libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Added Mongo audit provider

Browse source
This commit is contained in:
Stian Thorgersen 2014-04-01 18:00:35 +01:00
parent 722a077de7
commit 21239fbab9
16 changed files with 592 additions and 78 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
audit/api/src/main/java/org/keycloak/audit/AuditProvider.java
View file

@ -7,4 +7,8 @@ public interface AuditProvider extends AuditListener {
public EventQuery createQuery();
public void clear();
public void clear(long olderThan);
}

6
audit/jboss-logging/pom.xml
View file

@ -17,6 +17,12 @@
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-audit-api</artifactId>

6
audit/jpa/pom.xml
View file

@ -25,6 +25,12 @@
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-audit-tests</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate.javax.persistence</groupId>
<artifactId>hibernate-jpa-2.0-api</artifactId>

28
audit/jpa/src/src/main/java/org/keycloak/audit/jpa/JpaAuditProvider.java
View file

@ -6,6 +6,7 @@ import org.keycloak.audit.Event;
import org.keycloak.audit.EventQuery;
import javax.persistence.EntityManager;
import javax.persistence.EntityTransaction;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
@ -16,6 +17,7 @@ import java.util.UUID;
public class JpaAuditProvider implements AuditProvider {
private EntityManager em;
private EntityTransaction tx;
public JpaAuditProvider(EntityManager em) {
this.em = em;
@ -26,18 +28,40 @@ public class JpaAuditProvider implements AuditProvider {
return new JpaEventQuery(em);
}
@Override
public void clear() {
beginTx();
em.createQuery("delete from EventEntity").executeUpdate();
}
@Override
public void clear(long olderThan) {
beginTx();
em.createQuery("delete from EventEntity where time < :time").setParameter("time", olderThan).executeUpdate();
}
@Override
public void onEvent(Event event) {
em.getTransaction().begin();
beginTx();
em.persist(convert(event));
em.getTransaction().commit();
}
@Override
public void close() {
if (tx != null) {
tx.commit();
}
em.close();
}
private void beginTx() {
if (tx == null) {
tx = em.getTransaction();
tx.begin();
}
}
static EventEntity convert(Event o) {
EventEntity e = new EventEntity();
e.setId(UUID.randomUUID().toString());

75
audit/jpa/src/src/test/java/org/keycloak/audit/jpa/JpaAuditProviderTest.java
View file

@ -1,80 +1,15 @@
package org.keycloak.audit.jpa;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.audit.AuditProvider;
import org.keycloak.audit.AuditProviderFactory;
import org.keycloak.audit.Event;
import org.keycloak.provider.ProviderFactoryLoader;
import java.util.HashMap;
import java.util.Map;
import org.keycloak.audit.tests.AbstractAuditProviderTest;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class JpaAuditProviderTest {
public class JpaAuditProviderTest extends AbstractAuditProviderTest {
private AuditProviderFactory factory;
private AuditProvider provider;
@Before
public void before() {
ProviderFactoryLoader<AuditProviderFactory> loader = ProviderFactoryLoader.load(AuditProviderFactory.class);
factory = loader.find(JpaAuditProviderFactory.ID);
factory.init();
provider = factory.create();
}
@After
public void after() {
factory.close();
}
@Test
public void save() {
provider.onEvent(create("event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
}
@Test
public void query() {
provider.onEvent(create("event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event2", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event", "realmId2", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event", "realmId", "clientId2", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event", "realmId", "clientId", "userId2", "127.0.0.1", "error"));
Assert.assertEquals(4, provider.createQuery().client("clientId").getResultList().size());
Assert.assertEquals(4, provider.createQuery().realm("realmId").getResultList().size());
Assert.assertEquals(4, provider.createQuery().event("event").getResultList().size());
Assert.assertEquals(4, provider.createQuery().user("userId").getResultList().size());
Assert.assertEquals(1, provider.createQuery().user("userId").event("event2").getResultList().size());
Assert.assertEquals(2, provider.createQuery().maxResults(2).getResultList().size());
Assert.assertEquals(1, provider.createQuery().firstResult(4).getResultList().size());
}
private Event create(String event, String realmId, String clientId, String userId, String ipAddress, String error) {
Event e = new Event();
e.setTime(System.currentTimeMillis());
e.setEvent(event);
e.setRealmId(realmId);
e.setClientId(clientId);
e.setUserId(userId);
e.setIpAddress(ipAddress);
e.setError(error);
Map<String, String> details = new HashMap<String, String>();
details.put("key1", "value1");
details.put("key2", "value2");
e.setDetails(details);
return e;
@Override
protected String getProviderId() {
return JpaAuditProviderFactory.ID;
}
}

