libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Update subsystem code to reflect latest standards

Browse source
This commit is contained in:
Tomaz Cerar 2015-04-21 16:50:59 +02:00 committed by Marko Strukelj
parent 9a17658f84
commit 355c440c3d
23 changed files with 102 additions and 266 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/CredentialAddHandler.java
View file

@ -21,11 +21,7 @@ import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
/**
* Add a credential to a deployment.
@ -39,7 +35,7 @@ public class CredentialAddHandler extends AbstractAddStepHandler {
}
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.addCredential(operation, context.resolveExpressions(model));
}

1
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/CredentialDefinition.java
View file

@ -36,7 +36,6 @@ public class CredentialDefinition extends SimpleResourceDefinition {
protected static final AttributeDefinition VALUE =
new SimpleAttributeDefinitionBuilder("value", ModelType.STRING, false)
.setXmlName("value")
.setAllowExpression(true)
.setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, false, true))
.build();

10
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/KeycloakExtension.java
View file

@ -16,6 +16,7 @@
*/
package org.keycloak.subsystem.extension;
import org.jboss.as.controller.ModelVersion;
import org.keycloak.subsystem.extension.authserver.AuthServerDefinition;
import org.jboss.as.controller.Extension;
import org.jboss.as.controller.ExtensionContext;
@ -42,10 +43,8 @@ public class KeycloakExtension implements Extension {
private static final KeycloakSubsystemParser PARSER = new KeycloakSubsystemParser();
static final PathElement PATH_SUBSYSTEM = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
private static final String RESOURCE_NAME = KeycloakExtension.class.getPackage().getName() + ".LocalDescriptions";
private static final int MANAGEMENT_API_MAJOR_VERSION = 1;
private static final int MANAGEMENT_API_MINOR_VERSION = 0;
private static final int MANAGEMENT_API_MICRO_VERSION = 0;
protected static final PathElement SUBSYSTEM_PATH = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
private static final ModelVersion MGMT_API_VERSION = ModelVersion.create(1,0,0);
static final PathElement SUBSYSTEM_PATH = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
private static final ResourceDefinition KEYCLOAK_SUBSYSTEM_RESOURCE = new KeycloakSubsystemDefinition();
static final AuthServerDefinition AUTH_SERVER_DEFINITION = new AuthServerDefinition();
static final RealmDefinition REALM_DEFINITION = new RealmDefinition();
@ -74,8 +73,7 @@ public class KeycloakExtension implements Extension {
@Override
public void initialize(final ExtensionContext context) {
KeycloakLogger.ROOT_LOGGER.debug("Activating Keycloak Extension");
final SubsystemRegistration subsystem = context.registerSubsystem(SUBSYSTEM_NAME, MANAGEMENT_API_MAJOR_VERSION,
MANAGEMENT_API_MINOR_VERSION, MANAGEMENT_API_MICRO_VERSION);
final SubsystemRegistration subsystem = context.registerSubsystem(SUBSYSTEM_NAME, MGMT_API_VERSION);
ManagementResourceRegistration registration = subsystem.registerSubsystemModel(KEYCLOAK_SUBSYSTEM_RESOURCE);
registration.registerSubModel(AUTH_SERVER_DEFINITION);

19
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/KeycloakSubsystemAdd.java
View file

@ -19,16 +19,11 @@ package org.keycloak.subsystem.extension;
import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.server.AbstractDeploymentChainStep;
import org.jboss.as.server.DeploymentProcessorTarget;
import org.jboss.as.server.deployment.Phase;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.server.deployment.DeploymentUnitProcessor;
import org.keycloak.subsystem.extension.authserver.KeycloakServerDeploymentProcessor;
@ -42,14 +37,7 @@ class KeycloakSubsystemAdd extends AbstractBoottimeAddStepHandler {
static final KeycloakSubsystemAdd INSTANCE = new KeycloakSubsystemAdd();
@Override
protected void populateModel(OperationContext context, ModelNode operation, Resource resource) throws OperationFailedException {
resource.getModel().setEmptyObject();
}
@Override
protected void performBoottime(final OperationContext context, ModelNode operation, final ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) {
protected void performBoottime(final OperationContext context, ModelNode operation, final ModelNode model) {
context.addStep(new AbstractDeploymentChainStep() {
@Override
protected void execute(DeploymentProcessorTarget processorTarget) {
@ -73,9 +61,4 @@ class KeycloakSubsystemAdd extends AbstractBoottimeAddStepHandler {
private DeploymentUnitProcessor chooseConfigDeploymentProcessor() {
return new KeycloakAdapterConfigDeploymentProcessor();
}
@Override
protected boolean requiresRuntimeVerification() {
return false;
}
}

