conflicts
This commit is contained in:
commit
151c56a304
88 changed files with 3008 additions and 1053 deletions
|
@ -31,7 +31,7 @@
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
<column name="LAST_SESSION_REFRESH" type="INT"/>
|
<column name="LAST_SESSION_REFRESH" type="INT"/>
|
||||||
<column name="OFFLINE_FLAG" type="VARCHAR(4)">
|
<column name="OFFLINE" type="BOOLEAN" defaultValueBoolean="false">
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
<column name="DATA" type="CLOB"/>
|
<column name="DATA" type="CLOB"/>
|
||||||
|
@ -47,14 +47,14 @@
|
||||||
<column name="CLIENT_ID" type="VARCHAR(36)">
|
<column name="CLIENT_ID" type="VARCHAR(36)">
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
<column name="OFFLINE_FLAG" type="VARCHAR(4)">
|
<column name="OFFLINE" type="BOOLEAN" defaultValueBoolean="false">
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
<column name="TIMESTAMP" type="INT"/>
|
<column name="TIMESTAMP" type="INT"/>
|
||||||
<column name="DATA" type="CLOB"/>
|
<column name="DATA" type="CLOB"/>
|
||||||
</createTable>
|
</createTable>
|
||||||
|
|
||||||
<addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFLINE_US_SES_PK" tableName="OFFLINE_USER_SESSION"/>
|
<addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE" constraintName="CONSTRAINT_OFFLINE_US_SES_PK" tableName="OFFLINE_USER_SESSION"/>
|
||||||
<addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFLINE_CL_SES_PK" tableName="OFFLINE_CLIENT_SESSION"/>
|
<addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE" constraintName="CONSTRAINT_OFFLINE_CL_SES_PK" tableName="OFFLINE_CLIENT_SESSION"/>
|
||||||
</changeSet>
|
</changeSet>
|
||||||
</databaseChangeLog>
|
</databaseChangeLog>
|
|
@ -0,0 +1,105 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||||
|
<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
|
||||||
|
<changeSet author="mposolda@redhat.com" id="1.6.1_from15">
|
||||||
|
|
||||||
|
<preConditions onFail="MARK_RAN" onFailMessage="Upgrading from 1.6.0 version. Skipped 1.6.1_from15 changeSet and marked as ran">
|
||||||
|
<not>
|
||||||
|
<changeSetExecuted id="1.6.0" author="mposolda@redhat.com" changeLogFile="META-INF/jpa-changelog-1.6.0.xml" />
|
||||||
|
</not>
|
||||||
|
</preConditions>
|
||||||
|
|
||||||
|
<addColumn tableName="REALM">
|
||||||
|
<column name="OFFLINE_SESSION_IDLE_TIMEOUT" type="INT" defaultValueNumeric="0"/>
|
||||||
|
<column name="REVOKE_REFRESH_TOKEN" type="BOOLEAN" defaultValueBoolean="false">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
</addColumn>
|
||||||
|
|
||||||
|
<addColumn tableName="KEYCLOAK_ROLE">
|
||||||
|
<column name="SCOPE_PARAM_REQUIRED" type="BOOLEAN" defaultValueBoolean="false">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
</addColumn>
|
||||||
|
|
||||||
|
<addColumn tableName="CLIENT">
|
||||||
|
<column name="ROOT_URL" type="VARCHAR(255)"/>
|
||||||
|
<column name="DESCRIPTION" type="VARCHAR(255)"/>
|
||||||
|
</addColumn>
|
||||||
|
|
||||||
|
<createTable tableName="OFFLINE_USER_SESSION">
|
||||||
|
<column name="USER_SESSION_ID" type="VARCHAR(36)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="USER_ID" type="VARCHAR(36)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="REALM_ID" type="VARCHAR(36)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="LAST_SESSION_REFRESH" type="INT"/>
|
||||||
|
<column name="OFFLINE_FLAG" type="VARCHAR(4)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="DATA" type="CLOB"/>
|
||||||
|
</createTable>
|
||||||
|
|
||||||
|
<createTable tableName="OFFLINE_CLIENT_SESSION">
|
||||||
|
<column name="CLIENT_SESSION_ID" type="VARCHAR(36)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="USER_SESSION_ID" type="VARCHAR(36)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="CLIENT_ID" type="VARCHAR(36)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="OFFLINE_FLAG" type="VARCHAR(4)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
<column name="TIMESTAMP" type="INT"/>
|
||||||
|
<column name="DATA" type="CLOB"/>
|
||||||
|
</createTable>
|
||||||
|
|
||||||
|
<addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_US_SES_PK2" tableName="OFFLINE_USER_SESSION"/>
|
||||||
|
<addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_CL_SES_PK2" tableName="OFFLINE_CLIENT_SESSION"/>
|
||||||
|
</changeSet>
|
||||||
|
|
||||||
|
<!-- Just for the update from 1.6.0 -->
|
||||||
|
<changeSet author="mposolda@redhat.com" id="1.6.1_from16">
|
||||||
|
|
||||||
|
<preConditions onFail="MARK_RAN" onFailMessage="Upgrading from 1.5.0 or older version. Skipped 1.6.1_from16 changeSet and marked as ran">
|
||||||
|
<changeSetExecuted id="1.6.0" author="mposolda@redhat.com" changeLogFile="META-INF/jpa-changelog-1.6.0.xml" />
|
||||||
|
</preConditions>
|
||||||
|
|
||||||
|
<dropPrimaryKey constraintName="CONSTRAINT_OFFLINE_US_SES_PK" tableName="OFFLINE_USER_SESSION" />
|
||||||
|
<dropPrimaryKey constraintName="CONSTRAINT_OFFLINE_CL_SES_PK" tableName="OFFLINE_CLIENT_SESSION" />
|
||||||
|
|
||||||
|
<addColumn tableName="OFFLINE_USER_SESSION">
|
||||||
|
<column name="OFFLINE_FLAG" type="VARCHAR(4)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
</addColumn>
|
||||||
|
<update tableName="OFFLINE_USER_SESSION">
|
||||||
|
<column name="OFFLINE_FLAG" value="1"/>
|
||||||
|
</update>
|
||||||
|
<dropColumn tableName="OFFLINE_USER_SESSION" columnName="OFFLINE" />
|
||||||
|
|
||||||
|
<addColumn tableName="OFFLINE_CLIENT_SESSION">
|
||||||
|
<column name="OFFLINE_FLAG" type="VARCHAR(4)">
|
||||||
|
<constraints nullable="false"/>
|
||||||
|
</column>
|
||||||
|
</addColumn>
|
||||||
|
<update tableName="OFFLINE_CLIENT_SESSION">
|
||||||
|
<column name="OFFLINE_FLAG" value="1"/>
|
||||||
|
</update>
|
||||||
|
<dropColumn tableName="OFFLINE_CLIENT_SESSION" columnName="OFFLINE" />
|
||||||
|
|
||||||
|
<addPrimaryKey columnNames="USER_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_US_SES_PK2" tableName="OFFLINE_USER_SESSION"/>
|
||||||
|
<addPrimaryKey columnNames="CLIENT_SESSION_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_CL_SES_PK2" tableName="OFFLINE_CLIENT_SESSION"/>
|
||||||
|
|
||||||
|
</changeSet>
|
||||||
|
|
||||||
|
<changeSet author="mposolda@redhat.com" id="1.6.1">
|
||||||
|
</changeSet>
|
||||||
|
|
||||||
|
</databaseChangeLog>
|
|
@ -9,6 +9,6 @@
|
||||||
<include file="META-INF/jpa-changelog-1.3.0.xml"/>
|
<include file="META-INF/jpa-changelog-1.3.0.xml"/>
|
||||||
<include file="META-INF/jpa-changelog-1.4.0.xml"/>
|
<include file="META-INF/jpa-changelog-1.4.0.xml"/>
|
||||||
<include file="META-INF/jpa-changelog-1.5.0.xml"/>
|
<include file="META-INF/jpa-changelog-1.5.0.xml"/>
|
||||||
<include file="META-INF/jpa-changelog-1.6.0.xml"/>
|
<include file="META-INF/jpa-changelog-1.6.1.xml"/>
|
||||||
<include file="META-INF/jpa-changelog-1.7.0.xml"/>
|
<include file="META-INF/jpa-changelog-1.7.0.xml"/>
|
||||||
</databaseChangeLog>
|
</databaseChangeLog>
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
<parent>
|
<parent>
|
||||||
<artifactId>keycloak-parent</artifactId>
|
<artifactId>keycloak-parent</artifactId>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<version>1.6.0.Final-SNAPSHOT</version>
|
<version></version>
|
||||||
<relativePath>../../../pom.xml</relativePath>
|
<relativePath>../../../pom.xml</relativePath>
|
||||||
</parent>
|
</parent>
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
<parent>
|
<parent>
|
||||||
<artifactId>keycloak-parent</artifactId>
|
<artifactId>keycloak-docbook-parent</artifactId>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<version>1.7.0.Final-SNAPSHOT</version>
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
<relativePath>../pom.xml</relativePath>
|
<relativePath>../pom.xml</relativePath>
|
||||||
|
|
|
@ -210,6 +210,7 @@ new Keycloak({ url: 'http://localhost/auth', realm: 'myrealm', clientId: 'myApp'
|
||||||
<listitem>prompt - can be set to 'none' to check if the user is logged in already (if not logged in, a login form is not displayed)</listitem>
|
<listitem>prompt - can be set to 'none' to check if the user is logged in already (if not logged in, a login form is not displayed)</listitem>
|
||||||
<listitem>loginHint - used to pre-fill the username/email field on the login form</listitem>
|
<listitem>loginHint - used to pre-fill the username/email field on the login form</listitem>
|
||||||
<listitem>action - if value is 'register' then user is redirected to registration page, otherwise to login page</listitem>
|
<listitem>action - if value is 'register' then user is redirected to registration page, otherwise to login page</listitem>
|
||||||
|
<listitem>locale - specifies the desired locale for the UI</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
</para>
|
</para>
|
||||||
</simplesect>
|
</simplesect>
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
<parent>
|
<parent>
|
||||||
<artifactId>keycloak-parent</artifactId>
|
<artifactId>keycloak-docbook-parent</artifactId>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<version>1.7.0.Final-SNAPSHOT</version>
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
<relativePath>../pom.xml</relativePath>
|
<relativePath>../pom.xml</relativePath>
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
<keycloak.osgi.import>
|
<keycloak.osgi.import>
|
||||||
org.eclipse.jetty.security;version="[8.1,10)",
|
org.eclipse.jetty.security;version="[8.1,10)",
|
||||||
org.eclipse.jetty.util.security;version="[8.1,10)",
|
org.eclipse.jetty.util.security;version="[8.1,10)",
|
||||||
|
org.apache.camel;version="[2.12,3)",
|
||||||
org.keycloak.*;version="${project.version}",
|
org.keycloak.*;version="${project.version}",
|
||||||
*;resolution:=optional
|
*;resolution:=optional
|
||||||
</keycloak.osgi.import>
|
</keycloak.osgi.import>
|
||||||
|
|
|
@ -183,7 +183,6 @@
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
"publicClient": false,
|
"publicClient": false,
|
||||||
"directGrantsOnly": true,
|
"directGrantsOnly": true,
|
||||||
"consentRequired": true,
|
|
||||||
"secret": "password"
|
"secret": "password"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
|
|
@ -38,16 +38,19 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-adapter-core</artifactId>
|
<artifactId>keycloak-adapter-core</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-adapter-spi</artifactId>
|
<artifactId>keycloak-adapter-spi</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<!-- Contains KeycloakPrincipal -->
|
<!-- Contains KeycloakPrincipal -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-core</artifactId>
|
<artifactId>keycloak-core</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
<build>
|
<build>
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
<jboss-deployment-structure>
|
||||||
|
<deployment>
|
||||||
|
<dependencies>
|
||||||
|
<module name="org.keycloak.keycloak-adapter-spi"/>
|
||||||
|
</dependencies>
|
||||||
|
</deployment>
|
||||||
|
</jboss-deployment-structure>
|
|
@ -14,14 +14,18 @@
|
||||||
<packaging>pom</packaging>
|
<packaging>pom</packaging>
|
||||||
|
|
||||||
<build>
|
<build>
|
||||||
|
<pluginManagement>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-deploy-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>true</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</pluginManagement>
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-deploy-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<skip>true</skip>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-war-plugin</artifactId>
|
<artifactId>maven-war-plugin</artifactId>
|
||||||
|
|
|
@ -2,9 +2,13 @@
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
<groupId>org.keycloak.examples</groupId>
|
<parent>
|
||||||
|
<artifactId>keycloak-examples-saml-parent</artifactId>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
<artifactId>saml-post-encryption</artifactId>
|
<artifactId>saml-post-encryption</artifactId>
|
||||||
<version>1.6.0.Final-SNAPSHOT</version>
|
|
||||||
|
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
|
|
||||||
|
|
|
@ -2,9 +2,13 @@
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
<groupId>org.keycloak.examples</groupId>
|
<parent>
|
||||||
|
<artifactId>keycloak-examples-saml-parent</artifactId>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
<artifactId>saml-post-signatures</artifactId>
|
<artifactId>saml-post-signatures</artifactId>
|
||||||
<version>1.6.0.Final-SNAPSHOT</version>
|
|
||||||
|
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
|
|
||||||
|
|
|
@ -2,9 +2,13 @@
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
<groupId>org.keycloak.examples</groupId>
|
<parent>
|
||||||
|
<artifactId>keycloak-examples-saml-parent</artifactId>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
<artifactId>saml-redirect-signatures</artifactId>
|
<artifactId>saml-redirect-signatures</artifactId>
|
||||||
<version>1.6.0.Final-SNAPSHOT</version>
|
|
||||||
|
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,7 @@ public class TotpBean {
|
||||||
|
|
||||||
this.totpSecret = randomString(20);
|
this.totpSecret = randomString(20);
|
||||||
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
||||||
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret);
|
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String randomString(int length) {
|
private static String randomString(int length) {
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
<label for="username" class="${properties.kcLabelClass!}">${msg("usernameOrEmail")}</label>
|
<label for="username" class="${properties.kcLabelClass!}">${msg("usernameOrEmail")}</label>
|
||||||
</div>
|
</div>
|
||||||
<div class="${properties.kcInputWrapperClass!}">
|
<div class="${properties.kcInputWrapperClass!}">
|
||||||
<input type="text" id="username" name="username" class="${properties.kcInputClass!}" />
|
<input type="text" id="username" name="username" class="${properties.kcInputClass!}" autofocus/>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="${properties.kcInputWrapperClass!}">
|
<div class="${properties.kcInputWrapperClass!}">
|
||||||
<input id="totp" name="totp" type="text" class="${properties.kcInputClass!}" />
|
<input id="totp" name="totp" type="text" class="${properties.kcInputClass!}" autofocus />
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
@ -52,6 +52,8 @@ public interface LoginFormsProvider extends Provider {
|
||||||
|
|
||||||
public LoginFormsProvider setClientSessionCode(String accessCode);
|
public LoginFormsProvider setClientSessionCode(String accessCode);
|
||||||
|
|
||||||
|
public LoginFormsProvider setClientSession(ClientSessionModel clientSession);
|
||||||
|
|
||||||
public LoginFormsProvider setAccessRequest(List<RoleModel> realmRolesRequested, MultivaluedMap<String,RoleModel> resourceRolesRequested, List<ProtocolMapperModel> protocolMappers);
|
public LoginFormsProvider setAccessRequest(List<RoleModel> realmRolesRequested, MultivaluedMap<String,RoleModel> resourceRolesRequested, List<ProtocolMapperModel> protocolMappers);
|
||||||
public LoginFormsProvider setAccessRequest(String message);
|
public LoginFormsProvider setAccessRequest(String message);
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,7 @@ import org.keycloak.login.freemarker.model.TotpBean;
|
||||||
import org.keycloak.login.freemarker.model.UrlBean;
|
import org.keycloak.login.freemarker.model.UrlBean;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.ClientSessionModel;
|
import org.keycloak.models.ClientSessionModel;
|
||||||
|
import org.keycloak.models.Constants;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.ProtocolMapperModel;
|
import org.keycloak.models.ProtocolMapperModel;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
@ -138,7 +139,8 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
|
||||||
case VERIFY_EMAIL:
|
case VERIFY_EMAIL:
|
||||||
try {
|
try {
|
||||||
UriBuilder builder = Urls.loginActionEmailVerificationBuilder(uriInfo.getBaseUri());
|
UriBuilder builder = Urls.loginActionEmailVerificationBuilder(uriInfo.getBaseUri());
|
||||||
builder.queryParam("key", accessCode);
|
builder.queryParam(OAuth2Constants.CODE, accessCode);
|
||||||
|
builder.queryParam("key", clientSession.getNote(Constants.VERIFY_EMAIL_KEY));
|
||||||
|
|
||||||
String link = builder.build(realm.getName()).toString();
|
String link = builder.build(realm.getName()).toString();
|
||||||
long expiration = TimeUnit.SECONDS.toMinutes(realm.getAccessCodeLifespanUserAction());
|
long expiration = TimeUnit.SECONDS.toMinutes(realm.getAccessCodeLifespanUserAction());
|
||||||
|
@ -531,6 +533,12 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public LoginFormsProvider setClientSession(ClientSessionModel clientSession) {
|
||||||
|
this.clientSession = clientSession;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public LoginFormsProvider setAccessRequest(List<RoleModel> realmRolesRequested, MultivaluedMap<String, RoleModel> resourceRolesRequested, List<ProtocolMapperModel> protocolMappersRequested) {
|
public LoginFormsProvider setAccessRequest(List<RoleModel> realmRolesRequested, MultivaluedMap<String, RoleModel> resourceRolesRequested, List<ProtocolMapperModel> protocolMappersRequested) {
|
||||||
this.realmRolesRequested = realmRolesRequested;
|
this.realmRolesRequested = realmRolesRequested;
|
||||||
|
|
|
@ -4,6 +4,7 @@ import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.services.util.ResolveRelative;
|
import org.keycloak.services.util.ResolveRelative;
|
||||||
|
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
|
@ -32,4 +33,11 @@ public class ClientBean {
|
||||||
return ResolveRelative.resolveRelativeUri(requestUri, client.getRootUrl(), client.getBaseUrl());
|
return ResolveRelative.resolveRelativeUri(requestUri, client.getRootUrl(), client.getBaseUrl());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Map<String,String> getAttributes(){
|
||||||
|
return client.getAttributes();
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getAttribute(String key){
|
||||||
|
return client.getAttribute(key);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,7 +49,7 @@ public class TotpBean {
|
||||||
|
|
||||||
this.totpSecret = HmacOTP.generateSecret(20);
|
this.totpSecret = HmacOTP.generateSecret(20);
|
||||||
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
||||||
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret);
|
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isEnabled() {
|
public boolean isEnabled() {
|
||||||
|
|
|
@ -168,6 +168,10 @@
|
||||||
url += '&scope=' + options.scope;
|
url += '&scope=' + options.scope;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (options && options.locale) {
|
||||||
|
url += '&ui_locales=' + options.locale;
|
||||||
|
}
|
||||||
|
|
||||||
return url;
|
return url;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -63,10 +63,8 @@ public class MigrateTo1_6_0 {
|
||||||
KeycloakModelUtils.setupOfflineTokens(realm);
|
KeycloakModelUtils.setupOfflineTokens(realm);
|
||||||
RoleModel role = realm.getRole(Constants.OFFLINE_ACCESS_ROLE);
|
RoleModel role = realm.getRole(Constants.OFFLINE_ACCESS_ROLE);
|
||||||
|
|
||||||
// Check if possible to avoid iterating over users
|
// Bulk grant of offline_access role to all users
|
||||||
for (UserModel user : session.userStorage().getUsers(realm, true)) {
|
session.users().grantToAllUsers(realm, role);
|
||||||
user.grantRole(role);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ClientModel adminConsoleClient = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
|
ClientModel adminConsoleClient = realm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||||
|
|
|
@ -22,4 +22,6 @@ public interface Constants {
|
||||||
|
|
||||||
// 30 days
|
// 30 days
|
||||||
int DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT = 2592000;
|
int DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT = 2592000;
|
||||||
|
|
||||||
|
public static final String VERIFY_EMAIL_KEY = "VERIFY_EMAIL_KEY";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,11 @@
|
||||||
package org.keycloak.models;
|
package org.keycloak.models;
|
||||||
|
|
||||||
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.models.utils.Base32;
|
