Merge pull request #4619 from pedroigor/KEYCLOAK-4901
[KEYCLOAK-4901] - Reviewing methods on provider spi
This commit is contained in:
Pedro Igor
GitHub
commit
081ad09ed8
19 changed files with 91 additions and 64 deletions
|
|
@ -73,8 +73,8 @@ public class AggregatePolicyProviderFactory implements PolicyProviderFactory<Agg
|
|||
}
|
||||
|
||||
@Override
|
||||
public AggregatePolicyRepresentation toRepresentation(Policy policy, AggregatePolicyRepresentation representation) {
|
||||
return representation;
|
||||
public AggregatePolicyRepresentation toRepresentation(Policy policy) {
|
||||
return new AggregatePolicyRepresentation();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ import org.keycloak.util.JsonSerialization;
|
|||
|
||||
public class ClientPolicyProviderFactory implements PolicyProviderFactory<ClientPolicyRepresentation> {
|
||||
|
||||
private ClientPolicyProvider provider = new ClientPolicyProvider(policy -> toRepresentation(policy, new ClientPolicyRepresentation()));
|
||||
private ClientPolicyProvider provider = new ClientPolicyProvider(policy -> toRepresentation(policy));
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
|
|
@ -48,7 +48,8 @@ public class ClientPolicyProviderFactory implements PolicyProviderFactory<Client
|
|||
}
|
||||
|
||||
@Override
|
||||
public ClientPolicyRepresentation toRepresentation(Policy policy, ClientPolicyRepresentation representation) {
|
||||
public ClientPolicyRepresentation toRepresentation(Policy policy) {
|
||||
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
|
||||
representation.setClients(new HashSet<>(Arrays.asList(getClients(policy))));
|
||||
return representation;
|
||||
}
|
||||
|
|
@ -75,7 +76,7 @@ public class ClientPolicyProviderFactory implements PolicyProviderFactory<Client
|
|||
|
||||
@Override
|
||||
public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
|
||||
ClientPolicyRepresentation userRep = toRepresentation(policy, new ClientPolicyRepresentation());
|
||||
ClientPolicyRepresentation userRep = toRepresentation(policy);
|
||||
Map<String, String> config = new HashMap<>();
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ import org.keycloak.util.JsonSerialization;
|
|||
*/
|
||||
public class GroupPolicyProviderFactory implements PolicyProviderFactory<GroupPolicyRepresentation> {
|
||||
|
||||
private GroupPolicyProvider provider = new GroupPolicyProvider(policy -> toRepresentation(policy, new GroupPolicyRepresentation()));
|
||||
private GroupPolicyProvider provider = new GroupPolicyProvider(policy -> toRepresentation(policy));
|
||||
|
||||
@Override
|
||||
public String getId() {
|
||||
|
|
@ -71,8 +71,11 @@ public class GroupPolicyProviderFactory implements PolicyProviderFactory<GroupPo
|
|||
}
|
||||
|
||||
@Override
|
||||
public GroupPolicyRepresentation toRepresentation(Policy policy, GroupPolicyRepresentation representation) {
|
||||
public GroupPolicyRepresentation toRepresentation(Policy policy) {
|
||||
GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
|
||||
|
||||
representation.setGroupsClaim(policy.getConfig().get("groupsClaim"));
|
||||
|
||||
try {
|
||||
representation.setGroups(getGroupsDefinition(policy.getConfig()));
|
||||
} catch (IOException cause) {
|
||||
|
|
@ -108,7 +111,7 @@ public class GroupPolicyProviderFactory implements PolicyProviderFactory<GroupPo
|
|||
@Override
|
||||
public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
|
||||
Map<String, String> config = new HashMap<>();
|
||||
GroupPolicyRepresentation groupPolicy = toRepresentation(policy, new GroupPolicyRepresentation());
|
||||
GroupPolicyRepresentation groupPolicy = toRepresentation(policy);
|
||||
Set<GroupPolicyRepresentation.GroupDefinition> groups = groupPolicy.getGroups();
|
||||
|
||||
for (GroupPolicyRepresentation.GroupDefinition definition: groups) {
|
||||
|
|
|
|||
|
|
@ -43,7 +43,8 @@ public class JSPolicyProviderFactory implements PolicyProviderFactory<JSPolicyRe
|
|||
}
|
||||
|
||||
@Override
|
||||
public JSPolicyRepresentation toRepresentation(Policy policy, JSPolicyRepresentation representation) {
|
||||
public JSPolicyRepresentation toRepresentation(Policy policy) {