4
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/KeycloakSubsystemDefinition.java
View file

@ -17,10 +17,8 @@
package org.keycloak.subsystem.extension;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.ReloadRequiredRemoveStepHandler;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.operations.common.GenericSubsystemDescribeHandler;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
@ -31,7 +29,7 @@ import org.jboss.as.controller.registry.ManagementResourceRegistration;
*/
public class KeycloakSubsystemDefinition extends SimpleResourceDefinition {
protected KeycloakSubsystemDefinition() {
super(PathElement.pathElement(ModelDescriptionConstants.SUBSYSTEM, KeycloakExtension.SUBSYSTEM_NAME),
super(KeycloakExtension.SUBSYSTEM_PATH,
KeycloakExtension.getResourceDescriptionResolver("subsystem"),
KeycloakSubsystemAdd.INSTANCE,
ReloadRequiredRemoveStepHandler.INSTANCE

14
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/RealmAddHandler.java
View file

@ -21,14 +21,7 @@ import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
/**
* Add a new realm.
@ -43,11 +36,6 @@ public final class RealmAddHandler extends AbstractAddStepHandler {
@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
// TODO: localize exception. get id number
if (!operation.get(OP).asString().equals(ADD)) {
throw new OperationFailedException("Unexpected operation for add realm. operation=" + operation.toString());
}
for (AttributeDefinition attrib : RealmDefinition.ALL_ATTRIBUTES) {
attrib.validateAndSet(operation, model);
}
@ -59,7 +47,7 @@ public final class RealmAddHandler extends AbstractAddStepHandler {
}
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.addRealm(operation, context.resolveExpressions(model));
}

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/RealmDefinition.java
View file

@ -33,7 +33,7 @@ import java.util.Map;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class RealmDefinition extends SimpleResourceDefinition {
class RealmDefinition extends SimpleResourceDefinition {
public static final String TAG_NAME = "realm";

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/RealmRemoveHandler.java
View file

@ -27,7 +27,7 @@ import org.jboss.dmr.ModelNode;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class RealmRemoveHandler extends AbstractRemoveStepHandler {
final class RealmRemoveHandler extends AbstractRemoveStepHandler {
public static RealmRemoveHandler INSTANCE = new RealmRemoveHandler();

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/RealmWriteAttributeHandler.java
View file

@ -30,7 +30,7 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class RealmWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
class RealmWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
public RealmWriteAttributeHandler(List<AttributeDefinition> definitions) {
this(definitions.toArray(new AttributeDefinition[definitions.size()]));

26
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/SecureDeploymentAddHandler.java
View file

@ -18,43 +18,25 @@
package org.keycloak.subsystem.extension;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.ServiceController;
import java.util.List;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.OP;
/**
* Add a deployment to a realm.
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class SecureDeploymentAddHandler extends AbstractAddStepHandler {
final class SecureDeploymentAddHandler extends AbstractAddStepHandler {
public static SecureDeploymentAddHandler INSTANCE = new SecureDeploymentAddHandler();
private SecureDeploymentAddHandler() {}
@Override
protected void populateModel(ModelNode operation, ModelNode model) throws OperationFailedException {
// TODO: localize exception. get id number
if (!operation.get(OP).asString().equals(ADD)) {
throw new OperationFailedException("Unexpected operation for add secure deployment. operation=" + operation.toString());
}
for (AttributeDefinition attr : SecureDeploymentDefinition.ALL_ATTRIBUTES) {
attr.validateAndSet(operation, model);
}
private SecureDeploymentAddHandler() {
super(SecureDeploymentDefinition.ALL_ATTRIBUTES);
}
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model, ServiceVerificationHandler verificationHandler, List<ServiceController<?>> newControllers) throws OperationFailedException {
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
KeycloakAdapterConfigService ckService = KeycloakAdapterConfigService.getInstance();
ckService.addSecureDeployment(operation, context.resolveExpressions(model));
}