import org.keycloak.models.utils.Base32;
|
||||||
import org.keycloak.models.utils.HmacOTP;
|
import org.keycloak.models.utils.HmacOTP;
|
||||||
|
|
||||||
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.net.URLEncoder;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
|
@ -12,6 +15,7 @@ import java.util.Map;
|
||||||
*/
|
*/
|
||||||
public class OTPPolicy {
|
public class OTPPolicy {
|
||||||
|
|
||||||
|
protected static final Logger logger = Logger.getLogger(OTPPolicy.class);
|
||||||
|
|
||||||
protected String type;
|
protected String type;
|
||||||
protected String algorithm;
|
protected String algorithm;
|
||||||
|
@ -90,10 +94,17 @@ public class OTPPolicy {
|
||||||
this.period = period;
|
this.period = period;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getKeyURI(RealmModel realm, String secret) {
|
public String getKeyURI(RealmModel realm, UserModel user, String secret) {
|
||||||
|
|
||||||
String uri = "otpauth://" + type + "/" + realm.getName() + "?secret=" + Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
|
String uri = null;
|
||||||
if (type.equals(UserCredentialModel.HOTP)) {
|
uri = "otpauth://" + type + "/" + realm.getName() + ":" + user.getUsername() + "?secret=" +
|
||||||
|
Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
|
||||||
|
try {
|
||||||
|
uri += "&issuer=" + URLEncoder.encode(realm.getName(), "UTF-8");
|
||||||
|
} catch (UnsupportedEncodingException e) {
|
||||||
|
logger.debug("Failed to add issuer parameter to OTP URI becasue UTF-8 is not supported.");
|
||||||
|
}
|
||||||
|
if (type.equals(UserCredentialModel.HOTP)) {
|
||||||
uri += "&counter=" + initialCounter;
|
uri += "&counter=" + initialCounter;
|
||||||
}
|
}
|
||||||
if (type.equals(UserCredentialModel.TOTP)) {
|
if (type.equals(UserCredentialModel.TOTP)) {
|
||||||
|
|
|
@ -343,6 +343,12 @@ public class UserFederationManager implements UserProvider {
|
||||||
return session.userStorage().getFederatedIdentity(user, socialProvider, realm);
|
return session.userStorage().getFederatedIdentity(user, socialProvider, realm);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void grantToAllUsers(RealmModel realm, RoleModel role) {
|
||||||
|
// not federation-aware for now
|
||||||
|
session.userStorage().grantToAllUsers(realm, role);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preRemove(RealmModel realm) {
|
public void preRemove(RealmModel realm) {
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
||||||
|
|
|
@ -47,6 +47,8 @@ public interface UserProvider extends Provider {
|
||||||
Set<FederatedIdentityModel> getFederatedIdentities(UserModel user, RealmModel realm);
|
Set<FederatedIdentityModel> getFederatedIdentities(UserModel user, RealmModel realm);
|
||||||
FederatedIdentityModel getFederatedIdentity(UserModel user, String socialProvider, RealmModel realm);
|
FederatedIdentityModel getFederatedIdentity(UserModel user, String socialProvider, RealmModel realm);
|
||||||
|
|
||||||
|
void grantToAllUsers(RealmModel realm, RoleModel role);
|
||||||
|
|
||||||
void preRemove(RealmModel realm);
|
void preRemove(RealmModel realm);
|
||||||
|
|
||||||
void preRemove(RealmModel realm, UserFederationProviderModel link);
|
void preRemove(RealmModel realm, UserFederationProviderModel link);
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
package org.keycloak.models.utils;
|
||||||
|
|
||||||
|
import org.keycloak.provider.ProviderEvent;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Executed at startup after model migration is finished
|
||||||
|
*
|
||||||
|
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||||
|
*/
|
||||||
|
public class PostMigrationEvent implements ProviderEvent {
|
||||||
|
}
|
|
@ -438,6 +438,13 @@ public class FileUserProvider implements UserProvider {
|
||||||
return this.addUser(realm, KeycloakModelUtils.generateId(), username.toLowerCase(), true, true);
|
return this.addUser(realm, KeycloakModelUtils.generateId(), username.toLowerCase(), true, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void grantToAllUsers(RealmModel realm, RoleModel role) {
|
||||||
|
for (UserModel user : inMemoryModel.getUsers(realm.getId())) {
|
||||||
|
user.grantRole(role);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preRemove(RealmModel realm) {
|
public void preRemove(RealmModel realm) {
|
||||||
// Nothing to do here? Federation links are attached to users, which are removed by InMemoryModel
|
// Nothing to do here? Federation links are attached to users, which are removed by InMemoryModel
|
||||||
|
|
|
@ -313,6 +313,12 @@ public class DefaultCacheUserProvider implements CacheUserProvider {
|
||||||
return getDelegate().validCredentials(realm, input);
|
return getDelegate().validCredentials(realm, input);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void grantToAllUsers(RealmModel realm, RoleModel role) {
|
||||||
|
realmInvalidations.add(realm.getId()); // easier to just invalidate whole realm
|
||||||
|
getDelegate().grantToAllUsers(realm, role);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preRemove(RealmModel realm) {
|
public void preRemove(RealmModel realm) {
|
||||||
realmInvalidations.add(realm.getId());
|
realmInvalidations.add(realm.getId());
|
||||||
|
|
|
@ -148,7 +148,13 @@ public class JpaUserProvider implements UserProvider {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void grantToAllUsers(RealmModel realm, RoleModel role) {
|
||||||
|
int num = em.createNamedQuery("grantRoleToAllUsers")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("roleId", role.getId())
|
||||||
|
.executeUpdate();
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preRemove(RealmModel realm) {
|
public void preRemove(RealmModel realm) {
|
||||||
|
|
|
@ -23,7 +23,8 @@ import java.io.Serializable;
|
||||||
@NamedQuery(name="deleteUserRoleMappingsByRealm", query="delete from UserRoleMappingEntity mapping where mapping.user IN (select u from UserEntity u where u.realmId=:realmId)"),
|
@NamedQuery(name="deleteUserRoleMappingsByRealm", query="delete from UserRoleMappingEntity mapping where mapping.user IN (select u from UserEntity u where u.realmId=:realmId)"),
|
||||||
@NamedQuery(name="deleteUserRoleMappingsByRealmAndLink", query="delete from UserRoleMappingEntity mapping where mapping.user IN (select u from UserEntity u where u.realmId=:realmId and u.federationLink=:link)"),
|
@NamedQuery(name="deleteUserRoleMappingsByRealmAndLink", query="delete from UserRoleMappingEntity mapping where mapping.user IN (select u from UserEntity u where u.realmId=:realmId and u.federationLink=:link)"),
|
||||||
@NamedQuery(name="deleteUserRoleMappingsByRole", query="delete from UserRoleMappingEntity m where m.roleId = :roleId"),
|
@NamedQuery(name="deleteUserRoleMappingsByRole", query="delete from UserRoleMappingEntity m where m.roleId = :roleId"),
|
||||||
@NamedQuery(name="deleteUserRoleMappingsByUser", query="delete from UserRoleMappingEntity m where m.user = :user")
|
@NamedQuery(name="deleteUserRoleMappingsByUser", query="delete from UserRoleMappingEntity m where m.user = :user"),
|
||||||
|
@NamedQuery(name="grantRoleToAllUsers", query="insert into UserRoleMappingEntity (roleId, user) select role.id, user from RoleEntity role, UserEntity user where role.id = :roleId AND role.realm.id = :realmId AND user.realmId = :realmId")
|
||||||
|
|
||||||
})
|
})
|
||||||
@Table(name="USER_ROLE_MAPPING")
|
@Table(name="USER_ROLE_MAPPING")
|
||||||
|
|
|
@ -188,32 +188,32 @@ public class JpaUserSessionPersisterProvider implements UserSessionPersisterProv
|
||||||
userSessionIds.add(entity.getUserSessionId());
|
userSessionIds.add(entity.getUserSessionId());
|
||||||
}
|
}
|
||||||
|
|
||||||
TypedQuery<PersistentClientSessionEntity> query2 = em.createNamedQuery("findClientSessionsByUserSessions", PersistentClientSessionEntity.class);
|
if (!userSessionIds.isEmpty()) {
|
||||||
query2.setParameter("userSessionIds", userSessionIds);
|
TypedQuery<PersistentClientSessionEntity> query2 = em.createNamedQuery("findClientSessionsByUserSessions", PersistentClientSessionEntity.class);
|
||||||
query2.setParameter("offline", offlineStr);
|
query2.setParameter("userSessionIds", userSessionIds);
|
||||||
List<PersistentClientSessionEntity> clientSessions = query2.getResultList();
|
query2.setParameter("offline", offlineStr);
|
||||||
|
List<PersistentClientSessionEntity> clientSessions = query2.getResultList();
|
||||||
|
|
||||||
// Assume both userSessions and clientSessions ordered by userSessionId
|
// Assume both userSessions and clientSessions ordered by userSessionId
|
||||||
int j=0;
|
int j = 0;
|
||||||
for (UserSessionModel ss : result) {
|
for (UserSessionModel ss : result) {
|
||||||
PersistentUserSessionAdapter userSession = (PersistentUserSessionAdapter) ss;
|
PersistentUserSessionAdapter userSession = (PersistentUserSessionAdapter) ss;
|
||||||
List<ClientSessionModel> currentClientSessions = userSession.getClientSessions(); // This is empty now and we want to fill it
|
List<ClientSessionModel> currentClientSessions = userSession.getClientSessions(); // This is empty now and we want to fill it
|
||||||
|
|
||||||
boolean next = true;
|
boolean next = true;
|
||||||
while (next && j<clientSessions.size()) {
|
while (next && j < clientSessions.size()) {
|
||||||
PersistentClientSessionEntity clientSession = clientSessions.get(j);
|
PersistentClientSessionEntity clientSession = clientSessions.get(j);
|
||||||
if (clientSession.getUserSessionId().equals(userSession.getId())) {
|
if (clientSession.getUserSessionId().equals(userSession.getId())) {
|
||||||
PersistentClientSessionAdapter clientSessAdapter = toAdapter(userSession.getRealm(), userSession, clientSession);
|
PersistentClientSessionAdapter clientSessAdapter = toAdapter(userSession.getRealm(), userSession, clientSession);
|
||||||
currentClientSessions.add(clientSessAdapter);
|
currentClientSessions.add(clientSessAdapter);
|
||||||
j++;
|
j++;
|
||||||
} else {
|
} else {
|
||||||
next = false;
|
next = false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -385,6 +385,19 @@ public class MongoUserProvider implements UserProvider {
|
||||||
return this.addUser(realm, null, username, true, true);
|
return this.addUser(realm, null, username, true, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void grantToAllUsers(RealmModel realm, RoleModel role) {
|
||||||
|
DBObject query = new QueryBuilder()
|
||||||
|
.and("realmId").is(realm.getId())
|
||||||
|
.get();
|
||||||
|
|
||||||
|
DBObject update = new QueryBuilder()
|
||||||
|
.and("$push").is(new BasicDBObject("roleIds", role.getId()))
|
||||||
|
.get();
|
||||||
|
|
||||||
|
int count = getMongoStore().updateEntities(MongoUserEntity.class, query, update, invocationContext);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preRemove(RealmModel realm) {
|
public void preRemove(RealmModel realm) {
|
||||||
DBObject query = new QueryBuilder()
|
DBObject query = new QueryBuilder()
|
||||||
|
|
|
@ -5,9 +5,11 @@ import org.infinispan.Version;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
import org.keycloak.connections.infinispan.InfinispanConnectionProvider;
|
import org.keycloak.connections.infinispan.InfinispanConnectionProvider;
|
||||||
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.KeycloakSessionFactory;
|
import org.keycloak.models.KeycloakSessionFactory;
|
||||||
import org.keycloak.models.KeycloakSessionTask;
|
import org.keycloak.models.KeycloakSessionTask;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserSessionProvider;
|
import org.keycloak.models.UserSessionProvider;
|
||||||
import org.keycloak.models.UserSessionProviderFactory;
|
import org.keycloak.models.UserSessionProviderFactory;
|
||||||
import org.keycloak.models.session.UserSessionPersisterProvider;
|
import org.keycloak.models.session.UserSessionPersisterProvider;
|
||||||
|
@ -19,6 +21,9 @@ import org.keycloak.models.sessions.infinispan.entities.SessionEntity;
|
||||||
import org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer;
|
import org.keycloak.models.sessions.infinispan.initializer.InfinispanUserSessionInitializer;
|
||||||
import org.keycloak.models.sessions.infinispan.initializer.OfflineUserSessionLoader;
|
import org.keycloak.models.sessions.infinispan.initializer.OfflineUserSessionLoader;
|
||||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||||
|
import org.keycloak.models.utils.PostMigrationEvent;
|
||||||
|
import org.keycloak.provider.ProviderEvent;
|
||||||
|
import org.keycloak.provider.ProviderEventListener;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Uses Infinispan to store user sessions. On EAP 6.4 (Infinispan 5.2) map reduce is not supported for local caches as a work around
|
* Uses Infinispan to store user sessions. On EAP 6.4 (Infinispan 5.2) map reduce is not supported for local caches as a work around
|
||||||
|
@ -68,13 +73,20 @@ public class InfinispanUserSessionProviderFactory implements UserSessionProvider
|
||||||
});
|
});
|
||||||
|
|
||||||
// Max count of worker errors. Initialization will end with exception when this number is reached
|
// Max count of worker errors. Initialization will end with exception when this number is reached
|
||||||
int maxErrors = config.getInt("maxErrors", 20);
|
final int maxErrors = config.getInt("maxErrors", 20);
|
||||||
|
|
||||||
// Count of sessions to be computed in each segment
|
// Count of sessions to be computed in each segment
|
||||||
int sessionsPerSegment = config.getInt("sessionsPerSegment", 100);
|
final int sessionsPerSegment = config.getInt("sessionsPerSegment", 100);
|
||||||
|
|
||||||
// TODO: Possibility to run this asynchronously to not block start time
|
factory.register(new ProviderEventListener() {
|
||||||
loadPersistentSessions(factory, maxErrors, sessionsPerSegment);
|
|
||||||
|
@Override
|
||||||
|
public void onEvent(ProviderEvent event) {
|
||||||
|
if (event instanceof PostMigrationEvent) {
|
||||||
|
loadPersistentSessions(factory, maxErrors, sessionsPerSegment);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ public class SimpleUserSessionInitializer {
|
||||||
public void run(KeycloakSession session) {
|
public void run(KeycloakSession session) {
|
||||||
int count = sessionLoader.getSessionsCount(session);
|
int count = sessionLoader.getSessionsCount(session);
|
||||||
|
|
||||||
for (int i=0 ; i<=count ; i+=sessionsPerSegment) {
|
for (int i=0 ; i<count ; i+=sessionsPerSegment) {
|
||||||
sessionLoader.loadSessions(session, i, sessionsPerSegment);
|
sessionLoader.loadSessions(session, i, sessionsPerSegment);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,9 +8,12 @@ import org.keycloak.authentication.RequiredActionProvider;
|
||||||
import org.keycloak.events.Details;
|
import org.keycloak.events.Details;
|
||||||
import org.keycloak.events.EventType;
|
import org.keycloak.events.EventType;
|
||||||
import org.keycloak.login.LoginFormsProvider;
|
import org.keycloak.login.LoginFormsProvider;
|
||||||
|
import org.keycloak.models.ClientSessionModel;
|
||||||
|
import org.keycloak.models.Constants;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.KeycloakSessionFactory;
|
import org.keycloak.models.KeycloakSessionFactory;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
|
import org.keycloak.models.utils.HmacOTP;
|
||||||
import org.keycloak.services.resources.LoginActionsService;
|
import org.keycloak.services.resources.LoginActionsService;
|
||||||
import org.keycloak.services.validation.Validation;
|
import org.keycloak.services.validation.Validation;
|
||||||
|
|
||||||
|
@ -44,8 +47,11 @@ public class VerifyEmail implements RequiredActionProvider, RequiredActionFactor
|
||||||
context.getEvent().clone().event(EventType.SEND_VERIFY_EMAIL).detail(Details.EMAIL, context.getUser().getEmail()).success();
|
context.getEvent().clone().event(EventType.SEND_VERIFY_EMAIL).detail(Details.EMAIL, context.getUser().getEmail()).success();
|
||||||
LoginActionsService.createActionCookie(context.getRealm(), context.getUriInfo(), context.getConnection(), context.getUserSession().getId());
|
LoginActionsService.createActionCookie(context.getRealm(), context.getUriInfo(), context.getConnection(), context.getUserSession().getId());
|
||||||
|
|
||||||
|
setupKey(context.getClientSession());
|
||||||
|
|
||||||
LoginFormsProvider loginFormsProvider = context.getSession().getProvider(LoginFormsProvider.class)
|
LoginFormsProvider loginFormsProvider = context.getSession().getProvider(LoginFormsProvider.class)
|
||||||
.setClientSessionCode(context.generateCode())
|
.setClientSessionCode(context.generateCode())
|
||||||
|
.setClientSession(context.getClientSession())
|
||||||
.setUser(context.getUser());
|
.setUser(context.getUser());
|
||||||
Response challenge = loginFormsProvider.createResponse(UserModel.RequiredAction.VERIFY_EMAIL);
|
Response challenge = loginFormsProvider.createResponse(UserModel.RequiredAction.VERIFY_EMAIL);
|
||||||
context.challenge(challenge);
|
context.challenge(challenge);
|
||||||
|
@ -87,4 +93,9 @@ public class VerifyEmail implements RequiredActionProvider, RequiredActionFactor
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return UserModel.RequiredAction.VERIFY_EMAIL.name();
|
return UserModel.RequiredAction.VERIFY_EMAIL.name();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static void setupKey(ClientSessionModel clientSession) {
|
||||||
|
String secret = HmacOTP.generateSecret(10);
|
||||||
|
clientSession.setNote(Constants.VERIFY_EMAIL_KEY, secret);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,6 +11,7 @@ import org.keycloak.migration.MigrationModelManager;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.KeycloakSessionFactory;
|
import org.keycloak.models.KeycloakSessionFactory;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
import org.keycloak.models.utils.PostMigrationEvent;
|
||||||
import org.keycloak.offlineconfig.AdminRecovery;
|
import org.keycloak.offlineconfig.AdminRecovery;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||||
|
@ -83,6 +84,8 @@ public class KeycloakApplication extends Application {
|
||||||
setupDefaultRealm(context.getContextPath());
|
setupDefaultRealm(context.getContextPath());
|
||||||
|
|
||||||
migrateModel();
|
migrateModel();
|
||||||
|
sessionFactory.publish(new PostMigrationEvent());
|
||||||
|
|
||||||
new ExportImportManager().checkExportImport(this.sessionFactory, context.getContextPath());
|
new ExportImportManager().checkExportImport(this.sessionFactory, context.getContextPath());
|
||||||
importRealms(context);
|
importRealms(context);
|
||||||
|
|
||||||
|
|
|
@ -23,6 +23,8 @@ package org.keycloak.services.resources;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.spi.HttpRequest;
|
import org.jboss.resteasy.spi.HttpRequest;
|
||||||
|
import org.keycloak.authentication.AuthenticationFlowError;
|
||||||
|
import org.keycloak.authentication.requiredactions.VerifyEmail;
|
||||||
import org.keycloak.common.ClientConnection;
|
import org.keycloak.common.ClientConnection;
|
||||||
import org.keycloak.OAuth2Constants;
|
import org.keycloak.OAuth2Constants;
|
||||||
import org.keycloak.authentication.AuthenticationProcessor;
|
import org.keycloak.authentication.AuthenticationProcessor;
|
||||||
|
@ -49,6 +51,7 @@ import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.UserModel.RequiredAction;
|
import org.keycloak.models.UserModel.RequiredAction;
|
||||||
import org.keycloak.models.UserSessionModel;
|
import org.keycloak.models.UserSessionModel;
|
||||||
import org.keycloak.models.utils.FormMessage;
|
import org.keycloak.models.utils.FormMessage;
|
||||||
|
import org.keycloak.models.utils.HmacOTP;
|
||||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||||
import org.keycloak.protocol.LoginProtocol;
|
import org.keycloak.protocol.LoginProtocol;
|
||||||
import org.keycloak.protocol.RestartLoginCookie;
|
import org.keycloak.protocol.RestartLoginCookie;
|
||||||
|
@ -533,7 +536,7 @@ public class LoginActionsService {
|
||||||
event.event(EventType.VERIFY_EMAIL);
|
event.event(EventType.VERIFY_EMAIL);
|
||||||
if (key != null) {
|
if (key != null) {
|
||||||
Checks checks = new Checks();
|
Checks checks = new Checks();
|
||||||
