Removing injection points for Resteasy objects and resolving instances from keycloak context instead
Relates #15374
This commit is contained in:
Pedro Igor
Václav Muzikář
parent
0bad673219
commit
28fc5b4574
50 changed files with 176 additions and 333 deletions
|
|
@ -69,7 +69,6 @@ import javax.crypto.spec.SecretKeySpec;
|
|||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
|
|
@ -460,11 +459,9 @@ public abstract class AbstractOAuth2IdentityProvider<C extends OAuth2IdentityPro
|
|||
|
||||
protected final ClientConnection clientConnection;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
@Context
|
||||
protected HttpRequest httpRequest;
|
||||
protected final HttpRequest httpRequest;
|
||||
|
||||
public Endpoint(AuthenticationCallback callback, RealmModel realm, EventBuilder event, AbstractOAuth2IdentityProvider provider) {
|
||||
this.callback = callback;
|
||||
|
|
@ -473,6 +470,8 @@ public abstract class AbstractOAuth2IdentityProvider<C extends OAuth2IdentityPro
|
|||
this.provider = provider;
|
||||
this.session = provider.session;
|
||||
this.clientConnection = session.getContext().getConnection();
|
||||
this.httpRequest = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ package org.keycloak.broker.saml;
|
|||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.broker.provider.BrokeredIdentityContext;
|
||||
import org.keycloak.broker.provider.IdentityBrokerException;
|
||||
import org.keycloak.broker.provider.IdentityProvider;
|
||||
|
|
@ -81,7 +80,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -148,8 +146,7 @@ public class SAMLEndpoint {
|
|||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpHeaders headers;
|
||||
|
||||
|
||||
public SAMLEndpoint(KeycloakSession session, SAMLIdentityProvider provider, SAMLIdentityProviderConfig config, IdentityProvider.AuthenticationCallback callback, DestinationValidator destinationValidator) {
|
||||
|
|
@ -160,6 +157,7 @@ public class SAMLEndpoint {
|
|||
this.destinationValidator = destinationValidator;
|
||||
this.session = session;
|
||||
this.clientConnection = session.getContext().getConnection();
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
@ -599,7 +597,6 @@ public class SAMLEndpoint {
|
|||
|
||||
LoginProtocolFactory factory = (LoginProtocolFactory) session.getKeycloakSessionFactory().getProviderFactory(LoginProtocol.class, SamlProtocol.LOGIN_PROTOCOL);
|
||||
SamlService samlService = (SamlService) factory.createProtocolEndpoint(SAMLEndpoint.this.session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(samlService);
|
||||
AuthenticationSessionModel authSession = samlService.getOrCreateLoginSessionForIdpInitiatedSso(session, SAMLEndpoint.this.realm, oClient.get(), null);
|
||||
if (authSession == null) {
|
||||
event.error(Errors.INVALID_REDIRECT_URI);
|
||||
|
|
|
|||
|
|
@ -42,7 +42,6 @@ import org.keycloak.services.resources.LoginActionsService;
|
|||
import org.keycloak.sessions.AuthenticationSessionModel;
|
||||
import org.keycloak.sessions.RootAuthenticationSessionModel;
|
||||
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
|
|
@ -61,10 +60,9 @@ public abstract class AuthorizationEndpointBase {
|
|||
protected final EventBuilder event;
|
||||
protected AuthenticationManager authManager;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
@Context
|
||||
protected HttpRequest httpRequest;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
protected final HttpRequest httpRequest;
|
||||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
|
|
@ -75,6 +73,8 @@ public abstract class AuthorizationEndpointBase {
|
|||
this.clientConnection = session.getContext().getConnection();
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.event = event;
|
||||
this.httpRequest = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
protected AuthenticationProcessor createProcessor(AuthenticationSessionModel authSession, String flowId, String flowPath) {
|
||||
|
|
|
|||
|
|
@ -1,36 +1,24 @@
|
|||
package org.keycloak.protocol.docker;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.oidc.TokenManager;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.utils.ProfileHelper;
|
||||
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
|
||||
public class DockerV2LoginProtocolService {
|
||||
|
||||
private final RealmModel realm;
|
||||
private final TokenManager tokenManager;
|
||||
private final EventBuilder event;
|
||||
|
||||
private final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
|
||||
public DockerV2LoginProtocolService(final KeycloakSession session, final EventBuilder event) {
|
||||
this.session = session;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.tokenManager = new TokenManager();
|
||||
this.event = event;
|
||||
}
|
||||
|
||||
|
|
@ -60,8 +48,6 @@ public class DockerV2LoginProtocolService {
|
|||
public Object auth() {
|
||||
ProfileHelper.requireFeature(Profile.Feature.DOCKER);
|
||||
|
||||
final DockerEndpoint endpoint = new DockerEndpoint(session, event, EventType.LOGIN);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new DockerEndpoint(session, event, EventType.LOGIN);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@
|
|||
package org.keycloak.protocol.oidc;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.broker.provider.BrokeredIdentityContext;
|
||||
|
|
@ -423,7 +422,6 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider {
|
|||
LoginProtocolFactory factory = (LoginProtocolFactory) session.getKeycloakSessionFactory()
|
||||
.getProviderFactory(LoginProtocol.class, SamlProtocol.LOGIN_PROTOCOL);
|
||||
SamlService samlService = (SamlService) factory.createProtocolEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(samlService);
|
||||
AuthenticationSessionModel authSession = samlService.getOrCreateLoginSessionForIdpInitiatedSso(session, realm,
|
||||
targetClient, null);
|
||||
if (authSession == null) {
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ import java.util.List;
|
|||
import java.util.Optional;
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.common.ClientConnection;
|
||||
import org.keycloak.crypto.KeyType;
|
||||
|
|
@ -56,7 +55,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -78,11 +76,9 @@ public class OIDCLoginProtocolService {
|
|||
|
||||
private final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpHeaders headers;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -93,6 +89,8 @@ public class OIDCLoginProtocolService {
|
|||
this.tokenManager = new TokenManager();
|
||||
this.event = event;
|
||||
this.providerConfig = providerConfig;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
public static UriBuilder tokenServiceBaseUrl(UriInfo uriInfo) {
|
||||
|
|
@ -158,9 +156,7 @@ public class OIDCLoginProtocolService {
|
|||
*/
|
||||
@Path("auth")
|
||||
public Object auth() {
|
||||
AuthorizationEndpoint endpoint = new AuthorizationEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new AuthorizationEndpoint(session, event);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -169,7 +165,6 @@ public class OIDCLoginProtocolService {
|
|||
@Path("registrations")
|
||||
public Object registrations() {
|
||||
AuthorizationEndpoint endpoint = new AuthorizationEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint.register();