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/SecureDeploymentDefinition.java
View file

@ -37,7 +37,7 @@ import java.util.Map;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class SecureDeploymentDefinition extends SimpleResourceDefinition {
class SecureDeploymentDefinition extends SimpleResourceDefinition {
public static final String TAG_NAME = "secure-deployment";

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/SecureDeploymentRemoveHandler.java
View file

@ -27,7 +27,7 @@ import org.jboss.dmr.ModelNode;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public final class SecureDeploymentRemoveHandler extends AbstractRemoveStepHandler {
final class SecureDeploymentRemoveHandler extends AbstractRemoveStepHandler {
public static SecureDeploymentRemoveHandler INSTANCE = new SecureDeploymentRemoveHandler();

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/SecureDeploymentWriteAttributeHandler.java
View file

@ -31,7 +31,7 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class SecureDeploymentWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
class SecureDeploymentWriteAttributeHandler extends AbstractWriteAttributeHandler<KeycloakAdapterConfigService> {
public SecureDeploymentWriteAttributeHandler(List<SimpleAttributeDefinition> definitions) {
this(definitions.toArray(new AttributeDefinition[definitions.size()]));

5
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/SharedAttributeDefinitons.java
View file

@ -31,7 +31,7 @@ import java.util.List;
*
* @author Stan Silvert ssilvert@redhat.com (C) 2013 Red Hat Inc.
*/
public class SharedAttributeDefinitons {
class SharedAttributeDefinitons {
protected static final SimpleAttributeDefinition REALM_PUBLIC_KEY =
new SimpleAttributeDefinitionBuilder("realm-public-key", ModelType.STRING, true)
@ -120,7 +120,6 @@ public class SharedAttributeDefinitons {
.build();
protected static final SimpleAttributeDefinition CORS_ALLOWED_METHODS =
new SimpleAttributeDefinitionBuilder("cors-allowed-methods", ModelType.STRING, true)
.setXmlName("cors-allowed-methods")
.setAllowExpression(true)
.setValidator(new StringLengthValidator(1, Integer.MAX_VALUE, true, true))
.build();
@ -210,7 +209,7 @@ public class SharedAttributeDefinitons {
if (isSet(attributes, SSL_REQUIRED) && attributes.get(SSL_REQUIRED.getName()).asString().equals("none")) {
return true;
}
//TODO, look into alternatives & requires properties on AttributeDefinition
return isSet(attributes, TRUSTSTORE) && isSet(attributes, TRUSTSTORE_PASSWORD);
}

73
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/authserver/AbstractAddOverlayHandler.java
View file

