libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #331 from patriot1burke/master

Browse source 
cleanup
This commit is contained in:
Bill Burke 2014-04-09 14:00:19 -04:00
commit 29a139f56b
17 changed files with 47 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/FreeMarkerAccount.java Normal file → Executable file
View file

@ -1,6 +1,6 @@
package org.keycloak.account.freemarker;
import org.jboss.resteasy.logging.Logger;
import org.jboss.logging.Logger;
import org.keycloak.account.Account;
import org.keycloak.account.AccountPages;
import org.keycloak.account.freemarker.model.AccountBean;

4
forms/common-freemarker/pom.xml
View file

@ -32,6 +32,10 @@
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>

2
forms/common-freemarker/src/main/java/org/keycloak/freemarker/ThemeLoader.java Normal file → Executable file
View file

@ -1,6 +1,6 @@
package org.keycloak.freemarker;
import org.jboss.resteasy.logging.Logger;
import org.jboss.logging.Logger;
import org.keycloak.models.Config;
import org.keycloak.util.ProviderLoader;

3
forms/login-api/src/main/java/org/keycloak/login/LoginFormsProvider.java Normal file → Executable file
View file

@ -1,6 +1,5 @@
package org.keycloak.login;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.models.RealmModel;
import javax.ws.rs.core.UriInfo;
@ -10,6 +9,6 @@ import javax.ws.rs.core.UriInfo;
*/
public interface LoginFormsProvider {
public LoginForms createForms(RealmModel realm, HttpRequest request, UriInfo uriInfo);
public LoginForms createForms(RealmModel realm, UriInfo uriInfo);
}

7
forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/FreeMarkerLoginForms.java
View file

@ -1,7 +1,6 @@
package org.keycloak.login.freemarker;
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.OAuth2Constants;
import org.keycloak.freemarker.FreeMarkerException;
import org.keycloak.freemarker.FreeMarkerUtil;
@ -62,18 +61,14 @@ public class FreeMarkerLoginForms implements LoginForms {
private RealmModel realm;
// TODO Remove
private HttpRequest request;
private UserModel user;
private ClientModel client;
private UriInfo uriInfo;
FreeMarkerLoginForms(RealmModel realm, org.jboss.resteasy.spi.HttpRequest request, UriInfo uriInfo) {
FreeMarkerLoginForms(RealmModel realm, UriInfo uriInfo) {
this.realm = realm;
this.request = request;
this.uriInfo = uriInfo;
}

5
forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.java Normal file → Executable file
View file

@ -1,6 +1,5 @@
package org.keycloak.login.freemarker;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.login.LoginForms;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.models.RealmModel;
@ -13,8 +12,8 @@ import javax.ws.rs.core.UriInfo;
public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
@Override
public LoginForms createForms(RealmModel realm, HttpRequest request, UriInfo uriInfo) {
return new FreeMarkerLoginForms(realm, request, uriInfo);
public LoginForms createForms(RealmModel realm, UriInfo uriInfo) {
return new FreeMarkerLoginForms(realm, uriInfo);
}
}

25
services/src/main/java/org/keycloak/services/filters/KeycloakSessionCleanupFilter.java
View file

@ -1,25 +0,0 @@
package org.keycloak.services.filters;
import org.jboss.resteasy.logging.Logger;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.models.KeycloakSession;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import java.io.IOException;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@Deprecated
public class KeycloakSessionCleanupFilter implements ContainerResponseFilter {
protected static final Logger logger = Logger.getLogger(KeycloakSessionCleanupFilter.class);
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
KeycloakSession ctx = ResteasyProviderFactory.getContextData(KeycloakSession.class);
if (ctx != null) ctx.close();
}
}

33
services/src/main/java/org/keycloak/services/filters/KeycloakSessionCreateFilter.java
View file

