[KEYCLOAK-14255] - Initial changes to configuration
This commit is contained in:
parent
3973d47bd4
commit
0978d78a48
45 changed files with 1919 additions and 380 deletions
|
@ -92,7 +92,7 @@ public class Profile {
|
|||
PREVIEW
|
||||
}
|
||||
|
||||
private static Profile CURRENT = new Profile();
|
||||
private static Profile CURRENT;
|
||||
|
||||
private final ProductValue product;
|
||||
|
||||
|
@ -103,7 +103,10 @@ public class Profile {
|
|||
private final Set<Feature> experimentalFeatures = new HashSet<>();
|
||||
private final Set<Feature> deprecatedFeatures = new HashSet<>();
|
||||
|
||||
private Profile() {
|
||||
private final PropertyResolver propertyResolver;
|
||||
|
||||
public Profile(PropertyResolver resolver) {
|
||||
this.propertyResolver = resolver;
|
||||
Config config = new Config();
|
||||
|
||||
product = "rh-sso".equals(Version.NAME) ? ProductValue.RHSSO : ProductValue.KEYCLOAK;
|
||||
|
@ -153,32 +156,43 @@ public class Profile {
|
|||
}
|
||||
}
|
||||
|
||||
private static Profile getInstance() {
|
||||
if (CURRENT == null) {
|
||||
CURRENT = new Profile(null);
|
||||
}
|
||||
return CURRENT;
|
||||
}
|
||||
|
||||
public static void init() {
|
||||
CURRENT = new Profile();
|
||||
CURRENT = new Profile(null);
|
||||
}
|
||||
|
||||
public static void setInstance(Profile instance) {
|
||||
CURRENT = instance;
|
||||
}
|
||||
|
||||
public static String getName() {
|
||||
return CURRENT.profile.name().toLowerCase();
|
||||
return getInstance().profile.name().toLowerCase();
|
||||
}
|
||||
|
||||
public static Set<Feature> getDisabledFeatures() {
|
||||
return CURRENT.disabledFeatures;
|
||||
return getInstance().disabledFeatures;
|
||||
}
|
||||
|
||||
public static Set<Feature> getPreviewFeatures() {
|
||||
return CURRENT.previewFeatures;
|
||||
return getInstance().previewFeatures;
|
||||
}
|
||||
|
||||
public static Set<Feature> getExperimentalFeatures() {
|
||||
return CURRENT.experimentalFeatures;
|
||||
return getInstance().experimentalFeatures;
|
||||
}
|
||||
|
||||
public static Set<Feature> getDeprecatedFeatures() {
|
||||
return CURRENT.deprecatedFeatures;
|
||||
return getInstance().deprecatedFeatures;
|
||||
}
|
||||
|
||||
public static boolean isFeatureEnabled(Feature feature) {
|
||||
return !CURRENT.disabledFeatures.contains(feature);
|
||||
return !getInstance().disabledFeatures.contains(feature);
|
||||
}
|
||||
|
||||
private class Config {
|
||||
|
@ -202,7 +216,7 @@ public class Profile {
|
|||
}
|
||||
|
||||
public String getProfile() {
|
||||
String profile = System.getProperty("keycloak.profile");
|
||||
String profile = getProperty("keycloak.profile");
|
||||
if (profile != null) {
|
||||
return profile;
|
||||
}
|
||||
|
@ -216,7 +230,8 @@ public class Profile {
|
|||
}
|
||||
|
||||
public Boolean getConfig(Feature feature) {
|
||||
String config = System.getProperty("keycloak.profile.feature." + feature.name().toLowerCase());
|
||||
String config = getProperty("keycloak.profile.feature." + feature.name().toLowerCase());
|
||||
|
||||
if (config == null) {
|
||||
config = properties.getProperty("feature." + feature.name().toLowerCase());
|
||||
}
|
||||
|
@ -231,6 +246,24 @@ public class Profile {
|
|||
throw new RuntimeException("Invalid value for feature " + config);
|
||||
}
|
||||
}
|
||||
|
||||
private String getProperty(String name) {
|
||||
String value = System.getProperty(name);
|
||||
|
||||
if (value != null) {
|
||||
return value;
|
||||
}
|
||||
|
||||
if (propertyResolver != null) {
|
||||
return propertyResolver.resolve(name);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public interface PropertyResolver {
|
||||
String resolve(String feature);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -72,7 +72,7 @@ public final class StringPropertyReplacer
|
|||
*/
|
||||
public static String replaceProperties(final String string)
|
||||
{
|
||||
return replaceProperties(string, null);
|
||||
return replaceProperties(string, (Properties) null);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -95,7 +95,19 @@ public final class StringPropertyReplacer
|
|||
* @return the input string with all property references replaced if any.
|
||||
* If there are no valid references the input string will be returned.
|
||||
*/
|
||||
public static String replaceProperties(final String string, final Properties props)
|
||||
public static String replaceProperties(final String string, final Properties props) {
|
||||
if (props == null) {
|
||||
return replaceProperties(string, (PropertyResolver) null);
|
||||
}
|
||||
return replaceProperties(string, new PropertyResolver() {
|
||||
@Override
|
||||
public String resolve(String property) {
|
||||
return props.getProperty(property);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public static String replaceProperties(final String string, PropertyResolver resolver)
|
||||
{
|
||||
if(string == null) {
|
||||
return null;
|
||||
|
@ -151,8 +163,8 @@ public final class StringPropertyReplacer
|
|||
else
|
||||
{
|
||||
// check from the properties
|
||||
if (props != null)
|
||||
value = props.getProperty(key);
|
||||
if (resolver != null)
|
||||
value = resolver.resolve(key);
|
||||
else
|
||||
value = System.getProperty(key);
|
||||
|
||||
|
@ -163,15 +175,15 @@ public final class StringPropertyReplacer
|
|||
if (colon > 0)
|
||||
{
|
||||
String realKey = key.substring(0, colon);
|
||||
if (props != null)
|
||||
value = props.getProperty(realKey);
|
||||
if (resolver != null)
|
||||
value = resolver.resolve(realKey);
|
||||
else
|
||||
value = System.getProperty(realKey);
|
||||
|
||||
if (value == null)
|
||||
{
|
||||
// Check for a composite key, "key1,key2"
|
||||
value = resolveCompositeKey(realKey, props);
|
||||
value = resolveCompositeKey(realKey, resolver);
|
||||
|
||||
// Not a composite key either, use the specified default
|
||||
if (value == null)
|
||||
|
@ -181,7 +193,7 @@ public final class StringPropertyReplacer
|
|||
else
|
||||
{
|
||||
// No default, check for a composite key, "key1,key2"
|
||||
value = resolveCompositeKey(key, props);
|
||||
value = resolveCompositeKey(key, resolver);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -212,6 +224,10 @@ public final class StringPropertyReplacer
|
|||
if (start != chars.length)
|
||||
buffer.append(string.substring(start, chars.length));
|
||||
|
||||
if (buffer.indexOf("${") != -1) {
|
||||
return replaceProperties(buffer.toString(), resolver);
|
||||
}
|
||||
|
||||
// Done
|
||||
return buffer.toString();
|
||||
}
|
||||
|
@ -227,7 +243,19 @@ public final class StringPropertyReplacer
|
|||
* @param props the properties to use
|
||||
* @return the resolved key or null
|
||||
*/
|
||||
private static String resolveCompositeKey(String key, Properties props)
|
||||
private static String resolveCompositeKey(String key, final Properties props) {
|
||||
if (props == null) {
|
||||
return resolveCompositeKey(key, (PropertyResolver) null);
|
||||
}
|
||||
return resolveCompositeKey(key, new PropertyResolver() {
|
||||
@Override
|
||||
public String resolve(String property) {
|
||||
return props.getProperty(property);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static String resolveCompositeKey(String key, PropertyResolver resolver)
|
||||
{
|
||||
String value = null;
|
||||
|
||||
|
@ -240,8 +268,8 @@ public final class StringPropertyReplacer
|
|||
{
|
||||
// Check the first part
|
||||
String key1 = key.substring(0, comma);
|
||||
if (props != null)
|
||||
value = props.getProperty(key1);
|
||||
if (resolver != null)
|
||||
value = resolver.resolve(key1);
|
||||
else
|
||||
value = System.getProperty(key1);
|
||||
}
|
||||
|
@ -249,8 +277,8 @@ public final class StringPropertyReplacer
|
|||
if (value == null && comma < key.length() - 1)
|
||||
{
|
||||
String key2 = key.substring(comma + 1);
|
||||
if (props != null)
|
||||
value = props.getProperty(key2);
|
||||
if (resolver != null)
|
||||
value = resolver.resolve(key2);
|
||||
else
|
||||
value = System.getProperty(key2);
|
||||
}
|
||||
|
@ -258,4 +286,8 @@ public final class StringPropertyReplacer
|
|||
// Return whatever we've found or null
|
||||
return value;
|
||||
}
|
||||
|
||||
public interface PropertyResolver {
|
||||
String resolve(String property);
|
||||
}
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
case "`uname`" in
|
||||
CYGWIN*)
|
||||
|
@ -23,11 +23,12 @@ fi
|
|||
GREP="grep"
|
||||
DIRNAME=`dirname "$RESOLVED_NAME"`
|
||||
|
||||
SERVER_OPTS="-Dkeycloak.home.dir=$DIRNAME/../ -Djboss.server.config.dir=$DIRNAME/../conf -Dkeycloak.theme.dir=$DIRNAME/../themes -Djava.util.logging.manager=org.jboss.logmanager.LogManager"
|
||||
SERVER_OPTS="-Dkc.home.dir=$DIRNAME/../ -Djboss.server.config.dir=$DIRNAME/../conf -Dkeycloak.theme.dir=$DIRNAME/../themes -Djava.util.logging.manager=org.jboss.logmanager.LogManager"
|
||||
|
||||
DEBUG_MODE="${DEBUG:-false}"
|
||||
DEBUG_PORT="${DEBUG_PORT:-8787}"
|
||||
|
||||
CONFIG_ARGS=${CONFIG_ARGS:-""}
|
||||
IS_CONFIGURE="false"
|
||||
|
||||
while [ "$#" -gt 0 ]
|
||||
|
@ -40,18 +41,16 @@ do
|
|||
shift
|
||||
fi
|
||||
;;
|
||||
--config-file)
|
||||
SERVER_OPTS="$SERVER_OPTS -Dkeycloak.config.file=$2"
|
||||
shift
|
||||
;;
|
||||
config)
|
||||
IS_CONFIGURE=true
|
||||
;;
|
||||
--)
|
||||
shift
|
||||
break;;
|
||||
break
|
||||
;;
|
||||
*)
|
||||
if [[ $1 = --* || ! $1 =~ ^-.* ]]; then
|
||||
CONFIG_ARGS="$CONFIG_ARGS $1"
|
||||
else
|
||||
SERVER_OPTS="$SERVER_OPTS $1"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
|
@ -78,9 +77,4 @@ fi
|
|||
|
||||
CLASSPATH_OPTS="$DIRNAME/../lib/quarkus-run.jar:$DIRNAME/../lib/main/*"
|
||||
|
||||
if [ "$IS_CONFIGURE" = true ] ; then
|
||||
echo "Updating the configuration and installing your custom providers, if any. Please wait."
|
||||
exec java -Dquarkus.launch.rebuild=true $JAVA_OPTS $SERVER_OPTS -cp $CLASSPATH_OPTS io.quarkus.bootstrap.runner.QuarkusEntryPoint "$@"
|
||||
else
|
||||
exec java $JAVA_OPTS $SERVER_OPTS -cp $CLASSPATH_OPTS io.quarkus.bootstrap.runner.QuarkusEntryPoint "$@"
|
||||
fi
|
||||
exec java $JAVA_OPTS $SERVER_OPTS -cp $CLASSPATH_OPTS io.quarkus.bootstrap.runner.QuarkusEntryPoint ${CONFIG_ARGS#?}
|
|
@ -1,7 +1,7 @@
|
|||
# Default, and insecure, and non-production grade HTTP configuration
|
||||
%dev.http.enabled=true
|
||||
|
||||
# Default Non-Production Grade Datasource
|
||||
hibernate-orm.dialect=org.hibernate.dialect.H2Dialect
|
||||
datasource.driver=org.h2.jdbcx.JdbcDataSource
|
||||
datasource.url = jdbc:h2:file:${keycloak.home.dir}/data/keycloakdb;;AUTO_SERVER=TRUE
|
||||
datasource.username = sa
|
||||
datasource.password = keycloak
|
||||
datasource.jdbc.transactions=xa
|
||||
db=h2-file
|
||||
db.username = sa
|
||||
db.password = keycloak
|
|
@ -32,7 +32,10 @@ The distribution packages (ZIP and TAR) should be available at [../distribution/
|
|||
|
||||
## Running
|
||||
|
||||
java -jar server/target/lib/quarkus-run.jar
|
||||
By default, the HTTP port is disabled and you need to provide the key material to configure HTTPS. If you want to enable
|
||||
the HTTP port, run the server in development mode as follows:
|
||||
|
||||
java -jar server/target/lib/quarkus-run.jar --profile=dev
|
||||
|
||||
## Contributing
|
||||
|
||||
|
|
|
@ -23,6 +23,7 @@ import java.net.URL;
|
|||
import java.net.URLClassLoader;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
public class BuildClassLoader extends URLClassLoader {
|
||||
|
||||
|
@ -30,7 +31,7 @@ public class BuildClassLoader extends URLClassLoader {
|
|||
|
||||
public BuildClassLoader() {
|
||||
super(new URL[] {}, Thread.currentThread().getContextClassLoader());
|
||||
String homeDir = System.getProperty("keycloak.home.dir");
|
||||
String homeDir = Environment.getHomeDir();
|
||||
|
||||
if (homeDir == null) {
|
||||
return;
|
||||
|
|
|
@ -1,29 +1,52 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.quarkus.deployment;
|
||||
|
||||
import javax.persistence.spi.PersistenceUnitTransactionType;
|
||||
import java.util.Arrays;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.NoSuchElementException;
|
||||
import java.util.Optional;
|
||||
import java.util.ServiceLoader;
|
||||
|
||||
import io.quarkus.deployment.IsDevelopment;
|
||||
import io.quarkus.deployment.builditem.HotDeploymentWatchedFileBuildItem;
|
||||
import io.quarkus.hibernate.orm.deployment.HibernateOrmConfig;
|
||||
import org.hibernate.cfg.AvailableSettings;
|
||||
import org.hibernate.jpa.boot.spi.PersistenceUnitDescriptor;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.config.ConfigProviderFactory;
|
||||
import org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory;
|
||||
import org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProviderFactory;
|
||||
import org.keycloak.connections.jpa.updater.liquibase.conn.DefaultLiquibaseConnectionProvider;
|
||||
import org.keycloak.provider.EnvironmentDependentProviderFactory;
|
||||
import org.keycloak.provider.KeycloakDeploymentInfo;
|
||||
import org.keycloak.provider.Provider;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
import org.keycloak.provider.ProviderManager;
|
||||
import org.keycloak.provider.Spi;
|
||||
import org.keycloak.provider.quarkus.QuarkusRequestFilter;
|
||||
import org.keycloak.runtime.KeycloakRecorder;
|
||||
import org.keycloak.transaction.JBossJtaTransactionManagerLookup;
|
||||
import org.keycloak.quarkus.KeycloakRecorder;
|
||||
|
||||
import io.quarkus.deployment.annotations.BuildProducer;
|
||||
import io.quarkus.deployment.annotations.BuildStep;
|
||||
|
@ -32,10 +55,15 @@ import io.quarkus.deployment.annotations.Record;
|
|||
import io.quarkus.deployment.builditem.FeatureBuildItem;
|
||||
import io.quarkus.hibernate.orm.deployment.PersistenceUnitDescriptorBuildItem;
|
||||
import io.quarkus.vertx.http.deployment.FilterBuildItem;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
import org.keycloak.services.resources.KeycloakApplication;
|
||||
import org.keycloak.transaction.JBossJtaTransactionManagerLookup;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
class KeycloakProcessor {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(KeycloakProcessor.class);
|
||||
|
||||
@BuildStep
|
||||
FeatureBuildItem getFeature() {
|
||||
return new FeatureBuildItem("keycloak");
|
||||
|
@ -46,8 +74,8 @@ class KeycloakProcessor {
|
|||
*
|
||||
* <p>The main reason we have this build step is because we re-use the same persistence unit from {@code keycloak-model-jpa}
|
||||
* module, the same used by the Wildfly distribution. The {@code hibernate-orm} extension expects that the dialect is statically
|
||||
* set to the persistence unit if there is any from the classpath and use this method to obtain the dialect from the configuration
|
||||
* file so that we can re-augment the application with whatever dialect we want. In addition to the dialect, we should also be
|
||||
* set to the persistence unit if there is any from the classpath and we use this method to obtain the dialect from the configuration
|
||||
* file so that we can build the application with whatever dialect we want. In addition to the dialect, we should also be
|
||||
* allowed to set any additional defaults that we think that makes sense.