129
audit/mongo/pom.xml Executable file
View file

@ -0,0 +1,129 @@
<?xml version="1.0"?>
<project>
<parent>
<artifactId>keycloak-audit-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.0-beta-1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-audit-mongo</artifactId>
<name>Keycloak Audit Mongo Provider</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-audit-api</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-audit-tests</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>mongo-java-driver</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.json</groupId>
<artifactId>json</artifactId>
</dependency>
</dependencies>
<properties>
<keycloak.audit.mongo.host>localhost</keycloak.audit.mongo.host>
<keycloak.audit.mongo.port>27018</keycloak.audit.mongo.port>
<keycloak.audit.mongo.db>keycloak</keycloak.audit.mongo.db>
<keycloak.audit.mongo.clearOnStartup>true</keycloak.audit.mongo.clearOnStartup>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.6</source>
<target>1.6</target>
</configuration>
</plugin>
<!-- Postpone tests to "integration-test" phase, so that we can bootstrap embedded mongo on 27018 before running tests -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<executions>
<execution>
<id>test</id>
<phase>integration-test</phase>
<goals>
<goal>test</goal>
</goals>
<configuration>
<systemPropertyVariables>
<keycloak.audit.mongo.host>${keycloak.audit.mongo.host}</keycloak.audit.mongo.host>
<keycloak.audit.mongo.port>${keycloak.audit.mongo.port}</keycloak.audit.mongo.port>
<keycloak.audit.mongo.db>${keycloak.audit.mongo.db}</keycloak.audit.mongo.db>
<keycloak.audit.mongo.clearOnStartup>${keycloak.audit.mongo.clearOnStartup}</keycloak.audit.mongo.clearOnStartup>
</systemPropertyVariables>
<dependenciesToScan>
<dependency>org.keycloak:keycloak-model-tests</dependency>
</dependenciesToScan>
</configuration>
</execution>
<execution>
<id>default-test</id>
<configuration>
<skip>true</skip>
</configuration>
</execution>
</executions>
</plugin>
<!-- Embedded mongo -->
<plugin>
<groupId>com.github.joelittlejohn.embedmongo</groupId>
<artifactId>embedmongo-maven-plugin</artifactId>
<executions>
<execution>
<id>start-mongodb</id>
<phase>pre-integration-test</phase>
<goals>
<goal>start</goal>
</goals>
<configuration>
<port>${keycloak.audit.mongo.port}</port>
<logging>file</logging>
<logFile>${project.build.directory}/mongodb.log</logFile>
</configuration>
</execution>
<execution>
<id>stop-mongodb</id>
<phase>post-integration-test</phase>
<goals>
<goal>stop</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

87
audit/mongo/src/main/java/org/keycloak/audit/mongo/MongoAuditProvider.java Normal file
View file

@ -0,0 +1,87 @@
package org.keycloak.audit.mongo;
import com.mongodb.BasicDBObject;
import com.mongodb.DBCollection;
import com.mongodb.DBObject;
import org.keycloak.audit.AuditProvider;
import org.keycloak.audit.Event;
import org.keycloak.audit.EventQuery;
import java.util.HashMap;
import java.util.Map;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class MongoAuditProvider implements AuditProvider {
private DBCollection audit;
public MongoAuditProvider(DBCollection audit) {
this.audit = audit;
}
@Override
public EventQuery createQuery() {
return new MongoEventQuery(audit);
}
@Override
public void clear() {
audit.remove(new BasicDBObject());
}
@Override
public void clear(long olderThan) {
audit.remove(new BasicDBObject("time", new BasicDBObject("$lt", olderThan)));
}
@Override
public void onEvent(Event event) {
audit.insert(convert(event));
}
@Override
public void close() {
}
static DBObject convert(Event o) {
BasicDBObject e = new BasicDBObject();
e.put("time", o.getTime());
e.put("event", o.getEvent());
e.put("realmId", o.getRealmId());
e.put("clientId", o.getClientId());
e.put("userId", o.getUserId());
e.put("ipAddress", o.getIpAddress());
e.put("error", o.getError());
BasicDBObject details = new BasicDBObject();
for (Map.Entry<String, String> entry : o.getDetails().entrySet()) {
details.put(entry.getKey(), entry.getValue());
}
e.put("details", details);
return e;
}
static Event convert(BasicDBObject o) {
Event e = new Event();
e.setTime(o.getLong("time"));
e.setEvent(o.getString("event"));
e.setRealmId(o.getString("realmId"));
e.setClientId(o.getString("clientId"));
e.setUserId(o.getString("userId"));
e.setIpAddress(o.getString("ipAddress"));
e.setError(o.getString("error"));
BasicDBObject d = (BasicDBObject) o.get("details");
Map<String, String> details = new HashMap<String, String>();
for (Object k : d.keySet()) {
details.put((String) k, d.getString((String) k));
}
e.setDetails(details);
return e;
}
}