@ -1,33 +0,0 @@
package org.keycloak.services.filters;
import org.jboss.resteasy.logging.Logger;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.PreMatching;
import java.io.IOException;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@PreMatching
@Deprecated
public class KeycloakSessionCreateFilter implements ContainerRequestFilter {
protected static final Logger logger = Logger.getLogger(KeycloakSessionCreateFilter.class);
protected KeycloakSessionFactory factory;
public KeycloakSessionCreateFilter(KeycloakSessionFactory factory) {
this.factory = factory;
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
KeycloakSession ctx = factory.createSession();
ResteasyProviderFactory.pushContext(KeycloakSession.class, ctx);
}
}

2
services/src/main/java/org/keycloak/services/resources/AccountService.java
View file

@ -171,7 +171,7 @@ public class AccountService {
try {
require(AccountRoles.MANAGE_ACCOUNT);
} catch (ForbiddenException e) {
return Flows.forms(realm, request, uriInfo).setError("No access").createErrorPage();
return Flows.forms(realm, uriInfo).setError("No access").createErrorPage();
}
String[] referrer = getReferrer();

20
services/src/main/java/org/keycloak/services/resources/RequiredActionsService.java
View file

@ -113,7 +113,7 @@ public class RequiredActionsService {
String error = Validation.validateUpdateProfileForm(formData);
if (error != null) {
return Flows.forms(realm, request, uriInfo).setUser(user).setError(error).createResponse(RequiredAction.UPDATE_PROFILE);
return Flows.forms(realm, uriInfo).setUser(user).setError(error).createResponse(RequiredAction.UPDATE_PROFILE);
}
user.setFirstName(formData.getFirst("firstName"));
@ -153,7 +153,7 @@ public class RequiredActionsService {
String totp = formData.getFirst("totp");
String totpSecret = formData.getFirst("totpSecret");
LoginForms loginForms = Flows.forms(realm, request, uriInfo).setUser(user);
LoginForms loginForms = Flows.forms(realm, uriInfo).setUser(user);
if (Validation.isEmpty(totp)) {
return loginForms.setError(Messages.MISSING_TOTP).createResponse(RequiredAction.CONFIGURE_TOTP);
} else if (!new TimeBasedOTP().validate(totp, totpSecret.getBytes())) {
@ -194,7 +194,7 @@ public class RequiredActionsService {
String passwordNew = formData.getFirst("password-new");
String passwordConfirm = formData.getFirst("password-confirm");
LoginForms loginForms = Flows.forms(realm, request, uriInfo).setUser(user);
LoginForms loginForms = Flows.forms(realm, uriInfo).setUser(user);
if (Validation.isEmpty(passwordNew)) {
return loginForms.setError(Messages.MISSING_PASSWORD).createResponse(RequiredAction.UPDATE_PASSWORD);
} else if (!passwordNew.equals(passwordConfirm)) {
@ -254,7 +254,7 @@ public class RequiredActionsService {
initAudit(accessCode);
//audit.clone().event(Events.SEND_VERIFY_EMAIL).detail(Details.EMAIL, accessCode.getUser().getEmail()).success();
return Flows.forms(realm, request, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).setUser(accessCode.getUser())
return Flows.forms(realm, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).setUser(accessCode.getUser())
.createResponse(RequiredAction.VERIFY_EMAIL);
}
}
@ -270,9 +270,9 @@ public class RequiredActionsService {
return unauthorized();
}
return Flows.forms(realm, request, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).createResponse(RequiredAction.UPDATE_PASSWORD);
return Flows.forms(realm, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).createResponse(RequiredAction.UPDATE_PASSWORD);
} else {
return Flows.forms(realm, request, uriInfo).createPasswordReset();
return Flows.forms(realm, uriInfo).createPasswordReset();
}
}
@ -328,11 +328,11 @@ public class RequiredActionsService {
audit.user(user).detail(Details.EMAIL, user.getEmail()).detail(Details.CODE_ID, accessCode.getId()).success();
} catch (EmailException e) {
logger.error("Failed to send password reset email", e);
return Flows.forms(realm, request, uriInfo).setError("emailSendError").createErrorPage();
return Flows.forms(realm, uriInfo).setError("emailSendError").createErrorPage();
}
}
return Flows.forms(realm, request, uriInfo).setSuccess("emailSent").createPasswordReset();
return Flows.forms(realm, uriInfo).setSuccess("emailSent").createPasswordReset();
}
private AccessCodeEntry getAccessCodeEntry(RequiredAction requiredAction) {
@ -389,7 +389,7 @@ public class RequiredActionsService {
Set<RequiredAction> requiredActions = user.getRequiredActions();
if (!requiredActions.isEmpty()) {
return Flows.forms(realm, request, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).setUser(user)
return Flows.forms(realm, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).setUser(user)
.createResponse(requiredActions.iterator().next());
} else {
logger.debug("redirectOauth: redirecting to: {0}", accessCode.getRedirectUri());
@ -419,7 +419,7 @@ public class RequiredActionsService {
}
private Response unauthorized() {
return Flows.forms(realm, request, uriInfo).setError("Unauthorized request").createErrorPage();
return Flows.forms(realm, uriInfo).setError("Unauthorized request").createErrorPage();
}
}