if (!checks.verifyCode(key, ClientSessionModel.Action.REQUIRED_ACTIONS.name())) {
|
if (!checks.verifyCode(code, ClientSessionModel.Action.REQUIRED_ACTIONS.name())) {
|
||||||
return checks.response;
|
return checks.response;
|
||||||
}
|
}
|
||||||
ClientSessionCode accessCode = checks.clientCode;
|
ClientSessionCode accessCode = checks.clientCode;
|
||||||
|
@ -547,11 +550,21 @@ public class LoginActionsService {
|
||||||
UserSessionModel userSession = clientSession.getUserSession();
|
UserSessionModel userSession = clientSession.getUserSession();
|
||||||
UserModel user = userSession.getUser();
|
UserModel user = userSession.getUser();
|
||||||
initEvent(clientSession);
|
initEvent(clientSession);
|
||||||
|
event.event(EventType.VERIFY_EMAIL).detail(Details.EMAIL, user.getEmail());
|
||||||
|
|
||||||
|
String keyFromSession = clientSession.getNote(Constants.VERIFY_EMAIL_KEY);
|
||||||
|
clientSession.removeNote(Constants.VERIFY_EMAIL_KEY);
|
||||||
|
if (!key.equals(keyFromSession)) {
|
||||||
|
logger.error("Invalid key for email verification");
|
||||||
|
event.error(Errors.INVALID_USER_CREDENTIALS);
|
||||||
|
throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE));
|
||||||
|
}
|
||||||
|
|
||||||
user.setEmailVerified(true);
|
user.setEmailVerified(true);
|
||||||
|
|
||||||
user.removeRequiredAction(RequiredAction.VERIFY_EMAIL);
|
user.removeRequiredAction(RequiredAction.VERIFY_EMAIL);
|
||||||
|
|
||||||
event.event(EventType.VERIFY_EMAIL).detail(Details.EMAIL, user.getEmail()).success();
|
event.success();
|
||||||
|
|
||||||
String actionCookieValue = getActionCookie();
|
String actionCookieValue = getActionCookie();
|
||||||
if (actionCookieValue == null || !actionCookieValue.equals(userSession.getId())) {
|
if (actionCookieValue == null || !actionCookieValue.equals(userSession.getId())) {
|
||||||
|
@ -576,8 +589,11 @@ public class LoginActionsService {
|
||||||
|
|
||||||
createActionCookie(realm, uriInfo, clientConnection, userSession.getId());
|
createActionCookie(realm, uriInfo, clientConnection, userSession.getId());
|
||||||
|
|
||||||
|
VerifyEmail.setupKey(clientSession);
|
||||||
|
|
||||||
return session.getProvider(LoginFormsProvider.class)
|
return session.getProvider(LoginFormsProvider.class)
|
||||||
.setClientSessionCode(accessCode.getCode())
|
.setClientSessionCode(accessCode.getCode())
|
||||||
|
.setClientSession(clientSession)
|
||||||
.setUser(userSession.getUser())
|
.setUser(userSession.getUser())
|
||||||
.createResponse(RequiredAction.VERIFY_EMAIL);
|
.createResponse(RequiredAction.VERIFY_EMAIL);
|
||||||
}
|
}
|
||||||
|
|
238
testsuite/integration-arquillian/servers/migration/pom.xml
Normal file
238
testsuite/integration-arquillian/servers/migration/pom.xml
Normal file
|
@ -0,0 +1,238 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers</artifactId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-migration-servers</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>Migration Servers</name>
|
||||||
|
|
||||||
|
<profiles>
|
||||||
|
<profile>
|
||||||
|
<id>migration-kc16</id>
|
||||||
|
<modules>
|
||||||
|
<module>wildfly_kc16</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>migration-kc15</id>
|
||||||
|
<modules>
|
||||||
|
<module>wildfly_kc15</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>migration-kc14</id>
|
||||||
|
<modules>
|
||||||
|
<module>wildfly_kc14</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>migration-kc13</id>
|
||||||
|
<modules>
|
||||||
|
<module>wildfly_kc13</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>migration-kc12</id>
|
||||||
|
<modules>
|
||||||
|
<module>wildfly_kc12</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
</profiles>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>true</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
<pluginManagement>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-deploy-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>true</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>enforce-properties</id>
|
||||||
|
<goals>
|
||||||
|
<goal>enforce</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<rules>
|
||||||
|
<requireProperty>
|
||||||
|
<property>jdbc.mvn.groupId</property>
|
||||||
|
</requireProperty>
|
||||||
|
<requireProperty>
|
||||||
|
<property>jdbc.mvn.artifactId</property>
|
||||||
|
</requireProperty>
|
||||||
|
<requireProperty>
|
||||||
|
<property>jdbc.mvn.version</property>
|
||||||
|
</requireProperty>
|
||||||
|
<requireProperty>
|
||||||
|
<property>keycloak.connectionsJpa.url</property>
|
||||||
|
</requireProperty>
|
||||||
|
<requireProperty>
|
||||||
|
<property>keycloak.connectionsJpa.user</property>
|
||||||
|
</requireProperty>
|
||||||
|
<requireProperty>
|
||||||
|
<property>keycloak.connectionsJpa.password</property>
|
||||||
|
</requireProperty>
|
||||||
|
</rules>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>unpack-server</id>
|
||||||
|
<phase>generate-resources</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>unpack</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<artifactItems>
|
||||||
|
<artifactItem>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-server-dist</artifactId>
|
||||||
|
<version>${server.version}</version>
|
||||||
|
<type>zip</type>
|
||||||
|
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
|
||||||
|
</artifactItem>
|
||||||
|
</artifactItems>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
<execution>
|
||||||
|
<id>jdbc-driver</id>
|
||||||
|
<phase>process-resources</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>copy</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<artifactItems>
|
||||||
|
<artifactItem>
|
||||||
|
<groupId>${jdbc.mvn.groupId}</groupId>
|
||||||
|
<artifactId>${jdbc.mvn.artifactId}</artifactId>
|
||||||
|
<version>${jdbc.mvn.version}</version>
|
||||||
|
<type>jar</type>
|
||||||
|
</artifactItem>
|
||||||
|
</artifactItems>
|
||||||
|
<outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
|
||||||
|
<overWriteIfNewer>true</overWriteIfNewer>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.codehaus.mojo</groupId>
|
||||||
|
<artifactId>xml-maven-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>configure-wildfly-datasource</id>
|
||||||
|
<phase>process-resources</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>transform</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<transformationSets>
|
||||||
|
<!-- create module.xml in modules -->
|
||||||
|
<transformationSet>
|
||||||
|
<dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
|
||||||
|
<stylesheet>src/main/xslt/module.xsl</stylesheet>
|
||||||
|
<includes>
|
||||||
|
<include>module.xml</include>
|
||||||
|
</includes>
|
||||||
|
<outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
|
||||||
|
<parameters>
|
||||||
|
<parameter>
|
||||||
|
<name>database</name>
|
||||||
|
<value>${jdbc.mvn.artifactId}</value>
|
||||||
|
</parameter>
|
||||||
|
<parameter>
|
||||||
|
<name>version</name>
|
||||||
|
<value>${jdbc.mvn.version}</value>
|
||||||
|
</parameter>
|
||||||
|
</parameters>
|
||||||
|
</transformationSet>
|
||||||
|
<!-- add datasource to standalone.xml -->
|
||||||
|
<transformationSet>
|
||||||
|
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
||||||
|
<stylesheet>src/main/xslt/datasource.xsl</stylesheet>
|
||||||
|
<includes>
|
||||||
|
<include>standalone.xml</include>
|
||||||
|
</includes>
|
||||||
|
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
||||||
|
<parameters>
|
||||||
|
<parameter>
|
||||||
|
<name>jdbc.url</name>
|
||||||
|
<value>${keycloak.connectionsJpa.url}</value>
|
||||||
|
</parameter>
|
||||||
|
<parameter>
|
||||||
|
<name>driver</name>
|
||||||
|
<value>${jdbc.mvn.artifactId}</value>
|
||||||
|
</parameter>
|
||||||
|
<parameter>
|
||||||
|
<name>username</name>
|
||||||
|
<value>${keycloak.connectionsJpa.user}</value>
|
||||||
|
</parameter>
|
||||||
|
<parameter>
|
||||||
|
<name>password</name>
|
||||||
|
<value>${keycloak.connectionsJpa.password}</value>
|
||||||
|
</parameter>
|
||||||
|
</parameters>
|
||||||
|
</transformationSet>
|
||||||
|
<!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
|
||||||
|
<transformationSet>
|
||||||
|
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
||||||
|
<stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
|
||||||
|
<includes>
|
||||||
|
<include>standalone.xml</include>
|
||||||
|
</includes>
|
||||||
|
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
||||||
|
</transformationSet>
|
||||||
|
</transformationSets>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-assembly-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>create-zip</id>
|
||||||
|
<phase>package</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>single</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<descriptors>
|
||||||
|
<descriptor>assembly.xml</descriptor>
|
||||||
|
</descriptors>
|
||||||
|
<appendAssemblyId>false</appendAssemblyId>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</pluginManagement>
|
||||||
|
</build>
|
||||||
|
</project>
|
|
@ -0,0 +1,44 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-migration-servers</artifactId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-server-wildfly-kc12</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>Keycloak 1.2.0.Final on Wildfly</name>
|
||||||
|
|
||||||
|
<properties>
|
||||||
|
<server.version>1.2.0.Final</server.version>
|
||||||
|
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
|
||||||
|
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
||||||
|
</properties>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>false</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.codehaus.mojo</groupId>
|
||||||
|
<artifactId>xml-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-assembly-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
|
@ -0,0 +1,45 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-migration-servers</artifactId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-server-wildfly-kc13</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>Keycloak 1.3.1.Final on Wildfly</name>
|
||||||
|
|
||||||
|
<properties>
|
||||||
|
<server.version>1.3.1.Final</server.version>
|
||||||
|
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
|
||||||
|
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
||||||
|
</properties>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>false</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.codehaus.mojo</groupId>
|
||||||
|
<artifactId>xml-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-assembly-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
|
||||||
|
</project>
|
|
@ -0,0 +1,44 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-migration-servers</artifactId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-server-wildfly-kc14</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>Keycloak 1.4.0.Final on Wildfly</name>
|
||||||
|
|
||||||
|
<properties>
|
||||||
|
<server.version>1.4.0.Final</server.version>
|
||||||
|
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
|
||||||
|
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
||||||
|
</properties>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>false</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.codehaus.mojo</groupId>
|
||||||
|
<artifactId>xml-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-assembly-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
|
@ -0,0 +1,44 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-migration-servers</artifactId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-server-wildfly-kc15</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>Keycloak 1.5.1.Final on Wildfly</name>
|
||||||
|
|
||||||
|
<properties>
|
||||||
|
<server.version>1.5.1.Final</server.version>
|
||||||
|
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
|
||||||
|
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
||||||
|
</properties>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>false</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.codehaus.mojo</groupId>
|
||||||
|
<artifactId>xml-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-assembly-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
|
@ -0,0 +1,29 @@
|
||||||
|
<assembly>
|
||||||
|
|
||||||
|
<id>auth-server-wildfly-kc16</id>
|
||||||
|
|
||||||
|
<formats>
|
||||||
|
<format>zip</format>
|
||||||
|
</formats>
|
||||||
|
|
||||||
|
<includeBaseDirectory>false</includeBaseDirectory>
|
||||||
|
|
||||||
|
<fileSets>
|
||||||
|
<fileSet>
|
||||||
|
<directory>${keycloak.server.home}</directory>
|
||||||
|
<outputDirectory>keycloak-1.6.1.Final</outputDirectory>
|
||||||
|
<excludes>
|
||||||
|
<exclude>**/*.sh</exclude>
|
||||||
|
</excludes>
|
||||||
|
</fileSet>
|
||||||
|
<fileSet>
|
||||||
|
<directory>${keycloak.server.home}</directory>
|
||||||
|
<outputDirectory>keycloak-1.6.1.Final</outputDirectory>
|
||||||
|
<includes>
|
||||||
|
<include>**/*.sh</include>
|
||||||
|
</includes>
|
||||||
|
<fileMode>0755</fileMode>
|
||||||
|
</fileSet>
|
||||||
|
</fileSets>
|
||||||
|
|
||||||
|
</assembly>
|
|
@ -0,0 +1,44 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-migration-servers</artifactId>
|
||||||
|
<version>1.7.0.Final-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-server-wildfly-kc16</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
<name>Keycloak 1.6.1.Final on Wildfly</name>
|
||||||
|
|
||||||
|
<properties>
|
||||||
|
<server.version>1.6.1.Final</server.version>
|
||||||
|
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-${server.version}</keycloak.server.home>
|
||||||
|
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
||||||
|
</properties>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-enforcer-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<skip>false</skip>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.codehaus.mojo</groupId>
|
||||||
|
<artifactId>xml-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-assembly-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</project>
|
|
@ -0,0 +1,28 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
|
||||||
|
xmlns:xalan="http://xml.apache.org/xalan"
|
||||||
|
version="2.0"
|
||||||
|
exclude-result-prefixes="xalan">
|
||||||
|
|
||||||
|
<xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
|
||||||
|
|
||||||
|
<xsl:variable name="nsDS" select="'urn:jboss:domain:logging:'"/>
|
||||||
|
|
||||||
|
<xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
|
||||||
|
/*[local-name()='root-logger' and starts-with(namespace-uri(), $nsDS)]">
|
||||||
|
<logger category="org.hibernate.dialect.Dialect">
|
||||||
|
<level name="ALL"/>
|
||||||
|
</logger>
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@* | node()" />
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<!-- Copy everything else. -->
|
||||||
|
<xsl:template match="@* | node()">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@* | node()"/>
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
</xsl:stylesheet>
|
|
@ -0,0 +1,94 @@
|
||||||
|
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
|
||||||
|
xmlns:xalan="http://xml.apache.org/xalan"
|
||||||
|
xmlns:j="urn:jboss:domain:3.0"
|
||||||
|
xmlns:ds="urn:jboss:domain:datasources:3.0"
|
||||||
|
xmlns:k="urn:jboss:domain:keycloak:1.1"
|
||||||
|
xmlns:sec="urn:jboss:domain:security:1.2"
|
||||||
|
version="2.0"
|
||||||
|
exclude-result-prefixes="xalan j ds k sec">
|
||||||
|
|
||||||
|
<xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
|
||||||
|
<xsl:strip-space elements="*"/>
|
||||||
|
|
||||||
|
|
||||||
|
<xsl:variable name="nsDS" select="'urn:jboss:domain:datasources:'"/>
|
||||||
|
|
||||||
|
<!-- Remove keycloak datasource definition. -->
|
||||||
|
<xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
|
||||||
|
/*[local-name()='datasources' and starts-with(namespace-uri(), $nsDS)]
|
||||||
|
/*[local-name()='datasource' and starts-with(namespace-uri(), $nsDS) and @pool-name='KeycloakDS']">
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:param name="jdbc.url" select="'jdbc:h2:${jboss.server.data.dir}/keycloak;AUTO_SERVER=TRUE'"/>
|
||||||
|
<xsl:param name="driver" select="'h2'"/>
|
||||||
|
|
||||||
|
<xsl:param name="username" select="'sa'"/>
|
||||||
|
<xsl:param name="password" select="'sa'"/>
|
||||||
|
|
||||||
|
<xsl:param name="min.poolsize" select="'10'"/>
|
||||||
|
<xsl:param name="max.poolsize" select="'50'"/>
|
||||||
|
<xsl:param name="pool.prefill" select="'true'"/>
|
||||||
|
|
||||||
|
<xsl:variable name="newDatasourceDefinition">
|
||||||
|
<datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
|
||||||
|
<connection-url>
|
||||||
|
<xsl:value-of select="$jdbc.url"/>
|
||||||
|
</connection-url>
|
||||||
|
<driver>
|
||||||
|
<xsl:value-of select="$driver"/>
|
||||||
|
</driver>
|
||||||
|
<security>
|
||||||
|
<user-name>
|
||||||
|
<xsl:value-of select="$username"/>
|
||||||
|
</user-name>
|
||||||
|
<password>
|
||||||
|
<xsl:value-of select="$password"/>
|
||||||
|
</password>
|
||||||
|
</security>
|
||||||
|
<pool>
|
||||||
|
<min-pool-size>
|
||||||
|
<xsl:value-of select="$min.poolsize"/>
|
||||||
|
</min-pool-size>
|
||||||
|
<max-pool-size>
|
||||||
|
<xsl:value-of select="$max.poolsize"/>
|
||||||
|
</max-pool-size>
|
||||||
|
<prefill>
|
||||||
|
<xsl:value-of select="$pool.prefill"/>
|
||||||
|
</prefill>
|
||||||
|
</pool>
|
||||||
|
</datasource>
|
||||||
|
</xsl:variable>
|
||||||
|
|
||||||
|
<xsl:variable name="newDriverDefinition">
|
||||||
|
<xsl:if test="$driver != 'h2'">
|
||||||
|
<driver name="{$driver}" module="com.{$driver}" />
|
||||||
|
</xsl:if>
|
||||||
|
</xsl:variable>
|
||||||
|
|
||||||
|
<!-- Add new datasource definition. -->
|
||||||
|
<xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
|
||||||
|
/*[local-name()='datasources' and starts-with(namespace-uri(), $nsDS)]">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:copy-of select="$newDatasourceDefinition"/>
|
||||||
|
<xsl:apply-templates select="@* | node()" />
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<!-- Add new driver definition. -->
|
||||||
|
<xsl:template match="//*[local-name()='subsystem' and starts-with(namespace-uri(), $nsDS)]
|
||||||
|
/*[local-name()='datasources' and starts-with(namespace-uri(), $nsDS)]
|
||||||
|
/*[local-name()='drivers' and starts-with(namespace-uri(), $nsDS)]">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:copy-of select="$newDriverDefinition"/>
|
||||||
|
<xsl:apply-templates select="@* | node()" />
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<!-- Copy everything else. -->
|
||||||
|
<xsl:template match="@*|node()">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@*|node()" />
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
</xsl:stylesheet>
|
|
@ -0,0 +1,33 @@
|
||||||
|
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
|
||||||
|
xmlns:xalan="http://xml.apache.org/xalan"
|
||||||
|
xmlns:m="urn:jboss:module:1.3"
|
||||||
|
version="2.0"
|
||||||
|
exclude-result-prefixes="xalan m">
|
||||||
|
|
||||||
|
<xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" />
|
||||||
|
|
||||||
|
|
||||||
|
<xsl:param name="database" select="''"/>
|
||||||
|
<xsl:param name="version" select="''"/>
|
||||||
|
|
||||||
|
<xsl:variable name="newModuleDefinition">
|
||||||
|
<module xmlns="urn:jboss:module:1.3" name="com.{$database}">
|
||||||
|
<resources>
|
||||||
|
<resource-root path="{$database}-{$version}.jar"/>
|
||||||
|
</resources>
|
||||||
|
<dependencies>
|
||||||
|
<module name="javax.api"/>
|
||||||
|
<module name="javax.transaction.api"/>
|
||||||
|
</dependencies>
|
||||||
|
</module>
|
||||||
|
</xsl:variable>
|
||||||
|
|
||||||
|
<!-- clear whole document -->
|
||||||
|
<xsl:template match="/*" />
|
||||||
|
|
||||||
|
<!-- Copy new module definition. -->
|
||||||
|
<xsl:template match="/*">
|
||||||
|
<xsl:copy-of select="$newModuleDefinition"/>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
</xsl:stylesheet>
|
|
@ -12,6 +12,10 @@
|
||||||
<packaging>pom</packaging>
|
<packaging>pom</packaging>
|
||||||
<name>Servers</name>
|
<name>Servers</name>
|
||||||
|
|
||||||
|
<modules>
|
||||||
