From 1d56805fafbdffb68bf2f2d7f7a574eb7c7e0f9b Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Wed, 1 Apr 2015 10:32:47 -0400 Subject: [PATCH] unique username for brokered user --- .../resources/IdentityBrokerService.java | 7 ++++- .../broker/AbstractIdentityProviderTest.java | 4 +-- .../OIDCKeyCloakServerBrokerBasicTest.java | 26 +++++++++++++++++++ .../SAMLKeyCloakServerBrokerBasicTest.java | 2 +- ...KeyCloakServerBrokerWithSignatureTest.java | 2 +- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java index 4e05ad5926..872cfd83ae 100755 --- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java +++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java @@ -39,6 +39,7 @@ import org.keycloak.models.OAuthClientModel; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.UserSessionModel; +import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.protocol.oidc.TokenManager; import org.keycloak.provider.ProviderFactory; import org.keycloak.services.managers.AppAuthManager; @@ -488,7 +489,11 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal String username = updatedIdentity.getUsername(); if (this.realmModel.isRegistrationEmailAsUsername() && !Validation.isEmpty(updatedIdentity.getEmail())) { username = updatedIdentity.getEmail(); - } + } else if (username == null) { + username = updatedIdentity.getIdentityProviderId() + "." + updatedIdentity.getId(); + } else { + username = updatedIdentity.getIdentityProviderId() + "." + updatedIdentity.getUsername(); + } if (username != null) { username = username.trim(); } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java index 3fa93f129c..5e757cc393 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java @@ -250,7 +250,7 @@ public abstract class AbstractIdentityProviderTest { } protected void doAssertFederatedUserNoEmail(UserModel federatedUser) { - assertEquals("test-user-noemail", federatedUser.getUsername()); + assertEquals("kc-oidc-idp.test-user-noemail", federatedUser.getUsername()); assertEquals(null, federatedUser.getEmail()); assertEquals("Test", federatedUser.getFirstName()); assertEquals("User", federatedUser.getLastName()); @@ -580,7 +580,7 @@ public abstract class AbstractIdentityProviderTest { FederatedIdentityModel federatedIdentityModel = federatedIdentities.iterator().next(); assertEquals(getProviderId(), federatedIdentityModel.getIdentityProvider()); - assertEquals(federatedUser.getUsername(), federatedIdentityModel.getUserName()); + assertEquals(federatedUser.getUsername(), federatedIdentityModel.getIdentityProvider() + "." + federatedIdentityModel.getUserName()); driver.navigate().to("http://localhost:8081/test-app/logout"); driver.navigate().to("http://localhost:8081/test-app"); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/OIDCKeyCloakServerBrokerBasicTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/OIDCKeyCloakServerBrokerBasicTest.java index 1f318540b8..3a79a404e8 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/OIDCKeyCloakServerBrokerBasicTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/OIDCKeyCloakServerBrokerBasicTest.java @@ -1,6 +1,7 @@ package org.keycloak.testsuite.broker; import org.junit.ClassRule; +import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.representations.AccessTokenResponse; @@ -66,4 +67,29 @@ public class OIDCKeyCloakServerBrokerBasicTest extends AbstractIdentityProviderT protected String getProviderId() { return "kc-oidc-idp"; } + + @Test + public void testSuccessfulAuthentication() { + super.testSuccessfulAuthentication(); + } + + @Test + public void testSuccessfulAuthenticationWithoutUpdateProfile() { + super.testSuccessfulAuthenticationWithoutUpdateProfile(); + } + + @Test + public void testSuccessfulAuthenticationWithoutUpdateProfile_emailNotProvided_emailVerifyEnabled() { + super.testSuccessfulAuthenticationWithoutUpdateProfile_emailNotProvided_emailVerifyEnabled(); + } + + @Test + public void testSuccessfulAuthenticationWithoutUpdateProfile_newUser_emailAsUsername() { + super.testSuccessfulAuthenticationWithoutUpdateProfile_newUser_emailAsUsername(); + } + + @Test + public void testSuccessfulAuthenticationWithoutUpdateProfile_newUser_emailAsUsername_emailNotProvided() { + super.testSuccessfulAuthenticationWithoutUpdateProfile_newUser_emailAsUsername_emailNotProvided(); + } } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerBasicTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerBasicTest.java index ffddbd226a..b6a0210743 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerBasicTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerBasicTest.java @@ -69,7 +69,7 @@ public class SAMLKeyCloakServerBrokerBasicTest extends AbstractIdentityProviderT @Override protected void doAssertFederatedUserNoEmail(UserModel federatedUser) { - assertEquals("", federatedUser.getUsername()); + assertEquals("kc-saml-idp-basic.", federatedUser.getUsername()); assertEquals("", federatedUser.getEmail()); assertEquals(null, federatedUser.getFirstName()); assertEquals(null, federatedUser.getLastName()); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerWithSignatureTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerWithSignatureTest.java index bef306cbbe..8c2bb5d3aa 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerWithSignatureTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/SAMLKeyCloakServerBrokerWithSignatureTest.java @@ -68,7 +68,7 @@ public class SAMLKeyCloakServerBrokerWithSignatureTest extends AbstractIdentityP @Override protected void doAssertFederatedUserNoEmail(UserModel federatedUser) { - assertEquals("", federatedUser.getUsername()); + assertEquals("kc-saml-signed-idp.", federatedUser.getUsername()); assertEquals("", federatedUser.getEmail()); assertEquals(null, federatedUser.getFirstName()); assertEquals(null, federatedUser.getLastName());