|
||||
JSPolicyRepresentation representation = new JSPolicyRepresentation();
|
||||
representation.setCode(policy.getConfig().get("code"));
|
||||
return representation;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,7 +40,8 @@ public class ResourcePolicyProviderFactory implements PolicyProviderFactory<Reso
|
|||
}
|
||||
|
||||
@Override
|
||||
public ResourcePermissionRepresentation toRepresentation(Policy policy, ResourcePermissionRepresentation representation) {
|
||||
public ResourcePermissionRepresentation toRepresentation(Policy policy) {
|
||||
ResourcePermissionRepresentation representation = new ResourcePermissionRepresentation();
|
||||
representation.setResourceType(policy.getConfig().get("defaultResourceType"));
|
||||
return representation;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ import java.util.Set;
|
|||
*/
|
||||
public class RolePolicyProviderFactory implements PolicyProviderFactory<RolePolicyRepresentation> {
|
||||
|
||||
private RolePolicyProvider provider = new RolePolicyProvider(policy -> toRepresentation(policy, new RolePolicyRepresentation()));
|
||||
private RolePolicyProvider provider = new RolePolicyProvider(policy -> toRepresentation(policy));
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
|
|
@ -75,12 +75,15 @@ public class RolePolicyProviderFactory implements PolicyProviderFactory<RolePoli
|
|||
}
|
||||
|
||||
@Override
|
||||
public RolePolicyRepresentation toRepresentation(Policy policy, RolePolicyRepresentation representation) {
|
||||
public RolePolicyRepresentation toRepresentation(Policy policy) {
|
||||
RolePolicyRepresentation representation = new RolePolicyRepresentation();
|
||||
|
||||
try {
|
||||
representation.setRoles(new HashSet<>(Arrays.asList(JsonSerialization.readValue(policy.getConfig().get("roles"), RolePolicyRepresentation.RoleDefinition[].class))));
|
||||
} catch (IOException cause) {
|
||||
throw new RuntimeException("Failed to deserialize roles", cause);
|
||||
}
|
||||
|
||||
return representation;
|
||||
}
|
||||
|
||||
|
|
@ -111,7 +114,7 @@ public class RolePolicyProviderFactory implements PolicyProviderFactory<RolePoli
|
|||
@Override
|
||||
public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
|
||||
Map<String, String> config = new HashMap<>();
|
||||
Set<RolePolicyRepresentation.RoleDefinition> roles = toRepresentation(policy, new RolePolicyRepresentation()).getRoles();
|
||||
Set<RolePolicyRepresentation.RoleDefinition> roles = toRepresentation(policy).getRoles();
|
||||
|
||||
for (RolePolicyRepresentation.RoleDefinition roleDefinition : roles) {
|
||||
RoleModel role = authorizationProvider.getRealm().getRoleById(roleDefinition.getId());
|
||||
|
|
|
|||
|
|
@ -42,8 +42,8 @@ public class ScopePolicyProviderFactory implements PolicyProviderFactory<ScopePe
|
|||
}
|
||||
|
||||
@Override
|
||||
public ScopePermissionRepresentation toRepresentation(Policy policy, ScopePermissionRepresentation representation) {
|
||||
return representation;
|
||||
public ScopePermissionRepresentation toRepresentation(Policy policy) {
|
||||
return new ScopePermissionRepresentation();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -66,7 +66,8 @@ public class TimePolicyProviderFactory implements PolicyProviderFactory<TimePoli
|
|||
}
|
||||
|
||||
@Override
|
||||
public TimePolicyRepresentation toRepresentation(Policy policy, TimePolicyRepresentation representation) {
|
||||
public TimePolicyRepresentation toRepresentation(Policy policy) {
|
||||
TimePolicyRepresentation representation = new TimePolicyRepresentation();
|
||||
Map<String, String> config = policy.getConfig();
|
||||
|
||||
representation.setDayMonth(config.get("dayMonth"));
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ import org.keycloak.util.JsonSerialization;
|
|||
*/
|
||||
public class UserPolicyProviderFactory implements PolicyProviderFactory<UserPolicyRepresentation> {
|
||||
|
||||
private UserPolicyProvider provider = new UserPolicyProvider((Function<Policy, UserPolicyRepresentation>) policy -> toRepresentation(policy, new UserPolicyRepresentation()));
|
||||