|
<module>migration</module>
|
||||||
|
</modules>
|
||||||
|
|
||||||
<profiles>
|
<profiles>
|
||||||
<profile>
|
<profile>
|
||||||
<id>auth-server-wildfly</id>
|
<id>auth-server-wildfly</id>
|
||||||
|
@ -26,30 +30,6 @@
|
||||||
<module>eap6</module>
|
<module>eap6</module>
|
||||||
</modules>
|
</modules>
|
||||||
</profile>
|
</profile>
|
||||||
<profile>
|
|
||||||
<id>migration-kc15</id>
|
|
||||||
<modules>
|
|
||||||
<module>wildfly_kc15</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
|
||||||
<id>migration-kc14</id>
|
|
||||||
<modules>
|
|
||||||
<module>wildfly_kc14</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
|
||||||
<id>migration-kc13</id>
|
|
||||||
<modules>
|
|
||||||
<module>wildfly_kc13</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
|
||||||
<id>migration-kc12</id>
|
|
||||||
<modules>
|
|
||||||
<module>wildfly_kc12</module>
|
|
||||||
</modules>
|
|
||||||
</profile>
|
|
||||||
</profiles>
|
</profiles>
|
||||||
|
|
||||||
</project>
|
</project>
|
||||||
|
|
|
@ -1,199 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers</artifactId>
|
|
||||||
<version>1.7.0.Final-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc12 </artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>Keycloak 1.2.0.Final on Wildfly</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.2.0.Final</keycloak.server.home>
|
|
||||||
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-deploy-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<skip>true</skip>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-enforcer-plugin</artifactId>
|
|
||||||
<version>1.4</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>enforce-properties</id>
|
|
||||||
<goals>
|
|
||||||
<goal>enforce</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<rules>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.groupId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.artifactId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.version</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.url</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.user</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.password</property>
|
|
||||||
</requireProperty>
|
|
||||||
</rules>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-server</id>
|
|
||||||
<phase>generate-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-server-dist</artifactId>
|
|
||||||
<version>1.2.0.Final</version>
|
|
||||||
<type>zip</type>
|
|
||||||
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
<execution>
|
|
||||||
<id>jdbc-driver</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>copy</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>${jdbc.mvn.groupId}</groupId>
|
|
||||||
<artifactId>${jdbc.mvn.artifactId}</artifactId>
|
|
||||||
<version>${jdbc.mvn.version}</version>
|
|
||||||
<type>jar</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>xml-maven-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>configure-wildfly-datasource</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>transform</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<transformationSets>
|
|
||||||
<!-- create module.xml in modules -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
|
|
||||||
<stylesheet>src/main/xslt/module.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>module.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>database</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>version</name>
|
|
||||||
<value>${jdbc.mvn.version}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add datasource to standalone.xml -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/datasource.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>jdbc.url</name>
|
|
||||||
<value>${keycloak.connectionsJpa.url}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>driver</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>username</name>
|
|
||||||
<value>${keycloak.connectionsJpa.user}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>password</name>
|
|
||||||
<value>${keycloak.connectionsJpa.password}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
</transformationSet>
|
|
||||||
</transformationSets>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<artifactId>maven-assembly-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>create-zip</id>
|
|
||||||
<phase>package</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>single</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<descriptors>
|
|
||||||
<descriptor>assembly.xml</descriptor>
|
|
||||||
</descriptors>
|
|
||||||
<appendAssemblyId>false</appendAssemblyId>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</project>
|
|
|
@ -1,199 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers</artifactId>
|
|
||||||
<version>1.7.0.Final-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc13</artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>Keycloak 1.3.1.Final on Wildfly</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.3.1.Final</keycloak.server.home>
|
|
||||||
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-deploy-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<skip>true</skip>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-enforcer-plugin</artifactId>
|
|
||||||
<version>1.4</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>enforce-properties</id>
|
|
||||||
<goals>
|
|
||||||
<goal>enforce</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<rules>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.groupId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.artifactId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.version</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.url</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.user</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.password</property>
|
|
||||||
</requireProperty>
|
|
||||||
</rules>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-server</id>
|
|
||||||
<phase>generate-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-server-dist</artifactId>
|
|
||||||
<version>1.3.1.Final</version>
|
|
||||||
<type>zip</type>
|
|
||||||
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
<execution>
|
|
||||||
<id>jdbc-driver</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>copy</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>${jdbc.mvn.groupId}</groupId>
|
|
||||||
<artifactId>${jdbc.mvn.artifactId}</artifactId>
|
|
||||||
<version>${jdbc.mvn.version}</version>
|
|
||||||
<type>jar</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>xml-maven-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>configure-wildfly-datasource</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>transform</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<transformationSets>
|
|
||||||
<!-- create module.xml in modules -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
|
|
||||||
<stylesheet>src/main/xslt/module.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>module.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>database</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>version</name>
|
|
||||||
<value>${jdbc.mvn.version}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add datasource to standalone.xml -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/datasource.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>jdbc.url</name>
|
|
||||||
<value>${keycloak.connectionsJpa.url}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>driver</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>username</name>
|
|
||||||
<value>${keycloak.connectionsJpa.user}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>password</name>
|
|
||||||
<value>${keycloak.connectionsJpa.password}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
</transformationSet>
|
|
||||||
</transformationSets>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<artifactId>maven-assembly-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>create-zip</id>
|
|
||||||
<phase>package</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>single</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<descriptors>
|
|
||||||
<descriptor>assembly.xml</descriptor>
|
|
||||||
</descriptors>
|
|
||||||
<appendAssemblyId>false</appendAssemblyId>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</project>
|
|
|
@ -1,199 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers</artifactId>
|
|
||||||
<version>1.7.0.Final-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc14</artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>Keycloak 1.4.0.Final on Wildfly</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.4.0.Final</keycloak.server.home>
|
|
||||||
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-deploy-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<skip>true</skip>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-enforcer-plugin</artifactId>
|
|
||||||
<version>1.4</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>enforce-properties</id>
|
|
||||||
<goals>
|
|
||||||
<goal>enforce</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<rules>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.groupId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.artifactId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.version</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.url</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.user</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.password</property>
|
|
||||||
</requireProperty>
|
|
||||||
</rules>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-server</id>
|
|
||||||
<phase>generate-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-server-dist</artifactId>
|
|
||||||
<version>1.4.0.Final</version>
|
|
||||||
<type>zip</type>
|
|
||||||
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
<execution>
|
|
||||||
<id>jdbc-driver</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>copy</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>${jdbc.mvn.groupId}</groupId>
|
|
||||||
<artifactId>${jdbc.mvn.artifactId}</artifactId>
|
|
||||||
<version>${jdbc.mvn.version}</version>
|
|
||||||
<type>jar</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>xml-maven-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>configure-wildfly-datasource</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>transform</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<transformationSets>
|
|
||||||
<!-- create module.xml in modules -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
|
|
||||||
<stylesheet>src/main/xslt/module.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>module.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>database</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>version</name>
|
|
||||||
<value>${jdbc.mvn.version}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add datasource to standalone.xml -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/datasource.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>jdbc.url</name>
|
|
||||||
<value>${keycloak.connectionsJpa.url}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>driver</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>username</name>
|
|
||||||
<value>${keycloak.connectionsJpa.user}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>password</name>
|
|
||||||
<value>${keycloak.connectionsJpa.password}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
</transformationSet>
|
|
||||||
</transformationSets>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<artifactId>maven-assembly-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>create-zip</id>
|
|
||||||
<phase>package</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>single</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<descriptors>
|
|
||||||
<descriptor>assembly.xml</descriptor>
|
|
||||||
</descriptors>
|
|
||||||
<appendAssemblyId>false</appendAssemblyId>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</project>
|
|
|
@ -1,199 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
||||||
<parent>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-servers</artifactId>
|
|
||||||
<version>1.7.0.Final-SNAPSHOT</version>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc15</artifactId>
|
|
||||||
<packaging>pom</packaging>
|
|
||||||
<name>Keycloak 1.5.1.Final on Wildfly</name>
|
|
||||||
|
|
||||||
<properties>
|
|
||||||
<keycloak.server.home>${project.build.directory}/unpacked/keycloak-1.5.1.Final</keycloak.server.home>
|
|
||||||
<jdbc.mvn.driver.deployment.dir>${keycloak.server.home}/modules/system/layers/base/com/${jdbc.mvn.artifactId}/main</jdbc.mvn.driver.deployment.dir>
|
|
||||||
</properties>
|
|
||||||
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-deploy-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<skip>true</skip>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-enforcer-plugin</artifactId>
|
|
||||||
<version>1.4</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>enforce-properties</id>
|
|
||||||
<goals>
|
|
||||||
<goal>enforce</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<rules>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.groupId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.artifactId</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>jdbc.mvn.version</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.url</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.user</property>
|
|
||||||
</requireProperty>
|
|
||||||
<requireProperty>
|
|
||||||
<property>keycloak.connectionsJpa.password</property>
|
|
||||||
</requireProperty>
|
|
||||||
</rules>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-server</id>
|
|
||||||
<phase>generate-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-server-dist</artifactId>
|
|
||||||
<version>1.5.1.Final</version>
|
|
||||||
<type>zip</type>
|
|
||||||
<outputDirectory>${project.build.directory}/unpacked</outputDirectory>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
<execution>
|
|
||||||
<id>jdbc-driver</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>copy</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>${jdbc.mvn.groupId}</groupId>
|
|
||||||
<artifactId>${jdbc.mvn.artifactId}</artifactId>
|
|
||||||
<version>${jdbc.mvn.version}</version>
|
|
||||||
<type>jar</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${jdbc.mvn.driver.deployment.dir}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>xml-maven-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>configure-wildfly-datasource</id>
|
|
||||||
<phase>process-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>transform</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<transformationSets>
|
|
||||||
<!-- create module.xml in modules -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/modules/system/layers/base/com/h2database/h2/main</dir>
|
|
||||||
<stylesheet>src/main/xslt/module.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>module.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${jdbc.mvn.driver.deployment.dir}</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>database</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>version</name>
|
|
||||||
<value>${jdbc.mvn.version}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add datasource to standalone.xml -->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/datasource.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
<parameters>
|
|
||||||
<parameter>
|
|
||||||
<name>jdbc.url</name>
|
|
||||||
<value>${keycloak.connectionsJpa.url}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>driver</name>
|
|
||||||
<value>${jdbc.mvn.artifactId}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>username</name>
|
|
||||||
<value>${keycloak.connectionsJpa.user}</value>
|
|
||||||
</parameter>
|
|
||||||
<parameter>
|
|
||||||
<name>password</name>
|
|
||||||
<value>${keycloak.connectionsJpa.password}</value>
|
|
||||||
</parameter>
|
|
||||||
</parameters>
|
|
||||||
</transformationSet>
|
|
||||||
<!-- add logger for org.hibernate.dialect.Dialect to standalone.xml-->
|
|
||||||
<transformationSet>
|
|
||||||
<dir>${keycloak.server.home}/standalone/configuration</dir>
|
|
||||||
<stylesheet>src/main/xslt/add-dialect-logger.xsl</stylesheet>
|
|
||||||
<includes>
|
|
||||||
<include>standalone.xml</include>
|
|
||||||
</includes>
|
|
||||||
<outputDir>${keycloak.server.home}/standalone/configuration</outputDir>
|
|
||||||
</transformationSet>
|
|
||||||
</transformationSets>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<artifactId>maven-assembly-plugin</artifactId>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>create-zip</id>
|
|
||||||
<phase>package</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>single</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<descriptors>
|
|
||||||
<descriptor>assembly.xml</descriptor>
|
|
||||||
</descriptors>
|
|
||||||
<appendAssemblyId>false</appendAssemblyId>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</project>
|
|
|
@ -1,7 +1,13 @@
|
||||||
package org.keycloak.testsuite.arquillian;
|
package org.keycloak.testsuite.arquillian;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
|
import java.util.LinkedList;
|
||||||
|
import org.apache.commons.io.FileUtils;
|
||||||
|
import org.jboss.arquillian.container.spi.Container;
|
||||||
|
import org.jboss.arquillian.container.spi.ContainerRegistry;
|
||||||
import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
|
import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
|
||||||
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
|
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
|
||||||
import org.jboss.arquillian.container.test.api.ContainerController;
|
import org.jboss.arquillian.container.test.api.ContainerController;
|
||||||
|
@ -37,6 +43,9 @@ public class ContainersTestEnricher {
|
||||||
@Inject
|
@Inject
|
||||||
private Instance<ContainerController> containerController;
|
private Instance<ContainerController> containerController;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
private Instance<ContainerRegistry> containerRegistry;
|
||||||
|
|
||||||
@Inject
|
@Inject
|
||||||
private Event<StopSuiteContainers> stopSuiteContainers;
|
private Event<StopSuiteContainers> stopSuiteContainers;
|
||||||
|
|
||||||
|
@ -62,24 +71,77 @@ public class ContainersTestEnricher {
|
||||||
private InstanceProducer<OAuthClient> oauthClient;
|
private InstanceProducer<OAuthClient> oauthClient;
|
||||||
|
|
||||||
private ContainerController controller;
|
private ContainerController controller;
|
||||||
|
private LinkedList<Container> containers;
|
||||||
|
|
||||||
private final boolean migrationTests = System.getProperty("migration", "false").equals("true");
|
private final boolean migrationTests = System.getProperty("migration", "false").equals("true");
|
||||||
private boolean alreadyStopped = false;
|
private boolean alreadyStopped = false;
|
||||||
|
private boolean init = false;
|
||||||
|
|
||||||
|
private void init() {
|
||||||
|
if (!init) {
|
||||||
|
containers = new LinkedList(containerRegistry.get().getContainers());
|
||||||
|
}
|
||||||
|
init = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* non-javadoc
|
||||||
|
*
|
||||||
|
* Before starting suite containers. Initialization of containers is done
|
||||||
|
* (only once during class life cycle)
|
||||||
|
*/
|
||||||
public void startSuiteContainers(@Observes(precedence = 1) StartSuiteContainers event) {
|
public void startSuiteContainers(@Observes(precedence = 1) StartSuiteContainers event) {
|
||||||
|
init();
|
||||||
if (migrationTests) {
|
if (migrationTests) {
|
||||||
log.info("\n### Starting keycloak with previous version ###\n");
|
log.info("\n\n### Starting keycloak " + System.getProperty("version", "- previous") + " ###\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public void stopMigrationContainer(@Observes AfterStart event) {
|
/*
|
||||||
|
* non-javadoc
|
||||||
|
*
|
||||||
|
* After start container. Server logs are checked (in case jboss based container).
|
||||||
|
* In case of migration scenario: previous container is stopped.