|
||||
*
|
||||
* @param recorder
|
||||
|
@ -59,13 +87,14 @@ class KeycloakProcessor {
|
|||
void configureHibernate(KeycloakRecorder recorder, HibernateOrmConfig config, List<PersistenceUnitDescriptorBuildItem> descriptors) {
|
||||
PersistenceUnitDescriptor unit = descriptors.get(0).asOutputPersistenceUnitDefinition().getActualHibernateDescriptor();
|
||||
|
||||
unit.getProperties().setProperty(AvailableSettings.DIALECT, config.dialect.get());
|
||||
unit.getProperties().setProperty(AvailableSettings.DIALECT, config.defaultPersistenceUnit.dialect.dialect.orElse(null));
|
||||
unit.getProperties().setProperty(AvailableSettings.JPA_TRANSACTION_TYPE, PersistenceUnitTransactionType.JTA.name());
|
||||
unit.getProperties().setProperty(AvailableSettings.QUERY_STARTUP_CHECKING, Boolean.FALSE.toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Load the built-in provider factories during build time so we don't spend time looking up them at runtime.
|
||||
* <p>Load the built-in provider factories during build time so we don't spend time looking up them at runtime. By loading
|
||||
* providers at this stage we are also able to perform a more dynamic configuration based on the default providers.
|
||||
*
|
||||
* <p>User-defined providers are going to be loaded at startup</p>
|
||||
*
|
||||
|
@ -74,7 +103,60 @@ class KeycloakProcessor {
|
|||
@Record(ExecutionTime.STATIC_INIT)
|
||||
@BuildStep
|
||||
void configureProviders(KeycloakRecorder recorder) {
|
||||
recorder.configSessionFactory(loadFactories(), Environment.isRebuild());
|
||||
Profile.setInstance(recorder.createProfile());
|
||||
Map<Spi, Map<Class<? extends Provider>, Map<String, Class<? extends ProviderFactory>>>> factories = new HashMap<>();
|
||||
Map<Class<? extends Provider>, String> defaultProviders = new HashMap<>();
|
||||
|
||||
for (Map.Entry<Spi, Map<Class<? extends Provider>, Map<String, ProviderFactory>>> entry : loadFactories()
|
||||
.entrySet()) {
|
||||
checkProviders(entry.getKey(), entry.getValue(), defaultProviders);
|
||||
|
||||
for (Map.Entry<Class<? extends Provider>, Map<String, ProviderFactory>> value : entry.getValue().entrySet()) {
|
||||
for (ProviderFactory factory : value.getValue().values()) {
|
||||
factories.computeIfAbsent(entry.getKey(),
|
||||
key -> new HashMap<>())
|
||||
.computeIfAbsent(entry.getKey().getProviderClass(), aClass -> new HashMap<>()).put(factory.getId(),factory.getClass());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
recorder.configSessionFactory(factories, defaultProviders, Environment.isRebuild());
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Make the build time configuration available at runtime so that the server can run without having to specify some of
|
||||
* the properties again.
|
||||
*
|
||||
* <p>This build step also adds a static call to {@link org.keycloak.cli.ShowConfigCommand#run(Map)} via the recorder
|
||||
* so that the configuration can be shown when requested.
|
||||
*
|
||||
* @param recorder the recorder
|
||||
*/
|
||||
@Record(ExecutionTime.STATIC_INIT)
|
||||
@BuildStep
|
||||
void setBuildTimeProperties(KeycloakRecorder recorder) {
|
||||
Map<String, String> properties = new HashMap<>();
|
||||
|
||||
for (String name : KeycloakRecorder.getConfig().getPropertyNames()) {
|
||||
if (isRuntimeProperty(name)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
Optional<String> value = KeycloakRecorder.getConfig().getOptionalValue(name, String.class);
|
||||
|
||||
if (value.isPresent()) {
|
||||
properties.put(name, value.get());
|
||||
}
|
||||
}
|
||||
|
||||
recorder.setBuildTimeProperties(properties, Environment.isRebuild());
|
||||
|
||||
recorder.showConfig();
|
||||
}
|
||||
|
||||
private boolean isRuntimeProperty(String name) {
|
||||
// these properties are ignored from the build time properties as they are runtime-specific
|
||||
return "kc.home.dir".equals(name) || "kc.config.args".equals(name);
|
||||
}
|
||||
|
||||
@BuildStep
|
||||
|
@ -87,14 +169,13 @@ class KeycloakProcessor {
|
|||
hotFiles.produce(new HotDeploymentWatchedFileBuildItem("META-INF/keycloak.properties"));
|
||||
}
|
||||
|
||||
private Map<Spi, Set<Class<? extends ProviderFactory>>> loadFactories() {
|
||||
ProviderManager pm = new ProviderManager(
|
||||
KeycloakDeploymentInfo.create().services(), new BuildClassLoader(),
|
||||
Config.scope().getArray("providers"));
|
||||
Map<Spi, Set<Class<? extends ProviderFactory>>> result = new HashMap<>();
|
||||
private Map<Spi, Map<Class<? extends Provider>, Map<String, ProviderFactory>>> loadFactories() {
|
||||
loadConfig();
|
||||
ProviderManager pm = new ProviderManager(KeycloakDeploymentInfo.create().services(), new BuildClassLoader());
|
||||
Map<Spi, Map<Class<? extends Provider>, Map<String, ProviderFactory>>> factories = new HashMap<>();
|
||||
|
||||
for (Spi spi : pm.loadSpis()) {
|
||||
Set<Class<? extends ProviderFactory>> factories = new HashSet<>();
|
||||
Map<Class<? extends Provider>, Map<String, ProviderFactory>> providers = new HashMap<>();
|
||||
|
||||
for (ProviderFactory factory : pm.load(spi)) {
|
||||
if (Arrays.asList(
|
||||
|
@ -105,12 +186,88 @@ class KeycloakProcessor {
|
|||
continue;
|
||||
}
|
||||
|
||||
factories.add(factory.getClass());
|
||||
Config.Scope scope = Config.scope(spi.getName(), factory.getId());
|
||||
|
||||
if (isEnabled(factory, scope)) {
|
||||
if (spi.isInternal() && !isInternal(factory)) {
|
||||
ServicesLogger.LOGGER.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
|
||||
}
|
||||
|
||||
result.put(spi, factories);
|
||||
providers.computeIfAbsent(spi.getProviderClass(), aClass -> new HashMap<>()).put(factory.getId(),
|
||||
factory);
|
||||
} else {
|
||||
logger.debugv("SPI {0} provider {1} disabled", spi.getName(), factory.getId());
|
||||
}
|
||||
}
|
||||
|
||||
return result;
|
||||
factories.put(spi, providers);
|
||||
}
|
||||
|
||||
return factories;
|
||||
}
|
||||
|
||||
private boolean isEnabled(ProviderFactory factory, Config.Scope scope) {
|
||||
if (!scope.getBoolean("enabled", true)) {
|
||||
return false;
|
||||
}
|
||||
if (factory instanceof EnvironmentDependentProviderFactory) {
|
||||
return ((EnvironmentDependentProviderFactory) factory).isSupported();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
private boolean isInternal(ProviderFactory<?> factory) {
|
||||
String packageName = factory.getClass().getPackage().getName();
|
||||
return packageName.startsWith("org.keycloak") && !packageName.startsWith("org.keycloak.examples");
|
||||
}
|
||||
|
||||
private void checkProviders(Spi spi,
|
||||
Map<Class<? extends Provider>, Map<String, ProviderFactory>> factoriesMap,
|
||||
Map<Class<? extends Provider>, String> defaultProviders) {
|
||||
String defaultProvider = Config.getProvider(spi.getName());
|
||||
|
||||
if (defaultProvider != null) {
|
||||
Map<String, ProviderFactory> map = factoriesMap.get(spi.getProviderClass());
|
||||
if (map == null || map.get(defaultProvider) == null) {
|
||||
throw new RuntimeException("Failed to find provider " + defaultProvider + " for " + spi.getName());
|
||||
}
|
||||
} else {
|
||||
Map<String, ProviderFactory> factories = factoriesMap.get(spi.getProviderClass());
|
||||
if (factories != null && factories.size() == 1) {
|
||||
defaultProvider = factories.values().iterator().next().getId();
|
||||
}
|
||||
|
||||
if (factories != null) {
|
||||
if (defaultProvider == null) {
|
||||
Optional<ProviderFactory> highestPriority = factories.values().stream()
|
||||
.max(Comparator.comparing(ProviderFactory::order));
|
||||
if (highestPriority.isPresent() && highestPriority.get().order() > 0) {
|
||||
defaultProvider = highestPriority.get().getId();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (defaultProvider == null && (factories == null || factories.containsKey("default"))) {
|
||||
defaultProvider = "default";
|
||||
}
|
||||
}
|
||||
|
||||
if (defaultProvider != null) {
|
||||
defaultProviders.put(spi.getProviderClass(), defaultProvider);
|
||||
} else {
|
||||
logger.debugv("No default provider for {0}", spi.getName());
|
||||
}
|
||||
}
|
||||
|
||||
protected void loadConfig() {
|
||||
ServiceLoader<ConfigProviderFactory> loader = ServiceLoader.load(ConfigProviderFactory.class, KeycloakApplication.class.getClassLoader());
|
||||
|
||||
try {
|
||||
ConfigProviderFactory factory = loader.iterator().next();
|
||||
logger.debugv("ConfigProvider: {0}", factory.getClass().getName());
|
||||
Config.init(factory.create().orElseThrow(() -> new RuntimeException("Failed to load Keycloak configuration")));
|
||||
} catch (NoSuchElementException e) {
|
||||
throw new RuntimeException("No valid ConfigProvider found");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -29,7 +29,7 @@ import liquibase.parser.ChangeLogParser;
|
|||
import liquibase.parser.core.xml.XMLChangeLogSAXParser;
|
||||
import liquibase.servicelocator.LiquibaseService;
|
||||
import liquibase.sqlgenerator.SqlGenerator;
|
||||
import org.keycloak.runtime.KeycloakRecorder;
|
||||
import org.keycloak.quarkus.KeycloakRecorder;
|
||||
|
||||
class LiquibaseProcessor {
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
hostname.default.frontendUrl = ${keycloak.frontendUrl:}
|
||||
|
||||
# Datasource
|
||||
hibernate-orm.dialect=org.hibernate.dialect.H2Dialect
|
||||
datasource.jdbc.transactions=xa
|
||||
datasource.driver=org.h2.jdbcx.JdbcDataSource
|
||||
datasource.url = jdbc:h2:mem:test;DB_CLOSE_DELAY=-1
|
||||
datasource.username = sa
|
||||
datasource.password = keycloak
|
||||
http.enabled=true
|
||||
db=h2-mem
|
||||
db.username = sa
|
||||
db.password = keycloak
|
|
@ -31,11 +31,12 @@
|
|||
<packaging>pom</packaging>
|
||||
|
||||
<properties>
|
||||
<quarkus.version>1.7.0.Final</quarkus.version>
|
||||
<quarkus.version>1.8.0.Final</quarkus.version>
|
||||
<resteasy.version>4.5.6.Final</resteasy.version>
|
||||
<jackson.version>2.11.2</jackson.version>
|
||||
<jackson.databind.version>${jackson.version}</jackson.databind.version>
|
||||
<hibernate.version>5.4.19.Final</hibernate.version>
|
||||
<hibernate.version>5.4.21.Final</hibernate.version>
|
||||
<picocli.version>4.5.1</picocli.version>
|
||||
<snakeyaml.version>1.20</snakeyaml.version>
|
||||
<surefire-plugin.version>3.0.0-M5</surefire-plugin.version>
|
||||
<wildfly.common.format.version>1.5.0.Final-format-001</wildfly.common.format.version>
|
||||
|
@ -126,32 +127,4 @@
|
|||
<module>server</module>
|
||||
</modules>
|
||||
|
||||
<!-- Temporary definition while Quarkus 1.7.0.Final is not released -->
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>dependency-snapshots-repo</id>
|
||||
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
|
||||
<releases>
|
||||
<enabled>false</enabled>
|
||||
</releases>
|
||||
<snapshots>
|
||||
<enabled>true</enabled>
|
||||
</snapshots>
|
||||
</repository>
|
||||
</repositories>
|
||||
|
||||
<!-- Temporary definition while Quarkus 1.7.0.Final is not released -->
|
||||
<pluginRepositories>
|
||||
<pluginRepository>
|
||||
<id>dependency-snapshots-repo</id>
|
||||
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
|
||||
<releases>
|
||||
<enabled>false</enabled>
|
||||
</releases>
|
||||
<snapshots>
|
||||
<enabled>true</enabled>
|
||||
</snapshots>
|
||||
</pluginRepository>
|
||||
</pluginRepositories>
|
||||
|
||||
</project>
|
||||
|
|
|
@ -55,6 +55,17 @@
|
|||
<groupId>io.quarkus</groupId>
|
||||
<artifactId>quarkus-jdbc-mariadb</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.quarkus</groupId>
|
||||
<artifactId>quarkus-core</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- CLI -->
|
||||
<dependency>
|
||||
<groupId>info.picocli</groupId>
|
||||
<artifactId>picocli</artifactId>
|
||||
<version>${picocli.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Keycloak -->
|
||||
<dependency>
|
||||
|
@ -464,15 +475,6 @@
|
|||
</annotationProcessorPaths>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<configuration>
|
||||
<environmentVariables>
|
||||
<KEYCLOAK_CAMEL_CASE_SCOPE_CAMEL_CASE_PROP>foobar</KEYCLOAK_CAMEL_CASE_SCOPE_CAMEL_CASE_PROP>
|
||||
</environmentVariables>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
|
|
@ -1,23 +1,15 @@
|
|||
package org.keycloak;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.function.Function;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.provider.KeycloakDeploymentInfo;
|
||||
import org.keycloak.provider.Provider;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
import org.keycloak.provider.ProviderLoader;
|
||||
import org.keycloak.provider.ProviderManagerRegistry;
|
||||
import org.keycloak.provider.Spi;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
||||
|
||||
public final class QuarkusKeycloakSessionFactory extends DefaultKeycloakSessionFactory {
|
||||
|
@ -38,9 +30,13 @@ public final class QuarkusKeycloakSessionFactory extends DefaultKeycloakSessionF
|
|||
|
||||
private static QuarkusKeycloakSessionFactory INSTANCE;
|
||||
private final Boolean reaugmented;
|
||||
private final Map<Spi, Set<Class<? extends ProviderFactory>>> factories;
|
||||
private final Map<Spi, Map<Class<? extends Provider>, Map<String, Class<? extends ProviderFactory>>>> factories;
|
||||
|
||||
public QuarkusKeycloakSessionFactory(Map<Spi, Set<Class<? extends ProviderFactory>>> factories, Boolean reaugmented) {
|
||||
public QuarkusKeycloakSessionFactory(
|
||||
Map<Spi, Map<Class<? extends Provider>, Map<String, Class<? extends ProviderFactory>>>> factories,
|
||||
Map<Class<? extends Provider>, String> defaultProviders,
|
||||
Boolean reaugmented) {
|
||||
this.provider = defaultProviders;
|
||||
this.factories = factories;
|
||||
this.reaugmented = reaugmented;
|
||||
}
|
||||
|
@ -56,25 +52,15 @@ public final class QuarkusKeycloakSessionFactory extends DefaultKeycloakSessionF
|
|||
spis = factories.keySet();