private UserPolicyProvider provider = new UserPolicyProvider((Function<Policy, UserPolicyRepresentation>) policy -> toRepresentation(policy));
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
|
|
@ -75,12 +75,15 @@ public class UserPolicyProviderFactory implements PolicyProviderFactory<UserPoli
|
|||
}
|
||||
|
||||
@Override
|
||||
public UserPolicyRepresentation toRepresentation(Policy policy, UserPolicyRepresentation representation) {
|
||||
public UserPolicyRepresentation toRepresentation(Policy policy) {
|
||||
UserPolicyRepresentation representation = new UserPolicyRepresentation();
|
||||
|
||||
try {
|
||||
representation.setUsers(JsonSerialization.readValue(policy.getConfig().get("users"), Set.class));
|
||||
} catch (IOException cause) {
|
||||
throw new RuntimeException("Failed to deserialize roles", cause);
|
||||
}
|
||||
|
||||
return representation;
|
||||
}
|
||||
|
||||
|
|
@ -110,7 +113,7 @@ public class UserPolicyProviderFactory implements PolicyProviderFactory<UserPoli
|
|||
|
||||
@Override
|
||||
public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
|
||||
UserPolicyRepresentation userRep = toRepresentation(policy, new UserPolicyRepresentation());
|
||||
UserPolicyRepresentation userRep = toRepresentation(policy);
|
||||
Map<String, String> config = new HashMap<>();
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -50,6 +50,21 @@ public class DroolsPolicyProviderFactory implements PolicyProviderFactory<RulePo
|
|||
return provider;
|
||||
}
|
||||
|
||||
@Override
|
||||
public RulePolicyRepresentation toRepresentation(Policy policy) {
|
||||
RulePolicyRepresentation representation = new RulePolicyRepresentation();
|
||||
|
||||
representation.setArtifactGroupId(policy.getConfig().get("mavenArtifactGroupId"));
|
||||
representation.setArtifactId(policy.getConfig().get("mavenArtifactId"));
|
||||
representation.setArtifactVersion(policy.getConfig().get("mavenArtifactVersion"));
|
||||
representation.setScannerPeriod(policy.getConfig().get("scannerPeriod"));
|
||||
representation.setScannerPeriodUnit(policy.getConfig().get("scannerPeriodUnit"));
|
||||
representation.setSessionName(policy.getConfig().get("sessionName"));
|
||||
representation.setModuleName(policy.getConfig().get("moduleName"));
|
||||
|
||||
return representation;
|
||||
}
|
||||
|
||||
@Override
|
||||
public PolicyProviderAdminService getAdminResource(ResourceServer resourceServer, AuthorizationProvider authorization) {
|
||||
return new DroolsPolicyAdminResource(this);
|
||||
|
|
@ -82,18 +97,6 @@ public class DroolsPolicyProviderFactory implements PolicyProviderFactory<RulePo
|
|||
remove(policy);
|
||||
}
|
||||
|
||||
@Override
|
||||
public RulePolicyRepresentation toRepresentation(Policy policy, RulePolicyRepresentation representation) {
|
||||
representation.setArtifactGroupId(policy.getConfig().get("mavenArtifactGroupId"));
|
||||
representation.setArtifactId(policy.getConfig().get("mavenArtifactId"));
|
||||
representation.setArtifactVersion(policy.getConfig().get("mavenArtifactVersion"));
|
||||
representation.setScannerPeriod(policy.getConfig().get("scannerPeriod"));
|
||||
representation.setScannerPeriodUnit(policy.getConfig().get("scannerPeriodUnit"));
|
||||
representation.setSessionName(policy.getConfig().get("sessionName"));
|
||||
representation.setModuleName(policy.getConfig().get("moduleName"));
|
||||
return representation;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class<RulePolicyRepresentation> getRepresentationType() {
|
||||
return RulePolicyRepresentation.class;
|
||||
|
|
|
|||
|
|
@ -36,13 +36,9 @@ public interface PolicyProviderFactory<R extends AbstractPolicyRepresentation> e
|
|||
|
||||
PolicyProvider create(AuthorizationProvider authorization);
|
||||
|
||||
default R toRepresentation(Policy policy, R representation) {
|
||||
return representation;
|
||||
}
|
||||
R toRepresentation(Policy policy);
|
||||
|
||||
default Class<R> getRepresentationType() {
|
||||
return (Class<R>) PolicyRepresentation.class;
|
||||
}
|
||||
Class<R> getRepresentationType();
|
||||
|
||||
default void onCreate(Policy policy, R representation, AuthorizationProvider authorization) {
|
||||
|
||||
|
|
