From 28fc5b4574ed5c8cc000ae11d5595d91af7f6a70 Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Wed, 16 Nov 2022 17:59:17 -0300 Subject: [PATCH] Removing injection points for Resteasy objects and resolving instances from keycloak context instead Relates #15374 --- .../oidc/AbstractOAuth2IdentityProvider.java | 9 ++--- .../keycloak/broker/saml/SAMLEndpoint.java | 7 +--- .../protocol/AuthorizationEndpointBase.java | 10 ++--- .../docker/DockerV2LoginProtocolService.java | 16 +------- .../oidc/DefaultTokenExchangeProvider.java | 2 - .../oidc/OIDCLoginProtocolService.java | 32 +++++---------- .../oidc/endpoints/AuthorizationEndpoint.java | 5 +-- .../oidc/endpoints/LogoutEndpoint.java | 9 ++--- .../oidc/endpoints/TokenEndpoint.java | 21 ++++------ .../endpoints/TokenIntrospectionEndpoint.java | 8 +--- .../endpoints/TokenRevocationEndpoint.java | 9 +---- .../oidc/endpoints/UserInfoEndpoint.java | 13 ++----- ...channelAuthenticationCallbackEndpoint.java | 5 +-- .../BackchannelAuthenticationEndpoint.java | 4 +- .../ciba/endpoints/CibaRootEndpoint.java | 7 +--- .../device/endpoints/DeviceEndpoint.java | 5 +-- .../endpoints/DeviceEndpointFactory.java | 5 +-- .../oidc/par/endpoints/ParEndpoint.java | 5 +-- .../oidc/par/endpoints/ParRootEndpoint.java | 7 +--- .../keycloak/protocol/saml/SamlService.java | 8 +--- ...cUnrecognizedPropertyExceptionHandler.java | 6 +-- .../services/error/KeycloakErrorHandler.java | 14 +++---- .../AbstractSecuredLocalService.java | 12 +++--- .../resources/ClientsManagementService.java | 9 ++--- .../resources/IdentityBrokerService.java | 9 ++--- .../services/resources/JsResource.java | 5 +-- .../resources/LoginActionsService.java | 10 ++--- .../resources/PublicRealmResource.java | 9 ++--- .../services/resources/RealmsResource.java | 31 ++++----------- .../services/resources/WelcomeResource.java | 7 +--- .../resources/account/AccountLoader.java | 15 +++---- .../resources/account/AccountRestService.java | 10 ++--- .../resources/admin/AdminConsole.java | 14 +++---- .../services/resources/admin/AdminRoot.java | 39 +++++++++++-------- .../admin/AttackDetectionResource.java | 5 +-- .../admin/ClientInitialAccessResource.java | 5 ++- .../admin/ClientPoliciesResource.java | 9 ++--- .../admin/ClientProfilesResource.java | 9 ++--- .../resources/admin/ComponentResource.java | 5 +-- .../resources/admin/GroupResource.java | 5 +-- .../resources/admin/RealmAdminResource.java | 26 ++++--------- .../resources/admin/RealmsAdminResource.java | 11 +----- .../resources/admin/RoleMapperResource.java | 5 +-- .../resources/admin/UserResource.java | 11 ++---- .../resources/admin/UsersResource.java | 12 ++---- .../twitter/TwitterIdentityProvider.java | 5 +-- .../rest/TestApplicationResourceProvider.java | 5 +-- ...estApplicationResourceProviderFactory.java | 8 +--- .../rest/TestingResourceProvider.java | 6 +-- .../rest/TestingResourceProviderFactory.java | 5 +-- 50 files changed, 176 insertions(+), 333 deletions(-) diff --git a/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java b/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java index 31d2194fdc..dc282d3b89 100755 --- a/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java +++ b/services/src/main/java/org/keycloak/broker/oidc/AbstractOAuth2IdentityProvider.java @@ -69,7 +69,6 @@ import javax.crypto.spec.SecretKeySpec; import javax.ws.rs.GET; import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; @@ -460,11 +459,9 @@ public abstract class AbstractOAuth2IdentityProvider params) { diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java index c09a55e0cb..3df320375d 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java @@ -88,7 +88,6 @@ import javax.ws.rs.OPTIONS; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; @@ -106,11 +105,9 @@ public class LogoutEndpoint { private final ClientConnection clientConnection; - @Context - private HttpRequest request; + private final HttpRequest request; - @Context - private HttpHeaders headers; + private final HttpHeaders headers; private final TokenManager tokenManager; private final RealmModel realm; @@ -130,6 +127,8 @@ public class LogoutEndpoint { this.event = event; this.providerConfig = providerConfig; this.offlineSessionsLazyLoadingEnabled = !Config.scope("userSessions").scope("infinispan").getBoolean("preloadOfflineSessionsFromDatabase", false); + this.request = session.getContext().getContextObject(HttpRequest.class); + this.headers = session.getContext().getRequestHeaders(); } @Path("/") diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java index 3becbf2aa2..61b412753b 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java @@ -20,7 +20,6 @@ package org.keycloak.protocol.oidc.endpoints; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.OAuth2Constants; import org.keycloak.OAuthErrorException; import org.keycloak.authentication.AuthenticationProcessor; @@ -108,7 +107,6 @@ import javax.ws.rs.OPTIONS; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedHashMap; @@ -143,14 +141,11 @@ public class TokenEndpoint { private final KeycloakSession session; - @Context - private HttpRequest request; + private final HttpRequest request; - @Context - private HttpResponse httpResponse; + private final HttpResponse httpResponse; - @Context - private HttpHeaders headers; + private final HttpHeaders headers; private final ClientConnection clientConnection; @@ -170,6 +165,9 @@ public class TokenEndpoint { this.tokenManager = tokenManager; this.realm = session.getContext().getRealm(); this.event = event; + this.request = session.getContext().getContextObject(HttpRequest.class); + this.httpResponse = session.getContext().getContextObject(HttpResponse.class); + this.headers = session.getContext().getRequestHeaders(); } @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @@ -184,7 +182,6 @@ public class TokenEndpoint { // create another instance of the endpoint that will be run within the new session. Resteasy.pushContext(KeycloakSession.class, kcSession); TokenEndpoint other = new TokenEndpoint(session, new TokenManager(), new EventBuilder(realmModel, kcSession, clientConnection)); - ResteasyProviderFactory.getInstance().injectProperties(other); return other.processGrantRequestInternal(); } catch (WebApplicationException we) { // WebApplicationException needs to be returned and treated (rethrown) by the calling code because the new transaction @@ -252,11 +249,7 @@ public class TokenEndpoint { @Path("introspect") public Object introspect() { - TokenIntrospectionEndpoint tokenIntrospectionEndpoint = new TokenIntrospectionEndpoint(this.session, this.event); - - ResteasyProviderFactory.getInstance().injectProperties(tokenIntrospectionEndpoint); - - return tokenIntrospectionEndpoint; + return new TokenIntrospectionEndpoint(this.session, this.event); } @OPTIONS diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java index 99a1d84808..5e31d1076e 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenIntrospectionEndpoint.java @@ -33,8 +33,6 @@ import org.keycloak.services.clientpolicy.ClientPolicyException; import org.keycloak.services.clientpolicy.context.TokenIntrospectContext; import javax.ws.rs.POST; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; @@ -50,11 +48,8 @@ public class TokenIntrospectionEndpoint { private static final String PARAM_TOKEN = "token"; private final KeycloakSession session; - @Context - private HttpRequest request; - @Context - private HttpHeaders headers; + private final HttpRequest request; private final ClientConnection clientConnection; @@ -66,6 +61,7 @@ public class TokenIntrospectionEndpoint { this.clientConnection = session.getContext().getConnection(); this.realm = session.getContext().getRealm(); this.event = event; + this.request = session.getContext().getContextObject(HttpRequest.class); } @POST diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenRevocationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenRevocationEndpoint.java index 78d2eb72b7..fa6fe1c316 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenRevocationEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenRevocationEndpoint.java @@ -24,8 +24,6 @@ import java.util.stream.Collectors; import javax.ws.rs.Consumes; import javax.ws.rs.OPTIONS; import javax.ws.rs.POST; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; @@ -64,11 +62,7 @@ public class TokenRevocationEndpoint { private final KeycloakSession session; - @Context - private HttpRequest request; - - @Context - private HttpHeaders headers; + private final HttpRequest request; private final ClientConnection clientConnection; @@ -85,6 +79,7 @@ public class TokenRevocationEndpoint { this.clientConnection = session.getContext().getConnection(); this.realm = session.getContext().getRealm(); this.event = event; + this.request = session.getContext().getContextObject(HttpRequest.class); } @POST diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java index c97bcecdde..96e9dd9e64 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java @@ -18,7 +18,6 @@ package org.keycloak.protocol.oidc.endpoints; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.HttpRequest; -import org.jboss.resteasy.spi.HttpResponse; import org.keycloak.OAuth2Constants; import org.keycloak.TokenCategory; import org.keycloak.TokenVerifier; @@ -74,7 +73,6 @@ import javax.ws.rs.GET; import javax.ws.rs.OPTIONS; import javax.ws.rs.POST; import javax.ws.rs.Path; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.MultivaluedMap; @@ -89,11 +87,7 @@ import java.util.Map; */ public class UserInfoEndpoint { - @Context - private HttpRequest request; - - @Context - private HttpResponse response; + private final HttpRequest request; private final KeycloakSession session; @@ -113,6 +107,7 @@ public class UserInfoEndpoint { this.tokenManager = tokenManager; this.appAuthManager = new AppAuthManager(); this.error = new OAuth2Error().json(false).realm(realm); + this.request = session.getContext().getContextObject(HttpRequest.class); } @Path("/") @@ -124,9 +119,9 @@ public class UserInfoEndpoint { @Path("/") @GET @NoCache - public Response issueUserInfoGet(@Context final HttpHeaders headers) { + public Response issueUserInfoGet() { setupCors(); - String accessToken = this.appAuthManager.extractAuthorizationHeaderTokenOrReturnNull(headers); + String accessToken = this.appAuthManager.extractAuthorizationHeaderTokenOrReturnNull(session.getContext().getRequestHeaders()); authorization(accessToken); return issueUserInfo(); } diff --git a/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationCallbackEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationCallbackEndpoint.java index 93d0a4101f..04023dc677 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationCallbackEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationCallbackEndpoint.java @@ -42,7 +42,6 @@ import javax.ws.rs.Consumes; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -56,11 +55,11 @@ public class BackchannelAuthenticationCallbackEndpoint extends AbstractCibaEndpo private static final Logger logger = Logger.getLogger(BackchannelAuthenticationCallbackEndpoint.class); - @Context - private HttpRequest httpRequest; + private final HttpRequest httpRequest; public BackchannelAuthenticationCallbackEndpoint(KeycloakSession session, EventBuilder event) { super(session, event); + this.httpRequest = session.getContext().getContextObject(HttpRequest.class); } @Path("/") diff --git a/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationEndpoint.java index 90a92b8a87..4dd574ab0f 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/BackchannelAuthenticationEndpoint.java @@ -48,7 +48,6 @@ import javax.ws.rs.Consumes; import javax.ws.rs.POST; import javax.ws.rs.Produces; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; @@ -76,7 +75,8 @@ public class BackchannelAuthenticationEndpoint extends AbstractCibaEndpoint { @NoCache @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(MediaType.APPLICATION_JSON) - public Response processGrantRequest(@Context HttpRequest httpRequest) { + public Response processGrantRequest() { + HttpRequest httpRequest = session.getContext().getContextObject(HttpRequest.class); CIBAAuthenticationRequest request = authorizeClient(httpRequest.getDecodedFormParameters()); try { diff --git a/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/CibaRootEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/CibaRootEndpoint.java index 67826d8765..5842d6cc09 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/CibaRootEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/grants/ciba/endpoints/CibaRootEndpoint.java @@ -19,7 +19,6 @@ package org.keycloak.protocol.oidc.grants.ciba.endpoints; import javax.ws.rs.Path; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.Profile; import org.keycloak.events.EventBuilder; import org.keycloak.models.KeycloakSession; @@ -63,11 +62,7 @@ public class CibaRootEndpoint implements OIDCExtProvider, OIDCExtProviderFactory */ @Path("/auth/callback") public BackchannelAuthenticationCallbackEndpoint authenticate() { - BackchannelAuthenticationCallbackEndpoint endpoint = new BackchannelAuthenticationCallbackEndpoint(session, event); - - ResteasyProviderFactory.getInstance().injectProperties(endpoint); - - return endpoint; + return new BackchannelAuthenticationCallbackEndpoint(session, event); } @Override diff --git a/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpoint.java index 9679cb54dd..2e97d00f47 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpoint.java @@ -65,7 +65,6 @@ import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; @@ -81,13 +80,13 @@ public class DeviceEndpoint extends AuthorizationEndpointBase implements RealmRe protected static final Logger logger = Logger.getLogger(DeviceEndpoint.class); - @Context - private HttpRequest request; + private final HttpRequest request; private Cors cors; public DeviceEndpoint(KeycloakSession session, EventBuilder event) { super(session, event); + this.request = session.getContext().getContextObject(HttpRequest.class); } /** diff --git a/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpointFactory.java b/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpointFactory.java index c38be15c32..0af1f6c801 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpointFactory.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/grants/device/endpoints/DeviceEndpointFactory.java @@ -19,7 +19,6 @@ package org.keycloak.protocol.oidc.grants.device.endpoints; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.Config; import org.keycloak.events.EventBuilder; import org.keycloak.models.KeycloakContext; @@ -39,9 +38,7 @@ public class DeviceEndpointFactory implements RealmResourceProviderFactory { KeycloakContext context = session.getContext(); RealmModel realm = context.getRealm(); EventBuilder event = new EventBuilder(realm, session, context.getConnection()); - DeviceEndpoint provider = new DeviceEndpoint(session, event); - ResteasyProviderFactory.getInstance().injectProperties(provider); - return provider; + return new DeviceEndpoint(session, event); } @Override diff --git a/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParEndpoint.java index e96cc18406..e788ddc1c7 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParEndpoint.java @@ -39,7 +39,6 @@ import javax.ws.rs.Consumes; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; @@ -59,8 +58,7 @@ public class ParEndpoint extends AbstractParEndpoint { private static final String REQUEST_URI_PREFIX = "urn:ietf:params:oauth:request_uri:"; public static final int REQUEST_URI_PREFIX_LENGTH = REQUEST_URI_PREFIX.length(); - @Context - private HttpRequest httpRequest; + private final HttpRequest httpRequest; private AuthorizationEndpointRequest authorizationRequest; @@ -71,6 +69,7 @@ public class ParEndpoint extends AbstractParEndpoint { public ParEndpoint(KeycloakSession session, EventBuilder event) { super(session, event); + this.httpRequest = session.getContext().getContextObject(HttpRequest.class); } @Path("/") diff --git a/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParRootEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParRootEndpoint.java index 6d64fecc4b..3b07b6fed2 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParRootEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/par/endpoints/ParRootEndpoint.java @@ -19,7 +19,6 @@ package org.keycloak.protocol.oidc.par.endpoints; import javax.ws.rs.Path; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.Profile; import org.keycloak.events.EventBuilder; import org.keycloak.models.KeycloakSession; @@ -45,11 +44,7 @@ public class ParRootEndpoint implements OIDCExtProvider, OIDCExtProviderFactory, @Path("/request") public ParEndpoint request() { - ParEndpoint endpoint = new ParEndpoint(session, event); - - ResteasyProviderFactory.getInstance().injectProperties(endpoint); - - return endpoint; + return new ParEndpoint(session, event); } @Override diff --git a/services/src/main/java/org/keycloak/protocol/saml/SamlService.java b/services/src/main/java/org/keycloak/protocol/saml/SamlService.java index b10f462fcb..c1c0ce923f 100755 --- a/services/src/main/java/org/keycloak/protocol/saml/SamlService.java +++ b/services/src/main/java/org/keycloak/protocol/saml/SamlService.java @@ -25,7 +25,6 @@ import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.specimpl.ResteasyHttpHeaders; import org.jboss.resteasy.spi.HttpRequest; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.broker.saml.SAMLDataMarshaller; import org.keycloak.common.ClientConnection; import org.keycloak.common.VerificationException; @@ -1075,8 +1074,6 @@ public class SamlService extends AuthorizationEndpointBase { public Response soapBinding(InputStream inputStream) { SamlEcpProfileService bindingService = new SamlEcpProfileService(session, event, destinationValidator); - ResteasyProviderFactory.getInstance().injectProperties(bindingService); - return bindingService.authenticate(inputStream); } @@ -1335,8 +1332,8 @@ public class SamlService extends AuthorizationEndpointBase { this.realmId = realm.getId(); this.httpHeaders = new ResteasyHttpHeaders(headers.getRequestHeaders()); this.connection = connection; - this.response = Resteasy.getContextData(org.jboss.resteasy.spi.HttpResponse.class); - this.request = Resteasy.getContextData(HttpRequest.class); + this.response = session.getContext().getContextObject(org.jboss.resteasy.spi.HttpResponse.class); + this.request = session.getContext().getContextObject(HttpRequest.class); this.bindingType = bindingType; } @@ -1404,7 +1401,6 @@ public class SamlService extends AuthorizationEndpointBase { } SamlService endpoint = (SamlService) factory.createProtocolEndpoint(session, event); - ResteasyProviderFactory.getInstance().injectProperties(endpoint); BindingProtocol protocol; if (SamlProtocol.SAML_POST_BINDING.equals(bindingType)) { protocol = endpoint.newPostBindingProtocol(); diff --git a/services/src/main/java/org/keycloak/services/error/KcUnrecognizedPropertyExceptionHandler.java b/services/src/main/java/org/keycloak/services/error/KcUnrecognizedPropertyExceptionHandler.java index add396551a..0087ff4d22 100644 --- a/services/src/main/java/org/keycloak/services/error/KcUnrecognizedPropertyExceptionHandler.java +++ b/services/src/main/java/org/keycloak/services/error/KcUnrecognizedPropertyExceptionHandler.java @@ -22,9 +22,9 @@ import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException; import javax.ws.rs.BadRequestException; import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.ext.ExceptionMapper; +import org.keycloak.models.KeycloakSession; /** * Override explicitly added ExceptionMapper for handling UnrecognizedPropertyException in RestEasy Jackson @@ -34,13 +34,13 @@ import javax.ws.rs.ext.ExceptionMapper; public class KcUnrecognizedPropertyExceptionHandler implements ExceptionMapper { @Context - private HttpHeaders headers; + KeycloakSession session; /** * Return escaped original message */ @Override public Response toResponse(UnrecognizedPropertyException exception) { - return KeycloakErrorHandler.getResponse(headers, new BadRequestException(exception.getMessage())); + return KeycloakErrorHandler.getResponse(session, new BadRequestException(exception.getMessage())); } } \ No newline at end of file diff --git a/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java b/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java index 18a6c934ae..e3d468b97d 100644 --- a/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java +++ b/services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java @@ -3,9 +3,7 @@ package org.keycloak.services.error; import com.fasterxml.jackson.core.JsonParseException; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.Failure; -import org.jboss.resteasy.spi.HttpResponse; import org.keycloak.Config; -import org.keycloak.common.util.Resteasy; import org.keycloak.forms.login.freemarker.model.UrlBean; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakTransaction; @@ -46,18 +44,14 @@ public class KeycloakErrorHandler implements ExceptionMapper { public static final String ERROR_RESPONSE_TEXT = "Error response {0}"; @Context - private HttpHeaders headers; - - @Context - private HttpResponse response; + KeycloakSession session; @Override public Response toResponse(Throwable throwable) { - return getResponse(headers, throwable); + return getResponse(session, throwable); } - public static Response getResponse(HttpHeaders headers, Throwable throwable) { - KeycloakSession session = Resteasy.getContextData(KeycloakSession.class); + public static Response getResponse(KeycloakSession session, Throwable throwable) { KeycloakTransaction tx = session.getTransactionManager(); tx.setRollbackOnly(); @@ -69,6 +63,8 @@ public class KeycloakErrorHandler implements ExceptionMapper { logger.debugv(throwable, ERROR_RESPONSE_TEXT, statusCode); } + HttpHeaders headers = session.getContext().getRequestHeaders(); + if (!MediaTypeMatcher.isHtmlRequest(headers)) { OAuth2ErrorRepresentation error = new OAuth2ErrorRepresentation(); diff --git a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java index 54c922d1fd..549bf2cdad 100755 --- a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java +++ b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java @@ -37,7 +37,6 @@ import org.keycloak.util.TokenUtil; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.NewCookie; import javax.ws.rs.core.Response; @@ -58,16 +57,14 @@ public abstract class AbstractSecuredLocalService { protected final ClientModel client; protected final RealmModel realm; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; protected final ClientConnection clientConnection; protected String stateChecker; protected final KeycloakSession session; - @Context - protected HttpRequest request; + protected final HttpRequest request; protected Auth auth; public AbstractSecuredLocalService(KeycloakSession session, ClientModel client) { @@ -75,6 +72,8 @@ public abstract class AbstractSecuredLocalService { this.realm = session.getContext().getRealm(); this.clientConnection = session.getContext().getConnection(); this.client = client; + this.request = session.getContext().getContextObject(HttpRequest.class); + this.headers = session.getContext().getRequestHeaders(); } @Path("login-redirect") @@ -83,8 +82,7 @@ public abstract class AbstractSecuredLocalService { @QueryParam("state") String state, @QueryParam("error") String error, @QueryParam("path") String path, - @QueryParam("referrer") String referrer, - @Context HttpHeaders headers) { + @QueryParam("referrer") String referrer) { try { if (error != null) { if (OAuthErrorException.ACCESS_DENIED.equals(error)) { diff --git a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java index f381b634d6..99da0d4de2 100755 --- a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java +++ b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java @@ -39,7 +39,6 @@ import javax.ws.rs.HeaderParam; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; @@ -57,11 +56,9 @@ public class ClientsManagementService { private final EventBuilder event; - @Context - private HttpRequest request; + private final HttpRequest request; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; private final ClientConnection clientConnection; @@ -72,6 +69,8 @@ public class ClientsManagementService { this.clientConnection = session.getContext().getConnection(); this.realm = session.getContext().getRealm(); this.event = event; + this.request = session.getContext().getContextObject(HttpRequest.class); + this.headers = session.getContext().getRequestHeaders(); } public static UriBuilder clientsManagementBaseUrl(UriBuilder baseUriBuilder) { diff --git a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java index 74fce666ce..788d9b0fc3 100755 --- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java +++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java @@ -99,7 +99,6 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; @@ -138,11 +137,9 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal private final ClientConnection clientConnection; - @Context - private HttpRequest request; + private final HttpRequest request; - @Context - private HttpHeaders headers; + private final HttpHeaders headers; private EventBuilder event; @@ -154,6 +151,8 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal if (realmModel == null) { throw new IllegalArgumentException("Realm can not be null."); } + this.request = session.getContext().getContextObject(HttpRequest.class); + this.headers = session.getContext().getRequestHeaders(); } public void init() { diff --git a/services/src/main/java/org/keycloak/services/resources/JsResource.java b/services/src/main/java/org/keycloak/services/resources/JsResource.java index 14876f713c..dc6dfb9759 100755 --- a/services/src/main/java/org/keycloak/services/resources/JsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/JsResource.java @@ -46,9 +46,6 @@ public class JsResource { @Context private KeycloakSession session; - @Context - private HttpRequest request; - /** * Get keycloak.js file for javascript clients * @@ -127,7 +124,7 @@ public class JsResource { } String contentType = "text/javascript"; - Cors cors = Cors.add(request).allowAllOrigins(); + Cors cors = Cors.add(session.getContext().getContextObject(HttpRequest.class)).allowAllOrigins(); ResourceEncodingProvider encodingProvider = ResourceEncodingHelper.getResourceEncodingProvider(session, contentType); diff --git a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java index 0d0f8667ee..4babaa1923 100755 --- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java +++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java @@ -29,6 +29,7 @@ import org.keycloak.authentication.RequiredActionFactory; import org.keycloak.authentication.RequiredActionProvider; import org.keycloak.authentication.actiontoken.ActionTokenContext; import org.keycloak.authentication.actiontoken.ActionTokenHandler; +import org.keycloak.common.util.Resteasy; import org.keycloak.models.DefaultActionTokenKey; import org.keycloak.authentication.actiontoken.ExplainedTokenVerificationException; import org.keycloak.authentication.actiontoken.resetcred.ResetCredentialsActionTokenHandler; @@ -91,7 +92,6 @@ import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; @@ -129,11 +129,9 @@ public class LoginActionsService { private final RealmModel realm; - @Context - private HttpRequest request; + private final HttpRequest request; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; private final ClientConnection clientConnection; @@ -180,6 +178,8 @@ public class LoginActionsService { this.realm = session.getContext().getRealm(); this.event = event; CacheControlUtil.noBackButtonCacheControlHeader(); + this.request = session.getContext().getContextObject(HttpRequest.class); + this.headers = session.getContext().getRequestHeaders(); } private boolean checkSsl() { diff --git a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java index 0503ffc04c..b904e89f05 100755 --- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java +++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java @@ -31,7 +31,6 @@ import javax.ws.rs.GET; import javax.ws.rs.OPTIONS; import javax.ws.rs.Path; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriInfo; @@ -45,11 +44,9 @@ import javax.ws.rs.core.UriInfo; public class PublicRealmResource { protected static final Logger logger = Logger.getLogger(PublicRealmResource.class); - @Context - protected HttpRequest request; + protected final HttpRequest request; - @Context - protected HttpResponse response; + protected final HttpResponse response; protected final KeycloakSession session; @@ -58,6 +55,8 @@ public class PublicRealmResource { public PublicRealmResource(KeycloakSession session) { this.session = session; this.realm = session.getContext().getRealm(); + this.request = session.getContext().getContextObject(HttpRequest.class); + this.response = session.getContext().getContextObject(HttpResponse.class); } /** diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java index 9c4fd6083c..458e590bec 100755 --- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java @@ -18,7 +18,6 @@ package org.keycloak.services.resources; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.OAuthErrorException; import org.keycloak.authorization.AuthorizationProvider; import org.keycloak.authorization.AuthorizationService; @@ -67,9 +66,6 @@ public class RealmsResource { @Context protected KeycloakSession session; - @Context - private HttpRequest request; - public static UriBuilder realmBaseUrl(UriInfo uriInfo) { UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder(); return realmBaseUrl(baseUriBuilder); @@ -116,10 +112,7 @@ public class RealmsResource { EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection()); - Object endpoint = factory.createProtocolEndpoint(session, event); - - ResteasyProviderFactory.getInstance().injectProperties(endpoint); - return endpoint; + return factory.createProtocolEndpoint(session, event); } /** @@ -165,9 +158,7 @@ public class RealmsResource { public LoginActionsService getLoginActionsService(final @PathParam("realm") String name) { resolveRealmAndUpdateSession(name); EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection()); - LoginActionsService service = new LoginActionsService(session, event); - ResteasyProviderFactory.getInstance().injectProperties(service); - return service; + return new LoginActionsService(session, event); } @Path("{realm}/clients-registrations") @@ -181,9 +172,7 @@ public class RealmsResource { public ClientsManagementService getClientsManagementService(final @PathParam("realm") String name) { resolveRealmAndUpdateSession(name); EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection()); - ClientsManagementService service = new ClientsManagementService(session, event); - ResteasyProviderFactory.getInstance().injectProperties(service); - return