|
||||
|
||||
for (Spi spi : spis) {
|
||||
for (Class<? extends ProviderFactory> factoryClazz : factories.get(spi)) {
|
||||
ProviderFactory factory = lookupProviderFactory(factoryClazz);
|
||||
for (Map<String, Class<? extends ProviderFactory>> factoryClazz : factories.get(spi).values()) {
|
||||
for (Map.Entry<String, Class<? extends ProviderFactory>> entry : factoryClazz.entrySet()) {
|
||||
ProviderFactory factory = lookupProviderFactory(entry.getValue());
|
||||
Config.Scope scope = Config.scope(spi.getName(), factory.getId());
|
||||
|
||||
if (isEnabled(factory, scope)) {
|
||||
factory.init(scope);
|
||||
|
||||
if (spi.isInternal() && !isInternal(factory)) {
|
||||
ServicesLogger.LOGGER.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
|
||||
}
|
||||
|
||||
factoriesMap.computeIfAbsent(spi.getProviderClass(), aClass -> new HashMap<>()).put(factory.getId(),
|
||||
factory);
|
||||
} else {
|
||||
logger.debugv("SPI {0} provider {1} disabled", spi.getName(), factory.getId());
|
||||
factoriesMap.computeIfAbsent(spi.getProviderClass(), k -> new HashMap<>()).put(factory.getId(), factory);
|
||||
}
|
||||
}
|
||||
|
||||
checkProviders(spi);
|
||||
}
|
||||
|
||||
for (Map<String, ProviderFactory> f : factoriesMap.values()) {
|
||||
|
@ -99,40 +85,4 @@ public final class QuarkusKeycloakSessionFactory extends DefaultKeycloakSessionF
|
|||
|
||||
return factory;
|
||||
}
|
||||
|
||||
private void checkProviders(Spi spi) {
|
||||
String defaultProvider = Config.getProvider(spi.getName());
|
||||
|
||||
if (defaultProvider != null) {
|
||||
if (getProviderFactory(spi.getProviderClass(), defaultProvider) == null) {
|
||||
throw new RuntimeException("Failed to find provider " + provider + " for " + spi.getName());
|
||||
}
|
||||
} else {
|
||||
Map<String, ProviderFactory> factories = factoriesMap.get(spi.getProviderClass());
|
||||
if (factories != null && factories.size() == 1) {
|
||||
defaultProvider = factories.values().iterator().next().getId();
|
||||
}
|
||||
|
||||
if (factories != null) {
|
||||
if (defaultProvider == null) {
|
||||
Optional<ProviderFactory> highestPriority = factories.values().stream()
|
||||
.max(Comparator.comparing(ProviderFactory::order));
|
||||
if (highestPriority.isPresent() && highestPriority.get().order() > 0) {
|
||||
defaultProvider = highestPriority.get().getId();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (defaultProvider == null && (factories == null || factories.containsKey("default"))) {
|
||||
defaultProvider = "default";
|
||||
}
|
||||
}
|
||||
|
||||
if (defaultProvider != null) {
|
||||
this.provider.put(spi.getProviderClass(), defaultProvider);
|
||||
logger.debugv("Set default provider for {0} to {1}", spi.getName(), defaultProvider);
|
||||
} else {
|
||||
logger.debugv("No default provider for {0}", spi.getName());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,132 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.cli;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Iterator;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.function.Function;
|
||||
import java.util.function.IntFunction;
|
||||
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.Version;
|
||||
import org.keycloak.configuration.PropertyMapper;
|
||||
import org.keycloak.configuration.PropertyMappers;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
import io.quarkus.runtime.Quarkus;
|
||||
import io.quarkus.runtime.annotations.QuarkusMain;
|
||||
import picocli.CommandLine;
|
||||
|
||||
@QuarkusMain(name = "keycloak")
|
||||
public class KeycloakQuarkusMain {
|
||||
|
||||
public static void main(String args[]) {
|
||||
System.setProperty("kc.version", Version.VERSION_KEYCLOAK);
|
||||
|
||||
if (args.length != 0) {
|
||||
CommandLine.Model.CommandSpec spec = CommandLine.Model.CommandSpec.forAnnotatedObject(new MainCommand())
|
||||
.name(Environment.getCommand());
|
||||
|
||||
addOption(spec, "start", PropertyMappers.getRuntimeMappers());
|
||||
|
||||
addOption(spec, "config", PropertyMappers.getRuntimeMappers());
|
||||
addOption(spec, "config", PropertyMappers.getBuiltTimeMappers());
|
||||
spec.subcommands().get("config").getCommandSpec().addOption(CommandLine.Model.OptionSpec.builder("--features")
|
||||
.description("Enables a group of features. Possible values are: "
|
||||
+ String.join(",", Arrays.asList(Profile.Type.values()).stream().map(
|
||||
type -> type.name().toLowerCase()).toArray((IntFunction<CharSequence[]>) String[]::new)))
|
||||
.type(String.class)
|
||||
.build());
|
||||
|
||||
for (Profile.Feature feature : Profile.Feature.values()) {
|
||||
spec.subcommands().get("config").getCommandSpec().addOption(CommandLine.Model.OptionSpec.builder("--features-" + feature.name().toLowerCase())
|
||||
.description("Enables the " + feature.name() + " feature. Set enabled to enable the feature or disabled otherwise.")
|
||||
.type(String.class)
|
||||
.build());
|
||||
}
|
||||
|
||||
CommandLine cmd = new CommandLine(spec);
|
||||
List<String> argsList = new LinkedList<>(Arrays.asList(args));
|
||||
|
||||
if (argsList.isEmpty() || argsList.get(0).startsWith("--")) {
|
||||
argsList.add(0, "start");
|
||||
}
|
||||
|
||||
try {
|
||||
System.setProperty("kc.config.args", parseConfigArgs(argsList));
|
||||
cmd.parseArgs(argsList.toArray(new String[argsList.size()]));
|
||||
} catch (CommandLine.UnmatchedArgumentException e) {
|
||||
cmd.getErr().println(e.getMessage());
|
||||
System.exit(CommandLine.ExitCode.SOFTWARE);
|
||||
}
|
||||
|
||||
int exitCode = cmd.execute(argsList.toArray(new String[argsList.size()]));
|
||||
|
||||
if (exitCode != -1) {
|
||||
System.exit(exitCode);
|
||||
}
|
||||
}
|
||||
|
||||
Quarkus.run(args);
|
||||
Quarkus.waitForExit();
|
||||
}
|
||||
|
||||
private static String parseConfigArgs(List<String> argsList) {
|
||||
StringBuilder options = new StringBuilder();
|
||||
Iterator<String> iterator = argsList.iterator();
|
||||
|
||||
while (iterator.hasNext()) {
|
||||
String key = iterator.next();
|
||||
|
||||
// TODO: ignore properties for providers for now, need to fetch them from the providers, otherwise CLI will complain about invalid options
|
||||
if (key.startsWith("--spi")) {
|
||||
iterator.remove();
|
||||
}
|
||||
|
||||
if (key.startsWith("--")) {
|
||||
if (options.length() > 0) {
|
||||
options.append(",");
|
||||
}
|
||||
options.append(key);
|
||||
}
|
||||
}
|
||||
|
||||
return options.toString();
|
||||
}
|
||||
|
||||
public static void addOption(CommandLine.Model.CommandSpec spec, String command, List<PropertyMapper> mappers) {
|
||||
CommandLine.Model.CommandSpec commandSpec = spec.subcommands().get(command).getCommandSpec();
|
||||
|
||||
for (PropertyMapper mapper : mappers) {
|
||||
String name = "--" + PropertyMappers.toCLIFormat(mapper.getFrom()).substring(3);
|
||||
String description = mapper.getDescription();
|
||||
|
||||
if (description == null || commandSpec.optionsMap().containsKey(name)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
CommandLine.Model.OptionSpec.Builder builder = CommandLine.Model.OptionSpec.builder(name).type(String.class);
|
||||
|
||||
builder.description(description);
|
||||
|
||||
commandSpec.addOption(builder.build());
|
||||
}
|
||||
}
|
||||
}
|
132
quarkus/runtime/src/main/java/org/keycloak/cli/MainCommand.java
Normal file
132
quarkus/runtime/src/main/java/org/keycloak/cli/MainCommand.java
Normal file
|
@ -0,0 +1,132 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.cli;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.function.BiConsumer;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.StreamSupport;
|
||||
|
||||
import org.keycloak.configuration.KeycloakConfigSourceProvider;
|
||||
import org.keycloak.configuration.MicroProfileConfigProvider;
|
||||
import org.keycloak.quarkus.KeycloakRecorder;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
import io.quarkus.bootstrap.runner.QuarkusEntryPoint;
|
||||
import io.quarkus.runtime.Quarkus;
|
||||
import io.smallrye.config.ConfigValue;
|
||||
import picocli.CommandLine;
|
||||
import picocli.CommandLine.Command;
|
||||
import picocli.CommandLine.Model.CommandSpec;
|
||||
import picocli.CommandLine.Option;
|
||||
import picocli.CommandLine.Spec;
|
||||
|
||||
@Command(name = "keycloak",
|
||||
usageHelpWidth = 150,
|
||||
header = "Keycloak - Open Source Identity and Access Management\n\nFind more information at: https://www.keycloak.org/%n",
|
||||
description = "Use this command-line tool to manage your Keycloak cluster%n", footerHeading = "%nUse \"${COMMAND-NAME} <command> --help\" for more information about a command.%nUse \"${COMMAND-NAME} options\" for a list of all command-line options.",
|
||||
footer = "%nby Red Hat",
|
||||
parameterListHeading = "Server Options%n%n",
|
||||
optionListHeading = "%nConfiguration Options%n%n",
|
||||
commandListHeading = "%nCommands%n%n",
|
||||
version = {
|
||||
"Keycloak ${sys:kc.version}",
|
||||
"JVM: ${java.version} (${java.vendor} ${java.vm.name} ${java.vm.version})",
|
||||
"OS: ${os.name} ${os.version} ${os.arch}"
|
||||
})
|
||||
public class MainCommand {
|
||||
|
||||
@Spec
|
||||
CommandSpec spec;
|
||||
|
||||
@Option(names = { "--help" }, usageHelp = true, hidden = true)
|
||||
boolean help;
|
||||
|
||||
@Option(names = { "--version" }, versionHelp = true, hidden = true)
|
||||
boolean version;
|
||||
|
||||
@CommandLine.Parameters(paramLabel = "server options", description = "Server options")
|
||||
List<String> serverOptions;
|
||||
|
||||
@CommandLine.Parameters(paramLabel = "system properties", description = "Any Java system property you want set")
|
||||
List<String> systemProperties;
|
||||
|
||||
@Option(names = "--profile", arity = "1", description = "Set the profile. Use 'dev' profile to enable development mode")
|
||||
public void setProfile(String profile) {
|
||||
System.setProperty("kc.profile", profile);
|
||||
}
|
||||
|
||||
@Option(names = "--config-file", arity = "1", description = "Set the path to a configuration file", paramLabel = "<path>")
|
||||
public void setConfigFile(String path) {
|
||||
System.setProperty(KeycloakConfigSourceProvider.KEYCLOAK_CONFIG_FILE_PROP, path);
|
||||
}
|
||||
|
||||
@Command(name = "config", description = "Update the server configuration", mixinStandardHelpOptions = true, usageHelpAutoWidth = true)
|
||||
public void reAugment() {
|
||||
System.setProperty("quarkus.launch.rebuild", "true");
|
||||
println("Updating the configuration and installing your custom providers, if any. Please wait.");
|
||||
try {
|
||||
QuarkusEntryPoint.main();
|
||||
} catch (Throwable throwable) {
|
||||
error("Failed to update server configuration.");
|
||||
} finally {
|
||||
System.exit(CommandLine.ExitCode.OK);
|
||||
}
|
||||
}
|
||||
|
||||
@Command(name = "start-dev", description = "Start the server in development mode", mixinStandardHelpOptions = true)
|
||||
public void startDev() {
|
||||
System.setProperty("kc.profile", "dev");
|
||||
start();
|
||||
}
|
||||
|
||||
@Command(name = "start", description = "Start the server", mixinStandardHelpOptions = true, usageHelpAutoWidth = true)
|
||||
public void start(
|
||||
@CommandLine.Parameters(paramLabel = "show-config", arity = "0..1",
|
||||
description = "Show all configuration options before starting the server") String showConfig) {
|
||||
if (showConfig != null) {
|
||||
System.setProperty("kc.show.config.runtime", Boolean.TRUE.toString());
|
||||
System.setProperty("kc.show.config", "all");
|
||||
}
|
||||
start();
|
||||
}
|
||||
|
||||
@Command(name = "show-config", description = "Print out the current configuration", mixinStandardHelpOptions = true)
|
||||
public void showConfiguration(
|
||||
@CommandLine.Parameters(paramLabel = "filter", defaultValue = "none", description = "Show all configuration options. Use 'all' to show all options.") String filter) {
|
||||
System.setProperty("kc.show.config", filter);
|
||||
start();
|
||||
}
|
||||
|
||||
private void start() {
|
||||
Quarkus.run();
|
||||
Quarkus.waitForExit();
|
||||
}
|
||||
|
||||
private void println(String message) {
|
||||
spec.commandLine().getOut().println(message);
|
||||
}
|
||||
|
||||
private void error(String message) {
|
||||
spec.commandLine().getErr().println(message);
|
||||
System.exit(CommandLine.ExitCode.SOFTWARE);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,136 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.cli;
|
||||
|
||||
import static java.lang.Boolean.parseBoolean;
|
||||
import static org.keycloak.util.Environment.getBuiltTimeProperty;
|
||||
import static org.keycloak.util.Environment.getConfig;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.function.BiConsumer;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.StreamSupport;
|
||||
|
||||
import org.keycloak.configuration.MicroProfileConfigProvider;
|
||||
import org.keycloak.quarkus.KeycloakRecorder;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
import io.smallrye.config.ConfigValue;
|
||||
|
||||
public final class ShowConfigCommand {
|
||||
|
||||
public static void run(Map<String, String> buildTimeProperties) {
|
||||
String configArgs = System.getProperty("kc.show.config");
|
||||
|
||||
if (configArgs != null) {
|
||||
Map<String, Set<String>> properties = getPropertiesByGroup(buildTimeProperties);
|
||||
String profile = getProfile();
|
||||
|
||||
System.out.printf("Current Profile: %s%n", profile == null ? "none" : profile);
|
||||
|
||||
System.out.println("Runtime Configuration:");
|
||||
properties.get(MicroProfileConfigProvider.NS_KEYCLOAK).stream().sorted()
|
||||
.forEachOrdered(ShowConfigCommand::printProperty);
|
||||
|
||||
if (configArgs.equalsIgnoreCase("all")) {
|
||||
properties.get("%").stream()
|
||||
.sorted()
|
||||
.collect(Collectors.groupingBy(s -> s.substring(1, s.indexOf('.'))))