|
||||||
|
*/
|
||||||
|
public void afterStart(@Observes AfterStart event) throws IOException {
|
||||||
|
if (System.getProperty("check.server.log", "true").equals("true")) {
|
||||||
|
checkServerLog();
|
||||||
|
}
|
||||||
|
|
||||||
if (migrationTests && !alreadyStopped) {
|
if (migrationTests && !alreadyStopped) {
|
||||||
log.info("\n### Stopping keycloak with previous version ###\n");
|
log.info("\n\n### Stopping keycloak " + System.getProperty("version", "- previous") + " ###\n");
|
||||||
stopSuiteContainers.fire(new StopSuiteContainers());
|
stopSuiteContainers.fire(new StopSuiteContainers());
|
||||||
|
log.info("\n\n### Starting keycloak current version ###\n");
|
||||||
}
|
}
|
||||||
alreadyStopped = true;
|
alreadyStopped = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* non-javadoc
|
||||||
|
*
|
||||||
|
* check server logs (in case jboss based container) whether there are no ERRORs or SEVEREs
|
||||||
|
*/
|
||||||
|
private void checkServerLog() throws IOException {
|
||||||
|
Container container = containers.removeFirst();
|
||||||
|
if (!container.getName().equals("auth-server-undertow")) {
|
||||||
|
String jbossHomePath = container.getContainerConfiguration().getContainerProperties().get("jbossHome");
|
||||||
|
log.debug("jbossHome: " + jbossHomePath + "\n");
|
||||||
|
|
||||||
|
String serverLogContent = FileUtils.readFileToString(new File(jbossHomePath + "/standalone/log/server.log"));
|
||||||
|
|
||||||
|
boolean containsError
|
||||||
|
= serverLogContent.contains("ERROR")
|
||||||
|
|| serverLogContent.contains("SEVERE")
|
||||||
|
|| serverLogContent.contains("Exception ");
|
||||||
|
//There is expected string "Exception" in server log: Adding provider
|
||||||
|
//singleton org.keycloak.services.resources.ModelExceptionMapper
|
||||||
|
|
||||||
|
if (containsError) {
|
||||||
|
throw new RuntimeException(container.getName() + ": Server log contains ERROR.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void beforeSuite(@Observes BeforeSuite event) {
|
public void beforeSuite(@Observes BeforeSuite event) {
|
||||||
suiteContext.set(new SuiteContext());
|
suiteContext.set(new SuiteContext());
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,6 +10,7 @@ import org.jboss.arquillian.graphene.location.CustomizableURLResourceProvider;
|
||||||
import org.jboss.arquillian.test.spi.enricher.resource.ResourceProvider;
|
import org.jboss.arquillian.test.spi.enricher.resource.ResourceProvider;
|
||||||
import org.jboss.arquillian.test.spi.execution.TestExecutionDecider;
|
import org.jboss.arquillian.test.spi.execution.TestExecutionDecider;
|
||||||
import org.keycloak.testsuite.arquillian.jira.JiraTestExecutionDecider;
|
import org.keycloak.testsuite.arquillian.jira.JiraTestExecutionDecider;
|
||||||
|
import org.keycloak.testsuite.arquillian.migration.MigrationTestExecutionDecider;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.CustomUndertowContainer;
|
import org.keycloak.testsuite.arquillian.undertow.CustomUndertowContainer;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -36,7 +37,8 @@ public class KeycloakArquillianExtension implements LoadableExtension {
|
||||||
.service(DeployableContainer.class, CustomUndertowContainer.class);
|
.service(DeployableContainer.class, CustomUndertowContainer.class);
|
||||||
|
|
||||||
builder
|
builder
|
||||||
.service(TestExecutionDecider.class, JiraTestExecutionDecider.class);
|
.service(TestExecutionDecider.class, JiraTestExecutionDecider.class)
|
||||||
|
.service(TestExecutionDecider.class, MigrationTestExecutionDecider.class);
|
||||||
|
|
||||||
builder
|
builder
|
||||||
.override(ResourceProvider.class, URLResourceProvider.class, URLProvider.class)
|
.override(ResourceProvider.class, URLResourceProvider.class, URLProvider.class)
|
||||||
|
|
|
@ -22,17 +22,17 @@ public class JBossJiraParser {
|
||||||
private static final String JBOSS_TRACKER_REST_URL = "https://issues.jboss.org/rest/api/latest/issue/";
|
private static final String JBOSS_TRACKER_REST_URL = "https://issues.jboss.org/rest/api/latest/issue/";
|
||||||
|
|
||||||
public static boolean isIssueClosed(String issueId) {
|
public static boolean isIssueClosed(String issueId) {
|
||||||
Status issueStatus;
|
Status issueStatus;
|
||||||
try {
|
try {
|
||||||
issueStatus = getIssueStatus(issueId);
|
issueStatus = getIssueStatus(issueId);
|
||||||
} catch(Exception e) {
|
} catch (Exception e) {
|
||||||
issueStatus = Status.CLOSED; //let the test run in case there is no connection
|
issueStatus = Status.CLOSED; //let the test run in case there is no connection
|
||||||
}
|
}
|
||||||
return issueStatus == Status.CLOSED || issueStatus == Status.RESOLVED;
|
return issueStatus == Status.CLOSED || issueStatus == Status.RESOLVED;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static Status getIssueStatus(String issueId) throws Exception {
|
private static Status getIssueStatus(String issueId) throws Exception {
|
||||||
Client client = ClientBuilder.newClient();
|
Client client = ClientBuilder.newClient();
|
||||||
WebTarget target = client.target(JBOSS_TRACKER_REST_URL);
|
WebTarget target = client.target(JBOSS_TRACKER_REST_URL);
|
||||||
String json = target.path(issueId).request().accept(MediaType.APPLICATION_JSON_TYPE).get(String.class);
|
String json = target.path(issueId).request().accept(MediaType.APPLICATION_JSON_TYPE).get(String.class);
|
||||||
JsonObject jsonObject = new Gson().fromJson(json, JsonElement.class).getAsJsonObject();
|
JsonObject jsonObject = new Gson().fromJson(json, JsonElement.class).getAsJsonObject();
|
||||||
|
|
|
@ -24,5 +24,5 @@ import java.lang.annotation.Target;
|
||||||
public @interface Jira {
|
public @interface Jira {
|
||||||
|
|
||||||
String value();
|
String value();
|
||||||
boolean enabled() default true;
|
boolean enabled() default true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,43 +19,43 @@ import static org.keycloak.testsuite.arquillian.jira.JBossJiraParser.isIssueClos
|
||||||
*/
|
*/
|
||||||
public class JiraTestExecutionDecider implements TestExecutionDecider {
|
public class JiraTestExecutionDecider implements TestExecutionDecider {
|
||||||
|
|
||||||
private static Map<String, Boolean> cache = new HashMap<String, Boolean>();
|
private static Map<String, Boolean> cache = new HashMap<>();
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public ExecutionDecision decide(Method method) {
|
public ExecutionDecision decide(Method method) {
|
||||||
Jira jiraAnnotation = method.getAnnotation(Jira.class);
|
Jira jiraAnnotation = method.getAnnotation(Jira.class);
|
||||||
if (jiraAnnotation != null && jiraAnnotation.enabled()) {
|
if (jiraAnnotation != null && jiraAnnotation.enabled()) {
|
||||||
boolean executeTest = true;
|
boolean executeTest = true;
|
||||||
String[] issueIds = getIssuesId(jiraAnnotation.value());
|
String[] issueIds = getIssuesId(jiraAnnotation.value());
|
||||||
for (String issueId : issueIds) {
|
for (String issueId : issueIds) {
|
||||||
if (cache.containsKey(issueId)) {
|
if (cache.containsKey(issueId)) {
|
||||||
executeTest = cache.get(issueId);
|
executeTest = cache.get(issueId);
|
||||||
} else {
|
} else {
|
||||||
if (isIssueClosed(issueId)) {
|
if (isIssueClosed(issueId)) {
|
||||||
cache.put(issueId, true);
|
cache.put(issueId, true);
|
||||||
} else {
|
} else {
|
||||||
executeTest = false;
|
executeTest = false;
|
||||||
cache.put(issueId, false);
|
cache.put(issueId, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (executeTest) {
|
if (executeTest) {
|
||||||
return ExecutionDecision.execute();
|
return ExecutionDecision.execute();
|
||||||
} else {
|
} else {
|
||||||
return ExecutionDecision.dontExecute("Issue is still opened, therefore skipping the test " + method.getName());
|
return ExecutionDecision.dontExecute("Issue is still opened, therefore skipping the test " + method.getName());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return ExecutionDecision.execute();
|
return ExecutionDecision.execute();
|
||||||
}
|
}
|
||||||
|
|
||||||
private String[] getIssuesId(String value) {
|
private String[] getIssuesId(String value) {
|
||||||
return value.replaceAll("\\s+", "").split(",");
|
return value.replaceAll("\\s+", "").split(",");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public int precedence() {
|
public int precedence() {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source.
|
||||||
|
* Copyright 2012, Red Hat, Inc., and individual contributors
|
||||||
|
* as indicated by the @author tags. See the copyright.txt file in the
|
||||||
|
* distribution for a full listing of individual contributors.
|
||||||
|
*
|
||||||
|
* This is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU Lesser General Public License as
|
||||||
|
* published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This software is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this software; if not, write to the Free
|
||||||
|
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
||||||
|
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.arquillian.migration;
|
||||||
|
|
||||||
|
import java.lang.annotation.Documented;
|
||||||
|
import java.lang.annotation.ElementType;
|
||||||
|
import java.lang.annotation.Retention;
|
||||||
|
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||||
|
import java.lang.annotation.Target;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
|
||||||
|
*/
|
||||||
|
@Documented
|
||||||
|
@Retention(RUNTIME)
|
||||||
|
@Target({ElementType.METHOD})
|
||||||
|
public @interface Migration {
|
||||||
|
String versionFrom();
|
||||||
|
}
|
|
@ -0,0 +1,61 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source.
|
||||||
|
* Copyright 2012, Red Hat, Inc., and individual contributors
|
||||||
|
* as indicated by the @author tags. See the copyright.txt file in the
|
||||||
|
* distribution for a full listing of individual contributors.
|
||||||
|
*
|
||||||
|
* This is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU Lesser General Public License as
|
||||||
|
* published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This software is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this software; if not, write to the Free
|
||||||
|
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
||||||
|
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.arquillian.migration;
|
||||||
|
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
import org.jboss.arquillian.test.spi.execution.ExecutionDecision;
|
||||||
|
import org.jboss.arquillian.test.spi.execution.TestExecutionDecider;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
|
||||||
|
*/
|
||||||
|
public class MigrationTestExecutionDecider implements TestExecutionDecider {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ExecutionDecision decide(Method method) {
|
||||||
|
|
||||||
|
boolean migrationTest = "true".equals(System.getProperty("migration", "false"));
|
||||||
|
Migration migrationAnnotation = method.getAnnotation(Migration.class);
|
||||||
|
|
||||||
|
if (migrationTest && migrationAnnotation != null) {
|
||||||
|
String versionFrom = migrationAnnotation.versionFrom();
|
||||||
|
String version = System.getProperty("version");
|
||||||
|
|
||||||
|
|
||||||
|
if (version.equals(versionFrom)) {
|
||||||
|
return ExecutionDecision.execute();
|
||||||
|
} else {
|
||||||
|
return ExecutionDecision.dontExecute(method.getName() + "doesn't fit with migration version.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ((migrationTest && migrationAnnotation == null) || (!migrationTest && migrationAnnotation != null)) {
|
||||||
|
return ExecutionDecision.dontExecute("Migration test and no migration annotation or no migration test and migration annotation");
|
||||||
|
}
|
||||||
|
return ExecutionDecision.execute();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int precedence() {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -86,6 +86,7 @@ public abstract class AbstractKeycloakTest {
|
||||||
driverSettings();
|
driverSettings();
|
||||||
|
|
||||||
if (!suiteContext.isAdminPasswordUpdated()) {
|
if (!suiteContext.isAdminPasswordUpdated()) {
|
||||||
|
log.debug("updating admin password");
|
||||||
updateMasterAdminPassword();
|
updateMasterAdminPassword();
|
||||||
suiteContext.setAdminPasswordUpdated(true);
|
suiteContext.setAdminPasswordUpdated(true);
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,90 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source.
|
||||||
|
* Copyright 2012, Red Hat, Inc., and individual contributors
|
||||||
|
* as indicated by the @author tags. See the copyright.txt file in the
|
||||||
|
* distribution for a full listing of individual contributors.
|
||||||
|
*
|
||||||
|
* This is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU Lesser General Public License as
|
||||||
|
* published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This software is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this software; if not, write to the Free
|
||||||
|
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
||||||
|
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.migration;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import static org.junit.Assert.*;
|
||||||
|
import org.junit.Ignore;
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.keycloak.admin.client.resource.ClientsResource;
|
||||||
|
import org.keycloak.admin.client.resource.RealmResource;
|
||||||
|
import org.keycloak.representations.idm.ClientRepresentation;
|
||||||
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
|
import org.keycloak.representations.idm.RoleRepresentation;
|
||||||
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.migration.Migration;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author <a href="mailto:vramik@redhat.com">Vlastislav Ramik</a>
|
||||||
|
*/
|
||||||
|
public class MigrationTest extends AbstractKeycloakTest {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void addTestRealms(List<RealmRepresentation> testRealms) {
|
||||||
|
log.info("Adding no test realms for migration test. Test realm should be migrated from previous vesrion.");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Migration(versionFrom = "1.6.1.Final")
|
||||||
|
public void migration16Test() {
|
||||||
|
RealmResource realmResource = adminClient.realms().realm("Migration");
|
||||||
|
RealmRepresentation realmRep = realmResource.toRepresentation();
|
||||||
|
assertEquals("Migration", realmRep.getRealm());
|
||||||
|
|
||||||
|
List<RoleRepresentation> realmRoles = realmResource.roles().list();
|
||||||
|
assertEquals(1, realmRoles.size());
|
||||||
|
assertEquals("offline_access", realmRoles.get(0).getName());
|
||||||
|
|
||||||
|
for (ClientRepresentation client : realmResource.clients().findAll()) {
|
||||||
|
final String clientId = client.getClientId();
|
||||||
|
switch (clientId) {
|
||||||
|
case "realm-management":
|
||||||
|
assertEquals(13, realmResource.clients().get(client.getId()).roles().list().size());
|
||||||
|
break;
|
||||||
|
case "security-admin-console":
|
||||||
|
assertEquals(0, realmResource.clients().get(client.getId()).roles().list().size());
|
||||||
|
break;
|
||||||
|
case "broker":
|
||||||
|
assertEquals(1, realmResource.clients().get(client.getId()).roles().list().size());
|
||||||
|
break;
|
||||||
|
case "account":
|
||||||
|
assertEquals(2, realmResource.clients().get(client.getId()).roles().list().size());
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
fail("Migrated realm contains unexpected client " + clientId);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Migration(versionFrom = "1.5.1.Final")
|
||||||
|
@Ignore
|
||||||
|
public void migration15Test() {
|
||||||
|
for (RealmRepresentation realm : adminClient.realms().findAll()) {
|
||||||
|
System.out.println(realm.getRealm());
|
||||||
|
}
|
||||||
|
|
||||||
|
//TODO
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -21,12 +21,39 @@
|
||||||
<!-- PREVIOUS VERSIONS KEYCLOAK FOR MIGRATION TESTS -->
|
<!-- PREVIOUS VERSIONS KEYCLOAK FOR MIGRATION TESTS -->
|
||||||
<!-- IT HAS TO BE LISTED ABOWE KEYCLOAK AUTH SERVERS -->
|
<!-- IT HAS TO BE LISTED ABOWE KEYCLOAK AUTH SERVERS -->
|
||||||
|
|
||||||
|
<container qualifier="keycloak-1.6.1.Final" mode="suite" >
|
||||||
|
<configuration>
|
||||||
|
<property name="enabled">${migration.kc16}</property>
|
||||||
|
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
||||||
|
<property name="jbossHome">${keycloak.migration.home}</property>
|
||||||
|
<property name="javaVmArguments">
|
||||||
|
-Dkeycloak.migration.action=import
|
||||||
|
-Dkeycloak.migration.provider=singleFile
|
||||||
|
-Dkeycloak.migration.file=${keycloak.migration.file}
|
||||||
|
-Dkeycloak.migration.strategy=OVERWRITE_EXISTING
|
||||||
|
-Dkeycloak.migration.realmName=Migration
|
||||||
|
-Djboss.socket.binding.port-offset=${auth.server.port.offset}
|
||||||
|
-Xms64m -Xmx512m -XX:MaxPermSize=256m
|
||||||
|
</property>
|
||||||
|
<property name="managementPort">${auth.server.management.port}</property>
|
||||||
|
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
||||||
|
</configuration>
|
||||||
|
</container>
|
||||||
|
|
||||||
<container qualifier="keycloak-1.5.1.Final" mode="suite" >
|
<container qualifier="keycloak-1.5.1.Final" mode="suite" >
|
||||||
<configuration>
|
<configuration>
|
||||||
<property name="enabled">${migration.kc15}</property>
|
<property name="enabled">${migration.kc15}</property>
|
||||||
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
||||||
<property name="jbossHome">${keycloak-1.5.1.Final.home}</property>
|
<property name="jbossHome">${keycloak.migration.home}</property>
|
||||||
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
<property name="javaVmArguments">
|
||||||
|
-Dkeycloak.migration.action=import
|
||||||
|
-Dkeycloak.migration.provider=singleFile
|
||||||
|
-Dkeycloak.migration.file=${keycloak.migration.file}
|
||||||
|
-Dkeycloak.migration.strategy=OVERWRITE_EXISTING
|
||||||
|
-Dkeycloak.migration.realmName=Migration
|
||||||
|
-Djboss.socket.binding.port-offset=${auth.server.port.offset}
|
||||||
|
-Xms64m -Xmx512m -XX:MaxPermSize=256m
|
||||||
|
</property>
|
||||||
<property name="managementPort">${auth.server.management.port}</property>
|
<property name="managementPort">${auth.server.management.port}</property>
|
||||||
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
||||||
</configuration>
|
</configuration>
|
||||||
|
@ -36,7 +63,7 @@
|
||||||
<configuration>
|
<configuration>
|
||||||
<property name="enabled">${migration.kc14}</property>
|
<property name="enabled">${migration.kc14}</property>
|
||||||
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
||||||
<property name="jbossHome">${keycloak-1.4.0.Final.home}</property>
|
<property name="jbossHome">${keycloak.migration.home}</property>
|
||||||
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
||||||
<property name="managementPort">${auth.server.management.port}</property>
|
<property name="managementPort">${auth.server.management.port}</property>
|
||||||
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
||||||
|
@ -47,7 +74,7 @@
|
||||||
<configuration>
|
<configuration>
|
||||||
<property name="enabled">${migration.kc13}</property>
|
<property name="enabled">${migration.kc13}</property>
|
||||||
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
||||||