12
services/src/main/java/org/keycloak/services/resources/SocialResource.java
View file

@ -174,7 +174,7 @@ public class SocialResource {
queryParms.putSingle(OAuth2Constants.RESPONSE_TYPE, responseType);
audit.error(Errors.REJECTED_BY_USER);
return Flows.forms(realm, request, uriInfo).setQueryParams(queryParms).setWarning("Access denied").createLogin();
return Flows.forms(realm, uriInfo).setQueryParams(queryParms).setWarning("Access denied").createLogin();
} catch (SocialProviderException e) {
logger.error("Failed to process social callback", e);
return oauth.forwardToSecurityFailure("Failed to process social callback");
@ -273,25 +273,25 @@ public class SocialResource {
SocialProvider provider = SocialLoader.load(providerId);
if (provider == null) {
audit.error(Errors.SOCIAL_PROVIDER_NOT_FOUND);
return Flows.forms(realm, request, uriInfo).setError("Social provider not found").createErrorPage();
return Flows.forms(realm, uriInfo).setError("Social provider not found").createErrorPage();
}
ClientModel client = realm.findClient(clientId);
if (client == null) {
audit.error(Errors.CLIENT_NOT_FOUND);
logger.warn("Unknown login requester: " + clientId);
return Flows.forms(realm, request, uriInfo).setError("Unknown login requester.").createErrorPage();
return Flows.forms(realm, uriInfo).setError("Unknown login requester.").createErrorPage();
}
if (!client.isEnabled()) {
audit.error(Errors.CLIENT_DISABLED);
logger.warn("Login requester not enabled.");
return Flows.forms(realm, request, uriInfo).setError("Login requester not enabled.").createErrorPage();
return Flows.forms(realm, uriInfo).setError("Login requester not enabled.").createErrorPage();
}
redirectUri = TokenService.verifyRedirectUri(redirectUri, client);
if (redirectUri == null) {
audit.error(Errors.INVALID_REDIRECT_URI);
return Flows.forms(realm, request, uriInfo).setError("Invalid redirect_uri.").createErrorPage();
return Flows.forms(realm, uriInfo).setError("Invalid redirect_uri.").createErrorPage();
}
try {
@ -302,7 +302,7 @@ public class SocialResource {
.putClientAttribute("responseType", responseType).redirectToSocialProvider();
} catch (Throwable t) {
logger.error("Failed to redirect to social auth", t);
return Flows.forms(realm, request, uriInfo).setError("Failed to redirect to social auth").createErrorPage();
return Flows.forms(realm, uriInfo).setError("Failed to redirect to social auth").createErrorPage();
}
}

18
services/src/main/java/org/keycloak/services/resources/TokenService.java
View file

