Remove deprecated default roles methods

Closes #15046

model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/ClientAdapter.java

@@ -463,31 +463,6 @@ public class ClientAdapter implements ClientModel, CachedObject {
         updated.setBaseUrl(url);
     }
 
-    @Override
-    @Deprecated
-    public Stream<String> getDefaultRolesStream() {
-        if (isUpdated()) return updated.getDefaultRolesStream();
-        return getRealm().getDefaultRole().getCompositesStream().filter(this::isClientRole).map(RoleModel::getName);
-    }
-
-    private boolean isClientRole(RoleModel role) {
-        return role.isClientRole() && Objects.equals(role.getContainerId(), this.getId());
-    }
-
-    @Override
-    @Deprecated
-    public void addDefaultRole(String name) {
-        getDelegateForUpdate();
-        updated.addDefaultRole(name);
-    }
-
-    @Override
-    @Deprecated
-    public void removeDefaultRoles(String... defaultRoles) {
-        getDelegateForUpdate();
-        updated.removeDefaultRoles(defaultRoles);
-    }
-
     @Override
     public boolean isBearerOnly() {
         if (isUpdated()) return updated.isBearerOnly();

model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmAdapter.java

@@ -747,32 +747,6 @@ public class RealmAdapter implements CachedRealmModel {
 
     }
 
-    @Override
-    @Deprecated
-    public Stream<String> getDefaultRolesStream() {
-        if (isUpdated()) return updated.getDefaultRolesStream();
-        return getDefaultRole().getCompositesStream().filter(this::isRealmRole).map(RoleModel::getName);
-    }
-
-    private boolean isRealmRole(RoleModel role) {
-        return ! role.isClientRole();
-    }
-
-    @Override
-    @Deprecated
-    public void addDefaultRole(String name) {
-        getDelegateForUpdate();
-        updated.addDefaultRole(name);
-    }
-
-    @Override
-    @Deprecated
-    public void removeDefaultRoles(String... defaultRoles) {
-        getDelegateForUpdate();
-        updated.removeDefaultRoles(defaultRoles);
-
-    }
-
     @Override
     public void addToDefaultRoles(RoleModel role) {
         getDelegateForUpdate();

model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java

@@ -655,38 +655,6 @@ public class ClientAdapter implements ClientModel, JpaModel<ClientEntity> {
         return RoleUtils.hasRole(getRolesStream(), role);
     }
 
-    @Override
-    @Deprecated
-    public Stream<String> getDefaultRolesStream() {
-        return realm.getDefaultRole().getCompositesStream().filter(this::isClientRole).map(RoleModel::getName);
-    }
-
-    private boolean isClientRole(RoleModel role) {
-        return role.isClientRole() && Objects.equals(role.getContainerId(), this.getId());
-    }
-
-    @Override
-    @Deprecated
-    public void addDefaultRole(String name) {
-        realm.getDefaultRole().addCompositeRole(getOrAddRoleId(name));
-    }
-
-    private RoleModel getOrAddRoleId(String name) {
-        RoleModel role = getRole(name);
-        if (role == null) {
-            role = addRole(name);
-        }
-        return role;
-    }
-
-    @Override
-    @Deprecated
-    public void removeDefaultRoles(String... defaultRoles) {
-        for (String defaultRole : defaultRoles) {
-            realm.getDefaultRole().removeCompositeRole(getRole(defaultRole));
-        }
-    }
-
     @Override
     public int getNodeReRegistrationTimeout() {
         return entity.getNodeReRegistrationTimeout();

model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java

@@ -688,38 +688,6 @@ public class RealmAdapter implements LegacyRealmModel, JpaModel<RealmEntity> {
         return realm.getRequiredCredentials().stream().map(this::toRequiredCredentialModel);
     }
 