|
||||
}
|
||||
|
||||
|
|
@ -179,7 +174,6 @@ public class OIDCLoginProtocolService {
|
|||
@Path("forgot-credentials")
|
||||
public Object forgotCredentialsPage() {
|
||||
AuthorizationEndpoint endpoint = new AuthorizationEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint.forgotCredentials();
|
||||
}
|
||||
|
||||
|
|
@ -188,9 +182,7 @@ public class OIDCLoginProtocolService {
|
|||
*/
|
||||
@Path("token")
|
||||
public Object token() {
|
||||
TokenEndpoint endpoint = new TokenEndpoint(session, tokenManager, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new TokenEndpoint(session, tokenManager, event);
|
||||
}
|
||||
|
||||
@Path("login-status-iframe.html")
|
||||
|
|
@ -243,25 +235,19 @@ public class OIDCLoginProtocolService {
|
|||
|
||||
@Path("userinfo")
|
||||
public Object issueUserInfo() {
|
||||
UserInfoEndpoint endpoint = new UserInfoEndpoint(session, tokenManager);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new UserInfoEndpoint(session, tokenManager);
|
||||
}
|
||||
|
||||
/* old deprecated logout endpoint needs to be removed in the future
|
||||
* https://issues.redhat.com/browse/KEYCLOAK-2940 */
|
||||
@Path("logout")
|
||||
public Object logout() {
|
||||
LogoutEndpoint endpoint = new LogoutEndpoint(session, tokenManager, event, providerConfig);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new LogoutEndpoint(session, tokenManager, event, providerConfig);
|
||||
}
|
||||
|
||||
@Path("revoke")
|
||||
public Object revoke() {
|
||||
TokenRevocationEndpoint endpoint = new TokenRevocationEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new TokenRevocationEndpoint(session, event);
|
||||
}
|
||||
|
||||
@Path("oauth/oob")
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@
|
|||
package org.keycloak.protocol.oidc.endpoints;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.authentication.AuthenticationProcessor;
|
||||
import org.keycloak.constants.AdapterConstants;
|
||||
|
|
@ -115,9 +114,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
|
|||
*/
|
||||
@Path("device")
|
||||
public Object authorizeDevice() {
|
||||
DeviceEndpoint endpoint = new DeviceEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return new DeviceEndpoint(session, event);
|
||||
}
|
||||
|
||||
private Response process(MultivaluedMap<String, String> params) {
|
||||
|
|
|
|||
|
|
@ -88,7 +88,6 @@ import javax.ws.rs.OPTIONS;
|
|||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
|
|
@ -106,11 +105,9 @@ public class LogoutEndpoint {
|
|||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpHeaders headers;
|
||||
|
||||
private final TokenManager tokenManager;
|
||||
private final RealmModel realm;
|
||||
|
|
@ -130,6 +127,8 @@ public class LogoutEndpoint {
|
|||
this.event = event;
|
||||
this.providerConfig = providerConfig;
|
||||
this.offlineSessionsLazyLoadingEnabled = !Config.scope("userSessions").scope("infinispan").getBoolean("preloadOfflineSessionsFromDatabase", false);
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@Path("/")
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ package org.keycloak.protocol.oidc.endpoints;
|
|||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.HttpResponse;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.authentication.AuthenticationProcessor;
|
||||
|
|
@ -108,7 +107,6 @@ import javax.ws.rs.OPTIONS;
|
|||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedHashMap;
|
||||
|
|
@ -143,14 +141,11 @@ public class TokenEndpoint {
|
|||
|
||||
private final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
@Context
|
||||
private HttpResponse httpResponse;
|
||||
private final HttpResponse httpResponse;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpHeaders headers;
|
||||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -170,6 +165,9 @@ public class TokenEndpoint {
|
|||
this.tokenManager = tokenManager;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.event = event;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.httpResponse = session.getContext().getContextObject(HttpResponse.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
|
|
@ -184,7 +182,6 @@ public class TokenEndpoint {
|
|||
// create another instance of the endpoint that will be run within the new session.
|
||||
Resteasy.pushContext(KeycloakSession.class, kcSession);
|
||||
TokenEndpoint other = new TokenEndpoint(session, new TokenManager(), new EventBuilder(realmModel, kcSession, clientConnection));
|
||||
ResteasyProviderFactory.getInstance().injectProperties(other);
|
||||
return other.processGrantRequestInternal();
|
||||
} catch (WebApplicationException we) {
|
||||
// WebApplicationException needs to be returned and treated (rethrown) by the calling code because the new transaction
|
||||
|
|
@ -252,11 +249,7 @@ public class TokenEndpoint {
|
|||
|
||||
@Path("introspect")
|
||||
public Object introspect() {
|
||||
TokenIntrospectionEndpoint tokenIntrospectionEndpoint = new TokenIntrospectionEndpoint(this.session, this.event);
|
||||
|
||||
ResteasyProviderFactory.getInstance().injectProperties(tokenIntrospectionEndpoint);
|
||||
|
||||
return tokenIntrospectionEndpoint;
|
||||
return new TokenIntrospectionEndpoint(this.session, this.event);
|
||||
}
|
||||
|
||||
@OPTIONS
|
||||
|
|
|
|||
|
|
@ -33,8 +33,6 @@ import org.keycloak.services.clientpolicy.ClientPolicyException;
|
|||
import org.keycloak.services.clientpolicy.context.TokenIntrospectContext;
|
||||
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.Response.Status;
|
||||
|
|
@ -50,11 +48,8 @@ public class TokenIntrospectionEndpoint {
|
|||
private static final String PARAM_TOKEN = "token";
|
||||
|
||||
private final KeycloakSession session;
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpRequest request;
|
||||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -66,6 +61,7 @@ public class TokenIntrospectionEndpoint {
|
|||
this.clientConnection = session.getContext().getConnection();
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.event = event;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -24,8 +24,6 @@ import java.util.stream.Collectors;
|
|||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.OPTIONS;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -64,11 +62,7 @@ public class TokenRevocationEndpoint {
|
|||
|
||||
private final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpRequest request;
|
||||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -85,6 +79,7 @@ public class TokenRevocationEndpoint {
|
|||
this.clientConnection = session.getContext().getConnection();
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.event = event;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.keycloak.protocol.oidc.endpoints;
|
|||
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.HttpResponse;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.TokenCategory;
|
||||
import org.keycloak.TokenVerifier;
|
||||
|
|
@ -74,7 +73,6 @@ import javax.ws.rs.GET;
|
|||
import javax.ws.rs.OPTIONS;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
|
|
@ -89,11 +87,7 @@ import java.util.Map;
|
|||
*/
|
||||
public class UserInfoEndpoint {
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
|
||||
@Context
|
||||
private HttpResponse response;