@ -303,15 +303,15 @@ public class TokenService {
return oauth.processAccessCode(scopeParam, state, redirect, client, user, username, remember, "form", audit);
case ACCOUNT_DISABLED:
audit.error(Errors.USER_DISABLED);
return Flows.forms(realm, request, uriInfo).setError(Messages.ACCOUNT_DISABLED).setFormData(formData).createLogin();
return Flows.forms(realm, uriInfo).setError(Messages.ACCOUNT_DISABLED).setFormData(formData).createLogin();
case MISSING_TOTP:
return Flows.forms(realm, request, uriInfo).setFormData(formData).createLoginTotp();
return Flows.forms(realm, uriInfo).setFormData(formData).createLoginTotp();
case INVALID_USER:
audit.error(Errors.USER_NOT_FOUND);
return Flows.forms(realm, request, uriInfo).setError(Messages.INVALID_USER).setFormData(formData).createLogin();
return Flows.forms(realm, uriInfo).setError(Messages.INVALID_USER).setFormData(formData).createLogin();
default:
audit.error(Errors.INVALID_USER_CREDENTIALS);
return Flows.forms(realm, request, uriInfo).setError(Messages.INVALID_USER).setFormData(formData).createLogin();
return Flows.forms(realm, uriInfo).setError(Messages.INVALID_USER).setFormData(formData).createLogin();
}
}
@ -384,7 +384,7 @@ public class TokenService {
if (error != null) {
audit.error(Errors.INVALID_REGISTRATION);
return Flows.forms(realm, request, uriInfo).setError(error).setFormData(formData).createRegistration();
return Flows.forms(realm, uriInfo).setError(error).setFormData(formData).createRegistration();
}
AuthenticationProviderManager authenticationProviderManager = AuthenticationProviderManager.getManager(realm, providerSession);
@ -392,7 +392,7 @@ public class TokenService {
// Validate that user with this username doesn't exist in realm or any authentication provider
if (realm.getUser(username) != null || authenticationProviderManager.getUser(username) != null) {
audit.error(Errors.USERNAME_IN_USE);
return Flows.forms(realm, request, uriInfo).setError(Messages.USERNAME_EXISTS).setFormData(formData).createRegistration();
return Flows.forms(realm, uriInfo).setError(Messages.USERNAME_EXISTS).setFormData(formData).createRegistration();
}
UserModel user = realm.addUser(username);
@ -420,7 +420,7 @@ public class TokenService {
// User already registered, but force him to update password
if (!passwordUpdateSuccessful) {
user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
return Flows.forms(realm, request, uriInfo).setError(passwordUpdateError).createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
return Flows.forms(realm, uriInfo).setError(passwordUpdateError).createResponse(UserModel.RequiredAction.UPDATE_PASSWORD);
}
}
@ -636,7 +636,7 @@ public class TokenService {
return oauth.redirectError(client, "access_denied", state, redirect);
}
logger.info("createLogin() now...");
return Flows.forms(realm, request, uriInfo).createLogin();
return Flows.forms(realm, uriInfo).createLogin();
}
@Path("registrations")
@ -686,7 +686,7 @@ public class TokenService {
authManager.expireIdentityCookie(realm, uriInfo);
return Flows.forms(realm, request, uriInfo).createRegistration();
return Flows.forms(realm, uriInfo).createRegistration();
}
@Path("logout")

3
services/src/main/java/org/keycloak/services/resources/admin/AdminService.java
View file

@ -20,7 +20,6 @@ import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.Auth;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.TokenManager;
import org.keycloak.services.resources.RealmsResource;
import org.keycloak.services.resources.TokenService;
import org.keycloak.services.resources.flows.Flows;
@ -320,7 +319,7 @@ public class AdminService {
public Response errorOnLoginRedirect(@QueryParam ("error") String message) {
RealmManager realmManager = new RealmManager(session);
RealmModel realm = getAdminstrationRealm(realmManager);
return Flows.forms(realm, request, uriInfo).setError(message).createErrorPage();
return Flows.forms(realm, uriInfo).setError(message).createErrorPage();
}
protected Response redirectOnLoginError(String message) {