@ -16,59 +16,62 @@
*/
package org.keycloak.subsystem.extension.authserver;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.REMOVE;
import static org.keycloak.subsystem.extension.authserver.AuthServerUtil.getHandler;
import java.util.Set;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.ProcessType;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ADD;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.REMOVE;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import static org.keycloak.subsystem.extension.authserver.AuthServerUtil.getHandler;
/**
* Base class for operations that create overlays for an auth server.
*
* @author Stan Silvert ssilvert@redhat.com (C) 2014 Red Hat Inc.
*/
public abstract class AbstractAddOverlayHandler implements OperationStepHandler {
public abstract class AbstractAddOverlayHandler extends AbstractAddStepHandler{
protected static final String UPLOADED_FILE_OP_NAME = "uploaded-file-name";
protected static final SimpleAttributeDefinition BYTES_TO_UPLOAD
= new SimpleAttributeDefinitionBuilder("bytes-to-upload", ModelType.BYTES, false)
protected static final SimpleAttributeDefinition UPLOADED_FILE_NAME =new SimpleAttributeDefinitionBuilder(UPLOADED_FILE_OP_NAME, ModelType.STRING, false)
.setAllowExpression(false)
.setAllowNull(false)
.build();
protected static final SimpleAttributeDefinition BYTES_TO_UPLOAD= new SimpleAttributeDefinitionBuilder("bytes-to-upload", ModelType.BYTES, false)
.setAllowExpression(false)
.build();
static final SimpleAttributeDefinition REDEPLOY_SERVER =
new SimpleAttributeDefinitionBuilder("redeploy", ModelType.BOOLEAN, true)
.setXmlName("redeploy")
.setAllowExpression(true)
.setDefaultValue(new ModelNode(false))
.build();
protected static final SimpleAttributeDefinition OVERWRITE =
new SimpleAttributeDefinitionBuilder("overwrite", ModelType.BOOLEAN, true)
.setXmlName("overwrite")
.setAllowExpression(true)
.setDefaultValue(new ModelNode(false))
.build();
@Override
public void execute(final OperationContext context, final ModelNode operation) throws OperationFailedException {
//System.out.println("*** execute operation ***");
//System.out.println(scrub(operation));
public AbstractAddOverlayHandler() {
super(AddProviderHandler.DEFINITION.getParameters());
}
String uploadFileName = operation.get(UPLOADED_FILE_OP_NAME).asString();
boolean isRedeploy = isRedeploy(context, operation);
boolean isOverwrite = getBooleanFromOperation(operation, OVERWRITE);
@Override
protected void performRuntime(OperationContext context, ModelNode operation, ModelNode model) throws OperationFailedException {
final String uploadFileName = UPLOADED_FILE_NAME.resolveModelAttribute(context, model).asString();
final boolean isRedeploy = isRedeploy(context, operation);
final boolean isOverwrite = OVERWRITE.resolveModelAttribute(context, model).asBoolean();
String overlayPath = getOverlayPath(uploadFileName);
String overlayName = AuthServerUtil.getOverlayName(operation);
@ -95,10 +98,10 @@ public abstract class AbstractAddOverlayHandler implements OperationStepHandler
}
}
addContent(context, overlayAddress, operation.get(BYTES_TO_UPLOAD.getName()).asBytes(), overlayPath);
addContent(context, overlayAddress, BYTES_TO_UPLOAD.resolveModelAttribute(context, model).asBytes(), overlayPath);
if (isRedeploy) AuthServerUtil.addStepToRedeployAuthServer(context, deploymentName);
if (!isRedeploy) context.restartRequired();
if (isRedeploy) { AuthServerUtil.addStepToRedeployAuthServer(context, deploymentName); }
if (!isRedeploy) { context.restartRequired(); }
context.completeStep(OperationContext.ResultHandler.NOOP_RESULT_HANDLER);
}
@ -108,8 +111,8 @@ public abstract class AbstractAddOverlayHandler implements OperationStepHandler
context.addStep(operation, getHandler(context, contentAddress, REMOVE), OperationContext.Stage.MODEL);
}
static boolean isRedeploy(OperationContext context, ModelNode operation) {
return isAuthServerEnabled(context) && getBooleanFromOperation(operation, REDEPLOY_SERVER);
static boolean isRedeploy(OperationContext context, ModelNode model) throws OperationFailedException {
return isAuthServerEnabled(context) && REDEPLOY_SERVER.resolveModelAttribute(context, model).asBoolean();
}
private boolean isHostController(OperationContext context) {
@ -141,7 +144,7 @@ public abstract class AbstractAddOverlayHandler implements OperationStepHandler
// only call this if context.getProcessType() == ProcessType.HOST_CONTROLLER
private void addOverlayToServerGroups(OperationContext context, PathAddress overlayAddress, ModelNode operation, String overlayName) {
String myProfile = findMyProfile(operation);
String myProfile = context.getCurrentAddressValue();
for (String serverGroup : getServerGroupNames(context)) {
PathAddress address = PathAddress.pathAddress("server-group", serverGroup);
ModelNode serverGroupModel = context.readResourceFromRoot(address).getModel();
@ -156,12 +159,6 @@ public abstract class AbstractAddOverlayHandler implements OperationStepHandler
}
}
// only call this if context.getProcessType() == ProcessType.HOST_CONTROLLER
private String findMyProfile(ModelNode operation) {
PathAddress address = PathAddress.pathAddress(operation.get("address"));
return address.getElement(0).getValue();
}
private Set<String> getServerGroupNames(OperationContext context) {
return context.readResourceFromRoot(PathAddress.EMPTY_ADDRESS).getChildrenNames("server-group");
}
@ -183,21 +180,9 @@ public abstract class AbstractAddOverlayHandler implements OperationStepHandler
context.addStep(operation, getHandler(context, address, ADD), OperationContext.Stage.MODEL);
}
private static boolean isAuthServerEnabled(OperationContext context) {
boolean defaultValue = AuthServerDefinition.ENABLED.getDefaultValue().asBoolean();
private static boolean isAuthServerEnabled(OperationContext context) throws OperationFailedException {
ModelNode authServerModel = context.readResource(PathAddress.EMPTY_ADDRESS).getModel().clone();
String attrName = AuthServerDefinition.ENABLED.getName();
if (!authServerModel.get(attrName).isDefined()) return defaultValue;
return authServerModel.get(attrName).asBoolean();
}
private static boolean getBooleanFromOperation(ModelNode operation, SimpleAttributeDefinition definition) {
boolean defaultValue = definition.getDefaultValue().asBoolean();
if (!operation.get(definition.getName()).isDefined()) {
return defaultValue;
} else {
return operation.get(definition.getName()).asBoolean();
}
return AuthServerDefinition.ENABLED.resolveModelAttribute(context, authServerModel).asBoolean();
}
// used for debugging
@ -215,7 +200,7 @@ public abstract class AbstractAddOverlayHandler implements OperationStepHandler
/**
* Get the WAR path where the overlay will live.
*
* @param file The name of the file being uploaded.
* @param fileName The name of the file being uploaded.
* @return The overlay path as a String.
*/
abstract String getOverlayPath(String fileName);