|
||||
private final HttpRequest request;
|
||||
|
||||
private final KeycloakSession session;
|
||||
|
||||
|
|
@ -113,6 +107,7 @@ public class UserInfoEndpoint {
|
|||
this.tokenManager = tokenManager;
|
||||
this.appAuthManager = new AppAuthManager();
|
||||
this.error = new OAuth2Error().json(false).realm(realm);
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@Path("/")
|
||||
|
|
@ -124,9 +119,9 @@ public class UserInfoEndpoint {
|
|||
@Path("/")
|
||||
@GET
|
||||
@NoCache
|
||||
public Response issueUserInfoGet(@Context final HttpHeaders headers) {
|
||||
public Response issueUserInfoGet() {
|
||||
setupCors();
|
||||
String accessToken = this.appAuthManager.extractAuthorizationHeaderTokenOrReturnNull(headers);
|
||||
String accessToken = this.appAuthManager.extractAuthorizationHeaderTokenOrReturnNull(session.getContext().getRequestHeaders());
|
||||
authorization(accessToken);
|
||||
return issueUserInfo();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,7 +42,6 @@ import javax.ws.rs.Consumes;
|
|||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -56,11 +55,11 @@ public class BackchannelAuthenticationCallbackEndpoint extends AbstractCibaEndpo
|
|||
|
||||
private static final Logger logger = Logger.getLogger(BackchannelAuthenticationCallbackEndpoint.class);
|
||||
|
||||
@Context
|
||||
private HttpRequest httpRequest;
|
||||
private final HttpRequest httpRequest;
|
||||
|
||||
public BackchannelAuthenticationCallbackEndpoint(KeycloakSession session, EventBuilder event) {
|
||||
super(session, event);
|
||||
this.httpRequest = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@Path("/")
|
||||
|
|
|
|||
|
|
@ -48,7 +48,6 @@ import javax.ws.rs.Consumes;
|
|||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -76,7 +75,8 @@ public class BackchannelAuthenticationEndpoint extends AbstractCibaEndpoint {
|
|||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Response processGrantRequest(@Context HttpRequest httpRequest) {
|
||||
public Response processGrantRequest() {
|
||||
HttpRequest httpRequest = session.getContext().getContextObject(HttpRequest.class);
|
||||
CIBAAuthenticationRequest request = authorizeClient(httpRequest.getDecodedFormParameters());
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@ package org.keycloak.protocol.oidc.grants.ciba.endpoints;
|
|||
|
||||
import javax.ws.rs.Path;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
|
|
@ -63,11 +62,7 @@ public class CibaRootEndpoint implements OIDCExtProvider, OIDCExtProviderFactory
|
|||
*/
|
||||
@Path("/auth/callback")
|
||||
public BackchannelAuthenticationCallbackEndpoint authenticate() {
|
||||
BackchannelAuthenticationCallbackEndpoint endpoint = new BackchannelAuthenticationCallbackEndpoint(session, event);
|
||||
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
|
||||
return endpoint;
|
||||
return new BackchannelAuthenticationCallbackEndpoint(session, event);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -65,7 +65,6 @@ import javax.ws.rs.POST;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -81,13 +80,13 @@ public class DeviceEndpoint extends AuthorizationEndpointBase implements RealmRe
|
|||
|
||||
protected static final Logger logger = Logger.getLogger(DeviceEndpoint.class);
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
private Cors cors;
|
||||
|
||||
public DeviceEndpoint(KeycloakSession session, EventBuilder event) {
|
||||
super(session, event);
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@
|
|||
|
||||
package org.keycloak.protocol.oidc.grants.device.endpoints;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
import org.keycloak.models.KeycloakContext;
|
||||
|
|
@ -39,9 +38,7 @@ public class DeviceEndpointFactory implements RealmResourceProviderFactory {
|
|||
KeycloakContext context = session.getContext();
|
||||
RealmModel realm = context.getRealm();
|
||||
EventBuilder event = new EventBuilder(realm, session, context.getConnection());
|
||||
DeviceEndpoint provider = new DeviceEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(provider);
|
||||
return provider;
|
||||
return new DeviceEndpoint(session, event);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ import javax.ws.rs.Consumes;
|
|||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
|
|
@ -59,8 +58,7 @@ public class ParEndpoint extends AbstractParEndpoint {
|
|||
private static final String REQUEST_URI_PREFIX = "urn:ietf:params:oauth:request_uri:";
|
||||
public static final int REQUEST_URI_PREFIX_LENGTH = REQUEST_URI_PREFIX.length();
|
||||
|
||||
@Context
|
||||
private HttpRequest httpRequest;
|
||||
private final HttpRequest httpRequest;
|
||||
|
||||
private AuthorizationEndpointRequest authorizationRequest;
|
||||
|
||||
|
|
@ -71,6 +69,7 @@ public class ParEndpoint extends AbstractParEndpoint {
|
|||
|
||||
public ParEndpoint(KeycloakSession session, EventBuilder event) {
|
||||
super(session, event);
|
||||
this.httpRequest = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@Path("/")
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@ package org.keycloak.protocol.oidc.par.endpoints;
|
|||
|
||||
import javax.ws.rs.Path;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
|
|
@ -45,11 +44,7 @@ public class ParRootEndpoint implements OIDCExtProvider, OIDCExtProviderFactory,
|
|||
|
||||
@Path("/request")
|
||||
public ParEndpoint request() {
|
||||
ParEndpoint endpoint = new ParEndpoint(session, event);
|
||||
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
|
||||
return endpoint;
|
||||
return new ParEndpoint(session, event);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -25,7 +25,6 @@ import org.jboss.logging.Logger;
|
|||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.specimpl.ResteasyHttpHeaders;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.broker.saml.SAMLDataMarshaller;
|
||||
import org.keycloak.common.ClientConnection;
|
||||
import org.keycloak.common.VerificationException;
|
||||
|
|
@ -1075,8 +1074,6 @@ public class SamlService extends AuthorizationEndpointBase {
|
|||
public Response soapBinding(InputStream inputStream) {
|
||||
SamlEcpProfileService bindingService = new SamlEcpProfileService(session, event, destinationValidator);
|
||||
|
||||
ResteasyProviderFactory.getInstance().injectProperties(bindingService);
|
||||
|
||||
return bindingService.authenticate(inputStream);
|
||||
}
|
||||
|
||||
|
|
@ -1335,8 +1332,8 @@ public class SamlService extends AuthorizationEndpointBase {
|
|||
this.realmId = realm.getId();
|
||||
this.httpHeaders = new ResteasyHttpHeaders(headers.getRequestHeaders());
|
||||
this.connection = connection;
|
||||
this.response = Resteasy.getContextData(org.jboss.resteasy.spi.HttpResponse.class);
|
||||
this.request = Resteasy.getContextData(HttpRequest.class);
|
||||
this.response = session.getContext().getContextObject(org.jboss.resteasy.spi.HttpResponse.class);
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.bindingType = bindingType;
|
||||
}
|
||||
|
||||
|
|
@ -1404,7 +1401,6 @@ public class SamlService extends AuthorizationEndpointBase {
|
|||
}
|
||||
|
||||
SamlService endpoint = (SamlService) factory.createProtocolEndpoint(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
BindingProtocol protocol;