@ -61,7 +57,6 @@ public interface PolicyProviderFactory<R extends AbstractPolicyRepresentation> e
|
|||
}
|
||||
|
||||
default void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
|
||||
representation.setConfig(policy.getConfig());
|
||||
}
|
||||
|
||||
default PolicyProviderAdminService getAdminResource(ResourceServer resourceServer, AuthorizationProvider authorization) {
|
||||
|
|
|
|||
|
|
@ -748,21 +748,28 @@ public class ModelToRepresentation {
|
|||
return server;
|
||||
}
|
||||
|
||||
public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization) {
|
||||
return toRepresentation(policy, representationType, authorization, false);
|
||||
public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, AuthorizationProvider authorization) {
|
||||
return toRepresentation(policy, authorization, false, true);
|
||||
}
|
||||
|
||||
public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization, boolean export) {
|
||||
public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, AuthorizationProvider authorization, boolean genericRepresentation, boolean export) {
|
||||
PolicyProviderFactory providerFactory = authorization.getProviderFactory(policy.getType());
|
||||
R representation;
|
||||
|
||||
try {
|
||||
representation = representationType.newInstance();
|
||||
} catch (Exception cause) {
|
||||
throw new RuntimeException("Could not create policy [" + policy.getType() + "] representation", cause);
|
||||
if (genericRepresentation || export) {
|
||||
representation = (R) new PolicyRepresentation();
|
||||
PolicyRepresentation.class.cast(representation).setConfig(policy.getConfig());
|
||||
if (export) {
|
||||
providerFactory.onExport(policy, PolicyRepresentation.class.cast(representation), authorization);
|
||||
}
|
||||
} else {
|
||||
try {
|
||||
representation = (R) providerFactory.toRepresentation(policy);
|
||||
} catch (Exception cause) {
|
||||
throw new RuntimeException("Could not create policy [" + policy.getType() + "] representation", cause);
|
||||
}
|
||||
}
|
||||
|
||||
PolicyProviderFactory providerFactory = authorization.getProviderFactory(policy.getType());
|
||||
|
||||
representation.setId(policy.getId());
|
||||
representation.setName(policy.getName());
|
||||
representation.setDescription(policy.getDescription());
|
||||
|
|
@ -770,16 +777,6 @@ public class ModelToRepresentation {
|
|||
representation.setDecisionStrategy(policy.getDecisionStrategy());
|
||||
representation.setLogic(policy.getLogic());
|
||||
|
||||
if (representation instanceof PolicyRepresentation) {
|
||||
if (providerFactory != null && export) {
|
||||
providerFactory.onExport(policy, PolicyRepresentation.class.cast(representation), authorization);
|
||||
} else {
|
||||
PolicyRepresentation.class.cast(representation).setConfig(policy.getConfig());
|
||||
}
|
||||
} else {
|
||||
representation = (R) providerFactory.toRepresentation(policy, representation);
|
||||
}
|
||||
|
||||
return representation;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -22,6 +22,8 @@ import java.util.Map;
|
|||
import org.keycloak.authorization.AuthorizationProvider;
|
||||
import org.keycloak.authorization.model.Policy;
|
||||
import org.keycloak.authorization.model.ResourceServer;
|
||||
import org.keycloak.models.utils.ModelToRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||
import org.keycloak.services.resources.admin.AdminEventBuilder;
|
||||
|
||||
|
|
@ -56,4 +58,9 @@ public class PermissionService extends PolicyService {
|
|||
filters.put("permission", new String[] {Boolean.TRUE.toString()});
|
||||
return super.doSearch(firstResult, maxResult, filters);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected AbstractPolicyRepresentation toRepresentation(Policy policy, AuthorizationProvider authorization) {
|
||||
return ModelToRepresentation.toRepresentation(policy, authorization, false, false);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -129,7 +129,7 @@ public class PolicyResourceService {
|
|||
}
|
||||
|
||||
protected AbstractPolicyRepresentation toRepresentation(Policy policy, AuthorizationProvider authorization) {
|
||||