15
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/authserver/AddProviderHandler.java
View file

@ -18,11 +18,7 @@
package org.keycloak.subsystem.extension.authserver;
import org.jboss.as.controller.OperationDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
/**
* Operation to add a provider jar to WEB-INF/lib.
@ -33,15 +29,6 @@ public class AddProviderHandler extends AbstractAddOverlayHandler {
public static final String OP = "add-provider";
public static final AddProviderHandler INSTANCE = new AddProviderHandler();
protected static final SimpleAttributeDefinition UPLOADED_FILE_NAME =
new SimpleAttributeDefinitionBuilder(UPLOADED_FILE_OP_NAME, ModelType.STRING, false)
.setAllowExpression(false)
.setAllowNull(false)
.setDefaultValue(new ModelNode().set("myprovider.jar"))
.build();
public static OperationDefinition DEFINITION = new SimpleOperationDefinitionBuilder(OP, AuthServerDefinition.rscDescriptionResolver)
.addParameter(BYTES_TO_UPLOAD)
.addParameter(UPLOADED_FILE_NAME)
@ -49,6 +36,8 @@ public class AddProviderHandler extends AbstractAddOverlayHandler {
.addParameter(OVERWRITE)
.build();
public static final AddProviderHandler INSTANCE = new AddProviderHandler();
private AddProviderHandler() {}
@Override

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/authserver/AuthServerDefinition.java
View file

@ -48,7 +48,6 @@ public class AuthServerDefinition extends SimpleResourceDefinition {
protected static final SimpleAttributeDefinition ENABLED =
new SimpleAttributeDefinitionBuilder("enabled", ModelType.BOOLEAN, true)
.setXmlName("enabled")
.setAllowExpression(true)
.setDefaultValue(new ModelNode(false))
.setRestartAllServices()
@ -56,7 +55,6 @@ public class AuthServerDefinition extends SimpleResourceDefinition {
protected static final SimpleAttributeDefinition WEB_CONTEXT =
new SimpleAttributeDefinitionBuilder("web-context", ModelType.STRING, true)
.setXmlName("web-context")
.setAllowExpression(true)
.setDefaultValue(new ModelNode("auth"))
.setValidator(new WebContextValidator())

10
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/authserver/AuthServerWriteAttributeHandler.java
View file

@ -50,7 +50,7 @@ public class AuthServerWriteAttributeHandler extends ModelOnlyWriteAttributeHand
return;
}
boolean isEnabled = isEnabled(model); // is server currently enabled?
boolean isEnabled = AuthServerDefinition.ENABLED.resolveModelAttribute(context, model.getModel()).asBoolean();
String deploymentName = AuthServerUtil.getDeploymentName(operation);
if (attributeName.equals(AuthServerDefinition.WEB_CONTEXT.getName())) {
@ -73,14 +73,6 @@ public class AuthServerWriteAttributeHandler extends ModelOnlyWriteAttributeHand
super.finishModelStage(context, operation, attributeName, newValue, oldValue, model);
}
// Is auth server currently enabled?
private boolean isEnabled(Resource model) {
ModelNode authServer = model.getModel();
ModelNode isEnabled = authServer.get(AuthServerDefinition.ENABLED.getName());
if (!isEnabled.isDefined()) isEnabled = AuthServerDefinition.ENABLED.getDefaultValue();
return isEnabled.asBoolean();
}
private boolean attribNotChanging(String attributeName, ModelNode newValue, ModelNode oldValue) {
SimpleAttributeDefinition attribDef = AuthServerDefinition.lookup(attributeName);
if (!oldValue.isDefined()) oldValue = attribDef.getDefaultValue();

2
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/authserver/ListOverlaysHandler.java
View file

@ -64,8 +64,6 @@ public class ListOverlaysHandler implements OperationStepHandler {
result.add(key);
}
}
context.stepCompleted();
}
private Set<String> getOverlayNames(OperationContext context, String overlayName) {

12
integration/keycloak-subsystem/src/main/java/org/keycloak/subsystem/extension/authserver/RemoveOverlayHandler.java
View file

@ -17,6 +17,8 @@
package org.keycloak.subsystem.extension.authserver;
import static org.keycloak.subsystem.extension.authserver.AbstractAddOverlayHandler.REDEPLOY_SERVER;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationDefinition;
import org.jboss.as.controller.OperationFailedException;
@ -41,12 +43,11 @@ public class RemoveOverlayHandler implements OperationStepHandler {
new SimpleAttributeDefinitionBuilder("overlay-file-path", ModelType.STRING, false)
.setAllowExpression(true)
.setAllowNull(false)
.setDefaultValue(new ModelNode().set("/WEB-INF/lib/myprovider.jar"))
.build();
static final OperationDefinition DEFINITION = new SimpleOperationDefinitionBuilder(REMOVE_OVERLAY_OPERATION, AuthServerDefinition.rscDescriptionResolver)
.addParameter(OVERLAY_FILE_PATH)
.addParameter(AbstractAddOverlayHandler.REDEPLOY_SERVER)
.addParameter(REDEPLOY_SERVER)
.build();
static final OperationStepHandler INSTANCE = new RemoveOverlayHandler();
@ -55,9 +56,12 @@ public class RemoveOverlayHandler implements OperationStepHandler {
@Override
public void execute(OperationContext context, ModelNode operation) throws OperationFailedException {
final ModelNode model = new ModelNode();
OVERLAY_FILE_PATH.validateAndSet(operation, model);
REDEPLOY_SERVER.validateAndSet(operation, model);
String overlayName = AuthServerUtil.getOverlayName(operation);
boolean isOverlayExists = AuthServerUtil.isOverlayExists(context, overlayName, PathAddress.EMPTY_ADDRESS);
String overlayPath = operation.get(OVERLAY_FILE_PATH.getName()).asString();
String overlayPath = OVERLAY_FILE_PATH.resolveModelAttribute(context, model).asString();
if (isOverlayExists) {
PathAddress overlayAddress = AuthServerUtil.getOverlayAddress(overlayName);
AbstractAddOverlayHandler.removeContent(context, overlayAddress, overlayPath);
@ -70,7 +74,5 @@ public class RemoveOverlayHandler implements OperationStepHandler {
String deploymentName = AuthServerUtil.getDeploymentName(operation);
if (isRedeploy) AuthServerUtil.addStepToRedeployAuthServer(context, deploymentName);
if (!isRedeploy) context.restartRequired();
context.stepCompleted();
}
}