service; + return new ClientsManagementService(session, event); } private void resolveRealmAndUpdateSession(String realmName) { @@ -199,17 +188,13 @@ public class RealmsResource { public Object getAccountService(final @PathParam("realm") String name) { resolveRealmAndUpdateSession(name); EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection()); - AccountLoader accountLoader = new AccountLoader(session, event); - ResteasyProviderFactory.getInstance().injectProperties(accountLoader); - return accountLoader; + return new AccountLoader(session, event); } @Path("{realm}") public PublicRealmResource getRealmResource(final @PathParam("realm") String name) { resolveRealmAndUpdateSession(name); - PublicRealmResource realmResource = new PublicRealmResource(session); - ResteasyProviderFactory.getInstance().injectProperties(realmResource); - return realmResource; + return new PublicRealmResource(session); } @Path("{realm}/broker") @@ -217,7 +202,6 @@ public class RealmsResource { resolveRealmAndUpdateSession(name); IdentityBrokerService brokerService = new IdentityBrokerService(session); - ResteasyProviderFactory.getInstance().injectProperties(brokerService); brokerService.init(); @@ -229,7 +213,7 @@ public class RealmsResource { @Produces(MediaType.APPLICATION_JSON) public Response getVersionPreflight(final @PathParam("realm") String name, final @PathParam("provider") String providerName) { - return Cors.add(request, Response.ok()).allowedMethods("GET").preflight().auth().build(); + return Cors.add(session.getContext().getContextObject(HttpRequest.class), Response.ok()).allowedMethods("GET").preflight().auth().build(); } @GET @@ -252,7 +236,7 @@ public class RealmsResource { if (wellKnown != null) { ResponseBuilder responseBuilder = Response.ok(wellKnown.getConfig()).cacheControl(CacheControlUtil.noCache()); - return Cors.add(request, responseBuilder).allowedOrigins("*").auth().build(); + return Cors.add(session.getContext().getContextObject(HttpRequest.class), responseBuilder).allowedOrigins("*").auth().build(); } throw new NotFoundException(); @@ -290,6 +274,7 @@ public class RealmsResource { private void checkSsl(RealmModel realm) { if (!session.getContext().getUri().getBaseUri().getScheme().equals("https") && realm.getSslRequired().isRequired(session.getContext().getConnection())) { + HttpRequest request = session.getContext().getContextObject(HttpRequest.class); Cors cors = Cors.add(request).auth().allowedMethods(request.getHttpMethod()).auth().exposedHeaders(Cors.ACCESS_CONTROL_ALLOW_METHODS); throw new CorsErrorResponseException(cors.allowAllOrigins(), OAuthErrorException.INVALID_REQUEST, "HTTPS required", Response.Status.FORBIDDEN); diff --git a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java index b02dcfb7e0..eb90c290f0 100755 --- a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java +++ b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java @@ -67,9 +67,6 @@ public class WelcomeResource { private static final String KEYCLOAK_STATE_CHECKER = "WELCOME_STATE_CHECKER"; - @Context - protected HttpHeaders headers; - @Context private KeycloakSession session; @@ -246,7 +243,7 @@ public class WelcomeResource { ClientConnection clientConnection = session.getContext().getConnection(); InetAddress remoteInetAddress = InetAddress.getByName(clientConnection.getRemoteAddr()); InetAddress localInetAddress = InetAddress.getByName(clientConnection.getLocalAddr()); - String xForwardedFor = headers.getHeaderString("X-Forwarded-For"); + String xForwardedFor = session.getContext().getRequestHeaders().getHeaderString("X-Forwarded-For"); logger.debugf("Checking WelcomePage. Remote address: %s, Local address: %s, X-Forwarded-For header: %s", remoteInetAddress.toString(), localInetAddress.toString(), xForwardedFor); // Access through AJP protocol (loadbalancer) may cause that remoteAddress is "127.0.0.1". @@ -277,7 +274,7 @@ public class WelcomeResource { private void csrfCheck(final MultivaluedMap formData) { String formStateChecker = formData.getFirst("stateChecker"); - Cookie cookie = headers.getCookies().get(KEYCLOAK_STATE_CHECKER); + Cookie cookie = session.getContext().getRequestHeaders().getCookies().get(KEYCLOAK_STATE_CHECKER); if (cookie == null) { throw new ForbiddenException(); } diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountLoader.java b/services/src/main/java/org/keycloak/services/resources/account/AccountLoader.java index 7402127237..0452bf2499 100644 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountLoader.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountLoader.java @@ -19,7 +19,6 @@ package org.keycloak.services.resources.account; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.enums.AccountRestApiVersion; import org.keycloak.events.EventBuilder; import org.keycloak.models.ClientModel; @@ -39,7 +38,6 @@ import javax.ws.rs.NotFoundException; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.UriInfo; @@ -54,16 +52,16 @@ public class AccountLoader { private final KeycloakSession session; private final EventBuilder event; - @Context - private HttpRequest request; - @Context - private HttpResponse response; + private final HttpRequest request; + private final HttpResponse response; private static final Logger logger = Logger.getLogger(AccountLoader.class); public AccountLoader(KeycloakSession session, EventBuilder event) { this.session = session; this.event = event; + this.request = session.getContext().getContextObject(HttpRequest.class); + this.response = session.getContext().getContextObject(HttpResponse.class); } @Path("/") @@ -87,7 +85,6 @@ public class AccountLoader { } else { if (deprecatedAccount) { AccountFormService accountFormService = new AccountFormService(session, client, event); - ResteasyProviderFactory.getInstance().injectProperties(accountFormService); accountFormService.init(); return accountFormService; } else { @@ -150,9 +147,7 @@ public class AccountLoader { } } - AccountRestService accountRestService = new AccountRestService(session, auth, event, version); - ResteasyProviderFactory.getInstance().injectProperties(accountRestService); - return accountRestService; + return new AccountRestService(session, auth, event, version); } private ClientModel getAccountManagementClient(RealmModel realm) { diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java b/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java index 15ed5e9746..1bd5789656 100755 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java @@ -44,7 +44,6 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -100,10 +99,9 @@ import org.keycloak.validate.Validators; */ public class AccountRestService { - @Context - private HttpRequest request; - @Context - protected HttpHeaders headers; + private final HttpRequest request; + + protected final HttpHeaders headers; protected final ClientConnection clientConnection; @@ -126,6 +124,8 @@ public class AccountRestService { this.locale = session.getContext().resolveLocale(user); this.version = version; event.client(auth.getClient()).user(auth.getUser()); + this.request = session.getContext().getContextObject(HttpRequest.class); + this.headers = session.getContext().getRequestHeaders(); } /** diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java index ea08d72bc9..f32e760b34 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java @@ -52,8 +52,6 @@ import javax.ws.rs.OPTIONS; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import java.io.IOException; import java.net.URI; @@ -75,11 +73,9 @@ public class AdminConsole { protected final ClientConnection clientConnection; - @Context - protected HttpRequest request; + protected final HttpRequest request; - @Context - protected HttpResponse response; + protected final HttpResponse