4
services/src/main/java/org/keycloak/services/resources/flows/Flows.java
View file

@ -40,8 +40,8 @@ public class Flows {
private Flows() {
}
public static LoginForms forms(RealmModel realm, HttpRequest request, UriInfo uriInfo) {
return LoginFormsLoader.load().createForms(realm, request, uriInfo);
public static LoginForms forms(RealmModel realm, UriInfo uriInfo) {
return LoginFormsLoader.load().createForms(realm, uriInfo);
}
public static OAuthFlows oauth(RealmModel realm, HttpRequest request, UriInfo uriInfo, AuthenticationManager authManager,

10
services/src/main/java/org/keycloak/services/resources/flows/OAuthFlows.java
View file

@ -83,7 +83,7 @@ public class OAuthFlows {
String code = accessCode.getCode();
if (Constants.INSTALLED_APP_URN.equals(redirect)) {
return Flows.forms(realm, request, uriInfo).setAccessCode(accessCode.getId(), code).createCode();
return Flows.forms(realm, uriInfo).setAccessCode(accessCode.getId(), code).createCode();
} else {
UriBuilder redirectUri = UriBuilder.fromUri(redirect).queryParam(OAuth2Constants.CODE, code);
log.debug("redirectAccessCode: state: {0}", state);
@ -99,7 +99,7 @@ public class OAuthFlows {
public Response redirectError(ClientModel client, String error, String state, String redirect) {
if (Constants.INSTALLED_APP_URN.equals(redirect)) {
return Flows.forms(realm, request, uriInfo).setError(error).createCode();
return Flows.forms(realm, uriInfo).setError(error).createCode();
} else {
UriBuilder redirectUri = UriBuilder.fromUri(redirect).queryParam(OAuth2Constants.ERROR, error);
if (state != null) {
@ -141,14 +141,14 @@ public class OAuthFlows {
audit.clone().event(Events.SEND_VERIFY_EMAIL).detail(Details.EMAIL, accessCode.getUser().getEmail()).success();
}
return Flows.forms(realm, request, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).setUser(user)
return Flows.forms(realm, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).setUser(user)
.createResponse(action);
}
if (!isResource
&& (accessCode.getRealmRolesRequested().size() > 0 || accessCode.getResourceRolesRequested().size() > 0)) {
accessCode.setExpiration(Time.currentTime() + realm.getAccessCodeLifespanUserAction());
return Flows.forms(realm, request, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).
return Flows.forms(realm, uriInfo).setAccessCode(accessCode.getId(), accessCode.getCode()).
setAccessRequest(accessCode.getRealmRolesRequested(), accessCode.getResourceRolesRequested()).
setClient(client).createOAuthGrant();
}
@ -162,7 +162,7 @@ public class OAuthFlows {
}
public Response forwardToSecurityFailure(String message) {
return Flows.forms(realm, request, uriInfo).setError(message).createErrorPage();
return Flows.forms(realm, uriInfo).setError(message).createErrorPage();
}
private void isTotpConfigurationRequired(UserModel user) {

2
services/src/test/java/org/keycloak/test/RealmKeyGenerator.java
View file

@ -2,7 +2,7 @@ package org.keycloak.test;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMWriter;
import org.jboss.resteasy.security.PemUtils;
import org.keycloak.util.PemUtils;
import java.io.IOException;
import java.io.StringWriter;

2
testsuite/integration/src/test/java/org/keycloak/testsuite/forms/AuthProvidersIntegrationTest.java Normal file → Executable file
View file

@ -3,6 +3,7 @@ package org.keycloak.testsuite.forms;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.RuleChain;
@ -217,6 +218,7 @@ public class AuthProvidersIntegrationTest {
}
@Test
@Ignore
public void registerUserLdapSuccess() {
loginPage.open();
loginPage.clickRegister();