diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java index 31ff560475..551d940acd 100755 --- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java +++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/LDAPFederationProviderFactory.java @@ -16,6 +16,7 @@ import org.keycloak.federation.ldap.mappers.FullNameLDAPFederationMapperFactory; import org.keycloak.federation.ldap.mappers.LDAPFederationMapper; import org.keycloak.federation.ldap.mappers.UserAttributeLDAPFederationMapper; import org.keycloak.federation.ldap.mappers.UserAttributeLDAPFederationMapperFactory; +import org.keycloak.mappers.UserFederationMapper; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.KeycloakSessionTask; @@ -192,6 +193,8 @@ public class LDAPFederationProviderFactory extends UserFederationEventAwareProvi @Override public UserFederationSyncResult syncAllUsers(KeycloakSessionFactory sessionFactory, final String realmId, final UserFederationProviderModel model) { + syncMappers(sessionFactory, realmId, model); + logger.infof("Sync all users from LDAP to local store: realm: %s, federation provider: %s", realmId, model.getDisplayName()); LDAPQuery userQuery = createQuery(sessionFactory, realmId, model); @@ -205,6 +208,8 @@ public class LDAPFederationProviderFactory extends UserFederationEventAwareProvi @Override public UserFederationSyncResult syncChangedUsers(KeycloakSessionFactory sessionFactory, String realmId, UserFederationProviderModel model, Date lastSync) { + syncMappers(sessionFactory, realmId, model); + logger.infof("Sync changed users from LDAP to local store: realm: %s, federation provider: %s, last sync time: " + lastSync, realmId, model.getDisplayName()); // Sync newly created and updated users @@ -221,6 +226,26 @@ public class LDAPFederationProviderFactory extends UserFederationEventAwareProvi return result; } + protected void syncMappers(KeycloakSessionFactory sessionFactory, final String realmId, final UserFederationProviderModel model) { + KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { + + @Override + public void run(KeycloakSession session) { + LDAPFederationProvider ldapProvider = getInstance(session, model); + RealmModel realm = session.realms().getRealm(realmId); + Set mappers = realm.getUserFederationMappersByFederationProvider(model.getId()); + for (UserFederationMapperModel mapperModel : mappers) { + UserFederationMapper ldapMapper = session.getProvider(UserFederationMapper.class, mapperModel.getFederationMapperType()); + UserFederationSyncResult syncResult = ldapMapper.syncDataFromFederationProviderToKeycloak(mapperModel, ldapProvider, session, realm); + if (syncResult.getAdded() > 0 || syncResult.getUpdated() > 0 || syncResult.getRemoved() > 0 || syncResult.getFailed() > 0) { + logger.infof("Sync of federation mapper '%s' finished. Status: %s", mapperModel.getName(), syncResult.toString()); + } + } + } + + }); + } + protected UserFederationSyncResult syncImpl(KeycloakSessionFactory sessionFactory, LDAPQuery userQuery, final String realmId, final UserFederationProviderModel fedModel) { final UserFederationSyncResult syncResult = new UserFederationSyncResult(); diff --git a/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/membership/group/GroupLDAPFederationMapper.java b/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/membership/group/GroupLDAPFederationMapper.java index 5115e9ae17..1d2a407604 100644 --- a/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/membership/group/GroupLDAPFederationMapper.java +++ b/federation/ldap/src/main/java/org/keycloak/federation/ldap/mappers/membership/group/GroupLDAPFederationMapper.java @@ -237,17 +237,17 @@ public class GroupLDAPFederationMapper extends AbstractLDAPFederationMapper impl } if (kcGroup != null) { - logger.infof("Updated Keycloak group '%s' from LDAP", kcGroup.getName()); + logger.debugf("Updated Keycloak group '%s' from LDAP", kcGroup.getName()); updateAttributesOfKCGroup(kcGroup, ldapGroups.get(kcGroup.getName())); syncResult.increaseUpdated(); } else { kcGroup = realm.createGroup(groupTreeEntry.getGroupName()); if (kcParent == null) { realm.moveGroup(kcGroup, null); - logger.infof("Imported top-level group '%s' from LDAP", kcGroup.getName()); + logger.debugf("Imported top-level group '%s' from LDAP", kcGroup.getName()); } else { realm.moveGroup(kcGroup, kcParent); - logger.infof("Imported group '%s' from LDAP as child of group '%s'", kcGroup.getName(), kcParent.getName()); + logger.debugf("Imported group '%s' from LDAP as child of group '%s'", kcGroup.getName(), kcParent.getName()); } updateAttributesOfKCGroup(kcGroup, ldapGroups.get(kcGroup.getName())); @@ -266,7 +266,7 @@ public class GroupLDAPFederationMapper extends AbstractLDAPFederationMapper impl List allGroups = realm.getGroups(); for (GroupModel kcGroup : allGroups) { if (!visitedGroupIds.contains(kcGroup.getId())) { - logger.infof("Removing Keycloak group '%s', which doesn't exist in LDAP", kcGroup.getName()); + logger.debugf("Removing Keycloak group '%s', which doesn't exist in LDAP", kcGroup.getName()); realm.removeGroup(kcGroup); syncResult.increaseRemoved(); } @@ -533,7 +533,7 @@ public class GroupLDAPFederationMapper extends AbstractLDAPFederationMapper impl GroupModel kcGroup = findKcGroupOrSyncFromLDAP(ldapGroup, user); if (kcGroup != null) { - logger.infof("User [%s] joins group [%s] during import from LDAP", user.getUsername(), kcGroup.getName()); + logger.debugf("User '%s' joins group '%s' during import from LDAP", user.getUsername(), kcGroup.getName()); user.joinGroup(kcGroup); } } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationTestUtils.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java similarity index 99% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationTestUtils.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java index 18db7bb2c3..f189e2012c 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationTestUtils.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap; import java.util.Arrays; import java.util.Collections; @@ -40,7 +40,7 @@ import org.keycloak.representations.idm.CredentialRepresentation; /** * @author Marek Posolda */ -class FederationTestUtils { +public class FederationTestUtils { public static UserModel addLocalUser(KeycloakSession session, RealmModel realm, String username, String email, String password) { UserModel user = session.userStorage().addUser(realm, username); diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPExampleServlet.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPExampleServlet.java similarity index 97% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPExampleServlet.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPExampleServlet.java index 80bc9f0e84..dfdeb05e05 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPExampleServlet.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPExampleServlet.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap; import java.io.IOException; import java.io.PrintWriter; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPTestConfiguration.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java similarity index 99% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPTestConfiguration.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java index c3e3542885..46b1be4d61 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPTestConfiguration.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPTestConfiguration.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap; import java.io.File; import java.io.InputStream; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationProvidersIntegrationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java similarity index 99% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationProvidersIntegrationTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java index 7a8a01ab0d..5702a451a5 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/FederationProvidersIntegrationTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; import org.junit.Assert; import org.junit.ClassRule; @@ -30,6 +30,7 @@ import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.representations.AccessToken; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.OAuthClient; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; import org.keycloak.testsuite.pages.AccountPasswordPage; import org.keycloak.testsuite.pages.AccountUpdateProfilePage; import org.keycloak.testsuite.pages.AppPage; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapper2WaySyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapper2WaySyncTest.java similarity index 96% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapper2WaySyncTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapper2WaySyncTest.java index ee45417e25..25234d25e2 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapper2WaySyncTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapper2WaySyncTest.java @@ -1,27 +1,19 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; -import java.util.List; import java.util.Map; import org.junit.Assert; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; -import org.junit.rules.RuleChain; -import org.junit.rules.TestRule; import org.keycloak.federation.ldap.LDAPFederationProvider; import org.keycloak.federation.ldap.LDAPFederationProviderFactory; -import org.keycloak.federation.ldap.LDAPUtils; -import org.keycloak.federation.ldap.idm.model.LDAPObject; import org.keycloak.federation.ldap.mappers.membership.LDAPGroupMapperMode; -import org.keycloak.federation.ldap.mappers.membership.MembershipType; -import org.keycloak.federation.ldap.mappers.membership.group.GroupLDAPFederationMapper; import org.keycloak.federation.ldap.mappers.membership.group.GroupLDAPFederationMapperFactory; import org.keycloak.federation.ldap.mappers.membership.group.GroupMapperConfig; import org.keycloak.models.GroupModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.LDAPConstants; -import org.keycloak.models.ModelException; import org.keycloak.models.RealmModel; import org.keycloak.models.UserFederationMapperModel; import org.keycloak.models.UserFederationProvider; @@ -29,6 +21,7 @@ import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationSyncResult; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.services.managers.RealmManager; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.LDAPRule; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapperSyncTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperSyncTest.java similarity index 99% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapperSyncTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperSyncTest.java index 64022fec8b..33cb2840a4 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapperSyncTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperSyncTest.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; import java.util.Map; @@ -29,6 +29,7 @@ import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserFederationSyncResult; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.services.managers.RealmManager; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.LDAPRule; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapperTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java similarity index 98% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapperTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java index 2469f455ee..4aaac4148b 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPGroupMapperTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; import java.util.List; import java.util.Map; @@ -20,22 +20,18 @@ import org.keycloak.federation.ldap.mappers.membership.MembershipType; import org.keycloak.federation.ldap.mappers.membership.group.GroupLDAPFederationMapper; import org.keycloak.federation.ldap.mappers.membership.group.GroupLDAPFederationMapperFactory; import org.keycloak.federation.ldap.mappers.membership.group.GroupMapperConfig; -import org.keycloak.federation.ldap.mappers.membership.role.RoleLDAPFederationMapper; -import org.keycloak.models.AccountRoles; -import org.keycloak.models.ClientModel; -import org.keycloak.models.Constants; import org.keycloak.models.GroupModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.LDAPConstants; import org.keycloak.models.ModelException; import org.keycloak.models.RealmModel; -import org.keycloak.models.RoleModel; import org.keycloak.models.UserFederationMapperModel; import org.keycloak.models.UserFederationProvider; import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.services.managers.RealmManager; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.LDAPRule; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPMultipleAttributesTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java similarity index 97% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPMultipleAttributesTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java index 8bdc093b07..6bca1ee066 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPMultipleAttributesTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; import java.net.URL; import java.util.Arrays; @@ -32,6 +32,8 @@ import org.keycloak.protocol.oidc.OIDCLoginProtocolService; import org.keycloak.protocol.oidc.mappers.UserAttributeMapper; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.OAuthClient; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; +import org.keycloak.testsuite.federation.ldap.LDAPExampleServlet; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.LDAPRule; @@ -154,7 +156,7 @@ public class LDAPMultipleAttributesTest { } private void assertPostalCodes(List postalCodes, String... expectedPostalCodes) { - if (expectedPostalCodes == null || postalCodes.isEmpty()) { + if (expectedPostalCodes == null && postalCodes.isEmpty()) { return; } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPRoleMappingsTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java similarity index 99% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPRoleMappingsTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java index 565694f840..50cc6d2590 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/LDAPRoleMappingsTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; import java.util.Map; import java.util.Set; @@ -30,6 +30,7 @@ import org.keycloak.models.UserFederationProviderModel; import org.keycloak.models.UserModel; import org.keycloak.services.managers.RealmManager; import org.keycloak.testsuite.OAuthClient; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.rule.KeycloakRule; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/SyncProvidersTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java similarity index 99% rename from testsuite/integration/src/test/java/org/keycloak/testsuite/federation/SyncProvidersTest.java rename to testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java index 76ed256b21..39ef19e5c6 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/SyncProvidersTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java @@ -1,4 +1,4 @@ -package org.keycloak.testsuite.federation; +package org.keycloak.testsuite.federation.ldap.base; import org.junit.Assert; import org.junit.ClassRule; @@ -23,6 +23,7 @@ import org.keycloak.models.UserProvider; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.UsersSyncManager; +import org.keycloak.testsuite.federation.ldap.FederationTestUtils; import org.keycloak.testsuite.rule.KeycloakRule; import org.keycloak.testsuite.rule.LDAPRule; import org.keycloak.testsuite.DummyUserFederationProviderFactory; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KerberosRule.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KerberosRule.java index 57bf79ac29..eb01f9bd6f 100644 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KerberosRule.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/KerberosRule.java @@ -5,7 +5,7 @@ import java.net.URL; import java.util.Properties; import org.jboss.logging.Logger; -import org.keycloak.testsuite.federation.LDAPTestConfiguration; +import org.keycloak.testsuite.federation.ldap.LDAPTestConfiguration; import org.keycloak.util.ldap.KerberosEmbeddedServer; import org.keycloak.util.ldap.LDAPEmbeddedServer; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java index 438938f046..b86df2e317 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/LDAPRule.java @@ -4,7 +4,7 @@ import java.util.Map; import java.util.Properties; import org.junit.rules.ExternalResource; -import org.keycloak.testsuite.federation.LDAPTestConfiguration; +import org.keycloak.testsuite.federation.ldap.LDAPTestConfiguration; import org.keycloak.util.ldap.LDAPEmbeddedServer; /**