|
||||
.forEach((p, properties1) -> {
|
||||
if (p.equals(profile)) {
|
||||
System.out.printf("Profile \"%s\" Configuration (%s):%n", p,
|
||||
p.equals(profile) ? "current" : "");
|
||||
} else {
|
||||
System.out.printf("Profile \"%s\" Configuration:%n", p);
|
||||
}
|
||||
|
||||
properties1.stream().sorted().forEachOrdered(ShowConfigCommand::printProperty);
|
||||
});
|
||||
|
||||
System.out.println("Quarkus Configuration:");
|
||||
properties.get(MicroProfileConfigProvider.NS_QUARKUS).stream().sorted()
|
||||
.forEachOrdered(ShowConfigCommand::printProperty);
|
||||
}
|
||||
|
||||
if (!parseBoolean(System.getProperty("kc.show.config.runtime", Boolean.FALSE.toString()))) {
|
||||
System.exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static String getProfile() {
|
||||
String profile = Environment.getProfile();
|
||||
|
||||
if (profile == null) {
|
||||
return getBuiltTimeProperty("quarkus.profile").orElse(null);
|
||||
}
|
||||
|
||||
return profile;
|
||||
}
|
||||
|
||||
private static Map<String, Set<String>> getPropertiesByGroup(Map<String, String> buildTimeProperties) {
|
||||
Map<String, Set<String>> properties = StreamSupport
|
||||
.stream(getConfig().getPropertyNames().spliterator(), false)
|
||||
.filter(ShowConfigCommand::filterByGroup)
|
||||
.collect(Collectors.groupingBy(ShowConfigCommand::groupProperties, Collectors.toSet()));
|
||||
|
||||
buildTimeProperties.keySet().stream()
|
||||
.filter(property -> filterByGroup(property))
|
||||
.collect(Collectors.groupingBy(ShowConfigCommand::groupProperties, Collectors.toSet()))
|
||||
.forEach(new BiConsumer<String, Set<String>>() {
|
||||
@Override
|
||||
public void accept(String group, Set<String> propertyNames) {
|
||||
properties.computeIfAbsent(group, (name) -> new HashSet<>()).addAll(propertyNames);
|
||||
}
|
||||
});
|
||||
|
||||
return properties;
|
||||
}
|
||||
|
||||
private static void printProperty(String property) {
|
||||
String value = getBuiltTimeProperty(property).orElse(null);
|
||||
|
||||
if (value != null && !"".equals(value.trim())) {
|
||||
System.out.printf("\t%s = %s (build-time)%n", property, value);
|
||||
return;
|
||||
}
|
||||
|
||||
ConfigValue configValue = getConfig().getConfigValue(property);
|
||||
|
||||
if (configValue == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
System.out.printf("\t%s = %s (%s)%n", property, configValue.getValue(), configValue.getConfigSourceName());
|
||||
}
|
||||
|
||||
private static String groupProperties(String property) {
|
||||
if (property.startsWith("%")) {
|
||||
return "%";
|
||||
}
|
||||
return property.substring(0, property.indexOf('.'));
|
||||
}
|
||||
|
||||
private static boolean filterByGroup(String property) {
|
||||
return property.startsWith(MicroProfileConfigProvider.NS_KEYCLOAK)
|
||||
|| property.startsWith(MicroProfileConfigProvider.NS_QUARKUS)
|
||||
|| property.startsWith("%");
|
||||
}
|
||||
}
|
|
@ -0,0 +1,121 @@
|
|||
/*
|
||||
* Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import static org.keycloak.configuration.MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX;
|
||||
import static org.keycloak.configuration.MicroProfileConfigProvider.NS_QUARKUS_PREFIX;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
|
||||
import io.smallrye.config.PropertiesConfigSource;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
/**
|
||||
* <p>A configuration source for mapping configuration arguments to their corresponding properties so that they can be recognized
|
||||
* when building and running the server.
|
||||
*
|
||||
* <p>The mapping is based on the system property {@code kc.config.args}, where the value is a comma-separated list of
|
||||
* the arguments passed during build or runtime. E.g: "--http-enabled=true,--http-port=8180,--database-vendor=postgres".
|
||||
*
|
||||
* <p>Each argument is going to be mapped to its corresponding configuration property by prefixing the key with the {@link MicroProfileConfigProvider#NS_KEYCLOAK} namespace.
|
||||
*/
|
||||
public class ConfigArgsConfigSource extends PropertiesConfigSource {
|
||||
|
||||
private static final Logger log = Logger.getLogger(ConfigArgsConfigSource.class);
|
||||
|
||||
private static final Pattern ARG_SPLIT = Pattern.compile(",");
|
||||
private static final Pattern ARG_KEY_VALUE_SPLIT = Pattern.compile("=");
|
||||
private static final String ARG_PREFIX = "--";
|
||||
private static final Pattern DOT_SPLIT = Pattern.compile("\\.");
|
||||
|
||||
ConfigArgsConfigSource() {
|
||||
// higher priority over default Quarkus config sources
|
||||
super(parseArgument(), "cli", 500);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getValue(String propertyName) {
|
||||
String prefix = null;
|
||||
|
||||
// we only care about runtime args passed when executing the CLI, no need to check if the property is prefixed with a profile
|
||||
if (propertyName.startsWith(NS_KEYCLOAK_PREFIX)) {
|
||||
prefix = NS_KEYCLOAK_PREFIX;
|
||||
} else if (propertyName.startsWith(NS_QUARKUS_PREFIX)) {
|
||||
prefix = NS_QUARKUS_PREFIX;
|
||||
}
|
||||
|
||||
// we only recognize properties within keycloak and quarkus namespaces
|
||||
if (prefix == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
String[] parts = DOT_SPLIT.split(propertyName.substring(propertyName.indexOf(prefix) + prefix.length()));
|
||||
|
||||
return super.getValue(prefix + String.join("-", parts));
|
||||
}
|
||||
|
||||
private static Map<String, String> parseArgument() {
|
||||
String args = Environment.getConfigArgs();
|
||||
|
||||
if (args == null || "".equals(args.trim())) {
|
||||
log.trace("No command-line arguments provided");
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
Map<String, String> properties = new HashMap<>();
|
||||
|
||||
for (String arg : ARG_SPLIT.split(args)) {
|
||||
if (!arg.startsWith(ARG_PREFIX)) {
|
||||
throw new IllegalArgumentException("Invalid argument format [" + arg + "], arguments must start with '--'");
|
||||
}
|
||||
|
||||
String[] keyValue = ARG_KEY_VALUE_SPLIT.split(arg);
|
||||
String key = keyValue[0];
|
||||
|
||||
if ("".equals(key.trim())) {
|
||||
throw new IllegalArgumentException("Invalid argument key");
|
||||
}
|
||||
|
||||
String value;
|
||||
|
||||
if (keyValue.length == 1) {
|
||||
// the argument does not have a value because the key by itself already has a meaning
|
||||
value = Boolean.TRUE.toString();
|
||||
} else if (keyValue.length == 2) {
|
||||
// the argument has a simple value. Eg.: key=pair
|
||||
value = keyValue[1];
|
||||
} else {
|
||||
// the argument is multivalued. eg.: key=kv1=kv2
|
||||
value = arg.substring(key.length() + 1);
|
||||
}
|
||||
|
||||
key = NS_KEYCLOAK_PREFIX + key.substring(2);
|
||||
|
||||
log.tracef("Adding property [%s=%s] from command-line", key, value);
|
||||
|
||||
properties.put(key, value);
|
||||
}
|
||||
|
||||
return properties;
|
||||
}
|
||||
}
|
|
@ -15,9 +15,12 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import static org.keycloak.configuration.MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX;
|
||||
|
||||
import java.io.File;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
@ -25,25 +28,58 @@ import java.util.List;
|
|||
import org.eclipse.microprofile.config.spi.ConfigSource;
|
||||
import org.eclipse.microprofile.config.spi.ConfigSourceProvider;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
public class KeycloakConfigSourceProvider implements ConfigSourceProvider {
|
||||
|
||||
private static final Logger log = Logger.getLogger(KeycloakConfigSourceProvider.class);
|
||||
private static final String KEYCLOAK_CONFIG_FILE_PROP = "keycloak.config.file";
|
||||
private static final String KEYCLOAK_CONFIG_FILE_ENV = "KEYCLOAK_CONFIG_FILE";
|
||||
|
||||
@Override
|
||||
public Iterable<ConfigSource> getConfigSources(ClassLoader forClassLoader) {
|
||||
public static final String KEYCLOAK_CONFIG_FILE_ENV = "KC_CONFIG_FILE";
|
||||
public static final String KEYCLOAK_CONFIG_FILE_PROP = NS_KEYCLOAK_PREFIX + "config.file";
|
||||
private static final List<ConfigSource> CONFIG_SOURCES = new ArrayList<>();
|
||||
|
||||
List<ConfigSource> sources = new ArrayList<>();
|
||||
// we initialize in a static block to avoid discovering the config sources multiple times when starting the application
|
||||
static {
|
||||
initializeSources();
|
||||
}
|
||||
|
||||
private static void initializeSources() {
|
||||
String profile = Environment.getProfile();
|
||||
|
||||
if (profile != null) {
|
||||
System.setProperty("quarkus.profile", profile);
|
||||
}
|
||||
|
||||
CONFIG_SOURCES.add(new ConfigArgsConfigSource());
|
||||
CONFIG_SOURCES.add(new SysPropConfigSource());
|
||||
|
||||
Path configFile = getConfigurationFile();
|
||||
|
||||
if (configFile != null) {
|
||||
CONFIG_SOURCES.add(new KeycloakPropertiesConfigSource.InFileSystem(configFile));
|
||||
} else {
|
||||
log.debug("Loading the default server configuration");
|
||||
CONFIG_SOURCES.add(new KeycloakPropertiesConfigSource.InJar());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Mainly for test purposes as MicroProfile Config does not seem to provide a way to reload configsources when the config
|
||||
* is released
|
||||
*/
|
||||
public static void reload() {
|
||||
CONFIG_SOURCES.clear();
|
||||
initializeSources();
|
||||
}
|
||||
|
||||
private static Path getConfigurationFile() {
|
||||
String filePath = System.getProperty(KEYCLOAK_CONFIG_FILE_PROP);
|
||||
|
||||
if (filePath == null)
|
||||
filePath = System.getenv(KEYCLOAK_CONFIG_FILE_ENV);
|
||||
|
||||
if (filePath == null) {
|
||||
String homeDir = System.getProperty("keycloak.home.dir");
|
||||
String homeDir = Environment.getHomeDir();
|
||||
|
||||
if (homeDir != null) {
|
||||
File file = Paths.get(homeDir, "conf", KeycloakPropertiesConfigSource.KEYCLOAK_PROPERTIES).toFile();
|
||||
|
@ -54,17 +90,15 @@ public class KeycloakConfigSourceProvider implements ConfigSourceProvider {
|
|||
}
|
||||
}
|
||||
|
||||
if (filePath != null) {
|
||||
sources.add(new KeycloakPropertiesConfigSource.InFileSystem(filePath));
|
||||
if (filePath == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
// fall back to the default configuration within the server classpath
|
||||
if (sources.isEmpty()) {
|
||||
log.debug("Loading the default server configuration");
|
||||
sources.add(new KeycloakPropertiesConfigSource.InJar());
|
||||
return Paths.get(filePath);
|
||||
}
|
||||
|
||||
return sources;
|
||||
|
||||
@Override
|
||||
public Iterable<ConfigSource> getConfigSources(ClassLoader forClassLoader) {
|
||||
return CONFIG_SOURCES;
|
||||
}
|
||||
}
|
|
@ -15,7 +15,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.Closeable;
|
||||
|
@ -34,14 +34,15 @@ import java.util.Collections;
|
|||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
|
||||
import io.smallrye.config.PropertiesConfigSource;
|
||||
|
||||
import static org.keycloak.common.util.StringPropertyReplacer.replaceProperties;
|
||||
import static org.keycloak.provider.quarkus.MicroProfileConfigProvider.NS_KEYCLOAK;
|
||||
import static org.keycloak.provider.quarkus.MicroProfileConfigProvider.NS_QUARKUS;
|
||||
import static org.keycloak.configuration.MicroProfileConfigProvider.NS_KEYCLOAK;
|
||||
import static org.keycloak.configuration.MicroProfileConfigProvider.NS_QUARKUS;
|
||||
|
||||
/**
|
||||
* A configuration source for {@code keycloak.properties}.