|
||||
if (SamlProtocol.SAML_POST_BINDING.equals(bindingType)) {
|
||||
protocol = endpoint.newPostBindingProtocol();
|
||||
|
|
|
|||
|
|
@ -22,9 +22,9 @@ import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException;
|
|||
|
||||
import javax.ws.rs.BadRequestException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.ext.ExceptionMapper;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
|
||||
/**
|
||||
* Override explicitly added ExceptionMapper for handling <code>UnrecognizedPropertyException</code> in RestEasy Jackson
|
||||
|
|
@ -34,13 +34,13 @@ import javax.ws.rs.ext.ExceptionMapper;
|
|||
public class KcUnrecognizedPropertyExceptionHandler implements ExceptionMapper<UnrecognizedPropertyException> {
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
KeycloakSession session;
|
||||
|
||||
/**
|
||||
* Return escaped original message
|
||||
*/
|
||||
@Override
|
||||
public Response toResponse(UnrecognizedPropertyException exception) {
|
||||
return KeycloakErrorHandler.getResponse(headers, new BadRequestException(exception.getMessage()));
|
||||
return KeycloakErrorHandler.getResponse(session, new BadRequestException(exception.getMessage()));
|
||||
}
|
||||
}
|
||||
|
|
@ -3,9 +3,7 @@ package org.keycloak.services.error;
|
|||
import com.fasterxml.jackson.core.JsonParseException;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.Failure;
|
||||
import org.jboss.resteasy.spi.HttpResponse;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.common.util.Resteasy;
|
||||
import org.keycloak.forms.login.freemarker.model.UrlBean;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakTransaction;
|
||||
|
|
@ -46,18 +44,14 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
|
|||
public static final String ERROR_RESPONSE_TEXT = "Error response {0}";
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
|
||||
@Context
|
||||
private HttpResponse response;
|
||||
KeycloakSession session;
|
||||
|
||||
@Override
|
||||
public Response toResponse(Throwable throwable) {
|
||||
return getResponse(headers, throwable);
|
||||
return getResponse(session, throwable);
|
||||
}
|
||||
|
||||
public static Response getResponse(HttpHeaders headers, Throwable throwable) {
|
||||
KeycloakSession session = Resteasy.getContextData(KeycloakSession.class);
|
||||
public static Response getResponse(KeycloakSession session, Throwable throwable) {
|
||||
KeycloakTransaction tx = session.getTransactionManager();
|
||||
tx.setRollbackOnly();
|
||||
|
||||
|
|
@ -69,6 +63,8 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
|
|||
logger.debugv(throwable, ERROR_RESPONSE_TEXT, statusCode);
|
||||
}
|
||||
|
||||
HttpHeaders headers = session.getContext().getRequestHeaders();
|
||||
|
||||
if (!MediaTypeMatcher.isHtmlRequest(headers)) {
|
||||
OAuth2ErrorRepresentation error = new OAuth2ErrorRepresentation();
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,6 @@ import org.keycloak.util.TokenUtil;
|
|||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.NewCookie;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -58,16 +57,14 @@ public abstract class AbstractSecuredLocalService {
|
|||
protected final ClientModel client;
|
||||
protected final RealmModel realm;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
protected final ClientConnection clientConnection;
|
||||
protected String stateChecker;
|
||||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
protected HttpRequest request;
|
||||
protected final HttpRequest request;
|
||||
protected Auth auth;
|
||||
|
||||
public AbstractSecuredLocalService(KeycloakSession session, ClientModel client) {
|
||||
|
|
@ -75,6 +72,8 @@ public abstract class AbstractSecuredLocalService {
|
|||
this.realm = session.getContext().getRealm();
|
||||
this.clientConnection = session.getContext().getConnection();
|
||||
this.client = client;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@Path("login-redirect")
|
||||
|
|
@ -83,8 +82,7 @@ public abstract class AbstractSecuredLocalService {
|
|||
@QueryParam("state") String state,
|
||||
@QueryParam("error") String error,
|
||||
@QueryParam("path") String path,
|
||||
@QueryParam("referrer") String referrer,
|
||||
@Context HttpHeaders headers) {
|
||||
@QueryParam("referrer") String referrer) {
|
||||
try {
|
||||
if (error != null) {
|
||||
if (OAuthErrorException.ACCESS_DENIED.equals(error)) {
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ import javax.ws.rs.HeaderParam;
|
|||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
|
|
@ -57,11 +56,9 @@ public class ClientsManagementService {
|
|||
|
||||
private final EventBuilder event;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -72,6 +69,8 @@ public class ClientsManagementService {
|
|||
this.clientConnection = session.getContext().getConnection();
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.event = event;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
public static UriBuilder clientsManagementBaseUrl(UriBuilder baseUriBuilder) {
|
||||
|
|
|
|||
|
|
@ -99,7 +99,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.Response.Status;
|
||||
|
|
@ -138,11 +137,9 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
@Context
|
||||
private HttpHeaders headers;
|
||||
private final HttpHeaders headers;
|
||||
|
||||
private EventBuilder event;
|
||||
|
||||
|
|
@ -154,6 +151,8 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
if (realmModel == null) {
|
||||
throw new IllegalArgumentException("Realm can not be null.");
|
||||
}
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
public void init() {
|
||||
|
|
|
|||
|
|
@ -46,9 +46,6 @@ public class JsResource {
|
|||
@Context
|
||||
private KeycloakSession session;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
|
||||
/**
|
||||
* Get keycloak.js file for javascript clients
|
||||
*
|
||||
|
|
@ -127,7 +124,7 @@ public class JsResource {
|
|||
}
|
||||
|
||||
String contentType = "text/javascript";
|
||||
Cors cors = Cors.add(request).allowAllOrigins();
|
||||
Cors cors = Cors.add(session.getContext().getContextObject(HttpRequest.class)).allowAllOrigins();
|
||||
|
||||
ResourceEncodingProvider encodingProvider = ResourceEncodingHelper.getResourceEncodingProvider(session, contentType);
|
||||
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ import org.keycloak.authentication.RequiredActionFactory;
|
|||
import org.keycloak.authentication.RequiredActionProvider;
|
||||
import org.keycloak.authentication.actiontoken.ActionTokenContext;
|
||||
import org.keycloak.authentication.actiontoken.ActionTokenHandler;
|
||||
import org.keycloak.common.util.Resteasy;
|
||||
import org.keycloak.models.DefaultActionTokenKey;
|
||||
import org.keycloak.authentication.actiontoken.ExplainedTokenVerificationException;
|
||||
import org.keycloak.authentication.actiontoken.resetcred.ResetCredentialsActionTokenHandler;
|
||||
|
|
@ -91,7 +92,6 @@ import javax.ws.rs.POST;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
|
|
@ -129,11 +129,9 @@ public class LoginActionsService {
|
|||
|
||||
private final RealmModel realm;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
private final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -180,6 +178,8 @@ public class LoginActionsService {