response; protected final KeycloakSession session; @@ -89,6 +85,8 @@ public class AdminConsole { this.session = session; this.realm = session.getContext().getRealm(); this.clientConnection = session.getContext().getConnection(); + this.request = session.getContext().getContextObject(HttpRequest.class); + this.response = session.getContext().getContextObject(HttpResponse.class); } public static class WhoAmI { @@ -200,12 +198,12 @@ public class AdminConsole { @GET @Produces(MediaType.APPLICATION_JSON) @NoCache - public Response whoAmI(final @Context HttpHeaders headers) { + public Response whoAmI() { RealmManager realmManager = new RealmManager(session); AuthenticationManager.AuthResult authResult = new AppAuthManager.BearerTokenAuthenticator(session) .setRealm(realm) .setConnection(clientConnection) - .setHeaders(headers) + .setHeaders(session.getContext().getRequestHeaders()) .authenticate(); if (authResult == null) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java index e3ff5ac428..6a0371013d 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java @@ -20,7 +20,6 @@ import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; import javax.ws.rs.NotFoundException; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import javax.ws.rs.NotAuthorizedException; import org.keycloak.common.Profile; import org.keycloak.jose.jws.JWSInput; @@ -62,12 +61,6 @@ import java.util.Properties; public class AdminRoot { protected static final Logger logger = Logger.getLogger(AdminRoot.class); - @Context - protected HttpRequest request; - - @Context - protected HttpResponse response; - protected TokenManager tokenManager; @Context @@ -154,9 +147,8 @@ public class AdminRoot { } resolveRealmAndUpdateSession(name, session); - AdminConsole service = new AdminConsole(session); - ResteasyProviderFactory.getInstance().injectProperties(service); - return service; + + return new AdminConsole(session); } @@ -207,7 +199,8 @@ public class AdminRoot { * @return */ @Path("realms") - public Object getRealmsAdmin(@Context final HttpHeaders headers) { + public Object getRealmsAdmin() { + HttpRequest request = getHttpRequest(); if (!isAdminApiEnabled()) { throw new NotFoundException(); @@ -217,12 +210,15 @@ public class AdminRoot { return new AdminCorsPreflightService(request); } - AdminAuth auth = authenticateRealmAdminRequest(headers); + AdminAuth auth = authenticateRealmAdminRequest(session.getContext().getRequestHeaders()); if (auth != null) { logger.debug("authenticated admin access for: " + auth.getUser().getUsername()); } - Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").exposedHeaders("Location").auth().build(response); + HttpResponse response = getHttpResponse(); + + Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").exposedHeaders("Location").auth().build( + response); return new RealmsAdminResource(session, auth, tokenManager); } @@ -234,17 +230,19 @@ public class AdminRoot { * @return */ @Path("serverinfo") - public Object getServerInfo(@Context final HttpHeaders headers) { + public Object getServerInfo() { if (!isAdminApiEnabled()) { throw new NotFoundException(); } + HttpRequest request = getHttpRequest(); + if (request.getHttpMethod().equals(HttpMethod.OPTIONS)) { return new AdminCorsPreflightService(request); } - AdminAuth auth = authenticateRealmAdminRequest(headers); + AdminAuth auth = authenticateRealmAdminRequest(session.getContext().getRequestHeaders()); if (!AdminPermissions.realms(session, auth).isAdmin()) { throw new ForbiddenException(); } @@ -253,11 +251,20 @@ public class AdminRoot { logger.debug("authenticated admin access for: " + auth.getUser().getUsername()); } - Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build(response); + Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build( + getHttpResponse()); return new ServerInfoAdminResource(session); } + private HttpResponse getHttpResponse() { + return session.getContext().getContextObject(HttpResponse.class); + } + + private HttpRequest getHttpRequest() { + return session.getContext().getContextObject(HttpRequest.class); + } + public static Theme getTheme(KeycloakSession session, RealmModel realm) throws IOException { return session.theme().getTheme(Theme.Type.ADMIN); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java index 70c4fb165b..4759caf275 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java @@ -34,7 +34,6 @@ import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import java.util.HashMap; @@ -57,8 +56,7 @@ public class AttackDetectionResource { protected final ClientConnection connection; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; public AttackDetectionResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) { this.session = session; @@ -66,6 +64,7 @@ public class AttackDetectionResource { this.realm = session.getContext().getRealm(); this.connection = session.getContext().getConnection(); this.adminEvent = adminEvent.realm(realm).resource(ResourceType.USER_LOGIN_FAILURE); + this.headers = session.getContext().getRequestHeaders(); } /** diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java index d9f9acb4f4..cb585e4b49 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientInitialAccessResource.java @@ -35,7 +35,6 @@ import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -70,7 +69,7 @@ public class ClientInitialAccessResource { @POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public ClientInitialAccessPresentation create(ClientInitialAccessCreatePresentation config, @Context final HttpResponse response) { + public ClientInitialAccessPresentation create(ClientInitialAccessCreatePresentation config) { auth.clients().requireManage(); int expiration = config.getExpiration() != null ? config.getExpiration() : 0; @@ -85,6 +84,8 @@ public class ClientInitialAccessResource { String token = ClientRegistrationTokenUtils.createInitialAccessToken(session, realm, clientInitialAccessModel); rep.setToken(token); + HttpResponse response = session.getContext().getContextObject(HttpResponse.class); + response.setStatus(Response.Status.CREATED.getStatusCode()); response.getOutputHeaders().add(HttpHeaders.LOCATION, session.getContext().getUri().getAbsolutePathBuilder().path(clientInitialAccessModel.getId()).build().toString()); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientPoliciesResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientPoliciesResource.java index cbfd24ea4c..589d0fc9b7 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientPoliciesResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientPoliciesResource.java @@ -22,7 +22,6 @@ import javax.ws.rs.Consumes; import javax.ws.rs.GET; import javax.ws.rs.PUT; import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -40,11 +39,9 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluato public class ClientPoliciesResource { protected static final Logger logger = Logger.getLogger(ClientPoliciesResource.class); - @Context - protected HttpRequest request; + protected final HttpRequest request; - @Context - protected HttpResponse response; + protected final HttpResponse response; protected final KeycloakSession session; @@ -55,6 +52,8 @@ public class ClientPoliciesResource { this.session = session; this.realm = session.getContext().getRealm(); this.auth = auth; + this.request = session.getContext().getContextObject(HttpRequest.class); + this.response = session.getContext().getContextObject(HttpResponse.class); } @GET diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientProfilesResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientProfilesResource.java index e89f045408..14ec61fb53 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientProfilesResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientProfilesResource.java @@ -23,7 +23,6 @@ import javax.ws.rs.GET; import javax.ws.rs.PUT; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -41,11 +40,9 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluato public class ClientProfilesResource { protected static final Logger logger = Logger.getLogger(ClientProfilesResource.class); - @Context - protected HttpRequest request; + protected final HttpRequest request; - @Context - protected HttpResponse response; + protected final HttpResponse response; protected final KeycloakSession session; @@ -56,6 +53,8 @@ public class ClientProfilesResource { this.session = session; this.realm = session.getContext().getRealm(); this.auth = auth; + this.request = session.getContext().getContextObject(HttpRequest.class); + this.response = session.getContext().getContextObject(HttpResponse.class); } @GET diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java index 1a8adaed48..a6f0588e5b 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java @@ -52,7 +52,6 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -82,8 +81,7 @@ public class ComponentResource { protected final KeycloakSession session; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; public ComponentResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) { this.session = session; @@ -91,6 +89,7 @@ public class ComponentResource { this.realm = session.getContext().getRealm(); this.adminEvent = adminEvent.resource(ResourceType.COMPONENT); this.clientConnection = session.getContext().getConnection(); + this.headers = session.getContext().getRequestHeaders(); } @GET diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java index b1a4f3c654..f331e574ea 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java @@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin; import org.jboss.resteasy.annotations.cache.NoCache; import javax.ws.rs.NotFoundException; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.util.ObjectUtil; import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.ResourceType; @@ -237,9 +236,7 @@ public class GroupResource { public RoleMapperResource getRoleMappings() { AdminPermissionEvaluator.RequirePermissionCheck manageCheck = () -> auth.groups().requireManage(group); AdminPermissionEvaluator.RequirePermissionCheck viewCheck = () -> auth.groups().requireView(group); - RoleMapperResource resource = new RoleMapperResource(session, auth, group, adminEvent, manageCheck, viewCheck); - ResteasyProviderFactory.getInstance().injectProperties(resource); - return resource; + return new RoleMapperResource(session, auth, group, adminEvent, manageCheck, viewCheck); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java index 737643a06d..8dcde4eb19 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java @@ -42,7 +42,6 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -132,8 +131,7 @@ public class RealmAdminResource { protected final ClientConnection connection; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; public RealmAdminResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) { this.session = session; @@ -141,6 +139,7 @@ public class RealmAdminResource { this.realm = session.getContext().getRealm(); this.connection = session.getContext().getConnection(); this.adminEvent = adminEvent.resource(ResourceType.REALM); + this.headers = session.getContext().getRequestHeaders(); } /** @@ -174,9 +173,7 @@ public class RealmAdminResource { */ @Path("attack-detection") public AttackDetectionResource getAttackDetection() { - AttackDetectionResource resource = new AttackDetectionResource(session, auth, adminEvent); - ResteasyProviderFactory.getInstance().injectProperties(resource); - return resource; + return new AttackDetectionResource(session, auth, adminEvent); } /** @@ -329,9 +326,7 @@ public class RealmAdminResource { */ @Path("components") public ComponentResource getComponents() { - ComponentResource resource = new ComponentResource(session, auth, adminEvent); - ResteasyProviderFactory.getInstance().injectProperties(resource); - return resource; + return new ComponentResource(session, auth, adminEvent); } /** @@ -462,10 +457,7 @@ public class RealmAdminResource { */ @Path("users") public UsersResource users() { - UsersResource users = new UsersResource(session, auth, adminEvent); - ResteasyProviderFactory.getInstance().injectProperties(users); - //resourceContext.initResource(users); - return users; + return new UsersResource(session, auth, adminEvent); } @NoCache @@ -1092,16 +1084,12 @@ public class RealmAdminResource { @Path("client-policies/policies") public ClientPoliciesResource getClientPoliciesResource() { ProfileHelper.requireFeature(Profile.Feature.CLIENT_POLICIES); - ClientPoliciesResource resource = new ClientPoliciesResource(session, auth); - ResteasyProviderFactory.getInstance().injectProperties(resource); - return resource; + return new ClientPoliciesResource(session, auth); } @Path("client-policies/profiles") public ClientProfilesResource getClientProfilesResource() { ProfileHelper.requireFeature(Profile.Feature.CLIENT_POLICIES); - ClientProfilesResource resource = new ClientProfilesResource(session, auth); - ResteasyProviderFactory.getInstance().injectProperties(resource); - return resource; + return new ClientProfilesResource(session, auth); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java index 8782487fea..295d019ce2 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java @@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin; import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.ClientConnection; import org.keycloak.models.AdminRoles; import org.keycloak.models.ClientModel; @@ -47,8 +46,6 @@ import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.CacheControl; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import java.io.InputStream; @@ -168,8 +165,7 @@ public class RealmsAdminResource { * @return */ @Path("{realm}") - public RealmAdminResource getRealmAdmin(@Context final HttpHeaders headers, - @PathParam("realm") final String name) { + public RealmAdminResource getRealmAdmin(@PathParam("realm") final String name) { RealmManager realmManager = new RealmManager(session); RealmModel realm = realmManager.getRealmByName(name); if (realm == null) throw new NotFoundException("Realm not found."); @@ -183,10 +179,7 @@ public class RealmsAdminResource { AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection); session.getContext().setRealm(realm); - RealmAdminResource adminResource = new RealmAdminResource(session, realmAuth, adminEvent); - ResteasyProviderFactory.getInstance().injectProperties(adminResource); - //resourceContext.initResource(adminResource); - return adminResource; + return new RealmAdminResource(session, realmAuth, adminEvent); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java index a4e7c0c302..eb56a82be6 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java @@ -47,7 +47,6 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -87,8 +86,7 @@ public class RoleMapperResource { protected final KeycloakSession session; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; public RoleMapperResource(KeycloakSession session, AdminPermissionEvaluator auth, @@ -104,6 +102,7 @@ public class RoleMapperResource { this.roleMapper = roleMapper; this.managePermission = manageCheck; this.viewPermission = viewCheck; + this.headers = session.getContext().getRequestHeaders(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java index bd43a0b188..90e3d3b2f8 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java @@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin; import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.authentication.RequiredActionProvider; import