|
||||
|
@ -49,6 +50,8 @@ import static org.keycloak.provider.quarkus.MicroProfileConfigProvider.NS_QUARKU
|
|||
public abstract class KeycloakPropertiesConfigSource extends PropertiesConfigSource {
|
||||
|
||||
private static final Logger log = Logger.getLogger(KeycloakPropertiesConfigSource.class);
|
||||
|
||||
private static final Pattern DOT_SPLIT = Pattern.compile("\\.");
|
||||
static final String KEYCLOAK_PROPERTIES = "keycloak.properties";
|
||||
|
||||
KeycloakPropertiesConfigSource(InputStream is, int ordinal) {
|
||||
|
@ -98,23 +101,21 @@ public abstract class KeycloakPropertiesConfigSource extends PropertiesConfigSou
|
|||
|
||||
public static final class InFileSystem extends KeycloakPropertiesConfigSource {
|
||||
|
||||
public InFileSystem(String fileName) {
|
||||
super(openStream(fileName), 255);
|
||||
public InFileSystem(Path path) {
|
||||
super(openStream(path), 255);
|
||||
}
|
||||
|
||||
private static InputStream openStream(String fileName) {
|
||||
final Path path = Paths.get(fileName);
|
||||
if (Files.exists(path)) {
|
||||
private static InputStream openStream(Path path) {
|
||||
if (path == null) {
|
||||
throw new IllegalArgumentException("Configuration file path can not be null");
|
||||
}
|
||||
try {
|
||||
log.debugf("Loading the server configuration from %s", fileName);
|
||||
log.debugf("Loading the server configuration from %s", path);
|
||||
return Files.newInputStream(path);
|
||||
} catch (NoSuchFileException | FileNotFoundException e) {
|
||||
return null;
|
||||
throw new IllegalArgumentException("Configuration file not found at [" + path + "]");
|
||||
} catch (IOException e) {
|
||||
throw new IOError(e);
|
||||
}
|
||||
} else {
|
||||
return null;
|
||||
throw new RuntimeException("Unexpected error reading configuration file at [" + path + "]", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -134,29 +135,24 @@ public abstract class KeycloakPropertiesConfigSource extends PropertiesConfigSou
|
|||
*/
|
||||
private static String transformKey(String key) {
|
||||
String namespace;
|
||||
String[] keyParts = key.split("\\.");
|
||||
String[] keyParts = DOT_SPLIT.split(key);
|
||||
String extension = keyParts[0];
|
||||
String profile = "";
|
||||
String transformed = key;
|
||||
|
||||
if (extension.startsWith("%")) {
|
||||
profile = String.format("%s.", keyParts[0]);
|
||||
extension = keyParts[1];
|
||||
key = key.substring(key.indexOf('.') + 1);
|
||||
transformed = key.substring(key.indexOf('.') + 1);
|
||||
}
|
||||
|
||||
switch (extension) {
|
||||
case "hibernate-orm":
|
||||
case "datasource":
|
||||
case "http":
|
||||
case "vertx":
|
||||
case "log":
|
||||
namespace = NS_QUARKUS;
|
||||
break;
|
||||
default:
|
||||
if (extension.equalsIgnoreCase(NS_QUARKUS)) {
|
||||
return key;
|
||||
} else {
|
||||
namespace = NS_KEYCLOAK;
|
||||
}
|
||||
|
||||
return profile + namespace + "." + key;
|
||||
return profile + namespace + "." + transformed;
|
||||
|
||||
}
|
||||
}
|
|
@ -15,7 +15,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import org.apache.commons.lang3.ArrayUtils;
|
||||
import org.eclipse.microprofile.config.ConfigProvider;
|
||||
|
@ -24,18 +24,19 @@ import org.keycloak.Config;
|
|||
|
||||
public class MicroProfileConfigProvider implements Config.ConfigProvider {
|
||||
|
||||
public static final String NS_KEYCLOAK = "keycloak";
|
||||
public static final String NS_KEYCLOAK = "kc";
|
||||
public static final String NS_KEYCLOAK_PREFIX = NS_KEYCLOAK + ".";
|
||||
public static final String NS_QUARKUS = "quarkus";
|
||||
public static final String NS_QUARKUS_PREFIX = NS_QUARKUS + ".";
|
||||
|
||||
private final org.eclipse.microprofile.config.Config config;
|
||||
|
||||
public MicroProfileConfigProvider() {
|
||||
this.config = ConfigProvider.getConfig();
|
||||
this(ConfigProvider.getConfig());
|
||||
}
|
||||
|
||||
// for testing only
|
||||
MicroProfileConfigProvider(ClassLoader cl) {
|
||||
this.config = ConfigProvider.getConfig(cl);
|
||||
public MicroProfileConfigProvider(org.eclipse.microprofile.config.Config config) {
|
||||
this.config = config;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -55,7 +56,7 @@ public class MicroProfileConfigProvider implements Config.ConfigProvider {
|
|||
|
||||
public MicroProfileScope(String... scope) {
|
||||
this.scope = scope;
|
||||
this.prefix = String.join(".", ArrayUtils.insert(0, scope, NS_KEYCLOAK));
|
||||
this.prefix = String.join(".", ArrayUtils.insert(0, scope, NS_KEYCLOAK, "spi"));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -109,12 +110,8 @@ public class MicroProfileConfigProvider implements Config.ConfigProvider {
|
|||
}
|
||||
|
||||
private <T> T getValue(String key, Class<T> clazz, T defaultValue) {
|
||||
String property = prefix + "." + key;
|
||||
return config.getOptionalValue(toDashCase(property), clazz)
|
||||
.orElseGet(() -> config.getOptionalValue(property, clazz)
|
||||
.orElse(defaultValue));
|
||||
return config.getOptionalValue(toDashCase(prefix.concat(".").concat(key)), clazz).orElse(defaultValue);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private static String toDashCase(String s) {
|
|
@ -15,7 +15,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import java.util.Optional;
|
||||
|
|
@ -0,0 +1,203 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import static org.keycloak.configuration.MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX;
|
||||
import static org.keycloak.util.Environment.getBuiltTimeProperty;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.function.BiFunction;
|
||||
|
||||
import io.smallrye.config.ConfigSourceInterceptorContext;
|
||||
import io.smallrye.config.ConfigValue;
|
||||
|
||||
public class PropertyMapper {
|
||||
|
||||
static PropertyMapper create(String fromProperty, String toProperty, String description) {
|
||||
return MAPPERS.computeIfAbsent(toProperty, s -> new PropertyMapper(fromProperty, s, null, null, description));
|
||||
}
|
||||
|
||||
static PropertyMapper createWithDefault(String fromProperty, String toProperty, String defaultValue, String description) {
|
||||
return MAPPERS.computeIfAbsent(toProperty, s -> new PropertyMapper(fromProperty, s, defaultValue, null, description));
|
||||
}
|
||||
|
||||
static PropertyMapper createWithDefault(String fromProperty, String toProperty, String defaultValue, BiFunction<String, ConfigSourceInterceptorContext, String> transformer, String description) {
|
||||
return MAPPERS.computeIfAbsent(toProperty, s -> new PropertyMapper(fromProperty, s, defaultValue, transformer, description));
|
||||
}
|
||||
|
||||
static PropertyMapper create(String fromProperty, String toProperty, BiFunction<String, ConfigSourceInterceptorContext, String> transformer, String description) {
|
||||
return MAPPERS.computeIfAbsent(toProperty, s -> new PropertyMapper(fromProperty, s, null, transformer, null, description));
|
||||
}
|
||||
|
||||
static PropertyMapper create(String fromProperty, String mapFrom, String toProperty, BiFunction<String, ConfigSourceInterceptorContext, String> transformer, String description) {
|
||||
return MAPPERS.computeIfAbsent(toProperty, s -> new PropertyMapper(fromProperty, s, null, transformer, mapFrom, description));
|
||||
}
|
||||
|
||||
static PropertyMapper forBuildTimeProperty(String fromProperty, String toProperty, BiFunction<String, ConfigSourceInterceptorContext, String> transformer, String description) {
|
||||
return MAPPERS.computeIfAbsent(toProperty, s -> new PropertyMapper(fromProperty, s, null, transformer, null, true, description));
|
||||
}
|
||||
|
||||
static Map<String, PropertyMapper> MAPPERS = new HashMap<>();
|
||||
|
||||
static PropertyMapper IDENTITY = new PropertyMapper(null, null, null, null, null) {
|
||||
@Override
|
||||
public ConfigValue getOrDefault(String name, ConfigSourceInterceptorContext context, ConfigValue current) {
|
||||
if (current == null) {
|
||||
ConfigValue.builder().withName(name)
|
||||
.withValue(getBuiltTimeProperty(
|
||||
NS_KEYCLOAK_PREFIX + name.substring(NS_KEYCLOAK_PREFIX.length()).replaceAll("\\.", "-"))
|
||||
.orElseGet(() -> getBuiltTimeProperty(name).orElse(null)))
|
||||
.build();
|
||||
}
|
||||
|
||||
return current;
|
||||
}
|
||||
};
|
||||
|
||||
private static String defaultTransformer(String value, ConfigSourceInterceptorContext context) {
|
||||
return value;
|
||||
}
|
||||
|
||||
private final String to;
|
||||
private final String from;
|
||||
private final String defaultValue;
|
||||
private final BiFunction<String, ConfigSourceInterceptorContext, String> mapper;
|
||||
private final String mapFrom;
|
||||
private final boolean buildTime;
|
||||
private String description;
|
||||
|
||||
PropertyMapper(String from, String to, String defaultValue, BiFunction<String, ConfigSourceInterceptorContext, String> mapper, String description) {
|
||||
this(from, to, defaultValue, mapper, null, description);
|
||||
}
|
||||
|
||||
PropertyMapper(String from, String to, String defaultValue, BiFunction<String, ConfigSourceInterceptorContext, String> mapper, String mapFrom, String description) {
|
||||
this(from, to, defaultValue, mapper, mapFrom, false, description);
|
||||
}
|
||||
|
||||
PropertyMapper(String from, String to, String defaultValue, BiFunction<String, ConfigSourceInterceptorContext, String> mapper, String mapFrom, boolean buildTime, String description) {
|
||||
this.from = MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX + from;
|
||||
this.to = to;
|
||||
this.defaultValue = defaultValue;
|
||||
if (mapper == null) {
|
||||
this.mapper = PropertyMapper::defaultTransformer;
|
||||
} else {
|
||||
this.mapper = mapper;
|
||||
}
|
||||
this.mapFrom = mapFrom;
|
||||
this.buildTime = buildTime;
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
ConfigValue getOrDefault(String name, ConfigSourceInterceptorContext context, ConfigValue current) {
|
||||
// try to obtain the value for the property we want to map
|
||||
ConfigValue config = context.proceed(from);
|
||||
|
||||
if (config == null) {
|
||||
if (mapFrom != null) {
|
||||
// if the property we want to map depends on another one, we use the value from the other property to call the mapper
|
||||
String parentKey = MicroProfileConfigProvider.NS_KEYCLOAK + "." + mapFrom;
|
||||
ConfigValue parentValue = getBuiltTimeConfig(parentKey, context).orElseGet(() -> {
|
||||
ConfigValue value = context.proceed(parentKey);
|
||||
|
||||
if (value == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return transformValue(value.getValue(), context);
|
||||
});
|
||||
|
||||
if (parentValue != null) {
|
||||
return parentValue;
|
||||
}
|
||||
}
|
||||
|
||||
Optional<ConfigValue> buildConfig = getBuiltTimeConfig(from, context);
|
||||
|
||||
if (buildConfig.isPresent()) {
|
||||
return buildConfig.get();
|
||||
}
|
||||
|
||||
// if not defined, return the current value from the property as a default if the property is not explicitly set
|
||||
if (defaultValue == null
|
||||
|| (current != null && !current.getConfigSourceName().equalsIgnoreCase("default values"))) {
|
||||
return current;
|
||||
}
|
||||
|
||||
if (mapper != null) {
|
||||
return transformValue(defaultValue, context);
|
||||
}
|
||||
|
||||
return ConfigValue.builder().withName(to).withValue(defaultValue).build();
|
||||
}
|
||||
|
||||
if (mapFrom != null) {
|
||||
return config;
|
||||
}
|
||||
|
||||
ConfigValue value = transformValue(config.getValue(), context);
|
||||
|
||||
// we always fallback to the current value from the property we are mapping
|
||||
if (value == null) {
|
||||
return current;
|
||||
}
|
||||
|
||||
return value;
|
||||
}
|
||||
|
||||
public Optional<ConfigValue> getBuiltTimeConfig(String name, ConfigSourceInterceptorContext context) {
|
||||
ConfigValue value = transformValue(getBuiltTimeProperty(name).orElseGet(() -> getBuiltTimeProperty(
|
||||
NS_KEYCLOAK_PREFIX + name.substring(NS_KEYCLOAK_PREFIX.length()).replaceAll("\\.", "-")).orElse(null)), context);
|
||||
|
||||
if (value == null) {
|
||||
return Optional.empty();
|
||||
}
|
||||
|
||||
return Optional.of(value);
|
||||
}
|
||||
|
||||
private ConfigValue transformValue(String value, ConfigSourceInterceptorContext context) {
|
||||
if (value == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if (mapper == null) {
|
||||
return ConfigValue.builder().withName(to).withValue(value).build();
|
||||
}
|
||||
|
||||
String mappedValue = mapper.apply(value, context);
|
||||
|
||||
if (mappedValue != null) {
|
||||
return ConfigValue.builder().withName(to).withValue(mappedValue).build();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public boolean isBuildTime() {
|
||||
return buildTime;
|
||||
}
|
||||
|
||||
public String getFrom() {
|
||||
return from;
|
||||
}
|
||||
|
||||
public String getDescription() {
|
||||
return description;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,164 @@
|
|||
/*
|
||||
* Copyright 202 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import static org.keycloak.configuration.PropertyMapper.create;
|
||||
import static org.keycloak.configuration.PropertyMapper.createWithDefault;
|
||||
import static org.keycloak.configuration.PropertyMapper.forBuildTimeProperty;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import io.quarkus.runtime.configuration.ProfileManager;
|
||||
import io.smallrye.config.ConfigSourceInterceptorContext;
|
||||
import io.smallrye.config.ConfigValue;
|
||||
|
||||
/**
|
||||
* Configures the {@link PropertyMapper} instances for all Keycloak configuration properties that should be mapped to their
|
||||
* corresponding properties in Quarkus.