|
|||
this.realm = session.getContext().getRealm();
|
||||
this.event = event;
|
||||
CacheControlUtil.noBackButtonCacheControlHeader();
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
private boolean checkSsl() {
|
||||
|
|
|
|||
|
|
@ -31,7 +31,6 @@ import javax.ws.rs.GET;
|
|||
import javax.ws.rs.OPTIONS;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
|
|
@ -45,11 +44,9 @@ import javax.ws.rs.core.UriInfo;
|
|||
public class PublicRealmResource {
|
||||
protected static final Logger logger = Logger.getLogger(PublicRealmResource.class);
|
||||
|
||||
@Context
|
||||
protected HttpRequest request;
|
||||
protected final HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpResponse response;
|
||||
protected final HttpResponse response;
|
||||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
|
|
@ -58,6 +55,8 @@ public class PublicRealmResource {
|
|||
public PublicRealmResource(KeycloakSession session) {
|
||||
this.session = session;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.response = session.getContext().getContextObject(HttpResponse.class);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.keycloak.services.resources;
|
|||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.authorization.AuthorizationProvider;
|
||||
import org.keycloak.authorization.AuthorizationService;
|
||||
|
|
@ -67,9 +66,6 @@ public class RealmsResource {
|
|||
@Context
|
||||
protected KeycloakSession session;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
|
||||
public static UriBuilder realmBaseUrl(UriInfo uriInfo) {
|
||||
UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
|
||||
return realmBaseUrl(baseUriBuilder);
|
||||
|
|
@ -116,10 +112,7 @@ public class RealmsResource {
|
|||
|
||||
EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection());
|
||||
|
||||
Object endpoint = factory.createProtocolEndpoint(session, event);
|
||||
|
||||
ResteasyProviderFactory.getInstance().injectProperties(endpoint);
|
||||
return endpoint;
|
||||
return factory.createProtocolEndpoint(session, event);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -165,9 +158,7 @@ public class RealmsResource {
|
|||
public LoginActionsService getLoginActionsService(final @PathParam("realm") String name) {
|
||||
resolveRealmAndUpdateSession(name);
|
||||
EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection());
|
||||
LoginActionsService service = new LoginActionsService(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(service);
|
||||
return service;
|
||||
return new LoginActionsService(session, event);
|
||||
}
|
||||
|
||||
@Path("{realm}/clients-registrations")
|
||||
|
|
@ -181,9 +172,7 @@ public class RealmsResource {
|
|||
public ClientsManagementService getClientsManagementService(final @PathParam("realm") String name) {
|
||||
resolveRealmAndUpdateSession(name);
|
||||
EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection());
|
||||
ClientsManagementService service = new ClientsManagementService(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(service);
|
||||
return service;
|
||||
return new ClientsManagementService(session, event);
|
||||
}
|
||||
|
||||
private void resolveRealmAndUpdateSession(String realmName) {
|
||||
|
|
@ -199,17 +188,13 @@ public class RealmsResource {
|
|||
public Object getAccountService(final @PathParam("realm") String name) {
|
||||
resolveRealmAndUpdateSession(name);
|
||||
EventBuilder event = new EventBuilder(session.getContext().getRealm(), session, session.getContext().getConnection());
|
||||
AccountLoader accountLoader = new AccountLoader(session, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(accountLoader);
|
||||
return accountLoader;
|
||||
return new AccountLoader(session, event);
|
||||
}
|
||||
|
||||
@Path("{realm}")
|
||||
public PublicRealmResource getRealmResource(final @PathParam("realm") String name) {
|
||||
resolveRealmAndUpdateSession(name);
|
||||
PublicRealmResource realmResource = new PublicRealmResource(session);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(realmResource);
|
||||
return realmResource;
|
||||
return new PublicRealmResource(session);
|
||||
}
|
||||
|
||||
@Path("{realm}/broker")
|
||||
|
|
@ -217,7 +202,6 @@ public class RealmsResource {
|
|||
resolveRealmAndUpdateSession(name);
|
||||
|
||||
IdentityBrokerService brokerService = new IdentityBrokerService(session);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(brokerService);
|
||||
|
||||
brokerService.init();
|
||||
|
||||
|
|
@ -229,7 +213,7 @@ public class RealmsResource {
|
|||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Response getVersionPreflight(final @PathParam("realm") String name,
|
||||
final @PathParam("provider") String providerName) {
|
||||
return Cors.add(request, Response.ok()).allowedMethods("GET").preflight().auth().build();
|
||||
return Cors.add(session.getContext().getContextObject(HttpRequest.class), Response.ok()).allowedMethods("GET").preflight().auth().build();
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
@ -252,7 +236,7 @@ public class RealmsResource {
|
|||
|
||||
if (wellKnown != null) {
|
||||
ResponseBuilder responseBuilder = Response.ok(wellKnown.getConfig()).cacheControl(CacheControlUtil.noCache());
|
||||
return Cors.add(request, responseBuilder).allowedOrigins("*").auth().build();
|
||||
return Cors.add(session.getContext().getContextObject(HttpRequest.class), responseBuilder).allowedOrigins("*").auth().build();
|
||||
}
|
||||
|
||||
throw new NotFoundException();
|
||||
|
|
@ -290,6 +274,7 @@ public class RealmsResource {
|
|||
private void checkSsl(RealmModel realm) {
|
||||
if (!session.getContext().getUri().getBaseUri().getScheme().equals("https")
|
||||
&& realm.getSslRequired().isRequired(session.getContext().getConnection())) {
|
||||
HttpRequest request = session.getContext().getContextObject(HttpRequest.class);
|
||||
Cors cors = Cors.add(request).auth().allowedMethods(request.getHttpMethod()).auth().exposedHeaders(Cors.ACCESS_CONTROL_ALLOW_METHODS);
|
||||
throw new CorsErrorResponseException(cors.allowAllOrigins(), OAuthErrorException.INVALID_REQUEST, "HTTPS required",
|
||||
Response.Status.FORBIDDEN);
|
||||
|
|
|
|||
|
|
@ -67,9 +67,6 @@ public class WelcomeResource {
|
|||
|
||||
private static final String KEYCLOAK_STATE_CHECKER = "WELCOME_STATE_CHECKER";
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
|
||||
@Context
|
||||
private KeycloakSession session;
|
||||
|
||||
|
|
@ -246,7 +243,7 @@ public class WelcomeResource {
|
|||
ClientConnection clientConnection = session.getContext().getConnection();
|
||||
InetAddress remoteInetAddress = InetAddress.getByName(clientConnection.getRemoteAddr());
|
||||
InetAddress localInetAddress = InetAddress.getByName(clientConnection.getLocalAddr());
|
||||
String xForwardedFor = headers.getHeaderString("X-Forwarded-For");
|
||||
String xForwardedFor = session.getContext().getRequestHeaders().getHeaderString("X-Forwarded-For");
|
||||
logger.debugf("Checking WelcomePage. Remote address: %s, Local address: %s, X-Forwarded-For header: %s", remoteInetAddress.toString(), localInetAddress.toString(), xForwardedFor);
|
||||
|
||||
// Access through AJP protocol (loadbalancer) may cause that remoteAddress is "127.0.0.1".