50
audit/mongo/src/main/java/org/keycloak/audit/mongo/MongoAuditProviderFactory.java Normal file
View file

@ -0,0 +1,50 @@
package org.keycloak.audit.mongo;
import com.mongodb.DB;
import com.mongodb.MongoClient;
import com.mongodb.WriteConcern;
import org.keycloak.audit.AuditProvider;
import org.keycloak.audit.AuditProviderFactory;
import java.net.UnknownHostException;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class MongoAuditProviderFactory implements AuditProviderFactory {
private static final String MONGO_HOST = "keycloak.audit.mongo.host";
private static final String MONGO_PORT = "keycloak.audit.mongo.port";
private static final String MONGO_DB_NAME = "keycloak.audit.mongo.db";
public static final String ID = "mongo";
private MongoClient client;
private DB db;
@Override
public AuditProvider create() {
return new MongoAuditProvider(db.getCollection("audit"));
}
@Override
public void init() {
try {
client = new MongoClient(System.getProperty(MONGO_HOST, "localhost"), Integer.parseInt(System.getProperty(MONGO_PORT, "27017")));
client.setWriteConcern(WriteConcern.UNACKNOWLEDGED);
db = client.getDB(System.getProperty(MONGO_DB_NAME, "keycloak-audit"));
} catch (UnknownHostException e) {
throw new RuntimeException(e);
}
}
@Override
public void close() {
client.close();
}
@Override
public String getId() {
return ID;
}
}

81
audit/mongo/src/main/java/org/keycloak/audit/mongo/MongoEventQuery.java Normal file
View file

@ -0,0 +1,81 @@
package org.keycloak.audit.mongo;
import com.mongodb.BasicDBObject;
import com.mongodb.DBCollection;
import com.mongodb.DBCursor;
import org.keycloak.audit.Event;
import org.keycloak.audit.EventQuery;
import java.util.LinkedList;
import java.util.List;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class MongoEventQuery implements EventQuery {
private Integer firstResult;
private Integer maxResults;
private DBCollection audit;
private final BasicDBObject query;
public MongoEventQuery(DBCollection audit) {
this.audit = audit;
query = new BasicDBObject();
}
@Override
public EventQuery event(String event) {
query.put("event", event);
return this;
}
@Override
public EventQuery realm(String realmId) {
query.put("realmId", realmId);
return this;
}
@Override
public EventQuery client(String clientId) {
query.put("clientId", clientId);
return this;
}
@Override
public EventQuery user(String userId) {
query.put("userId", userId);
return this;
}
@Override
public EventQuery firstResult(int firstResult) {
this.firstResult = firstResult;
return this;
}
@Override
public EventQuery maxResults(int maxResults) {
this.maxResults = maxResults;
return this;
}
@Override
public List<Event> getResultList() {
DBCursor cur = audit.find(query);
if (firstResult != null) {
cur.skip(firstResult);
}
if (maxResults != null) {
cur.limit(maxResults);
}
List<Event> events = new LinkedList<Event>();
while (cur.hasNext()) {
events.add(MongoAuditProvider.convert((BasicDBObject) cur.next()));
}
return events;
}
}

1
audit/mongo/src/main/resources/META-INF/services/org.keycloak.audit.AuditProviderFactory Normal file
View file

@ -0,0 +1 @@
org.keycloak.audit.mongo.MongoAuditProviderFactory

15
audit/mongo/src/test/java/org/keycloak/audit/mongo/MongoAuditProviderTest.java Normal file
View file

@ -0,0 +1,15 @@
package org.keycloak.audit.mongo;
import org.keycloak.audit.tests.AbstractAuditProviderTest;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class MongoAuditProviderTest extends AbstractAuditProviderTest {
@Override
protected String getProviderId() {
return MongoAuditProviderFactory.ID;
}
}

2
audit/pom.xml
View file

@ -19,5 +19,7 @@
<module>api</module>
<module>jpa</module>
<module>jboss-logging</module>
<module>mongo</module>
<module>tests</module>
</modules>
</project>

35
audit/tests/pom.xml Executable file
View file

@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>keycloak-audit-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>1.0-beta-1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-audit-tests</artifactId>
<name>Keycloak Audit Tests</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-audit-api</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
</project>

121
audit/tests/src/main/java/org/keycloak/audit/tests/AbstractAuditProviderTest.java Normal file
View file