|
||||
*/
|
||||
public final class PropertyMappers {
|
||||
|
||||
static {
|
||||
configureDatabasePropertyMappers();
|
||||
configureHttpPropertyMappers();
|
||||
configureProxyMappers();
|
||||
}
|
||||
|
||||
private static void configureHttpPropertyMappers() {
|
||||
createWithDefault("http.enabled", "quarkus.http.insecure-requests", "disabled", (value, context) -> {
|
||||
Boolean enabled = Boolean.valueOf(value);
|
||||
ConfigValue proxy = context.proceed(MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX + "proxy");
|
||||
|
||||
if ("dev".equalsIgnoreCase(ProfileManager.getActiveProfile()) ||
|
||||
(proxy != null && "edge".equalsIgnoreCase(proxy.getValue()))) {
|
||||
enabled = true;
|
||||
}
|
||||
|
||||
return enabled ? "enabled" : "disabled";
|
||||
}, "Enables the HTTP listener.");
|
||||
createWithDefault("http.port", "quarkus.http.port", String.valueOf(8080), "The HTTP port.");
|
||||
createWithDefault("https.port", "quarkus.http.ssl-port", String.valueOf(8443), "The HTTPS port.");
|
||||
createWithDefault("https.client-auth", "quarkus.http.ssl.client-auth", "none", "Configures the server to require/request client authentication. none, request, required.");
|
||||
create("https.cipher-suites", "quarkus.http.ssl.cipher-suites", "The cipher suites to use. If none is given, a reasonable default is selected.");
|
||||
create("https.protocols", "quarkus.http.ssl.protocols", "The list of protocols to explicitly enable.");
|
||||
create("https.certificate.file", "quarkus.http.ssl.certificate.file", "The file path to a server certificate or certificate chain in PEM format.");
|
||||
create("https.certificate.key-store-file", "quarkus.http.ssl.certificate.key-store-file", "An optional key store which holds the certificate information instead of specifying separate files.");
|
||||
create("https.certificate.key-store-password", "quarkus.http.ssl.certificate.key-store-password", "A parameter to specify the password of the key store file. If not given, the default (\"password\") is used.");
|
||||
create("https.certificate.key-store-file-type", "quarkus.http.ssl.certificate.key-store-file-type", "An optional parameter to specify type of the key store file. If not given, the type is automatically detected based on the file name.");
|
||||
create("https.certificate.trust-store-file", "quarkus.http.ssl.certificate.trust-store-file", "An optional trust store which holds the certificate information of the certificates to trust.");
|
||||
create("https.certificate.trust-store-password", "quarkus.http.ssl.certificate.trust-store-password", "A parameter to specify the password of the trust store file.");
|
||||
create("https.certificate.trust-store-file-type", "quarkus.http.ssl.certificate.trust-store-file-type", "An optional parameter to specify type of the trust store file. If not given, the type is automatically detected based on the file name.");
|
||||
}
|
||||
|
||||
private static void configureProxyMappers() {
|
||||
createWithDefault("proxy", "quarkus.http.proxy.proxy-address-forwarding", "none", (mode, context) -> {
|
||||
switch (mode) {
|
||||
case "none":
|
||||
return "false";
|
||||
case "edge":
|
||||
case "reencrypt":
|
||||
case "passthrough":
|
||||
return "true";
|
||||
}
|
||||
throw new RuntimeException("Invalid value [" + mode + "] for configuration property [proxy]");
|
||||
}, "The proxy mode if the server is behind a reverse proxy. Possible values are: none, edge, reencrypt, and passthrough.");
|
||||
}
|
||||
|
||||
private static void configureDatabasePropertyMappers() {
|
||||
forBuildTimeProperty("db", "quarkus.hibernate-orm.dialect", (db, context) -> {
|
||||
switch (db.toLowerCase()) {
|
||||
case "h2-file":
|
||||
case "h2-mem":
|
||||
return "io.quarkus.hibernate.orm.runtime.dialect.QuarkusH2Dialect";
|
||||
case "mariadb":
|
||||
return "org.hibernate.dialect.MariaDBDialect";
|
||||
case "postgres-95":
|
||||
return "io.quarkus.hibernate.orm.runtime.dialect.QuarkusPostgreSQL95Dialect";
|
||||
case "postgres-10":
|
||||
return "io.quarkus.hibernate.orm.runtime.dialect.QuarkusPostgreSQL10Dialect";
|
||||
}
|
||||
return null;
|
||||
}, "The database vendor. Possible values are: h2-mem, h2-file, mariadb, postgres95, postgres10.");
|
||||
create("db", "quarkus.datasource.driver", (db, context) -> {
|
||||
switch (db.toLowerCase()) {
|
||||
case "h2-file":
|
||||
case "h2-mem":
|
||||
return "org.h2.jdbcx.JdbcDataSource";
|
||||
case "mariadb":
|
||||
return "org.mariadb.jdbc.MySQLDataSource";
|
||||
case "postgres-95":
|
||||
case "postgres-10":
|
||||
return "org.postgresql.xa.PGXADataSource";
|
||||
}
|
||||
return null;
|
||||
}, null);
|
||||
create("db", "quarkus.datasource.jdbc.transactions", (db, context) -> "xa", null);
|
||||
create("db.url", "db", "quarkus.datasource.url", (db, context) -> {
|
||||
switch (db.toLowerCase()) {
|
||||
case "h2-file":
|
||||
return "jdbc:h2:file:${kc.home.dir:${kc.db.url.path:~}}/data/keycloakdb${kc.db.url.properties:;;AUTO_SERVER=TRUE}";
|
||||
case "h2-mem":
|
||||
return "jdbc:h2:mem:keycloakdb${kc.db.url.properties:}";
|
||||
case "mariadb":
|
||||
return "jdbc:mariadb://${kc.db.url.host:localhost}/${kc.db.url.database:keycloak}${kc.db.url.properties:}";
|
||||
case "postgres-95":
|
||||
case "postgres-10":
|
||||
return "jdbc:postgresql://${kc.db.url.host:localhost}/${kc.db.url.database}${kc.db.url.properties:}";
|
||||
}
|
||||
return null;
|
||||
}, "The database JDBC URL. If not provided a default URL is set based on the selected database vendor.");
|
||||
create("db.username", "quarkus.datasource.username", "The database username.");
|
||||
create("db.password", "quarkus.datasource.password", "The database password");
|
||||
create("db.schema", "quarkus.datasource.schema", "The database schema.");
|
||||
create("db.pool.initial-size", "quarkus.datasource.jdbc.initial-size", "The initial size of the connection pool.");
|
||||
create("db.pool.min-size", "quarkus.datasource.jdbc.min-size", "The minimal size of the connection pool.");
|
||||
createWithDefault("db.pool.max-size", "quarkus.datasource.jdbc.max-size", String.valueOf(100), "The maximum size of the connection pool.");
|
||||
}
|
||||
|
||||
static ConfigValue getValue(ConfigSourceInterceptorContext context, String name) {
|
||||
return PropertyMapper.MAPPERS.getOrDefault(name, PropertyMapper.IDENTITY)
|
||||
.getOrDefault(name, context, context.proceed(name));
|
||||
}
|
||||
|
||||
public static boolean isBuildTimeProperty(String name) {
|
||||
return PropertyMapper.MAPPERS.entrySet().stream()
|
||||
.anyMatch(entry -> entry.getValue().getFrom().equals(name) && entry.getValue().isBuildTime());
|
||||
}
|
||||
|
||||
public static boolean isSupported(String name) {
|
||||
return PropertyMapper.MAPPERS.entrySet().stream()
|
||||
.anyMatch(entry -> toCLIFormat(entry.getValue().getFrom()).equals(name));
|
||||
}
|
||||
|
||||
public static String toCLIFormat(String name) {
|
||||
return MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX
|
||||
.concat(name.substring(3).replaceAll("\\.", "-"));
|
||||
}
|
||||
|
||||
public static List<PropertyMapper> getRuntimeMappers() {
|
||||
return PropertyMapper.MAPPERS.values().stream()
|
||||
.filter(entry -> !entry.isBuildTime()).collect(Collectors.toList());
|
||||
}
|
||||
|
||||
public static List<PropertyMapper> getBuiltTimeMappers() {
|
||||
return PropertyMapper.MAPPERS.values().stream()
|
||||
.filter(entry -> entry.isBuildTime()).collect(Collectors.toList());
|
||||
}
|
||||
}
|
|
@ -0,0 +1,60 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import io.smallrye.config.ConfigSourceInterceptor;
|
||||
import io.smallrye.config.ConfigSourceInterceptorContext;
|
||||
import io.smallrye.config.ConfigValue;
|
||||
import org.keycloak.common.util.StringPropertyReplacer;
|
||||
|
||||
/**
|
||||
* <p>This interceptor is responsible for mapping Keycloak properties to their corresponding properties in Quarkus.
|
||||
*
|
||||
* <p>A single property in Keycloak may span a single or multiple properties on Quarkus and for each property we want to map
|
||||
* from Quarkus we should configure a {@link PropertyMapper}.
|
||||
*
|
||||
* <p>The {@link PropertyMapper} can either perform a 1:1 mapping where the value of a property from
|
||||
* Keycloak (e.g.: https.port) is mapped to a single properties in Quarkus, or perform a 1:N mapping where the value of a property
|
||||
* from Keycloak (e.g.: database) is mapped to multiple properties in Quarkus.
|
||||
*/
|
||||
public class PropertyMappingInterceptor implements ConfigSourceInterceptor {
|
||||
|
||||
@Override
|
||||
public ConfigValue getValue(ConfigSourceInterceptorContext context, String name) {
|
||||
ConfigValue value = PropertyMappers.getValue(context, name);
|
||||
|
||||
if (value == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if (value.getValue().indexOf("${") == -1) {
|
||||
return value;
|
||||
}
|
||||
|
||||
return value.withValue(
|
||||
StringPropertyReplacer.replaceProperties(PropertyMappers.getValue(context, name).getValue(),
|
||||
property -> {
|
||||
ConfigValue prop = context.proceed(property);
|
||||
|
||||
if (prop == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return prop.getValue();
|
||||
}));
|
||||
}
|
||||
}
|
|
@ -0,0 +1,53 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.configuration;
|
||||
|
||||
import java.util.Map;
|
||||
import java.util.TreeMap;
|
||||
|
||||
import org.eclipse.microprofile.config.spi.ConfigSource;
|
||||
|
||||
/**
|
||||
* The only reason for this config source is to keep the Keycloak specific properties when configuring the server so that
|
||||
* they are read again when running the server after the configuration.