<property name="jbossHome">${keycloak-1.3.1.Final.home}</property>
|
<property name="jbossHome">${keycloak.migration.home}</property>
|
||||||
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
||||||
<property name="managementPort">${auth.server.management.port}</property>
|
<property name="managementPort">${auth.server.management.port}</property>
|
||||||
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
||||||
|
@ -58,7 +85,7 @@
|
||||||
<configuration>
|
<configuration>
|
||||||
<property name="enabled">${migration.kc12}</property>
|
<property name="enabled">${migration.kc12}</property>
|
||||||
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
<property name="adapterImplClass">org.jboss.as.arquillian.container.managed.ManagedDeployableContainer</property>
|
||||||
<property name="jbossHome">${keycloak-1.2.0.Final.home}</property>
|
<property name="jbossHome">${keycloak.migration.homee}</property>
|
||||||
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
<property name="javaVmArguments">-Djboss.socket.binding.port-offset=${auth.server.port.offset} -Xms64m -Xmx512m -XX:MaxPermSize=256m</property>
|
||||||
<property name="managementPort">${auth.server.management.port}</property>
|
<property name="managementPort">${auth.server.management.port}</property>
|
||||||
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
<property name="startupTimeoutInSeconds">${startup.timeout.sec}</property>
|
||||||
|
|
|
@ -0,0 +1,751 @@
|
||||||
|
{
|
||||||
|
"id" : "9c3a9824-cc8b-46f6-8922-cd576a92850f",
|
||||||
|
"realm" : "Migration",
|
||||||
|
"notBefore" : 0,
|
||||||
|
"accessTokenLifespan" : 300,
|
||||||
|
"ssoSessionIdleTimeout" : 1800,
|
||||||
|
"ssoSessionMaxLifespan" : 36000,
|
||||||
|
"accessCodeLifespan" : 60,
|
||||||
|
"accessCodeLifespanUserAction" : 300,
|
||||||
|
"accessCodeLifespanLogin" : 1800,
|
||||||
|
"enabled" : true,
|
||||||
|
"sslRequired" : "external",
|
||||||
|
"registrationAllowed" : false,
|
||||||
|
"registrationEmailAsUsername" : false,
|
||||||
|
"rememberMe" : false,
|
||||||
|
"verifyEmail" : false,
|
||||||
|
"resetPasswordAllowed" : false,
|
||||||
|
"editUsernameAllowed" : false,
|
||||||
|
"bruteForceProtected" : false,
|
||||||
|
"maxFailureWaitSeconds" : 900,
|
||||||
|
"minimumQuickLoginWaitSeconds" : 60,
|
||||||
|
"waitIncrementSeconds" : 60,
|
||||||
|
"quickLoginCheckMilliSeconds" : 1000,
|
||||||
|
"maxDeltaTimeSeconds" : 43200,
|
||||||
|
"failureFactor" : 30,
|
||||||
|
"privateKey" : "MIIEpAIBAAKCAQEA29+/bYOEg+RFlDgKjX0nv+UMkV8X06E1XvRobuQjXKOV613VJIa1F/nGabXthkM3tC7DadJ5y1tBwhF+bJzMA4w38zNfJdjEp3DRND6ypUn0SJZrSw6l3u3w+s5uemgTWUZk463Xr3HbDxtnG+4t5GuHA2Oq6O2OLniVZKbDTpgF1HxzCBQiAxi2jNJm3tMlTdN6D/nV3Rwp2T1250T3ldkM3TDK/Nlup3oOejy+qRGEmh+omuABOOJ8icCULZ5S2AbiqfojP5ZN3WEpyCqcQvsdop4IawUbTDyy9BCE2K5CCZ6ZgQaSnpJZGUy91crPJXnI4tlg5Mh88l8aSrBLsQIDAQABAoIBAA5J7SPNzzfPBuKJ/c2SG5ox5W4xEthS+qfwFDVYqB+mFeEU2PwlsPEc71MBWq1GAwG3pEVlQzr+9DgLcP7X9b4pR52LchyAiM8k2sOda3ioZLKu68wV6JujNOznq3BTASblFztgmcqyCH1j14COKvdUMZL70CiQ/5NvjK3c1IZv5d/S9B7Qhd2o/6cO51xIodE87Lc4Pghq8cQ/AJJUJokyFtjkCpTNAYxcZgyiEMNbyjrbNMMEpiuspZ50eRbi7SOKOg6mSjwuTeK0cQ57JDuMhE/iyaMwh98uqSTccqeKS672z+7QCu89ce1YZMnWtjfwKEiIcTWB71pvy2gGwgECgYEA9Afv+5Zop4j1kmZvQcdr+UpW3Ia91nNelvlkMYPMrsC24xwrGhO9Hx76VxdBFCzDuYBIyOzbPLV7kFojSKmcWB6hb/S/j6eMd46ZetycrfH5sRpJHmqJpGZiARrWTLsFRNDwi2jwEl2qt3wkq/IBvuzNt9bwbnsajgRVSVWUBtECgYEA5qh+hl1f8R6KcrUro9kSSxjmlqzSIeAYNJ0VJkr2ZjRd984xTRSnUcuVJnbfNgfmywCB9s7QGgcMrs9BejKuP1bq2hnjjA1WOvz0Dq1FRw3wqYSZWHtVO2h/QDaKIcGjQ/PyWAyrOTBaL+bzKrNO66L7CQK63A4/Gj7QivFA7uECgYEAmYW81pyDbpLdW6MR72IUbZr1Fnu2RooCQhzXiccPKAmZhTudaiRs4H1OpSe+C4E2CSfJoo5QRtstx1zNwdLixxVOHu7s7OVNm5GcwQy1jUEkAuU0huwjd8fpdCR8GX23DNod2rbEAennktOJBpuTuZekvDl+vSK5TAsx1JcAL2ECgYB7rPTKjt6Wps2NW98eZ5ILejqJp/iz+TiBXYitk5wyiPmpmYGN1vkwPnymty5QBkSVrJwC/jlO+2CtiquNHgeYJr6eWytLOQt3bZJfHED9LFhSTKr8aoT06b7xa0z9dJpaIT9cPs7AR1DURn0z9Bjo9+aqmjAfNfRX2j5vgZRTgQKBgQC7+9bt4yZ0MAxJYTMVqU/LnyjPuDrgXZJYw5ZYO6r5xF0mdovE9+lY6I8OeAUg428Zk8mxMYeqOFUHF8nVBxofHrZbXR2eJxJLRO8f2GPRFYanA9MNe1Jc0WV5bi1gF+ifC0j//W1kGxCHJX1OeMSV/h8r3OaIHEwuu30ZLHFxRg==",
|
||||||
|
"publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29+/bYOEg+RFlDgKjX0nv+UMkV8X06E1XvRobuQjXKOV613VJIa1F/nGabXthkM3tC7DadJ5y1tBwhF+bJzMA4w38zNfJdjEp3DRND6ypUn0SJZrSw6l3u3w+s5uemgTWUZk463Xr3HbDxtnG+4t5GuHA2Oq6O2OLniVZKbDTpgF1HxzCBQiAxi2jNJm3tMlTdN6D/nV3Rwp2T1250T3ldkM3TDK/Nlup3oOejy+qRGEmh+omuABOOJ8icCULZ5S2AbiqfojP5ZN3WEpyCqcQvsdop4IawUbTDyy9BCE2K5CCZ6ZgQaSnpJZGUy91crPJXnI4tlg5Mh88l8aSrBLsQIDAQAB",
|
||||||
|
"certificate" : "MIICoTCCAYkCBgFQs81zNDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlNaWdyYXRpb24wHhcNMTUxMDI5MTMzMTM3WhcNMjUxMDI5MTMzMzE3WjAUMRIwEAYDVQQDDAlNaWdyYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb379tg4SD5EWUOAqNfSe/5QyRXxfToTVe9Ghu5CNco5XrXdUkhrUX+cZpte2GQze0LsNp0nnLW0HCEX5snMwDjDfzM18l2MSncNE0PrKlSfRIlmtLDqXe7fD6zm56aBNZRmTjrdevcdsPG2cb7i3ka4cDY6ro7Y4ueJVkpsNOmAXUfHMIFCIDGLaM0mbe0yVN03oP+dXdHCnZPXbnRPeV2QzdMMr82W6neg56PL6pEYSaH6ia4AE44nyJwJQtnlLYBuKp+iM/lk3dYSnIKpxC+x2inghrBRtMPLL0EITYrkIJnpmBBpKeklkZTL3Vys8lecji2WDkyHzyXxpKsEuxAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALaDK+wutEjdgY3Ux06Amp0k5qK16dz4jn+QKjdKPB1yThfzY1pisuyCUXPBlkn1OjB5ZvYl6ouwdNXgB8aeblbHZoyXh9ODeywi1xZd7pGxNXSfx0UzRk/YEEy0DAi9pxTyRYxiZ6/XJalS9PembTQvj+mVKqg1SDv7dyv4byvndEYSaUISrtGGrM3bb68PW4zInD793PJYWDSVxmEPOYtdgBJv4HAhPIJhjw15EOGlPv5QxW9P76OgISCutHaEe3UDP+TzIBBxYQFb1ZXA6ob3TFga78mFAkY4g98gEC11QSvZqhaRtLAz6PEisHRV+xDJVROgQ4Qew4qKgwE0gGE=",
|
||||||
|
"codeSecret" : "32f8634c-2be2-4d4d-8118-f4f7fee80b9f",
|
||||||
|
"roles" : {
|
||||||
|
"client" : {
|
||||||
|
"realm-management" : [ {
|
||||||
|
"id" : "dad7b3a4-b533-47c8-aba5-32e6429865a2",
|
||||||
|
"name" : "manage-identity-providers",
|
||||||
|
"description" : "${role_manage-identity-providers}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "a1dd3971-3906-4f4a-b4cd-3a198d2d7150",
|
||||||
|
"name" : "view-users",
|
||||||
|
"description" : "${role_view-users}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "6c2d766f-cfa5-4cae-b1ca-81f1f9f242c8",
|
||||||
|
"name" : "view-clients",
|
||||||
|
"description" : "${role_view-clients}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "60bb5b3e-8067-43fe-803e-a7e367967c7c",
|
||||||
|
"name" : "manage-realm",
|
||||||
|
"description" : "${role_manage-realm}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "c55cb35a-2602-47a6-a628-fc5a55341426",
|
||||||
|
"name" : "manage-users",
|
||||||
|
"description" : "${role_manage-users}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "4dc834d0-766b-45aa-ab3b-b7b976baa65d",
|
||||||
|
"name" : "realm-admin",
|
||||||
|
"description" : "${role_realm-admin}",
|
||||||
|
"composite" : true,
|
||||||
|
"composites" : {
|
||||||
|
"client" : {
|
||||||
|
"realm-management" : [ "view-users", "manage-identity-providers", "view-clients", "manage-realm", "manage-users", "impersonation", "view-realm", "view-events", "manage-clients", "manage-events", "view-identity-providers" ]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "d444a98f-ab5e-4857-9300-496e04e498f5",
|
||||||
|
"name" : "impersonation",
|
||||||
|
"description" : "${role_impersonation}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "2f6f1407-f334-434f-becf-771e3ebb5625",
|
||||||
|
"name" : "view-realm",
|
||||||
|
"description" : "${role_view-realm}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "a40d3211-5244-4d92-80c0-0d3215580250",
|
||||||
|
"name" : "manage-events",
|
||||||
|
"description" : "${role_manage-events}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "d11c407e-504f-4923-b243-e794afa0247e",
|
||||||
|
"name" : "view-events",
|
||||||
|
"description" : "${role_view-events}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "3ef6ace4-4e87-4c30-a8b3-1f0df25868c6",
|
||||||
|
"name" : "manage-clients",
|
||||||
|
"description" : "${role_manage-clients}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "fa2a4972-b8d0-452e-8e13-d2cf7eaac7aa",
|
||||||
|
"name" : "view-identity-providers",
|
||||||
|
"description" : "${role_view-identity-providers}",
|
||||||
|
"composite" : false
|
||||||
|
} ],
|
||||||
|
"security-admin-console" : [ ],
|
||||||
|
"broker" : [ {
|
||||||
|
"id" : "1bc5aeb4-1df1-4402-8195-e2a72f6dca30",
|
||||||
|
"name" : "read-token",
|
||||||
|
"description" : "${role_read-token}",
|
||||||
|
"composite" : false
|
||||||
|
} ],
|
||||||
|
"account" : [ {
|
||||||
|
"id" : "71b5b5ff-b372-41a1-a427-7883fa64a8c7",
|
||||||
|
"name" : "manage-account",
|
||||||
|
"description" : "${role_manage-account}",
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "04daa556-8aeb-43ba-99c6-b393ec2a32d4",
|
||||||
|
"name" : "view-profile",
|
||||||
|
"description" : "${role_view-profile}",
|
||||||
|
"composite" : false
|
||||||
|
} ]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"requiredCredentials" : [ "password" ],
|
||||||
|
"otpPolicyType" : "totp",
|
||||||
|
"otpPolicyAlgorithm" : "HmacSHA1",
|
||||||
|
"otpPolicyInitialCounter" : 0,
|
||||||
|
"otpPolicyDigits" : 6,
|
||||||
|
"otpPolicyLookAheadWindow" : 1,
|
||||||
|
"otpPolicyPeriod" : 30,
|
||||||
|
"clientScopeMappings" : {
|
||||||
|
"realm-management" : [ {
|
||||||
|
"client" : "security-admin-console",
|
||||||
|
"roles" : [ "realm-admin" ]
|
||||||
|
} ]
|
||||||
|
},
|
||||||
|
"clients" : [ {
|
||||||
|
"id" : "ba27336f-3f89-471d-98d2-b8856bd6dbf1",
|
||||||
|
"clientId" : "realm-management",
|
||||||
|
"name" : "${client_realm-management}",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "26aee4e9-8eec-421b-90a9-238538f5897a",
|
||||||
|
"redirectUris" : [ ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : true,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : false,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "5d56eba1-724e-4904-a8f8-86ca264a82cf",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "18a30786-89f9-4744-8f36-4de811a591ae",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "4d1c4456-0c0d-49b9-bfba-c2c83645aeb2",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "1a19db43-2346-4a24-b6f0-1b8d7fc1353e",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "a18612f0-9eb3-4d81-af0c-b0749b83fbd3",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "70c26044-c7fc-4090-98e1-670fef006e25",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"id" : "3fdddd5e-0022-4f6d-8fdf-212266db7fd4",
|
||||||
|
"clientId" : "security-admin-console",
|
||||||
|
"name" : "${client_security-admin-console}",
|
||||||
|
"baseUrl" : "/auth/admin/Migration/console/index.html",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "38ce8135-738d-4103-85ac-c3470ac8824d",
|
||||||
|
"redirectUris" : [ "/auth/admin/Migration/console/*" ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : false,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : true,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "be58fe30-b767-4566-9192-a4fa81fafa2c",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "c97523fd-fd4f-48d7-8937-bd434fa374fd",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "2323a85d-2686-46d4-bea8-e36524920f2e",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "56f8a80e-9e99-4add-b918-b864ca3f6f5c",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "f9f51e8d-d5af-456c-be5a-3019fb8c0910",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "3d8fbb0c-9058-4dde-b675-ca77a153ceb8",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"id" : "068fcf1a-7048-43df-b3dd-e6c484e8b051",
|
||||||
|
"clientId" : "broker",
|
||||||
|
"name" : "${client_broker}",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "041b50a6-54b5-4cff-84ef-1b7c388d3395",
|
||||||
|
"redirectUris" : [ ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : false,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : false,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "57c6f779-c96b-4f03-b268-354af2a8731e",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "f17a7b9f-9363-44bd-8320-df36f22ca712",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "ec1bf022-9e98-4f29-9bf0-f0a49bd844ad",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "0d54c616-326b-4fe7-bbfa-af9a28304dc5",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "89ce95b9-a268-4306-a1ad-86066d0cdd03",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "8236274d-af69-4fc4-8804-a02d4af66157",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"id" : "717b9e58-87ed-402d-a8f8-a37fd5e7c951",
|
||||||
|
"clientId" : "account",
|
||||||
|
"name" : "${client_account}",
|
||||||
|
"baseUrl" : "/auth/realms/Migration/account",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "9ea62eb5-5478-454a-a479-4012f8967f9c",
|
||||||
|
"defaultRoles" : [ "view-profile", "manage-account" ],
|
||||||
|
"redirectUris" : [ "/auth/realms/Migration/account/*" ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : false,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : false,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "bfb4a165-2a55-4e4b-9b13-05e68822f5d6",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "c505e313-d478-4b1d-94df-c2c9b6036a95",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "12fc43f0-19b7-4b4a-b50a-40b6fc344ede",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "250f3bf3-2655-4482-a814-3adcc7cef5a4",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "6cf70d19-6a9e-4abf-8917-38b87bac15d6",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "6cdeae21-ca97-4723-b880-d5aa35fa77b0",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
} ],
|
||||||
|
"browserSecurityHeaders" : {
|
||||||
|
"contentSecurityPolicy" : "frame-src 'self'",
|
||||||
|
"xFrameOptions" : "SAMEORIGIN"
|
||||||
|
},
|
||||||
|
"smtpServer" : { },
|
||||||
|
"eventsEnabled" : false,
|
||||||
|
"eventsListeners" : [ "jboss-logging" ],
|
||||||
|
"enabledEventTypes" : [ ],
|
||||||
|
"adminEventsEnabled" : false,
|
||||||
|
"adminEventsDetailsEnabled" : false,
|
||||||
|
"identityFederationEnabled" : false,
|
||||||
|
"internationalizationEnabled" : false,
|
||||||
|
"supportedLocales" : [ ],
|
||||||
|
"authenticationFlows" : [ {
|
||||||
|
"alias" : "registration form",
|
||||||
|
"description" : "registration form",
|
||||||
|
"providerId" : "form-flow",
|
||||||
|
"topLevel" : false,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "registration-user-creation",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"authenticator" : "registration-profile-action",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 40
|
||||||
|
}, {
|
||||||
|
"authenticator" : "registration-password-action",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 50
|
||||||
|
}, {
|
||||||
|
"authenticator" : "registration-recaptcha-action",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "DISABLED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 60
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "direct grant",
|
||||||
|
"description" : "OpenID Connect Resource Owner Grant",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "direct-grant-validate-username",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "direct-grant-validate-password",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"authenticator" : "direct-grant-validate-otp",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "OPTIONAL",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 30
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "reset credentials",
|
||||||
|
"description" : "Reset credentials for a user if they forgot their password or something",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "reset-credentials-choose-user",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "reset-credential-email",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"authenticator" : "reset-password",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 30
|
||||||
|
}, {
|
||||||
|
"authenticator" : "reset-otp",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "OPTIONAL",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 40
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "forms",
|
||||||
|
"description" : "Username, password, otp and other auth forms.",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : false,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "auth-username-password-form",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "auth-otp-form",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "OPTIONAL",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "clients",
|
||||||
|
"description" : "Base authentication for clients",
|
||||||
|
"providerId" : "client-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "client-secret",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "client-jwt",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "browser",
|
||||||
|
"description" : "browser based authentication",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "auth-cookie",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "auth-spnego",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "DISABLED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"flowAlias" : "forms",
|
||||||
|
"autheticatorFlow" : true,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 30
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "registration",
|
||||||
|
"description" : "registration flow",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "registration-page-form",
|
||||||
|
"flowAlias" : "registration form",
|
||||||
|
"autheticatorFlow" : true,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
} ]
|
||||||
|
} ],
|
||||||
|
"authenticatorConfig" : [ ],
|
||||||
|
"requiredActions" : [ {
|
||||||
|
"alias" : "CONFIGURE_TOTP",
|
||||||
|
"name" : "Configure Totp",
|
||||||
|
"providerId" : "CONFIGURE_TOTP",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "VERIFY_EMAIL",
|
||||||
|
"name" : "Verify Email",
|
||||||
|
"providerId" : "VERIFY_EMAIL",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "terms_and_conditions",
|
||||||
|
"name" : "Terms and Conditions",
|
||||||
|
"providerId" : "terms_and_conditions",
|
||||||
|
"enabled" : false,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "UPDATE_PASSWORD",
|
||||||
|
"name" : "Update Password",
|
||||||
|
"providerId" : "UPDATE_PASSWORD",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "UPDATE_PROFILE",
|
||||||
|
"name" : "Update Profile",
|
||||||
|
"providerId" : "UPDATE_PROFILE",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
} ],
|
||||||
|
"browserFlow" : "browser",
|
||||||
|
"registrationFlow" : "registration",
|
||||||
|
"directGrantFlow" : "direct grant",
|
||||||
|
"resetCredentialsFlow" : "reset credentials",
|
||||||
|
"clientAuthenticationFlow" : "clients"
|
||||||
|
}
|
|
@ -0,0 +1,796 @@
|
||||||
|
{
|
||||||
|
"id" : "Migration",
|
||||||
|
"realm" : "Migration",
|
||||||
|
"notBefore" : 0,
|
||||||
|
"revokeRefreshToken" : false,
|
||||||
|
"accessTokenLifespan" : 300,
|
||||||
|
"ssoSessionIdleTimeout" : 1800,
|
||||||
|
"ssoSessionMaxLifespan" : 36000,
|
||||||
|
"offlineSessionIdleTimeout" : 2592000,
|
||||||
|
"accessCodeLifespan" : 60,
|
||||||
|
"accessCodeLifespanUserAction" : 300,
|
||||||
|
"accessCodeLifespanLogin" : 1800,
|
||||||
|
"enabled" : true,
|
||||||
|
"sslRequired" : "external",
|
||||||
|
"registrationAllowed" : false,
|
||||||
|
"registrationEmailAsUsername" : false,
|
||||||
|
"rememberMe" : false,
|
||||||
|
"verifyEmail" : false,
|
||||||
|
"resetPasswordAllowed" : false,
|
||||||
