libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Trigger mass re-index of the sessions caches when the entity changes

Browse source 
Closes #32594

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
This commit is contained in:
Pedro Ruivo 2024-09-02 17:42:42 +01:00 committed by Alexander Schwartz
parent cd206b4dfe
commit 29c8060bda
2 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/remote/RemoteInfinispanAuthenticationSessionProviderFactory.java
View file

@ -43,7 +43,7 @@ import static org.keycloak.models.sessions.infinispan.InfinispanAuthenticationSe
public class RemoteInfinispanAuthenticationSessionProviderFactory implements AuthenticationSessionProviderFactory<RemoteInfinispanAuthenticationSessionProvider>, EnvironmentDependentProviderFactory {
private final static Logger logger = Logger.getLogger(MethodHandles.lookup().lookupClass());
private static final String PROTO_ENTITY = Marshalling.protoEntity(RootAuthenticationSessionEntity.class);
public static final String PROTO_ENTITY = Marshalling.protoEntity(RootAuthenticationSessionEntity.class);
private int authSessionsLimit;
private volatile RemoteCache<String, RootAuthenticationSessionEntity> cache;

20
quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/storage/legacy/infinispan/CacheManagerFactory.java
View file

@ -64,8 +64,10 @@ import org.keycloak.infinispan.util.InfinispanUtils;
import org.keycloak.marshalling.KeycloakIndexSchemaUtil;
import org.keycloak.marshalling.KeycloakModelSchema;
import org.keycloak.marshalling.Marshalling;
import org.keycloak.models.sessions.infinispan.RootAuthenticationSessionAdapter;
import org.keycloak.models.sessions.infinispan.entities.LoginFailureEntity;
import org.keycloak.models.sessions.infinispan.query.ClientSessionQueries;
import org.keycloak.models.sessions.infinispan.query.UserSessionQueries;
import org.keycloak.models.sessions.infinispan.remote.RemoteInfinispanAuthenticationSessionProviderFactory;
import org.keycloak.models.sessions.infinispan.remote.RemoteUserLoginFailureProviderFactory;
import org.keycloak.quarkus.runtime.configuration.Configuration;
import javax.net.ssl.SSLContext;
@ -245,13 +247,23 @@ public class CacheManagerFactory {
var newPS = KeycloakModelSchema.parseProtoSchema(newSchema);
var admin = remoteCacheManager.administration();
if (isEntityChanged(oldPS, newPS, Marshalling.protoEntity(LoginFailureEntity.class))) {
if (isEntityChanged(oldPS, newPS, RemoteUserLoginFailureProviderFactory.PROTO_ENTITY)) {
updateSchemaAndReIndexCache(admin, LOGIN_FAILURE_CACHE_NAME);
}
if (isEntityChanged(oldPS, newPS, Marshalling.protoEntity(RootAuthenticationSessionAdapter.class))) {
if (isEntityChanged(oldPS, newPS, RemoteInfinispanAuthenticationSessionProviderFactory.PROTO_ENTITY)) {
updateSchemaAndReIndexCache(admin, AUTHENTICATION_SESSIONS_CACHE_NAME);
}
if (isEntityChanged(oldPS, newPS, ClientSessionQueries.CLIENT_SESSION)) {
updateSchemaAndReIndexCache(admin, CLIENT_SESSION_CACHE_NAME);
updateSchemaAndReIndexCache(admin, OFFLINE_CLIENT_SESSION_CACHE_NAME);
}
if (isEntityChanged(oldPS, newPS, UserSessionQueries.USER_SESSION)) {
updateSchemaAndReIndexCache(admin, USER_SESSION_CACHE_NAME);
updateSchemaAndReIndexCache(admin, OFFLINE_USER_SESSION_CACHE_NAME);
}
}
private static boolean isEntityChanged(FileDescriptor oldSchema, FileDescriptor newSchema, String entity) {