-    @Override
-    @Deprecated
-    public Stream<String> getDefaultRolesStream() {
-        return getDefaultRole().getCompositesStream().filter(this::isRealmRole).map(RoleModel::getName);
-    }
-
-    private boolean isRealmRole(RoleModel role) {
-        return ! role.isClientRole();
-    }
-
-    @Override
-    @Deprecated
-    public void addDefaultRole(String name) {
-        getDefaultRole().addCompositeRole(getOrAddRoleId(name));
-    }
-
-    private RoleModel getOrAddRoleId(String name) {
-        RoleModel role = getRole(name);
-        if (role == null) {
-            role = addRole(name);
-        }
-        return role;
-    }
-
-    @Override
-    @Deprecated
-    public void removeDefaultRoles(String... defaultRoles) {
-        for (String defaultRole : defaultRoles) {
-            getDefaultRole().removeCompositeRole(getRole(defaultRole));
-        }
-    }
-
     @Override
     public Stream<GroupModel> getDefaultGroupsStream() {
         return realm.getDefaultGroupIds().stream().map(this::getGroupById);

model/legacy-private/src/main/java/org/keycloak/storage/client/UnsupportedOperationsClientStorageAdapter.java

@@ -64,27 +64,4 @@ public abstract class UnsupportedOperationsClientStorageAdapter implements Clien
         return Stream.empty();
     }
 
-    @Override
-    public final Stream<String> getDefaultRolesStream() {
-        return Stream.empty();
-    }
-
-    @Override
-    public final void addDefaultRole(String name) {
-        throw new ModelException("Unsupported operation");
-
-    }
-
-    @Override
-    public final void updateDefaultRoles(String... defaultRoles) {
-        throw new ModelException("Unsupported operation");
-
-    }
-
-    @Override
-    public final void removeDefaultRoles(String... defaultRoles) {
-        throw new ModelException("Unsupported operation");
-    }
-
-
 }

model/map/src/main/java/org/keycloak/models/map/client/MapClientAdapter.java

@@ -482,40 +482,6 @@ public abstract class MapClientAdapter extends AbstractClientModel<MapClientEnti
         return getRolesStream().anyMatch(r -> (Objects.equals(r, role) || r.hasRole(role)));
     }
 
-    /*************** Default roles ****************/
-
-    @Override
-    @Deprecated
-    public Stream<String> getDefaultRolesStream() {
-        return realm.getDefaultRole().getCompositesStream().filter(this::isClientRole).map(RoleModel::getName);
-    }
-
-    private boolean isClientRole(RoleModel role) {
-        return role.isClientRole() && Objects.equals(role.getContainerId(), this.getId());
-    }
-
-    @Override
-    @Deprecated
-    public void addDefaultRole(String name) {
-        realm.getDefaultRole().addCompositeRole(getOrAddRoleId(name));
-    }
-
-    private RoleModel getOrAddRoleId(String name) {
-        RoleModel role = getRole(name);
-        if (role == null) {
-            role = addRole(name);
-        }
-        return role;
-    }
-
-    @Override
-    @Deprecated
-    public void removeDefaultRoles(String... defaultRoles) {
-        for (String defaultRole : defaultRoles) {
-            realm.getDefaultRole().removeCompositeRole(getRole(defaultRole));
-        }
-    }
-
     /*************** Protocol mappers ****************/
 
     private String safeGetProtocol() {

model/map/src/main/java/org/keycloak/models/map/realm/MapRealmAdapter.java

@@ -1554,38 +1554,6 @@ public class MapRealmAdapter extends AbstractRealmModel<MapRealmEntity> implemen
         return session.roles().searchForRolesStream(this, search, first, max);
     }
 
-    @Override
-    @Deprecated
-    public Stream<String> getDefaultRolesStream() {
-        return getDefaultRole().getCompositesStream().filter(this::isRealmRole).map(RoleModel::getName);
-    }
-
-    private boolean isRealmRole(RoleModel role) {
-        return ! role.isClientRole();
-    }
-
-    @Override
-    @Deprecated
-    public void addDefaultRole(String name) {
-        getDefaultRole().addCompositeRole(getOrAddRoleId(name));
-    }
-
-    private RoleModel getOrAddRoleId(String name) {
-        RoleModel role = getRole(name);
-        if (role == null) {
-            role = addRole(name);
-        }
-        return role;
-    }
-
-    @Override
-    @Deprecated
-    public void removeDefaultRoles(String... defaultRoles) {
-        for (String defaultRole : defaultRoles) {
-            getDefaultRole().removeCompositeRole(getRole(defaultRole));
-        }
-    }
-
     @Override
     public boolean isBruteForceProtected() {
         return getAttribute(BRUTE_FORCE_PROTECTED, false);

server-spi-private/src/main/java/org/keycloak/models/delegate/ClientModelLazyDelegate.java