|
||||
*/
|
||||
public class SysPropConfigSource implements ConfigSource {
|
||||
|
||||
public Map<String, String> getProperties() {
|
||||
Map<String, String> output = new TreeMap<>();
|
||||
for (Map.Entry<Object, Object> entry : System.getProperties().entrySet()) {
|
||||
String key = (String) entry.getKey();
|
||||
if (key.startsWith(MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX)) {
|
||||
output.put(key, entry.getValue().toString());
|
||||
}
|
||||
}
|
||||
return output;
|
||||
}
|
||||
|
||||
public String getValue(final String propertyName) {
|
||||
return System.getProperty(propertyName);
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return "System properties";
|
||||
}
|
||||
|
||||
public int getOrdinal() {
|
||||
return 400;
|
||||
}
|
||||
}
|
|
@ -1,6 +1,5 @@
|
|||
package org.keycloak.connections.liquibase;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -13,9 +12,6 @@ import liquibase.database.Database;
|
|||
import liquibase.logging.Logger;
|
||||
import liquibase.servicelocator.DefaultPackageScanClassResolver;
|
||||
import liquibase.servicelocator.ServiceLocator;
|
||||
import org.keycloak.connections.jpa.updater.liquibase.PostgresPlusDatabase;
|
||||
import org.keycloak.connections.jpa.updater.liquibase.UpdatedMariaDBDatabase;
|
||||
import org.keycloak.connections.jpa.updater.liquibase.UpdatedMySqlDatabase;
|
||||
|
||||
public class FastServiceLocator extends ServiceLocator {
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ import org.infinispan.manager.DefaultCacheManager;
|
|||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.cluster.ManagedCacheManagerProvider;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.util.Environment;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
|
@ -65,7 +66,7 @@ public final class QuarkusCacheManagerProvider implements ManagedCacheManagerPro
|
|||
}
|
||||
|
||||
private InputStream loadConfiguration(Config.Scope config) throws FileNotFoundException {
|
||||
String homeDir = System.getProperty("keycloak.home.dir");
|
||||
String homeDir = Environment.getHomeDir();
|
||||
|
||||
if (homeDir == null) {
|
||||
log.warn("Keycloak home directory not set.");
|
||||
|
|
|
@ -22,10 +22,7 @@ import io.quarkus.runtime.StartupEvent;
|
|||
import javax.enterprise.context.ApplicationScoped;
|
||||
import javax.enterprise.event.Observes;
|
||||
|
||||
import org.jboss.resteasy.plugins.server.servlet.ResteasyContextParameters;
|
||||
import org.jboss.resteasy.spi.ResteasyDeployment;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.common.util.Resteasy;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
import org.keycloak.models.KeycloakTransactionManager;
|
||||
|
|
|
@ -1,3 +1,20 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
import org.jboss.resteasy.core.ResteasyContext;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2020 Analytical Graphics, Inc. and/or its affiliates
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
@ -13,8 +13,8 @@
|
|||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
import java.security.cert.X509Certificate;
|
||||
|
@ -24,7 +24,6 @@ import javax.enterprise.inject.spi.CDI;
|
|||
import javax.net.ssl.SSLPeerUnverifiedException;
|
||||
import javax.net.ssl.SSLSession;
|
||||
|
||||
import io.vertx.core.http.HttpServerRequest;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.keycloak.services.x509.X509ClientCertificateLookup;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2020 Analytical Graphics, Inc. and/or its affiliates
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
@ -13,7 +13,6 @@
|
|||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
|
|
|
@ -0,0 +1,159 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.quarkus;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import io.smallrye.config.ConfigValue;
|
||||
import org.keycloak.QuarkusKeycloakSessionFactory;
|
||||
import org.keycloak.authentication.authenticators.directgrant.ValidateOTP;
|
||||
import org.keycloak.cli.ShowConfigCommand;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.configuration.MicroProfileConfigProvider;
|
||||
import org.keycloak.configuration.PropertyMappers;
|
||||
import org.keycloak.connections.liquibase.FastServiceLocator;
|
||||
import org.keycloak.connections.liquibase.KeycloakLogger;
|
||||
import org.keycloak.provider.Provider;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
import org.keycloak.provider.Spi;
|
||||
|
||||
import io.quarkus.runtime.annotations.Recorder;
|
||||
import io.smallrye.config.SmallRyeConfig;
|
||||
import io.smallrye.config.SmallRyeConfigProviderResolver;
|
||||
import liquibase.logging.LogFactory;
|
||||
import liquibase.servicelocator.ServiceLocator;
|
||||
|
||||
@Recorder
|
||||
public class KeycloakRecorder {
|
||||
|
||||
private static final SmallRyeConfig CONFIG;
|
||||
|
||||
static {
|
||||
CONFIG = (SmallRyeConfig) SmallRyeConfigProviderResolver.instance().getConfig();
|
||||
}
|
||||
|
||||
private static Map<String, String> BUILD_TIME_PROPERTIES = Collections.emptyMap();
|
||||
|
||||
public static String getBuiltTimeProperty(String name) {
|
||||
return BUILD_TIME_PROPERTIES.get(name);
|
||||
}
|
||||
|
||||
public static SmallRyeConfig getConfig() {
|
||||
return CONFIG;
|
||||
}
|
||||
|
||||
public void configureLiquibase(Map<String, List<String>> services) {
|
||||
LogFactory.setInstance(new LogFactory() {
|
||||
final KeycloakLogger logger = new KeycloakLogger();
|
||||
|
||||
@Override
|
||||
public liquibase.logging.Logger getLog(String name) {
|
||||
return logger;
|
||||
}
|
||||
|
||||
@Override
|
||||
public liquibase.logging.Logger getLog() {
|
||||
return logger;
|
||||
}
|
||||
});
|
||||
|
||||
// we set this property to avoid Liquibase to lookup resources from the classpath and access JAR files
|
||||
// we already index the packages we want so Liquibase will still be able to load these services
|
||||
// for uber-jar, this is not a problem because everything is inside the JAR, but once we move to fast-jar we'll have performance penalties
|
||||
// it seems that v4 of liquibase provides a more smart way of initialization the ServiceLocator that may allow us to remove this
|
||||
System.setProperty("liquibase.scan.packages", "org.liquibase.core");
|
||||
|
||||
ServiceLocator.setInstance(new FastServiceLocator(services));
|
||||
}
|
||||
|
||||
public void configSessionFactory(
|
||||
Map<Spi, Map<Class<? extends Provider>, Map<String, Class<? extends ProviderFactory>>>> factories,
|
||||
Map<Class<? extends Provider>, String> defaultProviders,
|
||||
Boolean reaugmented) {
|
||||
Profile.setInstance(createProfile());
|
||||
QuarkusKeycloakSessionFactory.setInstance(new QuarkusKeycloakSessionFactory(factories, defaultProviders, reaugmented));
|
||||
}
|
||||
|
||||
public void setBuildTimeProperties(Map<String, String> buildTimeProperties, Boolean rebuild) {
|
||||
BUILD_TIME_PROPERTIES = buildTimeProperties;
|
||||
|
||||
for (String propertyName : getConfig().getPropertyNames()) {
|
||||
if (!propertyName.startsWith(MicroProfileConfigProvider.NS_KEYCLOAK_PREFIX)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
String buildValue = BUILD_TIME_PROPERTIES.get(propertyName);
|
||||
ConfigValue value = getConfig().getConfigValue(propertyName);
|
||||
|
||||
if (PropertyMappers.isBuildTimeProperty(propertyName)) {
|
||||
if (!rebuild && buildValue != null && value.getValue() != null && !buildValue.equalsIgnoreCase(value.getValue())) {
|
||||
System.err.println("The value [" + value.getValue() + "] for property [" + propertyName + "] differs from the value [" + buildValue + "] set into the server image. Please, run the 'config' command to configure the server with the new value.");
|
||||
System.exit(1);
|
||||
}
|
||||
if (!value.getConfigSourceName().contains("keycloak.properties")) {
|
||||
System.err.println("The property [" + propertyName + "] can only be set when configuring the server. Please, run the 'config' command.");
|
||||
System.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
if (buildValue != null && isRuntimeValue(value) && !buildValue.equalsIgnoreCase(value.getValue())) {
|
||||
System.err.println("The value [" + value.getValue() + "] of property [" + propertyName + "] differs from the value [" + buildValue + "] set into the server image");
|
||||
System.exit(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private boolean isRuntimeValue(ConfigValue value) {
|
||||
return value.getValue() != null && !PropertyMappers.isBuildTimeProperty(value.getName());
|
||||
}
|
||||
|
||||
/**
|
||||
* This method should be executed during static init so that the configuration is printed (if demanded) based on the properties
|
||||
* set from the previous reaugmentation
|
||||
*/
|
||||
public void showConfig() {
|
||||
ShowConfigCommand.run(BUILD_TIME_PROPERTIES);
|
||||
}
|
||||
|
||||
public static Profile createProfile() {
|
||||
return new Profile(new Profile.PropertyResolver() {
|
||||
@Override
|
||||
public String resolve(String feature) {
|
||||
if (feature.startsWith("keycloak.profile.feature")) {
|
||||
feature = feature.replaceAll("keycloak\\.profile\\.feature", "kc\\.features");
|
||||
} else {
|
||||
feature = "kc.features";
|
||||
}
|
||||
|
||||
String value = getBuiltTimeProperty(feature);
|
||||
|
||||
if (value == null) {
|
||||
value = getBuiltTimeProperty(feature.replaceAll("\\.features\\.", "\\.features-"));
|
||||
}
|
||||
|
||||
if (value != null) {
|
||||
return value;
|
||||
}
|
||||
|
||||
return KeycloakRecorder.getConfig().getRawValue(feature);
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
|
@ -1,59 +0,0 @@
|
|||
package org.keycloak.runtime;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.keycloak.QuarkusKeycloakSessionFactory;
|
||||
import org.keycloak.connections.liquibase.FastServiceLocator;
|
||||
import org.keycloak.connections.liquibase.KeycloakLogger;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
import org.keycloak.provider.Spi;
|
||||
|
||||
import io.quarkus.agroal.runtime.DataSourceSupport;
|
||||
import io.quarkus.arc.runtime.BeanContainer;
|
||||
import io.quarkus.arc.runtime.BeanContainerListener;
|
||||
import io.quarkus.datasource.common.runtime.DataSourceUtil;
|
||||
import io.quarkus.runtime.annotations.Recorder;
|
||||
import io.smallrye.config.SmallRyeConfig;
|
||||
import io.smallrye.config.SmallRyeConfigProviderResolver;
|
||||
import liquibase.logging.LogFactory;
|
||||
import liquibase.servicelocator.ServiceLocator;
|
||||
|
||||
@Recorder
|
||||
public class KeycloakRecorder {
|
||||
|
||||
public static final SmallRyeConfig CONFIG;
|
||||
|
||||
static {
|
||||
CONFIG = (SmallRyeConfig) SmallRyeConfigProviderResolver.instance().getConfig();
|
||||
}
|
||||
|
||||
public void configureLiquibase(Map<String, List<String>> services) {
|
||||
LogFactory.setInstance(new LogFactory() {
|
||||
KeycloakLogger logger = new KeycloakLogger();
|
||||
|
||||
@Override
|
||||
public liquibase.logging.Logger getLog(String name) {
|
||||
return logger;
|
||||
}
|
||||
|
||||
@Override
|
||||
public liquibase.logging.Logger getLog() {
|
||||
return logger;
|
||||
}
|
||||
});
|
||||
|
||||
// we set this property to avoid Liquibase to lookup resources from the classpath and access JAR files
|
||||
// we already index the packages we want so Liquibase will still be able to load these services
|
||||
// for uber-jar, this is not a problem because everything is inside the JAR, but once we move to fast-jar we'll have performance penalties
|
||||
// it seems that v4 of liquibase provides a more smart way of initialization the ServiceLocator that may allow us to remove this
|
||||
System.setProperty("liquibase.scan.packages", "org.liquibase.core");
|
||||
|
||||
ServiceLocator.setInstance(new FastServiceLocator(services));
|
||||
}
|
||||
|
||||
public void configSessionFactory(Map<Spi, Set<Class<? extends ProviderFactory>>> factories, Boolean reaugmented) {
|
||||
QuarkusKeycloakSessionFactory.setInstance(new QuarkusKeycloakSessionFactory(factories, reaugmented));
|
||||
}
|
||||
}
|
|
@ -17,9 +17,56 @@
|
|||
|
||||
package org.keycloak.util;
|
||||
|
||||
import java.util.Optional;
|
||||
|
||||
import io.smallrye.config.SmallRyeConfig;
|
||||
import org.keycloak.quarkus.KeycloakRecorder;
|
||||
|
||||
public final class Environment {
|
||||
|
||||
public static Boolean isRebuild() {
|
||||
return Boolean.valueOf(System.getProperty("quarkus.launch.rebuild"));
|
||||
}
|
||||
|
||||
public static String getHomeDir() {
|
||||
return System.getProperty("kc.home.dir");
|
||||
}
|
||||
|
||||
public static String getCommand() {
|
||||
String homeDir = getHomeDir();
|
||||
|
||||
if (homeDir == null) {
|
||||
return "java -jar $KEYCLOAK_HOME/lib/quarkus-run.jar";
|
||||
}
|
||||
|
||||
return "kc.sh";
|
||||
}
|
||||
|
||||
public static String getConfigArgs() {
|
||||
return System.getProperty("kc.config.args");
|
||||
}
|
||||
|
||||
public static String getProfile() {
|
||||
String profile = System.getProperty("kc.profile");
|
||||
|
||||
if (profile == null) {
|
||||
profile = System.getenv("KC_PROFILE");
|
||||
}
|
||||
|
||||
return profile;
|
||||
}
|
||||
|
||||
public static Optional<String> getBuiltTimeProperty(String name) {
|
||||
String value = KeycloakRecorder.getBuiltTimeProperty(name);
|
||||
|
||||
if (value == null) {
|
||||
return Optional.empty();
|
||||
}
|
||||
|
||||
return Optional.of(value);
|
||||
}
|
||||
|
||||
public static SmallRyeConfig getConfig() {
|
||||
return KeycloakRecorder.getConfig();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