|
||||
|
|
@ -277,7 +274,7 @@ public class WelcomeResource {
|
|||
|
||||
private void csrfCheck(final MultivaluedMap<String, String> formData) {
|
||||
String formStateChecker = formData.getFirst("stateChecker");
|
||||
Cookie cookie = headers.getCookies().get(KEYCLOAK_STATE_CHECKER);
|
||||
Cookie cookie = session.getContext().getRequestHeaders().getCookies().get(KEYCLOAK_STATE_CHECKER);
|
||||
if (cookie == null) {
|
||||
throw new ForbiddenException();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@ package org.keycloak.services.resources.account;
|
|||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.HttpResponse;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.enums.AccountRestApiVersion;
|
||||
import org.keycloak.events.EventBuilder;
|
||||
import org.keycloak.models.ClientModel;
|
||||
|
|
@ -39,7 +38,6 @@ import javax.ws.rs.NotFoundException;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
|
|
@ -54,16 +52,16 @@ public class AccountLoader {
|
|||
private final KeycloakSession session;
|
||||
private final EventBuilder event;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
@Context
|
||||
private HttpResponse response;
|
||||
private final HttpRequest request;
|
||||
private final HttpResponse response;
|
||||
|
||||
private static final Logger logger = Logger.getLogger(AccountLoader.class);
|
||||
|
||||
public AccountLoader(KeycloakSession session, EventBuilder event) {
|
||||
this.session = session;
|
||||
this.event = event;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.response = session.getContext().getContextObject(HttpResponse.class);
|
||||
}
|
||||
|
||||
@Path("/")
|
||||
|
|
@ -87,7 +85,6 @@ public class AccountLoader {
|
|||
} else {
|
||||
if (deprecatedAccount) {
|
||||
AccountFormService accountFormService = new AccountFormService(session, client, event);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(accountFormService);
|
||||
accountFormService.init();
|
||||
return accountFormService;
|
||||
} else {
|
||||
|
|
@ -150,9 +147,7 @@ public class AccountLoader {
|
|||
}
|
||||
}
|
||||
|
||||
AccountRestService accountRestService = new AccountRestService(session, auth, event, version);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(accountRestService);
|
||||
return accountRestService;
|
||||
return new AccountRestService(session, auth, event, version);
|
||||
}
|
||||
|
||||
private ClientModel getAccountManagementClient(RealmModel realm) {
|
||||
|
|
|
|||
|
|
@ -44,7 +44,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -100,10 +99,9 @@ import org.keycloak.validate.Validators;
|
|||
*/
|
||||
public class AccountRestService {
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
private final HttpRequest request;
|
||||
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
protected final ClientConnection clientConnection;
|
||||
|
||||
|
|
@ -126,6 +124,8 @@ public class AccountRestService {
|
|||
this.locale = session.getContext().resolveLocale(user);
|
||||
this.version = version;
|
||||
event.client(auth.getClient()).user(auth.getUser());
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -52,8 +52,6 @@ import javax.ws.rs.OPTIONS;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
|
|
@ -75,11 +73,9 @@ public class AdminConsole {
|
|||
|
||||
protected final ClientConnection clientConnection;
|
||||
|
||||
@Context
|
||||
protected HttpRequest request;
|
||||
protected final HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpResponse response;
|
||||
protected final HttpResponse response;
|
||||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
|
|
@ -89,6 +85,8 @@ public class AdminConsole {
|
|||
this.session = session;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.clientConnection = session.getContext().getConnection();
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.response = session.getContext().getContextObject(HttpResponse.class);
|
||||
}
|
||||
|
||||
public static class WhoAmI {
|
||||
|
|
@ -200,12 +198,12 @@ public class AdminConsole {
|
|||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@NoCache
|
||||
public Response whoAmI(final @Context HttpHeaders headers) {
|
||||
public Response whoAmI() {
|
||||
RealmManager realmManager = new RealmManager(session);
|
||||
AuthenticationManager.AuthResult authResult = new AppAuthManager.BearerTokenAuthenticator(session)
|
||||
.setRealm(realm)
|
||||
.setConnection(clientConnection)
|
||||
.setHeaders(headers)
|
||||
.setHeaders(session.getContext().getRequestHeaders())
|
||||
.authenticate();
|
||||
|
||||
if (authResult == null) {
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ import org.jboss.logging.Logger;
|
|||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.jboss.resteasy.spi.HttpResponse;
|
||||
import javax.ws.rs.NotFoundException;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import javax.ws.rs.NotAuthorizedException;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.jose.jws.JWSInput;
|
||||
|
|
@ -62,12 +61,6 @@ import java.util.Properties;
|
|||
public class AdminRoot {
|
||||
protected static final Logger logger = Logger.getLogger(AdminRoot.class);
|
||||
|
||||
@Context
|
||||
protected HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpResponse response;
|
||||
|
||||
protected TokenManager tokenManager;
|
||||
|
||||
@Context
|
||||
|
|
@ -154,9 +147,8 @@ public class AdminRoot {
|
|||
}
|
||||
|
||||
resolveRealmAndUpdateSession(name, session);
|
||||
AdminConsole service = new AdminConsole(session);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(service);
|
||||
return service;
|
||||
|
||||
return new AdminConsole(session);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -207,7 +199,8 @@ public class AdminRoot {
|
|||
* @return
|
||||
*/
|
||||
@Path("realms")
|
||||
public Object getRealmsAdmin(@Context final HttpHeaders headers) {
|
||||
public Object getRealmsAdmin() {
|
||||
HttpRequest request = getHttpRequest();
|
||||
|
||||
if (!isAdminApiEnabled()) {
|
||||
throw new NotFoundException();
|
||||
|
|
@ -217,12 +210,15 @@ public class AdminRoot {
|
|||
return new AdminCorsPreflightService(request);
|
||||
}
|
||||
|
||||
AdminAuth auth = authenticateRealmAdminRequest(headers);
|
||||
AdminAuth auth = authenticateRealmAdminRequest(session.getContext().getRequestHeaders());
|
||||
if (auth != null) {
|
||||
logger.debug("authenticated admin access for: " + auth.getUser().getUsername());
|
||||
}
|
||||
|
||||
Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").exposedHeaders("Location").auth().build(response);
|
||||
HttpResponse response = getHttpResponse();
|
||||
|
||||
Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").exposedHeaders("Location").auth().build(
|
||||
response);
|
||||
|
||||
return new RealmsAdminResource(session, auth, tokenManager);
|
||||
}
|
||||
|
|
@ -234,17 +230,19 @@ public class AdminRoot {
|
|||
* @return
|
||||
*/
|
||||
@Path("serverinfo")
|
||||
public Object getServerInfo(@Context final HttpHeaders headers) {
|
||||
public Object getServerInfo() {
|
||||
|
||||
if (!isAdminApiEnabled()) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
HttpRequest request = getHttpRequest();
|
||||
|
||||
if (request.getHttpMethod().equals(HttpMethod.OPTIONS)) {
|
||||
return new AdminCorsPreflightService(request);
|
||||
}
|
||||
|
||||
AdminAuth auth = authenticateRealmAdminRequest(headers);
|
||||
AdminAuth auth = authenticateRealmAdminRequest(session.getContext().getRequestHeaders());
|
||||
if (!AdminPermissions.realms(session, auth).isAdmin()) {
|
||||
throw new ForbiddenException();
|
||||
}
|
||||
|
|
@ -253,11 +251,20 @@ public class AdminRoot {
|
|||
logger.debug("authenticated admin access for: " + auth.getUser().getUsername());
|
||||
}
|
||||
|
||||
Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build(response);
|
||||
Cors.add(request).allowedOrigins(auth.getToken()).allowedMethods("GET", "PUT", "POST", "DELETE").auth().build(
|
||||
getHttpResponse());
|
||||
|
||||
return new ServerInfoAdminResource(session);
|
||||
}
|
||||
|
||||
private HttpResponse getHttpResponse() {
|
||||
return session.getContext().getContextObject(HttpResponse.class);
|
||||
}
|
||||
|
||||
private HttpRequest getHttpRequest() {
|
||||
return session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
public static Theme getTheme(KeycloakSession session, RealmModel realm) throws IOException {
|
||||
return session.theme().getTheme(Theme.Type.ADMIN);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ import javax.ws.rs.GET;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -57,8 +56,7 @@ public class AttackDetectionResource {
|
|||
|
||||
protected final ClientConnection connection;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public AttackDetectionResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