@@ -589,26 +589,6 @@ public class ClientModelLazyDelegate implements ClientModel {
         return getDelegate().searchForRolesStream(search, first, max);
     }
 
-    @Override
-    public Stream<String> getDefaultRolesStream() {
-        return getDelegate().getDefaultRolesStream();
-    }
-
-    @Override
-    public void addDefaultRole(String name) {
-        getDelegate().addDefaultRole(name);
-    }
-
-    @Override
-    public void updateDefaultRoles(String... defaultRoles) {
-        getDelegate().updateDefaultRoles(defaultRoles);
-    }
-
-    @Override
-    public void removeDefaultRoles(String... defaultRoles) {
-        getDelegate().removeDefaultRoles(defaultRoles);
-    }
-
     @Override
     public Stream<ProtocolMapperModel> getProtocolMappersStream() {
         return getDelegate().getProtocolMappersStream();

server-spi-private/src/test/java/org/keycloak/broker/provider/util/IdentityBrokerStateTestHelpers.java

@@ -67,21 +67,6 @@ public class IdentityBrokerStateTestHelpers {
             return null;
         }
 
-        @Override
-        public Stream<String> getDefaultRolesStream() {
-            return null;
-        }
-
-        @Override
-        public void addDefaultRole(String name) {
-
-        }
-
-        @Override
-        public void removeDefaultRoles(String... defaultRoles) {
-
-        }
-
         @Override
         public String getClientId() {
             return clientId;
@@ -553,21 +538,6 @@ public class IdentityBrokerStateTestHelpers {
             return null;
         }
 
-        @Override
-        public Stream<String> getDefaultRolesStream() {
-            return null;
-        }
-
-        @Override
-        public void addDefaultRole(String name) {
-
-        }
-
-        @Override
-        public void removeDefaultRoles(String... defaultRoles) {
-
-        }
-
         @Override
         public String getName() {
             return null;

server-spi/src/main/java/org/keycloak/models/RoleContainerModel.java

@@ -73,62 +73,4 @@ public interface RoleContainerModel {
      */
     Stream<RoleModel> searchForRolesStream(String search, Integer first, Integer max);
 
-    /**
-     * @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
-     * @return List of default roles names or empty list if there are none. Never returns {@code null}.
-     */
-    @Deprecated
-    default List<String> getDefaultRoles() {
-        Stream<String> defaultRolesStream = getDefaultRolesStream();
-        if (defaultRolesStream != null) {
-            return defaultRolesStream.collect(Collectors.toList());
-        } else {
-            return Collections.emptyList();
-        }
-    }
-
-    /**
-     * @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
-     * @return Stream of default roles names or empty stream if there are none. Never returns {@code null}.
-     */
-    @Deprecated
-    Stream<String> getDefaultRolesStream();
-
-    /**
-     * @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
-     */
-    @Deprecated
-    void addDefaultRole(String name);
-
-    /**
-     * @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
-     */
-    @Deprecated
-    default void updateDefaultRoles(String... defaultRoles) {
-        List<String> defaultRolesArray = Arrays.asList(defaultRoles);
-        Collection<String> entities = getDefaultRolesStream().collect(Collectors.toList());
-        Set<String> already = new HashSet<>();
-        ArrayList<String> remove = new ArrayList<>();
-        for (String rel : entities) {
-            if (! defaultRolesArray.contains(rel)) {
-                remove.add(rel);
-            } else {
-                already.add(rel);
-            }
-        }
-        removeDefaultRoles(remove.toArray(new String[] {}));
-
-        for (String roleName : defaultRoles) {
-            if (!already.contains(roleName)) {
-                addDefaultRole(roleName);
-            }
-        }
-    }
-
-    /**
-     * @deprecated Default roles are now managed by {@link org.keycloak.models.RealmModel#getDefaultRole()}. This method will be removed.
-     */
-    @Deprecated
-    void removeDefaultRoles(String... defaultRoles);
-
 }

services/src/main/java/org/keycloak/services/clientregistration/AbstractClientRegistrationProvider.java