|
"editUsernameAllowed" : false,
|
||||||
|
"bruteForceProtected" : false,
|
||||||
|
"maxFailureWaitSeconds" : 900,
|
||||||
|
"minimumQuickLoginWaitSeconds" : 60,
|
||||||
|
"waitIncrementSeconds" : 60,
|
||||||
|
"quickLoginCheckMilliSeconds" : 1000,
|
||||||
|
"maxDeltaTimeSeconds" : 43200,
|
||||||
|
"failureFactor" : 30,
|
||||||
|
"privateKey" : "MIIEowIBAAKCAQEAg/XlZqOYbYHyzHjWKwCD35JKloSyBBaIQgQbUjmWSBLw6xyNLSSvI45lmhoxcJTjxeZ+LKudfcoDVcLah1kYmTiS5YtNROeqmdWTkekdsAW8PYQJ0ScpatJ3jQ6xpe2E/AQWel5h6HI07O/r1mc3JDCXSe5zKdV9C0aGZpQSU2jWkVmP1cc2EZg5bVD1v057CUpKAX3qkloXpRedq6tMgwRSurhgnWDt93xWcv/+zz1Rw400batHmAm8Xa792jfZhSjvxtv9Q83Eb9jqi+c3BnxC3hucUDc6ivm8UgKYha054IOVbG8wDtmhZF8LlvLpjPk9iHuygS0zRnRuCo1+pQIDAQABAoIBACx5B8oSooFthS2CH/O4JbmIbRjTOceE7IELL0YD4HED6SvjoHSxY1EhYX6RC05871K3/pgBcn99QKh7lfh9f3vMBD3WN8FcLjPQNf67yOSU2j8FK+XQQ/YbXm0soZRhOytQGV8+RdL4AnxD04CboorQ0Xv6H9feelj9eLhDePWg5qEGHZJA6zGYiOUBALAL+SXoL59LWWLEM48TQWM0yGCA3mQM0iWCclbLNM1ls5gwMxSDdJeKC/3qlB6egGqPtXCEJdQXYqt3do8UUnxdQEkRGlJx14cSoH7fmZyZjLsEBcQT5uoAHI7/NMVN1DoFgwMTsq/MAATh3ngHqSl6J2ECgYEA3Ati3EaI0Vb8KzdjwZVgk9/KKnGLcswOl+cfU+lL9Vv5W4lVht3zvNAO8mUjtTSpjCF7LlY2lD9JEsv4cA9T3v2L7ZjkBiD6S/YYnEZYGAOjJb+LniRLqSVgN3beUgSiG/zzwuJm92J3dIcqMIPi4gdLMJ7KAv9qgbOddAy4b3kCgYEAmYXlqAu+Vgyjj3wzfgeXKzYkUfbEXUzsdugpW2gCvKi2/lJwmzORfsvSL88CxKZvzbEb1AJOrW+aPUbO0vPWo07ztphPKed+Gydp2G837f24eGZpBpxG6ATIa5MjtCHgX5guTMA3sJCFyLdMacRmlkmZEwbk7e9QxCp9HOmFoY0CgYB5u1LVya+nIBghUGM/lQP4yrVtBaO/vmPUZWhPY6FB+7/XhAJsuh09N10NfCZk+N1TSLJ8z/UhzmD+pRir5c7gbiQbLZn4SgYuP9cdnUze/CQlnfH/atTwnly8UmZruWR1V1sDVXzhHvg23w/YBx5dLOvL2gyn2+VwG43fxanDAQKBgFpFqWzOuvTOKb7NQVnyDKmUBHdNqtlRyhmBGhBtcG6OpkuVHjGkeQEdyFHkX7RSSZuhcMORN8IzxXYSlLrmNmeAnT3ZAXOac0R0QIDLpQ+ECVyCm28PpYH4jgDzXCMnaE/NpCvtOtHPqVsErSHkIo5saF4Px71A4zT15uuBRNphAoGBAMXV0eqeZOr/iHGIie3Ol0atZuB9b/BgLJBTFsCbFoVLdMAah4i2MXDm3vOUWlPf2VFL1LcKXYQ1GZ79We5LqG5w1CLA5WNt93U3yyl3/V5w02My5dVhz9BD4kWhZcvih+uVuHBxeI8Q8AvU63qqT4punQW4SSAHC+9e3U62aNc+",
|
||||||
|
"publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/XlZqOYbYHyzHjWKwCD35JKloSyBBaIQgQbUjmWSBLw6xyNLSSvI45lmhoxcJTjxeZ+LKudfcoDVcLah1kYmTiS5YtNROeqmdWTkekdsAW8PYQJ0ScpatJ3jQ6xpe2E/AQWel5h6HI07O/r1mc3JDCXSe5zKdV9C0aGZpQSU2jWkVmP1cc2EZg5bVD1v057CUpKAX3qkloXpRedq6tMgwRSurhgnWDt93xWcv/+zz1Rw400batHmAm8Xa792jfZhSjvxtv9Q83Eb9jqi+c3BnxC3hucUDc6ivm8UgKYha054IOVbG8wDtmhZF8LlvLpjPk9iHuygS0zRnRuCo1+pQIDAQAB",
|
||||||
|
"certificate" : "MIICoTCCAYkCBgFQs9TiPDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlNaWdyYXRpb24wHhcNMTUxMDI5MTMzOTQ0WhcNMjUxMDI5MTM0MTI0WjAUMRIwEAYDVQQDDAlNaWdyYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD9eVmo5htgfLMeNYrAIPfkkqWhLIEFohCBBtSOZZIEvDrHI0tJK8jjmWaGjFwlOPF5n4sq519ygNVwtqHWRiZOJLli01E56qZ1ZOR6R2wBbw9hAnRJylq0neNDrGl7YT8BBZ6XmHocjTs7+vWZzckMJdJ7nMp1X0LRoZmlBJTaNaRWY/VxzYRmDltUPW/TnsJSkoBfeqSWhelF52rq0yDBFK6uGCdYO33fFZy//7PPVHDjTRtq0eYCbxdrv3aN9mFKO/G2/1DzcRv2OqL5zcGfELeG5xQNzqK+bxSApiFrTngg5VsbzAO2aFkXwuW8umM+T2Ie7KBLTNGdG4KjX6lAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIOonQw/DIwSDU2oFyoaZ7VfFcT6Uh3QXfLB4ZYDek4m6Y8onrtqzuGo2Z2tcokV9PPkBAQtefSxIqx4COC9OeDBy1DeY04AkpprywLuOzCL/OBCV9QwiMkuBYYC5JJCIyTuo3qYxkuDA/iwDdH7vNDGohE6TDYmrC3Yp3lsLaHZ1lG52Df3qL8wo3/PdwzCOmyRGfm3vscTY+PqVCYcfxg9nPkoU3FwUJDAshjMxRw7/aafG8OmQ2EeYH4HV/FsULFrwoVF0Up8TkqAhmdJJ+vaGqaHHXQyiIPTMCdrkE58jAvtpbX0XCEDiNXT9qORhmjKP8Xq13XOQTfI5DRo8Qc=",
|
||||||
|
"codeSecret" : "56227bc5-edb9-419c-a019-d61a7c6ffb74",
|
||||||
|
"roles" : {
|
||||||
|
"realm" : [ {
|
||||||
|
"id" : "c4aae789-de76-4130-a06b-a28113ada698",
|
||||||
|
"name" : "offline_access",
|
||||||
|
"description" : "${role_offline-access}",
|
||||||
|
"scopeParamRequired" : true,
|
||||||
|
"composite" : false
|
||||||
|
} ],
|
||||||
|
"client" : {
|
||||||
|
"realm-management" : [ {
|
||||||
|
"id" : "22345bd8-afee-44c3-9958-a134e729aaa7",
|
||||||
|
"name" : "view-identity-providers",
|
||||||
|
"description" : "${role_view-identity-providers}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "6c6bb910-a769-4e92-b009-db4b9ab32c67",
|
||||||
|
"name" : "manage-events",
|
||||||
|
"description" : "${role_manage-events}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "5327bf34-5a16-4f36-bb15-100a25aac33e",
|
||||||
|
"name" : "view-realm",
|
||||||
|
"description" : "${role_view-realm}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "3c52d428-e3e5-40b3-92d4-ab6195b7dce5",
|
||||||
|
"name" : "create-client",
|
||||||
|
"description" : "${role_create-client}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "9999e081-5321-4c19-a8ac-27cea3bbde3a",
|
||||||
|
"name" : "impersonation",
|
||||||
|
"description" : "${role_impersonation}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "7c857cf1-b66e-4935-8749-580062d4719a",
|
||||||
|
"name" : "manage-identity-providers",
|
||||||
|
"description" : "${role_manage-identity-providers}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "549d2e65-d347-4221-bde0-65fff6580fc2",
|
||||||
|
"name" : "view-events",
|
||||||
|
"description" : "${role_view-events}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "aa1676b8-a92a-4c99-b266-54858129942d",
|
||||||
|
"name" : "view-users",
|
||||||
|
"description" : "${role_view-users}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "6c9a78fa-0e37-48bf-a9b5-2062312b0f33",
|
||||||
|
"name" : "manage-clients",
|
||||||
|
"description" : "${role_manage-clients}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "d38072d6-66fe-4102-8d4d-b5e8e2721e43",
|
||||||
|
"name" : "manage-realm",
|
||||||
|
"description" : "${role_manage-realm}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "a85da016-830e-42dd-8318-3cc8c28d3382",
|
||||||
|
"name" : "manage-users",
|
||||||
|
"description" : "${role_manage-users}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "0ab22444-1235-4391-ac10-571b33065177",
|
||||||
|
"name" : "realm-admin",
|
||||||
|
"description" : "${role_realm-admin}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : true,
|
||||||
|
"composites" : {
|
||||||
|
"client" : {
|
||||||
|
"realm-management" : [ "view-identity-providers", "manage-clients", "manage-events", "view-realm", "manage-realm", "manage-users", "create-client", "impersonation", "view-events", "manage-identity-providers", "view-clients", "view-users" ]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "442fcc9e-46af-495a-9cdf-64d32dabc808",
|
||||||
|
"name" : "view-clients",
|
||||||
|
"description" : "${role_view-clients}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
} ],
|
||||||
|
"security-admin-console" : [ ],
|
||||||
|
"broker" : [ {
|
||||||
|
"id" : "8d46836e-eb6c-4cf5-97fe-8b1b24a69e10",
|
||||||
|
"name" : "read-token",
|
||||||
|
"description" : "${role_read-token}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
} ],
|
||||||
|
"account" : [ {
|
||||||
|
"id" : "40799d46-6574-4d45-a157-33cc15e3e2f1",
|
||||||
|
"name" : "manage-account",
|
||||||
|
"description" : "${role_manage-account}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
}, {
|
||||||
|
"id" : "d6056197-e9a3-4922-8b1b-ce6e99a71a43",
|
||||||
|
"name" : "view-profile",
|
||||||
|
"description" : "${role_view-profile}",
|
||||||
|
"scopeParamRequired" : false,
|
||||||
|
"composite" : false
|
||||||
|
} ]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"defaultRoles" : [ "offline_access" ],
|
||||||
|
"requiredCredentials" : [ "password" ],
|
||||||
|
"otpPolicyType" : "totp",
|
||||||
|
"otpPolicyAlgorithm" : "HmacSHA1",
|
||||||
|
"otpPolicyInitialCounter" : 0,
|
||||||
|
"otpPolicyDigits" : 6,
|
||||||
|
"otpPolicyLookAheadWindow" : 1,
|
||||||
|
"otpPolicyPeriod" : 30,
|
||||||
|
"clientScopeMappings" : {
|
||||||
|
"realm-management" : [ {
|
||||||
|
"client" : "security-admin-console",
|
||||||
|
"roles" : [ "realm-admin" ]
|
||||||
|
} ]
|
||||||
|
},
|
||||||
|
"clients" : [ {
|
||||||
|
"id" : "cdf6e789-79b9-41ad-b4a3-f02abd2aeab6",
|
||||||
|
"clientId" : "realm-management",
|
||||||
|
"name" : "${client_realm-management}",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "c51e802e-e33b-431e-8e74-c2ebd4ba6abf",
|
||||||
|
"redirectUris" : [ ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : true,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : false,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "cfaff5c8-a0e3-42af-8dcd-f7ae6000a240",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "5a68a544-0373-4cf3-9978-aed944df478f",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "41c006db-88d6-42a6-addd-8efb535f1a7d",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "d6fd0e72-aa1e-417d-b28b-ec31946dc6fd",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "d8692a7a-366d-407d-abc1-a6f45742c47c",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "54f4844b-aaa5-4260-b2aa-5dc446c8b978",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"id" : "7776fa56-ab87-4638-b42b-cc9537ab2fc2",
|
||||||
|
"clientId" : "security-admin-console",
|
||||||
|
"name" : "${client_security-admin-console}",
|
||||||
|
"baseUrl" : "/auth/admin/Migration/console/index.html",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "5e0673fa-921d-4415-9d92-3a4197d87e46",
|
||||||
|
"redirectUris" : [ "/auth/admin/Migration/console/*" ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : false,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : true,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "9ed45252-c571-44fe-ac5f-b30cea378ff1",
|
||||||
|
"name" : "locale",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"consentText" : "${locale}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "locale",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "locale",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "d1b5694e-e9e2-4d56-9019-bc658cdcded8",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "497fee7a-23b4-4345-a872-63444a8b1a27",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "57881d46-deca-421e-a4c5-e023e747f68e",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "9cfe7043-ba2b-49e2-8a1b-f1b23fcb5eb5",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "c37a3c4a-8999-4111-ae2a-98954a5a8674",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "a7917c74-f18a-43a0-a787-7afc7b45a247",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"id" : "e7faae41-f5e8-4571-b280-5bbe0d5bcb12",
|
||||||
|
"clientId" : "broker",
|
||||||
|
"name" : "${client_broker}",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "b2a1f1ff-5157-4240-9354-69a6deb13ccb",
|
||||||
|
"redirectUris" : [ ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : false,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : false,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "b843f1fd-da0a-4d49-b367-3fb39f11383b",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "3b18c534-1e0a-474c-adf8-e9fbc33c05e8",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "b7e9db64-52f6-4aba-9437-deefab06abee",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "2da52efa-e9d9-4b68-a296-0310059b7df2",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "2d2df25d-26d1-4e7c-a85a-c485ab2cc0fe",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "d096910d-13ac-43a7-bad8-4d1bbfd34171",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"id" : "a2864762-7cc1-4784-a540-439e611f29ba",
|
||||||
|
"clientId" : "account",
|
||||||
|
"name" : "${client_account}",
|
||||||
|
"baseUrl" : "/auth/realms/Migration/account",
|
||||||
|
"surrogateAuthRequired" : false,
|
||||||
|
"enabled" : true,
|
||||||
|
"clientAuthenticatorType" : "client-secret",
|
||||||
|
"secret" : "68cbd7a8-3b48-4751-a396-df7ab39a2fdf",
|
||||||
|
"defaultRoles" : [ "view-profile", "manage-account" ],
|
||||||
|
"redirectUris" : [ "/auth/realms/Migration/account/*" ],
|
||||||
|
"webOrigins" : [ ],
|
||||||
|
"notBefore" : 0,
|
||||||
|
"bearerOnly" : false,
|
||||||
|
"consentRequired" : false,
|
||||||
|
"serviceAccountsEnabled" : false,
|
||||||
|
"directGrantsOnly" : false,
|
||||||
|
"publicClient" : false,
|
||||||
|
"frontchannelLogout" : false,
|
||||||
|
"attributes" : { },
|
||||||
|
"fullScopeAllowed" : false,
|
||||||
|
"nodeReRegistrationTimeout" : 0,
|
||||||
|
"protocolMappers" : [ {
|
||||||
|
"id" : "ed2c87d0-299a-40ac-a11c-df7af41bb365",
|
||||||
|
"name" : "email",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${email}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "email",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "email",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "80bc8d1f-3cb8-4362-890c-68d1a5c7263d",
|
||||||
|
"name" : "given name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${givenName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "firstName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "given_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "af93478f-176d-4be4-be5d-78a65dd88717",
|
||||||
|
"name" : "username",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${username}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "username",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "preferred_username",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "b6c1704d-39fc-4b63-8f70-74561849654f",
|
||||||
|
"name" : "family name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${familyName}",
|
||||||
|
"config" : {
|
||||||
|
"user.attribute" : "lastName",
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "family_name",
|
||||||
|
"jsonType.label" : "String"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "928dbc26-41a1-4342-ba92-c230a85e830c",
|
||||||
|
"name" : "role list",
|
||||||
|
"protocol" : "saml",
|
||||||
|
"protocolMapper" : "saml-role-list-mapper",
|
||||||
|
"consentRequired" : false,
|
||||||
|
"config" : {
|
||||||
|
"single" : "false",
|
||||||
|
"attribute.nameformat" : "Basic",
|
||||||
|
"attribute.name" : "Role"
|
||||||
|
}
|
||||||
|
}, {
|
||||||
|
"id" : "03a967ab-ed2b-402f-ae2f-10729084376c",
|
||||||
|
"name" : "full name",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-full-name-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "${fullName}",
|
||||||
|
"config" : {
|
||||||
|
"id.token.claim" : "true",
|
||||||
|
"access.token.claim" : "true"
|
||||||
|
}
|
||||||
|
} ]
|
||||||
|
} ],
|
||||||
|
"browserSecurityHeaders" : {
|
||||||
|
"contentSecurityPolicy" : "frame-src 'self'",
|
||||||
|
"xFrameOptions" : "SAMEORIGIN"
|
||||||
|
},
|
||||||
|
"smtpServer" : { },
|
||||||
|
"eventsEnabled" : false,
|
||||||
|
"eventsListeners" : [ "jboss-logging" ],
|
||||||
|
"enabledEventTypes" : [ ],
|
||||||
|
"adminEventsEnabled" : false,
|
||||||
|
"adminEventsDetailsEnabled" : false,
|
||||||
|
"identityFederationEnabled" : false,
|
||||||
|
"internationalizationEnabled" : false,
|
||||||
|
"supportedLocales" : [ ],
|
||||||
|
"authenticationFlows" : [ {
|
||||||
|
"alias" : "reset credentials",
|
||||||
|
"description" : "Reset credentials for a user if they forgot their password or something",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "reset-credentials-choose-user",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "reset-credential-email",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"authenticator" : "reset-password",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 30
|
||||||
|
}, {
|
||||||
|
"authenticator" : "reset-otp",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "OPTIONAL",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 40
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "clients",
|
||||||
|
"description" : "Base authentication for clients",
|
||||||
|
"providerId" : "client-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "client-secret",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "client-jwt",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "registration form",
|
||||||
|
"description" : "registration form",
|
||||||
|
"providerId" : "form-flow",
|
||||||
|
"topLevel" : false,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "registration-user-creation",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"authenticator" : "registration-profile-action",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 40
|
||||||
|
}, {
|
||||||
|
"authenticator" : "registration-password-action",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 50
|
||||||
|
}, {
|
||||||
|
"authenticator" : "registration-recaptcha-action",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "DISABLED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 60
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "direct grant",
|
||||||
|
"description" : "OpenID Connect Resource Owner Grant",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "direct-grant-validate-username",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "direct-grant-validate-password",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"authenticator" : "direct-grant-validate-otp",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "OPTIONAL",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 30
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "registration",
|
||||||
|
"description" : "registration flow",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "registration-page-form",
|
||||||
|
"flowAlias" : "registration form",
|
||||||
|
"autheticatorFlow" : true,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "browser",
|
||||||
|
"description" : "browser based authentication",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : true,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "auth-cookie",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "auth-spnego",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "DISABLED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
}, {
|
||||||
|
"flowAlias" : "forms",
|
||||||
|
"autheticatorFlow" : true,
|
||||||
|
"requirement" : "ALTERNATIVE",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 30
|
||||||
|
} ]
|
||||||
|
}, {
|
||||||
|
"alias" : "forms",
|
||||||
|
"description" : "Username, password, otp and other auth forms.",
|
||||||
|
"providerId" : "basic-flow",
|
||||||
|
"topLevel" : false,
|
||||||
|
"builtIn" : true,
|
||||||
|
"authenticationExecutions" : [ {
|
||||||
|
"authenticator" : "auth-username-password-form",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "REQUIRED",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 10
|
||||||
|
}, {
|
||||||
|
"authenticator" : "auth-otp-form",
|
||||||
|
"autheticatorFlow" : false,
|
||||||
|
"requirement" : "OPTIONAL",
|
||||||
|
"userSetupAllowed" : false,
|
||||||
|
"priority" : 20
|
||||||
|
} ]
|
||||||
|
} ],
|
||||||
|
"authenticatorConfig" : [ ],
|
||||||
|
"requiredActions" : [ {
|
||||||
|
"alias" : "terms_and_conditions",
|
||||||
|
"name" : "Terms and Conditions",
|
||||||
|
"providerId" : "terms_and_conditions",
|
||||||
|
"enabled" : false,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "CONFIGURE_TOTP",
|
||||||
|
"name" : "Configure Totp",
|
||||||
|
"providerId" : "CONFIGURE_TOTP",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "UPDATE_PASSWORD",
|
||||||
|
"name" : "Update Password",
|
||||||
|
"providerId" : "UPDATE_PASSWORD",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "UPDATE_PROFILE",
|
||||||
|
"name" : "Update Profile",
|
||||||
|
"providerId" : "UPDATE_PROFILE",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
}, {
|
||||||
|
"alias" : "VERIFY_EMAIL",
|
||||||
|
"name" : "Verify Email",
|
||||||
|
"providerId" : "VERIFY_EMAIL",
|
||||||