@ -0,0 +1,121 @@
package org.keycloak.audit.tests;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.audit.AuditProvider;
import org.keycloak.audit.AuditProviderFactory;
import org.keycloak.audit.Event;
import org.keycloak.provider.ProviderFactoryLoader;
import java.util.HashMap;
import java.util.Map;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public abstract class AbstractAuditProviderTest {
private AuditProviderFactory factory;
private AuditProvider provider;
@Before
public void before() {
ProviderFactoryLoader<AuditProviderFactory> loader = ProviderFactoryLoader.load(AuditProviderFactory.class);
factory = loader.find(getProviderId());
factory.init();
provider = factory.create();
}
protected abstract String getProviderId();
@After
public void after() {
provider.clear();
provider.close();
factory.close();
}
@Test
public void save() {
provider.onEvent(create("event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
}
@Test
public void query() {
provider.onEvent(create("event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event2", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event", "realmId2", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event", "realmId", "clientId2", "userId", "127.0.0.1", "error"));
provider.onEvent(create("event", "realmId", "clientId", "userId2", "127.0.0.1", "error"));
provider.close();
provider = factory.create();
Assert.assertEquals(4, provider.createQuery().client("clientId").getResultList().size());
Assert.assertEquals(4, provider.createQuery().realm("realmId").getResultList().size());
Assert.assertEquals(4, provider.createQuery().event("event").getResultList().size());
Assert.assertEquals(4, provider.createQuery().user("userId").getResultList().size());
Assert.assertEquals(1, provider.createQuery().user("userId").event("event2").getResultList().size());
Assert.assertEquals(2, provider.createQuery().maxResults(2).getResultList().size());
Assert.assertEquals(1, provider.createQuery().firstResult(4).getResultList().size());
}
@Test
public void clear() {
provider.onEvent(create(System.currentTimeMillis() - 30000, "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create(System.currentTimeMillis() - 20000, "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create(System.currentTimeMillis(), "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create(System.currentTimeMillis(), "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.close();
provider = factory.create();
provider.clear();
Assert.assertEquals(0, provider.createQuery().getResultList().size());
}
@Test
public void clearOld() {
provider.onEvent(create(System.currentTimeMillis() - 30000, "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create(System.currentTimeMillis() - 20000, "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create(System.currentTimeMillis(), "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.onEvent(create(System.currentTimeMillis(), "event", "realmId", "clientId", "userId", "127.0.0.1", "error"));
provider.close();
provider = factory.create();
provider.clear(System.currentTimeMillis() - 10000);
Assert.assertEquals(2, provider.createQuery().getResultList().size());
}
private Event create(String event, String realmId, String clientId, String userId, String ipAddress, String error) {
return create(System.currentTimeMillis(), event, realmId, clientId, userId, ipAddress, error);
}
private Event create(long time, String event, String realmId, String clientId, String userId, String ipAddress, String error) {
Event e = new Event();
e.setTime(time);
e.setEvent(event);
e.setRealmId(realmId);
e.setClientId(clientId);
e.setUserId(userId);
e.setIpAddress(ipAddress);
e.setError(error);
Map<String, String> details = new HashMap<String, String>();
details.put("key1", "value1");
details.put("key2", "value2");
e.setDetails(details);
return e;
}
}

30
testsuite/integration/src/test/java/org/keycloak/testsuite/AssertEvents.java
View file

@ -9,6 +9,7 @@ import org.junit.Assert;
import org.junit.rules.TestRule;
import org.junit.runners.model.Statement;
import org.keycloak.audit.AuditListener;
import org.keycloak.audit.AuditListenerFactory;
import org.keycloak.audit.Details;
import org.keycloak.audit.Event;
import org.keycloak.models.ClientModel;
@ -31,7 +32,7 @@ import java.util.concurrent.TimeUnit;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class AssertEvents implements TestRule, AuditListener{
public class AssertEvents implements TestRule, AuditListenerFactory {
private static final Logger log = Logger.getLogger(AssertEvents.class);
@ -57,11 +58,6 @@ public class AssertEvents implements TestRule, AuditListener{
return "assert-events";
}
@Override
public void onEvent(Event event) {
events.add(event);
}
@Override
public Statement apply(final Statement base, org.junit.runner.Description description) {
return new Statement() {
@ -165,6 +161,28 @@ public class AssertEvents implements TestRule, AuditListener{
return new ExpectedEvent().realm(DEFAULT_REALM).client(DEFAULT_CLIENT_ID).user(keycloak.getUser(DEFAULT_REALM, DEFAULT_USERNAME).getId()).ipAddress(DEFAULT_IP_ADDRESS).event(event);
}
@Override
public AuditListener create() {
return new AuditListener() {
@Override
public void onEvent(Event event) {
events.add(event);
}
@Override
public void close() {
}
};
}
@Override
public void init() {
}
@Override
public void close() {
}
public static class ExpectedEvent {
private Event expected = new Event();
private Matcher<String> userId;

0
testsuite/integration/src/test/resources/META-INF/services/org.keycloak.audit.AuditListener → testsuite/integration/src/test/resources/META-INF/services/org.keycloak.audit.AuditListenerFactory
View file