org.keycloak.authentication.actiontoken.execactions.ExecuteActionsActionToken; import org.keycloak.common.ClientConnection; @@ -92,7 +91,6 @@ import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -140,8 +138,7 @@ public class UserResource { protected final KeycloakSession session; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; public UserResource(KeycloakSession session, UserModel user, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) { this.session = session; @@ -150,6 +147,7 @@ public class UserResource { this.clientConnection = session.getContext().getConnection(); this.user = user; this.adminEvent = adminEvent.resource(ResourceType.USER); + this.headers = session.getContext().getRequestHeaders(); } /** @@ -581,10 +579,7 @@ public class UserResource { public RoleMapperResource getRoleMappings() { AdminPermissionEvaluator.RequirePermissionCheck manageCheck = () -> auth.users().requireMapRoles(user); AdminPermissionEvaluator.RequirePermissionCheck viewCheck = () -> auth.users().requireView(user); - RoleMapperResource resource = new RoleMapperResource(session, auth, user, adminEvent, manageCheck, viewCheck); - ResteasyProviderFactory.getInstance().injectProperties(resource); - return resource; - + return new RoleMapperResource(session, auth, user, adminEvent, manageCheck, viewCheck); } /** diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java index 3ed1450ebc..f71526d5f0 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java @@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin; import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.common.ClientConnection; import org.keycloak.common.Profile; import org.keycloak.common.util.ObjectUtil; @@ -31,7 +30,6 @@ import org.keycloak.models.ModelDuplicateException; import org.keycloak.models.ModelException; import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; -import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.RepresentationToModel; import org.keycloak.policy.PasswordPolicyNotMetException; @@ -91,8 +89,7 @@ public class UsersResource { protected final KeycloakSession session; - @Context - protected HttpHeaders headers; + protected final HttpHeaders headers; public UsersResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) { this.session = session; @@ -100,6 +97,7 @@ public class UsersResource { this.auth = auth; this.realm = session.getContext().getRealm(); this.adminEvent = adminEvent.resource(ResourceType.USER); + this.headers = session.getContext().getRequestHeaders(); } /** @@ -226,10 +224,8 @@ public class UsersResource { if (auth.users().canQuery()) throw new NotFoundException("User not found"); else throw new ForbiddenException(); } - UserResource resource = new UserResource(session, user, auth, adminEvent); - ResteasyProviderFactory.getInstance().injectProperties(resource); - //resourceContext.initResource(users); - return resource; + + return new UserResource(session, user, auth, adminEvent); } /** diff --git a/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java b/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java index 694f238417..f3430d4e7b 100755 --- a/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java +++ b/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java @@ -52,7 +52,6 @@ import twitter4j.conf.ConfigurationBuilder; import javax.ws.rs.GET; import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; @@ -171,8 +170,7 @@ public class TwitterIdentityProvider extends AbstractIdentityProvider cibaClientNotifications; private final ConcurrentMap intentClientBindings; - @Context - HttpRequest request; + private final HttpRequest request; public TestApplicationResourceProvider(KeycloakSession session, BlockingQueue adminLogoutActions, BlockingQueue backChannelLogoutTokens, @@ -91,6 +89,7 @@ public class TestApplicationResourceProvider implements RealmResourceProvider { this.authenticationChannelRequests = authenticationChannelRequests; this.cibaClientNotifications = cibaClientNotifications; this.intentClientBindings = intentClientBindings; + this.request = session.getContext().getContextObject(HttpRequest.class); } @POST diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestApplicationResourceProviderFactory.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestApplicationResourceProviderFactory.java index 9121e6b785..5a1119b84a 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestApplicationResourceProviderFactory.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestApplicationResourceProviderFactory.java @@ -17,9 +17,7 @@ package org.keycloak.testsuite.rest; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.Config.Scope; -import org.keycloak.crypto.Algorithm; import org.keycloak.crypto.KeyType; import org.keycloak.crypto.KeyUse; import org.keycloak.models.KeycloakSession; @@ -59,12 +57,8 @@ public class TestApplicationResourceProviderFactory implements RealmResourceProv @Override public RealmResourceProvider create(KeycloakSession session) { - TestApplicationResourceProvider provider = new TestApplicationResourceProvider(session, adminLogoutActions, + return new TestApplicationResourceProvider(session, adminLogoutActions, backChannelLogoutTokens, frontChannelLogoutTokens, pushNotBeforeActions, testAvailabilityActions, oidcClientData, authenticationChannelRequests, cibaClientNotifications, intentClientBindings); - - ResteasyProviderFactory.getInstance().injectProperties(provider); - - return provider; } @Override diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java index 36fdf2afda..719f9ffe94 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java @@ -20,7 +20,6 @@ package org.keycloak.testsuite.rest; import org.jboss.resteasy.annotations.cache.NoCache; import org.jboss.resteasy.spi.HttpRequest; import org.keycloak.Config; -import org.keycloak.authorization.policy.evaluation.Realm; import org.keycloak.common.Profile; import org.keycloak.common.util.HtmlUtils; import org.keycloak.common.util.Time; @@ -96,7 +95,6 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; import javax.ws.rs.core.Cookie; import javax.ws.rs.core.Response; import java.io.File; @@ -126,8 +124,7 @@ public class TestingResourceProvider implements RealmResourceProvider { private final KeycloakSession session; private final Map suspendedTimerTasks; - @Context - private HttpRequest request; + private final HttpRequest request; @Override public Object getResource() { @@ -137,6 +134,7 @@ public class TestingResourceProvider implements RealmResourceProvider { public TestingResourceProvider(KeycloakSession session, Map suspendedTimerTasks) { this.session = session; this.suspendedTimerTasks = suspendedTimerTasks; + this.request = session.getContext().getContextObject(HttpRequest.class); } @POST diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProviderFactory.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProviderFactory.java index e1a1f30c64..d796c2fab9 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProviderFactory.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProviderFactory.java @@ -20,7 +20,6 @@ package org.keycloak.testsuite.rest; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; -import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.keycloak.Config.Scope; import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSessionFactory; @@ -37,9 +36,7 @@ public class TestingResourceProviderFactory implements RealmResourceProviderFact @Override public RealmResourceProvider create(KeycloakSession session) { - TestingResourceProvider testProvider = new TestingResourceProvider(session, suspendedTimerTasks); - ResteasyProviderFactory.getInstance().injectProperties(testProvider); - return testProvider; + return new TestingResourceProvider(session, suspendedTimerTasks); } @Override