#
|
||||
# Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
# and other contributors as indicated by the @author tags.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
org.keycloak.configuration.PropertyMappingInterceptor
|
|
@ -15,4 +15,4 @@
|
|||
# limitations under the License.
|
||||
#
|
||||
|
||||
org.keycloak.provider.quarkus.KeycloakConfigSourceProvider
|
||||
org.keycloak.configuration.KeycloakConfigSourceProvider
|
||||
|
|
|
@ -15,4 +15,4 @@
|
|||
# limitations under the License.
|
||||
#
|
||||
|
||||
org.keycloak.provider.quarkus.MicroProfileConfigProviderFactory
|
||||
org.keycloak.configuration.MicroProfileConfigProviderFactory
|
||||
|
|
|
@ -0,0 +1,222 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotEquals;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
|
||||
import io.quarkus.hibernate.orm.runtime.dialect.QuarkusH2Dialect;
|
||||
import io.smallrye.config.SmallRyeConfig;
|
||||
import org.eclipse.microprofile.config.ConfigProvider;
|
||||
import org.eclipse.microprofile.config.spi.ConfigProviderResolver;
|
||||
import org.hibernate.dialect.MariaDBDialect;
|
||||
import org.junit.After;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.configuration.KeycloakConfigSourceProvider;
|
||||
import org.keycloak.configuration.MicroProfileConfigProvider;
|
||||
|
||||
import io.quarkus.runtime.configuration.ConfigUtils;
|
||||
import io.smallrye.config.SmallRyeConfigProviderResolver;
|
||||
|
||||
public class ConfigurationTest {
|
||||
|
||||
private static final Properties SYSTEM_PROPERTIES = (Properties) System.getProperties().clone();
|
||||
private static final Map<String, String> ENVIRONMENT_VARIABLES = new HashMap<>(System.getenv());
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public static void putEnvVar(String name, String value) {
|
||||
Map<String, String> env = System.getenv();
|
||||
Field field = null;
|
||||
try {
|
||||
field = env.getClass().getDeclaredField("m");
|
||||
field.setAccessible(true);
|
||||
((Map<String, String>) field.get(env)).put(name, value);
|
||||
} catch (Exception cause) {
|
||||
throw new RuntimeException("Failed to update environment variables", cause);
|
||||
} finally {
|
||||
if (field != null) {
|
||||
field.setAccessible(false);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public static void removeEnvVar(String name) {
|
||||
Map<String, String> env = System.getenv();
|
||||
Field field = null;
|
||||
try {
|
||||
field = env.getClass().getDeclaredField("m");
|
||||
field.setAccessible(true);
|
||||
((Map<String, String>) field.get(env)).remove(name);
|
||||
} catch (Exception cause) {
|
||||
throw new RuntimeException("Failed to update environment variables", cause);
|
||||
} finally {
|
||||
if (field != null) {
|
||||
field.setAccessible(false);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@After
|
||||
public void onAfter() {
|
||||
Properties current = System.getProperties();
|
||||
|
||||
for (String name : current.stringPropertyNames()) {
|
||||
if (!SYSTEM_PROPERTIES.containsKey(name)) {
|
||||
current.remove(name);
|
||||
}
|
||||
}
|
||||
|
||||
for (String name : new HashMap<>(System.getenv()).keySet()) {
|
||||
if (!ENVIRONMENT_VARIABLES.containsKey(name)) {
|
||||
removeEnvVar(name);
|
||||
}
|
||||
}
|
||||
|
||||
SmallRyeConfigProviderResolver.class.cast(ConfigProviderResolver.instance()).releaseConfig(ConfigProvider.getConfig());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCamelCase() {
|
||||
putEnvVar("KC_SPI_CAMEL_CASE_SCOPE_CAMEL_CASE_PROP", "foobar");
|
||||
initConfig();
|
||||
String value = Config.scope("camelCaseScope").get("camelCaseProp");
|
||||
assertEquals(value, "foobar");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEnvVarPriorityOverPropertiesFile() {
|
||||
putEnvVar("KC_SPI_HOSTNAME_DEFAULT_FRONTEND_URL", "http://envvar.com");
|
||||
assertEquals("http://envvar.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSysPropPriorityOverEnvVar() {
|
||||
putEnvVar("KC_HOSTNAME_DEFAULT_FRONTEND_URL", "http://envvar.com");
|
||||
System.setProperty("kc.spi.hostname.default.frontend-url", "http://propvar.com");
|
||||
assertEquals("http://propvar.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCLIPriorityOverSysVar() {
|
||||
System.setProperty("kc.hostname.frontend-url", "http://propvar.com");
|
||||
System.setProperty("kc.config.args", "--spi-hostname-default-frontend-url=http://cli.com");
|
||||
assertEquals("http://cli.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDefaultValueFromProperty() {
|
||||
System.setProperty("keycloak.frontendUrl", "http://defaultvalueprop.com");
|
||||
assertEquals("http://defaultvalueprop.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDefaultValue() {
|
||||
assertEquals("http://filepropdefault.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testKeycloakProfilePropertySubstitution() {
|
||||
System.setProperty("kc.profile", "user-profile");
|
||||
assertEquals("http://filepropprofile.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testQuarkusProfilePropertyStillWorks() {
|
||||
System.setProperty("quarkus.profile", "user-profile");
|
||||
assertEquals("http://filepropprofile.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCommandLineArguments() {
|
||||
System.setProperty("kc.config.args", "--spi-hostname-default-frontend-url=http://fromargs.com,--no-ssl");
|
||||
assertEquals("http://fromargs.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
assertEquals("true", ConfigProvider.getConfig().getValue("kc.no-ssl", String.class));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSpiConfigurationUsingCommandLineArguments() {
|
||||
System.setProperty("kc.config.args", "--spi-hostname-default-frontend-url=http://spifull.com");
|
||||
assertEquals("http://spifull.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
|
||||
// test multi-word SPI names using camel cases
|
||||
System.setProperty("kc.config.args", "--spi-action-token-handler-verify-email-some-property=test");
|
||||
assertEquals("test", initConfig("action-token-handler", "verify-email").get("some-property"));
|
||||
System.setProperty("kc.config.args", "--spi-action-token-handler-verify-email-some-property=test");
|
||||
assertEquals("test", initConfig("action-token-handler", "verify-email").get("some-property"));
|
||||
|
||||
// test multi-word SPI names using slashes
|
||||
System.setProperty("kc.config.args", "--spi-client-registration-openid-connect-static-jwk-url=http://c.jwk.url");
|
||||
assertEquals("http://c.jwk.url", initConfig("client-registration", "openid-connect").get("static-jwk-url"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSpiConfigurationUsingProperties() {
|
||||
System.setProperty("kc.spi.hostname.default.frontend-url", "http://spifull.com");
|
||||
assertEquals("http://spifull.com", initConfig("hostname", "default").get("frontendUrl"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPropertyMapping() {
|
||||
System.setProperty("kc.config.args", "--db=mariadb,--db-url=jdbc:mariadb://localhost/keycloak");
|
||||
SmallRyeConfig config = createConfig();
|
||||
assertEquals(MariaDBDialect.class.getName(), config.getConfigValue("quarkus.hibernate-orm.dialect").getValue());
|
||||
assertEquals("jdbc:mariadb://localhost/keycloak", config.getConfigValue("quarkus.datasource.url").getValue());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDatabaseDefaults() {
|
||||
System.setProperty("kc.config.args", "--db=h2-file");
|
||||
SmallRyeConfig config = createConfig();
|
||||
assertEquals(QuarkusH2Dialect.class.getName(), config.getConfigValue("quarkus.hibernate-orm.dialect").getValue());
|
||||
assertEquals("jdbc:h2:file:~/data/keycloakdb;;AUTO_SERVER=TRUE", config.getConfigValue("quarkus.datasource.url").getValue());
|
||||
|
||||
System.setProperty("kc.config.args", "--db=h2-mem");
|
||||
config = createConfig();
|
||||
assertEquals(QuarkusH2Dialect.class.getName(), config.getConfigValue("quarkus.hibernate-orm.dialect").getValue());
|
||||
assertEquals("jdbc:h2:mem:keycloakdb", config.getConfigValue("quarkus.datasource.url").getValue());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDatabaseProperties() {
|
||||
System.setProperty("kc.config.args", "--db=h2-file,--db-url-path=test,--db-url-properties=;;test=test;test1=test1");
|
||||
SmallRyeConfig config = createConfig();
|
||||
assertEquals(QuarkusH2Dialect.class.getName(), config.getConfigValue("quarkus.hibernate-orm.dialect").getValue());
|
||||
assertEquals("jdbc:h2:file:test/data/keycloakdb;;test=test;test1=test1", config.getConfigValue("quarkus.datasource.url").getValue());
|
||||
|
||||
System.setProperty("kc.config.args", "--db=mariadb,--db-url-path=test,--db-url-properties=?test=test&test1=test1");
|
||||
config = createConfig();
|
||||
assertEquals("jdbc:mariadb://localhost/keycloak?test=test&test1=test1", config.getConfigValue("quarkus.datasource.url").getValue());
|
||||
}
|
||||
|
||||
private Config.Scope initConfig(String... scope) {
|
||||
Config.init(new MicroProfileConfigProvider(createConfig()));
|
||||
return Config.scope(scope);
|
||||
}
|
||||
|
||||
private SmallRyeConfig createConfig() {
|
||||
KeycloakConfigSourceProvider.reload();
|
||||
return ConfigUtils.configBuilder(true, true).build();
|
||||
}
|
||||
}
|
|
@ -1,35 +0,0 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
import org.junit.Test;
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
public class MicroProfileConfigProviderTest {
|
||||
|
||||
public MicroProfileConfigProviderTest() {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCamelCase() {
|
||||
ClassLoader cl = this.getClass().getClassLoader().getParent();
|
||||
MicroProfileConfigProvider provider = new MicroProfileConfigProvider(cl);
|
||||
String value = provider.scope("camelCaseScope").get("camelCaseProp");
|
||||
assertEquals(value, "foobar");
|
||||
}
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
spi.hostname.default.frontend-url = ${keycloak.frontendUrl:http://filepropdefault.com}
|
||||
%user-profile.spi.hostname.default.frontend-url = http://filepropprofile.com
|
||||
|
||||
# Default Non-Production Grade Datasource
|
||||
quarkus.hibernate-orm.dialect=org.hibernate.dialect.H2Dialect
|
||||
quarkus.datasource.driver=org.h2.jdbcx.JdbcDataSource
|
||||
quarkus.datasource.url = jdbc:h2:file:${kc.home.dir:~}/data/keycloakdb;;AUTO_SERVER=TRUE
|
||||
quarkus.datasource.username = sa
|
||||
quarkus.datasource.password = keycloak
|
||||
quarkus.datasource.jdbc.transactions=xa
|
|
@ -1,9 +1,7 @@
|
|||
hostname.default.frontendUrl = ${keycloak.frontendUrl:}
|
||||
# Default and non-production grade database vendor
|
||||
db=h2-file
|
||||
|
||||
# Default Non-Production Grade Datasource
|
||||
hibernate-orm.dialect=org.hibernate.dialect.H2Dialect
|
||||
datasource.driver=org.h2.jdbcx.JdbcDataSource
|
||||
datasource.url = jdbc:h2:file:${keycloak.home.dir:~}/data/keycloakdb;;AUTO_SERVER=TRUE
|
||||
datasource.username = sa
|
||||
datasource.password = keycloak
|
||||
datasource.jdbc.transactions=xa
|
||||
# Default, and insecure, and non-production grade configuration for the development profile
|
||||
%dev.http.enabled=true
|
||||
%dev.db.username = sa
|
||||
%dev.db.password = keycloak
|
|
@ -3,6 +3,7 @@ quarkus.package.output-name=keycloak
|
|||
quarkus.package.type=mutable-jar
|
||||
quarkus.package.output-directory=lib
|
||||
quarkus.package.user-providers-directory=../providers
|
||||
quarkus.package.main-class=keycloak
|
||||
|
||||
quarkus.http.root-path=/auth
|
||||
quarkus.application.name=Keycloak
|
||||
|
|
|
@ -1,25 +1,24 @@
|
|||
hostname.default.frontendUrl = ${keycloak.frontendUrl:}
|
||||
|
||||
# Datasource
|
||||
datasource.jdbc.transactions=xa
|
||||
|
||||
# H2
|
||||
hibernate-orm.dialect=org.hibernate.dialect.H2Dialect
|
||||
datasource.driver=org.h2.jdbcx.JdbcDataSource
|
||||
datasource.url = jdbc:h2:file:${keycloak.home.dir}/data/keycloakdb;AUTO_SERVER=TRUE;DB_CLOSE_DELAY=-1
|
||||
datasource.username = sa
|
||||
datasource.password = keycloak
|
||||
db=h2-file
|
||||
db.username = sa
|
||||
db.password = keycloak
|
||||
|
||||
# Testsuite still relies on HTTP listener
|
||||
http.enabled=true
|
||||
|
||||
# SSL
|
||||
http.ssl.certificate.key-store-file=${keycloak.home.dir}/conf/keycloak.jks
|
||||
http.ssl.certificate.key-store-password=secret
|
||||
http.ssl.certificate.trust-store-file=${keycloak.home.dir}/conf/keycloak.truststore
|
||||
http.ssl.certificate.trust-store-password=secret
|
||||
http.ssl.client-auth=REQUEST
|
||||
https.certificate.key-store-file=${kc.home.dir}/conf/keycloak.jks
|
||||
https.certificate.key-store-password=secret
|
||||
https.certificate.trust-store-file=${kc.home.dir}/conf/keycloak.truststore
|
||||
https.certificate.trust-store-password=secret
|
||||
https.client-auth=REQUEST
|
||||
|
||||
# Proxy
|
||||
http.proxy-address-forwarding=true
|
||||
proxy=passthrough
|
||||
|
||||
# Hostname Provider
|
||||
spi.hostname.default.frontend-url = ${keycloak.frontendUrl:}
|
||||
|
||||
# Truststore Provider
|
||||
truststore.file.file=${keycloak.home.dir}/conf/keycloak.truststore
|
||||
truststore.file.password=secret
|
||||
spi.truststore.file.file=${kc.home.dir}/conf/keycloak.truststore
|
||||
spi.truststore.file.password=secret
|
|
@ -24,7 +24,7 @@ public class KeycloakQuarkusConfiguration implements ContainerConfiguration {
|
|||
private int bindHttpsPortOffset = 0;
|
||||
private int bindHttpsPort = Integer.valueOf(System.getProperty("auth.server.https.port", "8543"));
|
||||
private Path providersPath = Paths.get(System.getProperty("auth.server.home"));
|
||||
private int startupTimeoutInSeconds = 60;
|
||||
private int startupTimeoutInSeconds = 300;
|
||||
private String route;
|
||||
private String keycloakConfigPropertyOverrides;
|
||||
private HashMap<String, Object> keycloakConfigPropertyOverridesMap;
|
||||
|
|
|
@ -105,7 +105,7 @@ public class KeycloakQuarkusServerDeployableContainer implements DeployableConta
|
|||
private Process startContainer() throws IOException {
|
||||
ProcessBuilder pb = new ProcessBuilder(getProcessCommands());
|
||||
File wrkDir = configuration.getProvidersPath().resolve("bin").toFile();
|
||||
ProcessBuilder builder = pb.directory(wrkDir).inheritIO();
|
||||
ProcessBuilder builder = pb.directory(wrkDir).inheritIO().redirectErrorStream(true);
|
||||
|
||||
String javaOpts = configuration.getJavaOpts();
|
||||
|
||||
|
@ -146,14 +146,14 @@ public class KeycloakQuarkusServerDeployableContainer implements DeployableConta
|
|||
commands.add(System.getProperty("auth.server.debug.port", "5005"));
|
||||
}
|
||||
|
||||
commands.add("-Dquarkus.http.port=" + configuration.getBindHttpPort());
|
||||
commands.add("-Dquarkus.http.ssl-port=" + configuration.getBindHttpsPort());
|
||||
commands.add("--http-port=" + configuration.getBindHttpPort());
|
||||
commands.add("--https-port=" + configuration.getBindHttpsPort());
|
||||
|
||||
if (configuration.getRoute() != null) {
|
||||
commands.add("-Djboss.node.name=" + configuration.getRoute());
|
||||
}
|
||||
|
||||
commands.add("-Dquarkus.profile=" + System.getProperty("auth.server.quarkus.config", "local"));
|
||||
commands.add("--profile=" + System.getProperty("auth.server.quarkus.config", "local"));
|
||||
|
||||
return commands.toArray(new String[commands.size()]);
|
||||
}
|
||||
|
|
|
@ -40,6 +40,7 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
|
||||
import org.keycloak.testsuite.console.page.AdminConsole;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
|
@ -217,6 +218,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
|
|||
client.close();
|
||||
}
|
||||
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details = "Unstable for Quarkus, review later")
|
||||
@Test
|
||||
public void loginWithLongRedirectUri() throws Exception {
|
||||
try (AutoCloseable c = new RealmAttributeUpdater(adminClient.realm("test"))
|
||||
|
|
Loading…
Reference in a new issue