@@ -17,6 +17,14 @@
 
 package org.keycloak.services.clientregistration;
 
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
 import java.util.stream.Stream;
 import org.keycloak.events.EventBuilder;
 import org.keycloak.events.EventType;
@@ -26,6 +34,7 @@ import org.keycloak.models.ClientRegistrationAccessTokenConstants;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.ModelDuplicateException;
 import org.keycloak.models.RealmModel;
+import org.keycloak.models.RoleModel;
 import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.models.utils.RepresentationToModel;
 import org.keycloak.representations.idm.ClientRepresentation;
@@ -69,7 +78,7 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
 
             if (client.getDefaultRoles() != null) {
                 for (String name : client.getDefaultRoles()) {
-                    clientModel.addDefaultRole(name);
+                    addDefaultRole(clientModel, name);
                 }
             }
 
@@ -99,7 +108,7 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
 
             client.setDirectAccessGrantsEnabled(false);
 
-            Stream<String> defaultRolesNames = clientModel.getDefaultRolesStream();
+            Stream<String> defaultRolesNames = getDefaultRolesStream(clientModel);
             if (defaultRolesNames != null) {
                 client.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
             }
@@ -128,7 +137,7 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
             rep.setRegistrationAccessToken(registrationAccessToken);
         }
 
-        Stream<String> defaultRolesNames = client.getDefaultRolesStream();
+        Stream<String> defaultRolesNames = getDefaultRolesStream(client);
         if (defaultRolesNames != null) {
             rep.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
         }
@@ -154,14 +163,14 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
         RepresentationToModel.updateClientProtocolMappers(rep, client);
 
         if (rep.getDefaultRoles() != null) {
-            client.updateDefaultRoles(rep.getDefaultRoles());
+            updateDefaultRoles(client, rep.getDefaultRoles());
         }
 
         rep = ModelToRepresentation.toRepresentation(client, session);
 
         rep.setSecret(client.getSecret());
 
-        Stream<String> defaultRolesNames = client.getDefaultRolesStream();
+        Stream<String> defaultRolesNames = getDefaultRolesStream(client);
         if (defaultRolesNames != null) {
             rep.setDefaultRoles(defaultRolesNames.toArray(String[]::new));
         }
@@ -239,4 +248,50 @@ public abstract class AbstractClientRegistrationProvider implements ClientRegist
     public void close() {
     }
 
+    /* ===========  default roles =========== */
+
+    private void addDefaultRole(ClientModel client, String name) {
+        client.getRealm().getDefaultRole().addCompositeRole(getOrAddRoleId(client, name));
+    }
+
+    private RoleModel getOrAddRoleId(ClientModel client, String name) {
+        RoleModel role = client.getRole(name);
+        if (role == null) {
+            role = client.addRole(name);
+        }
+        return role;
+    }
+
+    private Stream<String> getDefaultRolesStream(ClientModel client) {
+        return client.getRealm().getDefaultRole().getCompositesStream()
+                .filter(role -> role.isClientRole() && Objects.equals(role.getContainerId(), client.getId()))
+                .map(RoleModel::getName);
+    }
+
+    private void updateDefaultRoles(ClientModel client, String... defaultRoles) {
+        List<String> defaultRolesArray = Arrays.asList(String.valueOf(defaultRoles));
+        Collection<String> entities = getDefaultRolesStream(client).collect(Collectors.toList());
+        Set<String> already = new HashSet<>();
+        ArrayList<String> remove = new ArrayList<>();
+        for (String rel : entities) {
+            if (! defaultRolesArray.contains(rel)) {
+                remove.add(rel);
+            } else {
+                already.add(rel);
+            }
+        }
+        removeDefaultRoles(client, remove.toArray(new String[] {}));
+
+        for (String roleName : defaultRoles) {
+            if (!already.contains(roleName)) {
+                addDefaultRole(client, roleName);
+            }
+        }
+    }
+
+    private void removeDefaultRoles(ClientModel client, String... defaultRoles) {
+        for (String defaultRole : defaultRoles) {
+            client.getRealm().getDefaultRole().removeCompositeRole(client.getRole(defaultRole));
+        }
+    }
 }