|
||||
this.session = session;
|
||||
|
|
@ -66,6 +64,7 @@ public class AttackDetectionResource {
|
|||
this.realm = session.getContext().getRealm();
|
||||
this.connection = session.getContext().getConnection();
|
||||
this.adminEvent = adminEvent.realm(realm).resource(ResourceType.USER_LOGIN_FAILURE);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -35,7 +35,6 @@ import javax.ws.rs.POST;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -70,7 +69,7 @@ public class ClientInitialAccessResource {
|
|||
@POST
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public ClientInitialAccessPresentation create(ClientInitialAccessCreatePresentation config, @Context final HttpResponse response) {
|
||||
public ClientInitialAccessPresentation create(ClientInitialAccessCreatePresentation config) {
|
||||
auth.clients().requireManage();
|
||||
|
||||
int expiration = config.getExpiration() != null ? config.getExpiration() : 0;
|
||||
|
|
@ -85,6 +84,8 @@ public class ClientInitialAccessResource {
|
|||
String token = ClientRegistrationTokenUtils.createInitialAccessToken(session, realm, clientInitialAccessModel);
|
||||
rep.setToken(token);
|
||||
|
||||
HttpResponse response = session.getContext().getContextObject(HttpResponse.class);
|
||||
|
||||
response.setStatus(Response.Status.CREATED.getStatusCode());
|
||||
response.getOutputHeaders().add(HttpHeaders.LOCATION, session.getContext().getUri().getAbsolutePathBuilder().path(clientInitialAccessModel.getId()).build().toString());
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ import javax.ws.rs.Consumes;
|
|||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.PUT;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
|
|
@ -40,11 +39,9 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluato
|
|||
public class ClientPoliciesResource {
|
||||
protected static final Logger logger = Logger.getLogger(ClientPoliciesResource.class);
|
||||
|
||||
@Context
|
||||
protected HttpRequest request;
|
||||
protected final HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpResponse response;
|
||||
protected final HttpResponse response;
|
||||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
|
|
@ -55,6 +52,8 @@ public class ClientPoliciesResource {
|
|||
this.session = session;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.auth = auth;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.response = session.getContext().getContextObject(HttpResponse.class);
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ import javax.ws.rs.GET;
|
|||
import javax.ws.rs.PUT;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
|
|
@ -41,11 +40,9 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluato
|
|||
public class ClientProfilesResource {
|
||||
protected static final Logger logger = Logger.getLogger(ClientProfilesResource.class);
|
||||
|
||||
@Context
|
||||
protected HttpRequest request;
|
||||
protected final HttpRequest request;
|
||||
|
||||
@Context
|
||||
protected HttpResponse response;
|
||||
protected final HttpResponse response;
|
||||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
|
|
@ -56,6 +53,8 @@ public class ClientProfilesResource {
|
|||
this.session = session;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.auth = auth;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
this.response = session.getContext().getContextObject(HttpResponse.class);
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
|
|||
|
|
@ -52,7 +52,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -82,8 +81,7 @@ public class ComponentResource {
|
|||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public ComponentResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
|
||||
this.session = session;
|
||||
|
|
@ -91,6 +89,7 @@ public class ComponentResource {
|
|||
this.realm = session.getContext().getRealm();
|
||||
this.adminEvent = adminEvent.resource(ResourceType.COMPONENT);
|
||||
this.clientConnection = session.getContext().getConnection();
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin;
|
|||
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import javax.ws.rs.NotFoundException;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.util.ObjectUtil;
|
||||
import org.keycloak.events.admin.OperationType;
|
||||
import org.keycloak.events.admin.ResourceType;
|
||||
|
|
@ -237,9 +236,7 @@ public class GroupResource {
|
|||
public RoleMapperResource getRoleMappings() {
|
||||
AdminPermissionEvaluator.RequirePermissionCheck manageCheck = () -> auth.groups().requireManage(group);
|
||||
AdminPermissionEvaluator.RequirePermissionCheck viewCheck = () -> auth.groups().requireView(group);
|
||||
RoleMapperResource resource = new RoleMapperResource(session, auth, group, adminEvent, manageCheck, viewCheck);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
return resource;
|
||||
return new RoleMapperResource(session, auth, group, adminEvent, manageCheck, viewCheck);
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -42,7 +42,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -132,8 +131,7 @@ public class RealmAdminResource {
|
|||
|
||||
protected final ClientConnection connection;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public RealmAdminResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
|
||||
this.session = session;
|
||||
|
|
@ -141,6 +139,7 @@ public class RealmAdminResource {
|
|||
this.realm = session.getContext().getRealm();
|
||||
this.connection = session.getContext().getConnection();
|
||||
this.adminEvent = adminEvent.resource(ResourceType.REALM);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -174,9 +173,7 @@ public class RealmAdminResource {
|
|||
*/
|
||||
@Path("attack-detection")
|
||||
public AttackDetectionResource getAttackDetection() {
|
||||
AttackDetectionResource resource = new AttackDetectionResource(session, auth, adminEvent);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
return resource;
|
||||
return new AttackDetectionResource(session, auth, adminEvent);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -329,9 +326,7 @@ public class RealmAdminResource {
|
|||
*/
|
||||
@Path("components")
|
||||
public ComponentResource getComponents() {
|
||||
ComponentResource resource = new ComponentResource(session, auth, adminEvent);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
return resource;
|
||||
return new ComponentResource(session, auth, adminEvent);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -462,10 +457,7 @@ public class RealmAdminResource {
|
|||
*/
|
||||
@Path("users")
|
||||
public UsersResource users() {
|
||||
UsersResource users = new UsersResource(session, auth, adminEvent);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(users);
|
||||
//resourceContext.initResource(users);
|
||||
return users;
|
||||
return new UsersResource(session, auth, adminEvent);
|
||||
}
|
||||
|
||||
@NoCache
|
||||
|
|
@ -1092,16 +1084,12 @@ public class RealmAdminResource {
|
|||
@Path("client-policies/policies")
|
||||
public ClientPoliciesResource getClientPoliciesResource() {
|
||||
ProfileHelper.requireFeature(Profile.Feature.CLIENT_POLICIES);
|
||||
ClientPoliciesResource resource = new ClientPoliciesResource(session, auth);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
return resource;
|
||||
return new ClientPoliciesResource(session, auth);
|
||||
}
|
||||
|
||||
@Path("client-policies/profiles")
|
||||
public ClientProfilesResource getClientProfilesResource() {
|
||||
ProfileHelper.requireFeature(Profile.Feature.CLIENT_POLICIES);
|
||||
ClientProfilesResource resource = new ClientProfilesResource(session, auth);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
return resource;
|
||||
return new ClientProfilesResource(session, auth);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin;
|
|||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.ClientConnection;
|
||||
import org.keycloak.models.AdminRoles;
|
||||
import org.keycloak.models.ClientModel;
|
||||
|
|
@ -47,8 +46,6 @@ import javax.ws.rs.PathParam;
|
|||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.CacheControl;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.InputStream;
|
||||
|
|
@ -168,8 +165,7 @@ public class RealmsAdminResource {
|
|||
* @return
|
||||
*/
|
||||
@Path("{realm}")
|
||||
public RealmAdminResource getRealmAdmin(@Context final HttpHeaders headers,
|
||||
@PathParam("realm") final String name) {
|
||||
public RealmAdminResource getRealmAdmin(@PathParam("realm") final String name) {
|
||||
RealmManager realmManager = new RealmManager(session);
|
||||
RealmModel realm = realmManager.getRealmByName(name);
|
||||
if (realm == null) throw new NotFoundException("Realm not found.");
|
||||
|
|
@ -183,10 +179,7 @@ public class RealmsAdminResource {
|
|||
AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
RealmAdminResource adminResource = new RealmAdminResource(session, realmAuth, adminEvent);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
||||
//resourceContext.initResource(adminResource);
|
||||
return adminResource;
|
||||
return new RealmAdminResource(session, realmAuth, adminEvent);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,7 +47,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -87,8 +86,7 @@ public class RoleMapperResource {
|
|||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public RoleMapperResource(KeycloakSession session,
|
||||
AdminPermissionEvaluator auth,
|
||||
|
|
@ -104,6 +102,7 @@ public class RoleMapperResource {
|
|||
this.roleMapper = roleMapper;
|
||||
this.managePermission = manageCheck;
|
||||
this.viewPermission = viewCheck;
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin;
|
|||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.authentication.RequiredActionProvider;
|
||||
import org.keycloak.authentication.actiontoken.execactions.ExecuteActionsActionToken;
|
||||
import org.keycloak.common.ClientConnection;
|
||||
|
|
@ -92,7 +91,6 @@ import javax.ws.rs.PathParam;
|
|||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -140,8 +138,7 @@ public class UserResource {
|
|||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public UserResource(KeycloakSession session, UserModel user, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
|
||||
this.session = session;
|
||||
|
|
@ -150,6 +147,7 @@ public class UserResource {
|
|||
this.clientConnection = session.getContext().getConnection();
|
||||
this.user = user;
|
||||
this.adminEvent = adminEvent.resource(ResourceType.USER);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -581,10 +579,7 @@ public class UserResource {
|
|||
public RoleMapperResource getRoleMappings() {
|
||||
AdminPermissionEvaluator.RequirePermissionCheck manageCheck = () -> auth.users().requireMapRoles(user);
|
||||
AdminPermissionEvaluator.RequirePermissionCheck viewCheck = () -> auth.users().requireView(user);
|
||||
RoleMapperResource resource = new RoleMapperResource(session, auth, user, adminEvent, manageCheck, viewCheck);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
return resource;
|
||||
|
||||
return new RoleMapperResource(session, auth, user, adminEvent, manageCheck, viewCheck);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.keycloak.services.resources.admin;
|
|||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.common.ClientConnection;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.util.ObjectUtil;
|
||||
|
|
@ -31,7 +30,6 @@ import org.keycloak.models.ModelDuplicateException;
|
|||
import org.keycloak.models.ModelException;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.models.utils.ModelToRepresentation;
|
||||
import org.keycloak.models.utils.RepresentationToModel;
|
||||
import org.keycloak.policy.PasswordPolicyNotMetException;
|
||||
|
|
@ -91,8 +89,7 @@ public class UsersResource {
|
|||
|
||||
protected final KeycloakSession session;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public UsersResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) {
|
||||
this.session = session;
|
||||
|
|
@ -100,6 +97,7 @@ public class UsersResource {
|
|||
this.auth = auth;
|
||||
this.realm = session.getContext().getRealm();
|
||||
this.adminEvent = adminEvent.resource(ResourceType.USER);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -226,10 +224,8 @@ public class UsersResource {
|
|||
if (auth.users().canQuery()) throw new NotFoundException("User not found");
|
||||
else throw new ForbiddenException();
|
||||
}
|
||||
UserResource resource = new UserResource(session, user, auth, adminEvent);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(resource);
|
||||
//resourceContext.initResource(users);
|
||||
return resource;
|
||||
|
||||
return new UserResource(session, user, auth, adminEvent);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -52,7 +52,6 @@ import twitter4j.conf.ConfigurationBuilder;
|
|||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
|
|
@ -171,8 +170,7 @@ public class TwitterIdentityProvider extends AbstractIdentityProvider<OAuth2Iden
|
|||
|
||||
protected final ClientConnection clientConnection;
|
||||
|
||||
@Context
|
||||
protected HttpHeaders headers;
|
||||
protected final HttpHeaders headers;
|
||||
|
||||
public Endpoint(KeycloakSession session, AuthenticationCallback callback, EventBuilder event, TwitterIdentityProvider provider) {
|
||||
this.session = session;
|
||||
|
|
@ -181,6 +179,7 @@ public class TwitterIdentityProvider extends AbstractIdentityProvider<OAuth2Iden
|
|||
this.callback = callback;
|
||||
this.event = event;
|
||||
this.provider = provider;
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
@GET
|
||||
|
|
|
|||
|
|
@ -42,7 +42,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
|
|
@ -69,8 +68,7 @@ public class TestApplicationResourceProvider implements RealmResourceProvider {
|
|||
private final ConcurrentMap<String, ClientNotificationEndpointRequest> cibaClientNotifications;
|
||||
private final ConcurrentMap<String, String> intentClientBindings;
|
||||
|
||||
@Context
|
||||
HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
public TestApplicationResourceProvider(KeycloakSession session, BlockingQueue<LogoutAction> adminLogoutActions,
|
||||
BlockingQueue<LogoutToken> backChannelLogoutTokens,
|
||||
|
|
@ -91,6 +89,7 @@ public class TestApplicationResourceProvider implements RealmResourceProvider {
|
|||
this.authenticationChannelRequests = authenticationChannelRequests;
|
||||
this.cibaClientNotifications = cibaClientNotifications;
|
||||
this.intentClientBindings = intentClientBindings;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -17,9 +17,7 @@
|
|||
|
||||
package org.keycloak.testsuite.rest;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.Config.Scope;
|
||||
import org.keycloak.crypto.Algorithm;
|
||||
import org.keycloak.crypto.KeyType;
|
||||
import org.keycloak.crypto.KeyUse;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
|
|
@ -59,12 +57,8 @@ public class TestApplicationResourceProviderFactory implements RealmResourceProv
|
|||
|
||||
@Override
|
||||
public RealmResourceProvider create(KeycloakSession session) {
|
||||
TestApplicationResourceProvider provider = new TestApplicationResourceProvider(session, adminLogoutActions,
|
||||
return new TestApplicationResourceProvider(session, adminLogoutActions,
|
||||
backChannelLogoutTokens, frontChannelLogoutTokens, pushNotBeforeActions, testAvailabilityActions, oidcClientData, authenticationChannelRequests, cibaClientNotifications, intentClientBindings);
|
||||
|
||||
ResteasyProviderFactory.getInstance().injectProperties(provider);
|
||||
|
||||
return provider;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ package org.keycloak.testsuite.rest;
|
|||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.authorization.policy.evaluation.Realm;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.util.HtmlUtils;
|
||||
import org.keycloak.common.util.Time;
|
||||
|
|
@ -96,7 +95,6 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.Cookie;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.File;
|
||||
|
|
@ -126,8 +124,7 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
|||
private final KeycloakSession session;
|
||||
private final Map<String, TimerProvider.TimerTaskContext> suspendedTimerTasks;
|
||||
|
||||
@Context
|
||||
private HttpRequest request;
|
||||
private final HttpRequest request;
|
||||
|
||||
@Override
|
||||
public Object getResource() {
|
||||
|
|
@ -137,6 +134,7 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
|||
public TestingResourceProvider(KeycloakSession session, Map<String, TimerProvider.TimerTaskContext> suspendedTimerTasks) {
|
||||
this.session = session;
|
||||
this.suspendedTimerTasks = suspendedTimerTasks;
|
||||
this.request = session.getContext().getContextObject(HttpRequest.class);
|
||||
}
|
||||
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ package org.keycloak.testsuite.rest;
|
|||
import java.util.Map;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.Config.Scope;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
|
|
@ -37,9 +36,7 @@ public class TestingResourceProviderFactory implements RealmResourceProviderFact
|
|||
|
||||
@Override
|
||||
public RealmResourceProvider create(KeycloakSession session) {
|
||||
TestingResourceProvider testProvider = new TestingResourceProvider(session, suspendedTimerTasks);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(testProvider);
|
||||
return testProvider;
|
||||
return new TestingResourceProvider(session, suspendedTimerTasks);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
Loading…
Reference in a new issue