return ModelToRepresentation.toRepresentation(policy, PolicyRepresentation.class, authorization);
|
||||
return ModelToRepresentation.toRepresentation(policy, authorization, true, false);
|
||||
}
|
||||
|
||||
@Path("/dependentPolicies")
|
||||
|
|
|
|||
|
|
@ -235,7 +235,7 @@ public class PolicyService {
|
|||
}
|
||||
|
||||
protected AbstractPolicyRepresentation toRepresentation(Policy model, AuthorizationProvider authorization) {
|
||||
return ModelToRepresentation.toRepresentation(model, PolicyRepresentation.class, authorization);
|
||||
return ModelToRepresentation.toRepresentation(model, authorization, true, false);
|
||||
}
|
||||
|
||||
protected List<Object> doSearch(Integer firstResult, Integer maxResult, Map<String, String[]> filters) {
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@ import org.keycloak.authorization.AuthorizationProvider;
|
|||
import org.keycloak.authorization.model.Policy;
|
||||
import org.keycloak.authorization.model.ResourceServer;
|
||||
import org.keycloak.authorization.policy.provider.PolicyProviderFactory;
|
||||
import org.keycloak.common.util.reflections.Types;
|
||||
import org.keycloak.models.utils.ModelToRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||
|
|
@ -61,7 +62,6 @@ public class PolicyTypeResourceService extends PolicyResourceService {
|
|||
|
||||
@Override
|
||||
protected AbstractPolicyRepresentation toRepresentation(Policy policy, AuthorizationProvider authorization) {
|
||||
PolicyProviderFactory providerFactory = authorization.getProviderFactory(policy.getType());
|
||||
return ModelToRepresentation.toRepresentation(policy, providerFactory.getRepresentationType(), authorization);
|
||||
return ModelToRepresentation.toRepresentation(policy, authorization, false, false);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -88,8 +88,7 @@ public class PolicyTypeService extends PolicyService {
|
|||
|
||||
@Override
|
||||
protected AbstractPolicyRepresentation toRepresentation(Policy policy, AuthorizationProvider authorization) {
|
||||
PolicyProviderFactory providerFactory = authorization.getProviderFactory(policy.getType());
|
||||
return ModelToRepresentation.toRepresentation(policy, providerFactory.getRepresentationType(), authorization);
|
||||
return ModelToRepresentation.toRepresentation(policy, authorization, false, false);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -359,7 +359,7 @@ public class ExportUtils {
|
|||
|
||||
private static PolicyRepresentation createPolicyRepresentation(AuthorizationProvider authorizationProvider, Policy policy) {
|
||||
try {
|
||||
PolicyRepresentation rep = toRepresentation(policy, PolicyRepresentation.class, authorizationProvider, true);
|
||||
PolicyRepresentation rep = toRepresentation(policy, authorizationProvider, true, true);
|
||||
|
||||
rep.setId(null);
|
||||
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ package org.keycloak.testsuite.authorization;
|
|||
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.authorization.AuthorizationProvider;
|
||||
import org.keycloak.authorization.model.Policy;
|
||||
import org.keycloak.authorization.model.ResourceServer;
|
||||
import org.keycloak.authorization.policy.evaluation.Evaluation;
|
||||
import org.keycloak.authorization.policy.provider.PolicyProvider;
|
||||
|
|
@ -25,6 +26,8 @@ import org.keycloak.authorization.policy.provider.PolicyProviderAdminService;
|
|||
import org.keycloak.authorization.policy.provider.PolicyProviderFactory;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
|
|
@ -46,6 +49,16 @@ public class TestPolicyProviderFactory implements PolicyProviderFactory {
|
|||
return new TestPolicyProvider(authorization);
|
||||
}
|
||||
|
||||
@Override
|
||||
public AbstractPolicyRepresentation toRepresentation(Policy policy) {
|
||||
return new PolicyRepresentation();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class getRepresentationType() {
|
||||
return PolicyRepresentation.class;
|
||||
}
|
||||
|
||||
@Override
|
||||
public PolicyProviderAdminService getAdminResource(ResourceServer resourceServer, AuthorizationProvider authorization) {
|
||||
return null;
|
||||
|
|
|
|||
Loading…
Reference in a new issue