|
"enabled" : true,
|
||||||
|
"defaultAction" : false,
|
||||||
|
"config" : { }
|
||||||
|
} ],
|
||||||
|
"browserFlow" : "browser",
|
||||||
|
"registrationFlow" : "registration",
|
||||||
|
"directGrantFlow" : "direct grant",
|
||||||
|
"resetCredentialsFlow" : "reset credentials",
|
||||||
|
"clientAuthenticationFlow" : "clients"
|
||||||
|
}
|
|
@ -36,6 +36,7 @@
|
||||||
<arquillian-graphene.version>2.1.0.Alpha2</arquillian-graphene.version>
|
<arquillian-graphene.version>2.1.0.Alpha2</arquillian-graphene.version>
|
||||||
<arquillian-wildfly-container.version>8.2.0.Final</arquillian-wildfly-container.version>
|
<arquillian-wildfly-container.version>8.2.0.Final</arquillian-wildfly-container.version>
|
||||||
<version.shrinkwrap.resolvers>2.1.1</version.shrinkwrap.resolvers>
|
<version.shrinkwrap.resolvers>2.1.1</version.shrinkwrap.resolvers>
|
||||||
|
<skip.unpack.previous>true</skip.unpack.previous>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<dependencyManagement>
|
<dependencyManagement>
|
||||||
|
@ -96,6 +97,32 @@
|
||||||
<failIfNoTests>false</failIfNoTests>
|
<failIfNoTests>false</failIfNoTests>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>unpack-previous</id>
|
||||||
|
<phase>generate-test-resources</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>unpack</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<skip>${skip.unpack.previous}</skip>
|
||||||
|
<artifactItems>
|
||||||
|
<artifactItem>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>${server.artifactId}</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<type>zip</type>
|
||||||
|
</artifactItem>
|
||||||
|
</artifactItems>
|
||||||
|
<outputDirectory>${containers.home}</outputDirectory>
|
||||||
|
<overWriteIfNewer>true</overWriteIfNewer>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
</pluginManagement>
|
</pluginManagement>
|
||||||
</build>
|
</build>
|
||||||
|
@ -333,7 +360,7 @@
|
||||||
<properties>
|
<properties>
|
||||||
<auth.server.container>auth-server-wildfly</auth.server.container>
|
<auth.server.container>auth-server-wildfly</auth.server.container>
|
||||||
<auth.server.wildfly.home>${containers.home}/keycloak-${project.version}</auth.server.wildfly.home>
|
<auth.server.wildfly.home>${containers.home}/keycloak-${project.version}</auth.server.wildfly.home>
|
||||||
<startup.timeout.sec>150</startup.timeout.sec>
|
<startup.timeout.sec>300</startup.timeout.sec>
|
||||||
<adapter.test.props/>
|
<adapter.test.props/>
|
||||||
</properties>
|
</properties>
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
@ -348,7 +375,6 @@
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
<version>2.10</version>
|
|
||||||
<executions>
|
<executions>
|
||||||
<execution>
|
<execution>
|
||||||
<id>unpack</id>
|
<id>unpack</id>
|
||||||
|
@ -393,7 +419,7 @@
|
||||||
<properties>
|
<properties>
|
||||||
<auth.server.container>auth-server-eap6</auth.server.container>
|
<auth.server.container>auth-server-eap6</auth.server.container>
|
||||||
<auth.server.eap6.home>${containers.home}/keycloak-${project.version}</auth.server.eap6.home>
|
<auth.server.eap6.home>${containers.home}/keycloak-${project.version}</auth.server.eap6.home>
|
||||||
<startup.timeout.sec>150</startup.timeout.sec>
|
<startup.timeout.sec>300</startup.timeout.sec>
|
||||||
<adapter.test.props/>
|
<adapter.test.props/>
|
||||||
</properties>
|
</properties>
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
@ -409,7 +435,6 @@
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
<artifactId>maven-dependency-plugin</artifactId>
|
||||||
<version>2.10</version>
|
|
||||||
<executions>
|
<executions>
|
||||||
<execution>
|
<execution>
|
||||||
<id>unpack</id>
|
<id>unpack</id>
|
||||||
|
@ -452,39 +477,43 @@
|
||||||
<!-- Profiles for migration tests-->
|
<!-- Profiles for migration tests-->
|
||||||
|
|
||||||
<profile>
|
<profile>
|
||||||
<id>migration-kc15</id>
|
<id>migration-kc16</id>
|
||||||
<properties>
|
<properties>
|
||||||
<keycloak-1.5.1.Final.home>${containers.home}/keycloak-1.5.1.Final</keycloak-1.5.1.Final.home>
|
<skip.unpack.previous>false</skip.unpack.previous>
|
||||||
|
<server.version>1.6.1.Final</server.version>
|
||||||
|
<server.artifactId>integration-arquillian-server-wildfly-kc16</server.artifactId>
|
||||||
</properties>
|
</properties>
|
||||||
<build>
|
<build>
|
||||||
<pluginManagement>
|
<pluginManagement>
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
<version>2.10</version>
|
<configuration>
|
||||||
<executions>
|
<systemPropertyVariables>
|
||||||
<execution>
|
<migration>true</migration>
|
||||||
<id>unpack-previous</id>
|
<migration.kc16>true</migration.kc16>
|
||||||
<phase>generate-test-resources</phase>
|
<keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
|
||||||
<goals>
|
<keycloak.migration.file>src/test/resources/migration-test/migration-realm-16.json</keycloak.migration.file>
|
||||||
<goal>unpack</goal>
|
<version>${server.version}</version>
|
||||||
</goals>
|
</systemPropertyVariables>
|
||||||
<configuration>
|
</configuration>
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc15</artifactId>
|
|
||||||
<version>${project.version}</version>
|
|
||||||
<type>zip</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${containers.home}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</pluginManagement>
|
||||||
|
</build>
|
||||||
|
</profile>
|
||||||
|
|
||||||
|
<profile>
|
||||||
|
<id>migration-kc15</id>
|
||||||
|
<properties>
|
||||||
|
<skip.unpack.previous>false</skip.unpack.previous>
|
||||||
|
<server.version>1.5.1.Final</server.version>
|
||||||
|
<server.artifactId>integration-arquillian-server-wildfly-kc15</server.artifactId>
|
||||||
|
</properties>
|
||||||
|
<build>
|
||||||
|
<pluginManagement>
|
||||||
|
<plugins>
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-surefire-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
|
@ -492,7 +521,9 @@
|
||||||
<systemPropertyVariables>
|
<systemPropertyVariables>
|
||||||
<migration>true</migration>
|
<migration>true</migration>
|
||||||
<migration.kc15>true</migration.kc15>
|
<migration.kc15>true</migration.kc15>
|
||||||
<keycloak-1.5.1.Final.home>${keycloak-1.5.1.Final.home}</keycloak-1.5.1.Final.home>
|
<keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
|
||||||
|
<keycloak.migration.file>src/test/resources/migration-test/migration-realm-15.json</keycloak.migration.file>
|
||||||
|
<version>${server.version}</version>
|
||||||
</systemPropertyVariables>
|
</systemPropertyVariables>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
@ -504,37 +535,13 @@
|
||||||
<profile>
|
<profile>
|
||||||
<id>migration-kc14</id>
|
<id>migration-kc14</id>
|
||||||
<properties>
|
<properties>
|
||||||
<keycloak-1.4.0.Final.home>${containers.home}/keycloak-1.4.0.Final</keycloak-1.4.0.Final.home>
|
<skip.unpack.previous>false</skip.unpack.previous>
|
||||||
|
<server.version>1.4.0.Final</server.version>
|
||||||
|
<server.artifactId>integration-arquillian-server-wildfly-kc14</server.artifactId>
|
||||||
</properties>
|
</properties>
|
||||||
<build>
|
<build>
|
||||||
<pluginManagement>
|
<pluginManagement>
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<version>2.10</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-previous</id>
|
|
||||||
<phase>generate-test-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc14</artifactId>
|
|
||||||
<version>${project.version}</version>
|
|
||||||
<type>zip</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${containers.home}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-surefire-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
|
@ -542,7 +549,7 @@
|
||||||
<systemPropertyVariables>
|
<systemPropertyVariables>
|
||||||
<migration>true</migration>
|
<migration>true</migration>
|
||||||
<migration.kc14>true</migration.kc14>
|
<migration.kc14>true</migration.kc14>
|
||||||
<keycloak-1.4.0.Final.home>${keycloak-1.4.0.Final.home}</keycloak-1.4.0.Final.home>
|
<keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
|
||||||
</systemPropertyVariables>
|
</systemPropertyVariables>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
@ -554,37 +561,13 @@
|
||||||
<profile>
|
<profile>
|
||||||
<id>migration-kc13</id>
|
<id>migration-kc13</id>
|
||||||
<properties>
|
<properties>
|
||||||
<keycloak-1.3.1.Final.home>${containers.home}/keycloak-1.3.1.Final</keycloak-1.3.1.Final.home>
|
<skip.unpack.previous>false</skip.unpack.previous>
|
||||||
|
<server.version>1.3.1.Final</server.version>
|
||||||
|
<server.artifactId>integration-arquillian-server-wildfly-kc13</server.artifactId>
|
||||||
</properties>
|
</properties>
|
||||||
<build>
|
<build>
|
||||||
<pluginManagement>
|
<pluginManagement>
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<version>2.10</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-previous</id>
|
|
||||||
<phase>generate-test-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc13</artifactId>
|
|
||||||
<version>${project.version}</version>
|
|
||||||
<type>zip</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${containers.home}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-surefire-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
|
@ -592,7 +575,7 @@
|
||||||
<systemPropertyVariables>
|
<systemPropertyVariables>
|
||||||
<migration>true</migration>
|
<migration>true</migration>
|
||||||
<migration.kc13>true</migration.kc13>
|
<migration.kc13>true</migration.kc13>
|
||||||
<keycloak-1.3.1.Final.home>${keycloak-1.3.1.Final.home}</keycloak-1.3.1.Final.home>
|
<keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
|
||||||
</systemPropertyVariables>
|
</systemPropertyVariables>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
@ -604,37 +587,13 @@
|
||||||
<profile>
|
<profile>
|
||||||
<id>migration-kc12</id>
|
<id>migration-kc12</id>
|
||||||
<properties>
|
<properties>
|
||||||
<keycloak-1.2.0.Final.home>${containers.home}/keycloak-1.2.0.Final</keycloak-1.2.0.Final.home>
|
<skip.unpack.previous>false</skip.unpack.previous>
|
||||||
|
<server.version>1.2.0.Final</server.version>
|
||||||
|
<server.artifactId>integration-arquillian-server-wildfly-kc12</server.artifactId>
|
||||||
</properties>
|
</properties>
|
||||||
<build>
|
<build>
|
||||||
<pluginManagement>
|
<pluginManagement>
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-dependency-plugin</artifactId>
|
|
||||||
<version>2.10</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>unpack-previous</id>
|
|
||||||
<phase>generate-test-resources</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>unpack</goal>
|
|
||||||
</goals>
|
|
||||||
<configuration>
|
|
||||||
<artifactItems>
|
|
||||||
<artifactItem>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-server-wildfly-kc12</artifactId>
|
|
||||||
<version>${project.version}</version>
|
|
||||||
<type>zip</type>
|
|
||||||
</artifactItem>
|
|
||||||
</artifactItems>
|
|
||||||
<outputDirectory>${containers.home}</outputDirectory>
|
|
||||||
<overWriteIfNewer>true</overWriteIfNewer>
|
|
||||||
</configuration>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-surefire-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
|
@ -642,7 +601,7 @@
|
||||||
<systemPropertyVariables>
|
<systemPropertyVariables>
|
||||||
<migration>true</migration>
|
<migration>true</migration>
|
||||||
<migration.kc12>true</migration.kc12>
|
<migration.kc12>true</migration.kc12>
|
||||||
<keycloak-1.2.0.Final.home>${keycloak-1.2.0.Final.home}</keycloak-1.2.0.Final.home>
|
<keycloak.migration.home>${containers.home}/keycloak-${server.version}</keycloak.migration.home>
|
||||||
</systemPropertyVariables>
|
</systemPropertyVariables>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
|
|
@ -26,7 +26,9 @@ import org.junit.Before;
|
||||||
import org.junit.ClassRule;
|
import org.junit.ClassRule;
|
||||||
import org.junit.Rule;
|
import org.junit.Rule;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
import org.keycloak.common.util.KeycloakUriBuilder;
|
||||||
import org.keycloak.events.Details;
|
import org.keycloak.events.Details;
|
||||||
|
import org.keycloak.events.Errors;
|
||||||
import org.keycloak.events.Event;
|
import org.keycloak.events.Event;
|
||||||
import org.keycloak.events.EventType;
|
import org.keycloak.events.EventType;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
@ -130,7 +132,7 @@ public class RequiredActionEmailVerificationTest {
|
||||||
|
|
||||||
String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
|
String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
|
||||||
|
|
||||||
Assert.assertEquals(mailCodeId, verificationUrl.split("key=")[1].split("\\.")[1]);
|
Assert.assertEquals(mailCodeId, verificationUrl.split("code=")[1].split("\\&")[0].split("\\.")[1]);
|
||||||
|
|
||||||
driver.navigate().to(verificationUrl.trim());
|
driver.navigate().to(verificationUrl.trim());
|
||||||
|
|
||||||
|
@ -223,7 +225,7 @@ public class RequiredActionEmailVerificationTest {
|
||||||
|
|
||||||
String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
|
String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
|
||||||
|
|
||||||
Assert.assertEquals(mailCodeId, verificationUrl.split("key=")[1].split("\\.")[1]);
|
Assert.assertEquals(mailCodeId, verificationUrl.split("code=")[1].split("\\&")[0].split("\\.")[1]);
|
||||||
|
|
||||||
driver.manage().deleteAllCookies();
|
driver.manage().deleteAllCookies();
|
||||||
|
|
||||||
|
@ -239,6 +241,42 @@ public class RequiredActionEmailVerificationTest {
|
||||||
assertTrue(loginPage.isCurrent());
|
assertTrue(loginPage.isCurrent());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifyInvalidKeyOrCode() throws IOException, MessagingException {
|
||||||
|
loginPage.open();
|
||||||
|
loginPage.login("test-user@localhost", "password");
|
||||||
|
|
||||||
|
Assert.assertTrue(verifyEmailPage.isCurrent());
|
||||||
|
String resendEmailLink = verifyEmailPage.getResendEmailLink();
|
||||||
|
String keyInsteadCodeURL = resendEmailLink.replace("code=", "key=");
|
||||||
|
|
||||||
|
AssertEvents.ExpectedEvent emailEvent = events.expectRequiredAction(EventType.SEND_VERIFY_EMAIL).detail("email", "test-user@localhost");
|
||||||
|
Event sendEvent = emailEvent.assertEvent();
|
||||||
|
String sessionId = sendEvent.getSessionId();
|
||||||
|
String mailCodeId = sendEvent.getDetails().get(Details.CODE_ID);
|
||||||
|
|
||||||
|
driver.navigate().to(keyInsteadCodeURL);
|
||||||
|
|
||||||
|
events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
|
||||||
|
.error(Errors.INVALID_CODE)
|
||||||
|
.client((String)null)
|
||||||
|
.user((String)null)
|
||||||
|
.session((String)null)
|
||||||
|
.clearDetails()
|
||||||
|
.assertEvent();
|
||||||
|
|
||||||
|
String badKeyURL = KeycloakUriBuilder.fromUri(resendEmailLink).queryParam("key", "foo").build().toString();
|
||||||
|
driver.navigate().to(badKeyURL);
|
||||||
|
|
||||||
|
events.expectRequiredAction(EventType.VERIFY_EMAIL_ERROR)
|
||||||
|
.error(Errors.INVALID_USER_CREDENTIALS)
|
||||||
|
.session(sessionId)
|
||||||
|
.detail("email", "test-user@localhost")
|
||||||
|
.detail(Details.CODE_ID, mailCodeId)
|
||||||
|
.assertEvent();
|
||||||
|
}
|
||||||
|
|
||||||
private String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
|
private String getPasswordResetEmailLink(MimeMessage message) throws IOException, MessagingException {
|
||||||
Multipart multipart = (Multipart) message.getContent();
|
Multipart multipart = (Multipart) message.getContent();
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,7 @@ import org.junit.Test;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.UserModel.RequiredAction;
|
import org.keycloak.models.UserModel.RequiredAction;
|
||||||
import org.keycloak.services.managers.ClientManager;
|
import org.keycloak.services.managers.ClientManager;
|
||||||
|
@ -283,6 +284,36 @@ public class UserModelTest extends AbstractModelTest {
|
||||||
Assert.assertNull(session.users().getUserByUsername("user1", realm));
|
Assert.assertNull(session.users().getUserByUsername("user1", realm));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testGrantToAll() {
|
||||||
|
RealmModel realm1 = realmManager.createRealm("realm1");
|
||||||
|
RoleModel role1 = realm1.addRole("role1");
|
||||||
|
UserModel user1 = realmManager.getSession().users().addUser(realm1, "user1");
|
||||||
|
UserModel user2 = realmManager.getSession().users().addUser(realm1, "user2");
|
||||||
|
|
||||||
|
RealmModel realm2 = realmManager.createRealm("realm2");
|
||||||
|
UserModel realm2User1 = realmManager.getSession().users().addUser(realm2, "user1");
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realm1 = realmManager.getRealmByName("realm1");
|
||||||
|
role1 = realm1.getRole("role1");
|
||||||
|
realmManager.getSession().users().grantToAllUsers(realm1, role1);
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realm1 = realmManager.getRealmByName("realm1");
|
||||||
|
role1 = realm1.getRole("role1");
|
||||||
|
user1 = realmManager.getSession().users().getUserByUsername("user1", realm1);
|
||||||
|
user2 = realmManager.getSession().users().getUserByUsername("user2", realm1);
|
||||||
|
Assert.assertTrue(user1.hasRole(role1));
|
||||||
|
Assert.assertTrue(user2.hasRole(role1));
|
||||||
|
|
||||||
|
realm2 = realmManager.getRealmByName("realm2");
|
||||||
|
realm2User1 = realmManager.getSession().users().getUserByUsername("user1", realm2);
|
||||||
|
Assert.assertFalse(realm2User1.hasRole(role1));
|
||||||
|
}
|
||||||
|
|
||||||
public static void assertEquals(UserModel expected, UserModel actual) {
|
public static void assertEquals(UserModel expected, UserModel actual) {
|
||||||
Assert.assertEquals(expected.getUsername(), actual.getUsername());
|
Assert.assertEquals(expected.getUsername(), actual.getUsername());
|
||||||
Assert.assertEquals(expected.getCreatedTimestamp(), actual.getCreatedTimestamp());
|
Assert.assertEquals(expected.getCreatedTimestamp(), actual.getCreatedTimestamp());
|
||||||
|
|
|
@ -290,6 +290,14 @@ public class UserSessionPersisterProviderTest {
|
||||||
realmMgr.removeRealm(realmMgr.getRealm("foo"));
|
realmMgr.removeRealm(realmMgr.getRealm("foo"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// KEYCLOAK-1999
|
||||||
|
@Test
|
||||||
|
public void testNoSessions() {
|
||||||
|
UserSessionPersisterProvider persister = session.getProvider(UserSessionPersisterProvider.class);
|
||||||
|
List<UserSessionModel> sessions = persister.loadUserSessions(0, 1, true);
|
||||||
|
Assert.assertEquals(0, sessions.size());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
private ClientSessionModel createClientSession(ClientModel client, UserSessionModel userSession, String redirect, String state, Set<String> roles, Set<String> protocolMappers) {
|
private ClientSessionModel createClientSession(ClientModel client, UserSessionModel userSession, String redirect, String state, Set<String> roles, Set<String> protocolMappers) {
|
||||||
ClientSessionModel clientSession = session.sessions().createClientSession(realm, client);
|
ClientSessionModel clientSession = session.sessions().createClientSession(realm, client);
|
||||||
|
|
|
@ -50,4 +50,8 @@ public class VerifyEmailPage extends AbstractPage {
|
||||||
resendEmailLink.click();
|
resendEmailLink.click();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getResendEmailLink() {
|
||||||
|
return resendEmailLink.getAttribute("href");
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue