketTimeout(), CoreMatchers.notNullValue());
+        assertThat(config.getSocketTimeout(), CoreMatchers.is(3000L));
+
+        assertThat(config.getConnectionTimeout(), CoreMatchers.notNullValue());
+        assertThat(config.getConnectionTimeout(), CoreMatchers.is(5000L));
+
+        assertThat(config.getConnectionTTL(), CoreMatchers.notNullValue());
+        assertThat(config.getConnectionTTL(), CoreMatchers.is(1000L));
+    }
+
     private void addRedirectRewriteRule(PathAddress parent, KeycloakAdapterConfigService service, String key, String value) {
         PathAddress redirectRewriteAddr = PathAddress.pathAddress(parent, PathElement.pathElement("redirect-rewrite-rule", key));
         ModelNode redirectRewriteOp = new ModelNode();

adapters/oidc/wildfly/wildfly-subsystem/src/test/resources/org/keycloak/subsystem/adapter/extension/keycloak-1.2.xml

@@ -26,9 +26,9 @@
         <allow-any-hostname>false</allow-any-hostname>
         <disable-trust-manager>true</disable-trust-manager>
         <connection-pool-size>20</connection-pool-size>
-        <socket-timeout>2000</socket-timeout>
+        <socket-timeout-millis>2000</socket-timeout-millis>
-        <connection-ttl>5000</connection-ttl>
+        <connection-ttl-millis>5000</connection-ttl-millis>
-        <connection-timeout>3000</connection-timeout>
+        <connection-timeout-millis>3000</connection-timeout-millis>
         <enable-cors>true</enable-cors>
         <client-keystore>keys.jks</client-keystore>
         <client-keystore-password>secret</client-keystore-password>
@@ -88,9 +88,9 @@
         <resource>wildfly-management</resource>
         <bearer-only>true</bearer-only>
         <ssl-required>EXTERNAL</ssl-required>
-        <socket-timeout>10000</socket-timeout>
+        <socket-timeout-millis>10000</socket-timeout-millis>
-        <connection-ttl>40000</connection-ttl>
+        <connection-ttl-millis>40000</connection-ttl-millis>
-        <connection-timeout>50000</connection-timeout>
+        <connection-timeout-millis>50000</connection-timeout-millis>
         <principal-attribute>preferred_username</principal-attribute>
     </secure-deployment>
     <secure-server name="wildfly-console">

adapters/saml/as7-eap6/subsystem/src/main/java/org/keycloak/subsystem/saml/as7/Constants.java

@@ -93,7 +93,7 @@ public class Constants {
         static final String TRUSTSTORE_PASSWORD = "truststorePassword";
         static final String SOCKET_TIMEOUT = "socketTimeout";
         static final String CONNECTION_TIMEOUT = "connectionTimeout";
-        static final String CONNECTION_TTL = "connectionTTL";
+        static final String CONNECTION_TTL = "connectionTtl";
     }
 
     static class XML {
@@ -175,6 +175,6 @@ public class Constants {
         static final String TRUSTSTORE_PASSWORD = "truststorePassword";
         static final String SOCKET_TIMEOUT = "socketTimeout";
         static final String CONNECTION_TIMEOUT = "connectionTimeout";
-        static final String CONNECTION_TTL = "connectionTTL";
+        static final String CONNECTION_TTL = "connectionTtl";
     }
 }

adapters/saml/as7-eap6/subsystem/src/main/resources/org/keycloak/subsystem/saml/as7/LocalDescriptions.properties

@@ -100,6 +100,6 @@ keycloak-saml.IDP.HttpClient.disableTrustManager=Define if SSL certificate valid
 keycloak-saml.IDP.HttpClient.proxyUrl=URL to the HTTP proxy, if applicable
 keycloak-saml.IDP.HttpClient.truststore=Path to the truststore used to validate the IDP certificates
 keycloak-saml.IDP.HttpClient.truststorePassword=The truststore password
-keycloak-saml.IDP.HttpClient.socketTimeout=Timeout for socket waiting for data
+keycloak-saml.IDP.HttpClient.socketTimeout=Timeout for socket waiting for data in milliseconds
-keycloak-saml.IDP.HttpClient.connectionTimeout=Timeout for establishing the connection with the remote host
+keycloak-saml.IDP.HttpClient.connectionTimeout=Timeout for establishing the connection with the remote host  in milliseconds
-keycloak-saml.IDP.HttpClient.connectionTTL=The connection time to live
+keycloak-saml.IDP.HttpClient.connectionTtl=The connection time to live in milliseconds

adapters/saml/as7-eap6/subsystem/src/main/resources/schema/wildfly-keycloak-saml_1_4.xsd

@@ -552,9 +552,9 @@
                 <xs:documentation>Defines timeout for establishing the connection with the remote host in milliseconds.</xs:documentation>
             </xs:annotation>
         </xs:attribute>
-        <xs:attribute name="connectionTTL" type="xs:long" default="-1">
+        <xs:attribute name="connectionTtl" type="xs:long" default="-1">
             <xs:annotation>
-                <xs:documentation>Defines the connection time to live.</xs:documentation>
+                <xs:documentation>Defines the connection time to live in milliseconds.</xs:documentation>
             </xs:annotation>
         </xs:attribute>
     </xs:complexType>

adapters/saml/as7-eap6/subsystem/src/test/resources/org/keycloak/subsystem/saml/as7/keycloak-saml-1.4.xml

@@ -84,7 +84,7 @@
                             truststore="/tmp/truststore.jks"
                             truststorePassword="trustpwd#*"
                             socketTimeout="6000"
-                            connectionTTL="500"
+                            connectionTtl="500"
                             connectionTimeout="1000"
                 />
             </IDP>

adapters/saml/core/src/main/java/org/keycloak/adapters/saml/config/parsers/KeycloakSamlAdapterV1QNames.java

@@ -93,7 +93,7 @@ public enum KeycloakSamlAdapterV1QNames implements HasQName {
     ATTR_KEEP_DOM_ASSERTION(null, "keepDOMAssertion"),
     ATTR_SOCKET_TIMEOUT(null, "socketTimeout"),
     ATTR_CONNECTION_TIMEOUT(null, "connectionTimeout"),
-    ATTR_CONNECTION_TTL(null, "connectionTTL"),
+    ATTR_CONNECTION_TTL(null, "connectionTtl"),
 
     UNKNOWN_ELEMENT("");
 

adapters/saml/core/src/main/resources/schema/keycloak_saml_adapter_1_13.xsd

@@ -524,9 +524,9 @@
                 <xs:documentation>Defines timeout for establishing the connection with the remote host in milliseconds.</xs:documentation>
             </xs:annotation>
         </xs:attribute>
-        <xs:attribute name="connectionTTL" type="xs:long" default="-1">
+        <xs:attribute name="connectionTtl" type="xs:long" default="-1">
             <xs:annotation>
-                <xs:documentation>Defines the connection time to live.</xs:documentation>
+                <xs:documentation>Defines the connection time to live in milliseconds.</xs:documentation>
             </xs:annotation>
         </xs:attribute>
     </xs:complexType>

adapters/saml/core/src/test/resources/org/keycloak/adapters/saml/config/parsers/keycloak-saml-wth-http-client-settings.xml

@@ -79,7 +79,7 @@
                         truststore="ts" truststorePassword="tsp"
                         socketTimeout="6000"
                         connectionTimeout="7000"
-                        connectionTTL="200"
+                        connectionTtl="200"
                         />
         </IDP>
     </SP>

adapters/saml/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/saml/extension/Constants.java

@@ -95,7 +95,7 @@ public class Constants {
         static final String TRUSTSTORE_PASSWORD = "truststorePassword";
         static final String SOCKET_TIMEOUT = "socketTimeout";
         static final String CONNECTION_TIMEOUT = "connectionTimeout";
-        static final String CONNECTION_TTL = "connectionTTL";
+        static final String CONNECTION_TTL = "connectionTtl";
     }
 
     static class XML {
@@ -177,7 +177,7 @@ public class Constants {
         static final String TRUSTSTORE_PASSWORD = "truststorePassword";
         static final String SOCKET_TIMEOUT = "socketTimeout";
         static final String CONNECTION_TIMEOUT = "connectionTimeout";
-        static final String CONNECTION_TTL = "connectionTTL";
+        static final String CONNECTION_TTL = "connectionTtl";
     }
 }
 

adapters/saml/wildfly/wildfly-subsystem/src/main/resources/org/keycloak/subsystem/adapter/saml/extension/LocalDescriptions.properties

@@ -101,4 +101,4 @@ keycloak-saml.IDP.HttpClient.truststore=Path to the truststore used to validate
 keycloak-saml.IDP.HttpClient.truststorePassword=The truststore password
 keycloak-saml.IDP.HttpClient.socketTimeout=Timeout for socket waiting for data in milliseconds
 keycloak-saml.IDP.HttpClient.connectionTimeout=Timeout for establishing the connection with the remote host in milliseconds
-keycloak-saml.IDP.HttpClient.connectionTTL=The connection time to live
+keycloak-saml.IDP.HttpClient.connectionTtl=The connection time to live in milliseconds

adapters/saml/wildfly/wildfly-subsystem/src/main/resources/schema/wildfly-keycloak-saml_1_4.xsd

@@ -552,9 +552,9 @@
                 <xs:documentation>Defines timeout for establishing the connection with the remote host in milliseconds.</xs:documentation>
             </xs:annotation>
         </xs:attribute>
-        <xs:attribute name="connectionTTL" type="xs:long" default="-1">
+        <xs:attribute name="connectionTtl" type="xs:long" default="-1">
             <xs:annotation>
-                <xs:documentation>Defines the connection time to live.</xs:documentation>
+                <xs:documentation>Defines the connection time to live in milliseconds.</xs:documentation>
             </xs:annotation>
         </xs:attribute>
     </xs:complexType>

adapters/saml/wildfly/wildfly-subsystem/src/test/resources/org/keycloak/subsystem/adapter/saml/extension/keycloak-saml-1.4.xml

@@ -84,7 +84,7 @@
                             truststore="/tmp/truststore.jks"
                             truststorePassword="trustpwd#*"
                             socketTimeout="6000"
-                            connectionTTL="130"
+                            connectionTtl="130"
                             connectionTimeout="7000"
                 />
             </IDP>

core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java

@@ -33,7 +33,7 @@ import com.fasterxml.jackson.annotation.JsonPropertyOrder;
         "use-resource-role-mappings",
         "enable-cors", "cors-max-age", "cors-allowed-methods", "cors-exposed-headers",
         "expose-token", "bearer-only", "autodetect-bearer-only",
-        "connection-pool-size", "socket-timeout", "connection-ttl", "connection-timeout",
+        "connection-pool-size", "socket-timeout-millis", "connection-ttl-millis", "connection-timeout-millis",
         "allow-any-hostname", "disable-trust-manager", "truststore", "truststore-password",
         "client-keystore", "client-keystore-password", "client-key-password",
         "always-refresh-token",
@@ -90,11 +90,11 @@ public class AdapterConfig extends BaseAdapterConfig implements AdapterHttpClien
     @JsonProperty("verify-token-audience")
     protected boolean verifyTokenAudience = false;
 
-    @JsonProperty("socket-timeout")
+    @JsonProperty("socket-timeout-millis")
     protected long socketTimeout = -1L;
-    @JsonProperty("connection-timeout")
+    @JsonProperty("connection-timeout-millis")
     protected long connectionTimeout = -1L;
-    @JsonProperty("connection-ttl")
+    @JsonProperty("connection-ttl-millis")
     protected long connectionTTL = -1L;
 
     /**

core/src/test/resources/keycloak.json

@@ -6,7 +6,7 @@
   "allow-any-hostname": "${allow.any.hostname}",
   "cors-max-age": 100,
   "connection-pool-size": "${con.pool.size}",
-  "socket-timeout": "${socket.timeout.millis}",
+  "socket-timeout-millis": "${socket.timeout.millis}",
-  "connection-timeout": "${connection.timeout.millis}",
+  "connection-timeout-millis": "${connection.timeout.millis}",
-  "connection-ttl": "${connection.ttl.millis}"
+  "connection-ttl-millis": "${connection.ttl.millis}"
 }