2
integration/keycloak-subsystem/src/main/resources/schema/wildfly-keycloak_1_0.xsd
View file

@ -67,7 +67,7 @@
<xs:element name="auth-server-url" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="realm" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="disable-trust-manager" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="cors-allowed-methods" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="bearer-only" type="xs:boolean" minOccurs="0" maxOccurs="1" />
<xs:element name="cors-allowed-headers" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="resource" type="xs:string" minOccurs="0" maxOccurs="1" />

131
integration/keycloak-subsystem/src/test/java/org/keycloak/subsystem/extension/SubsystemParsingTestCase.java
View file

@ -17,28 +17,24 @@
package org.keycloak.subsystem.extension;
import junit.framework.Assert;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.subsystem.test.AbstractSubsystemTest;
import org.jboss.as.subsystem.test.KernelServices;
import java.io.IOException;
import org.jboss.as.subsystem.test.AbstractSubsystemBaseTest;
import org.jboss.dmr.ModelNode;
import org.junit.Test;
import java.util.List;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.*;
/**
* Tests all management expects for subsystem, parsing, marshaling, model definition and other
* Here is an example that allows you a fine grained controller over what is tested and how. So it can give you ideas what can be done and tested.
* If you have no need for advanced testing of subsystem you look at {@link SubsystemBaseParsingTestCase} that testes same stuff but most of the code
* If you have no need for advanced testing of subsystem you look at {@link AbstractSubsystemBaseTest} that testes same stuff but most of the code
* is hidden inside of test harness
*
* @author <a href="kabir.khan@jboss.com">Kabir Khan</a>
* @author Tomaz Cerar
* @author Marko Strukelj
*/
public class SubsystemParsingTestCase extends AbstractSubsystemTest {
public class SubsystemParsingTestCase extends AbstractSubsystemBaseTest {
public SubsystemParsingTestCase() {
super(KeycloakExtension.SUBSYSTEM_NAME, new KeycloakExtension());
@ -60,112 +56,21 @@ public class SubsystemParsingTestCase extends AbstractSubsystemTest {
System.out.println("json=" + node.toJSONString(false));
}
/**
* Tests that the xml is parsed into the correct operations
*/
@Test
public void testParseSubsystem() throws Exception {
//Parse the subsystem xml into operations
String subsystemXml =
"<subsystem xmlns=\"" + KeycloakExtension.NAMESPACE + "\">" +
"</subsystem>";
List<ModelNode> operations = super.parse(subsystemXml);
///Check that we have the expected number of operations
Assert.assertEquals(1, operations.size());
//Check that each operation has the correct content
ModelNode addSubsystem = operations.get(0);
Assert.assertEquals(ADD, addSubsystem.get(OP).asString());
PathAddress addr = PathAddress.pathAddress(addSubsystem.get(OP_ADDR));
Assert.assertEquals(1, addr.size());
PathElement element = addr.getElement(0);
Assert.assertEquals(SUBSYSTEM, element.getKey());
Assert.assertEquals(KeycloakExtension.SUBSYSTEM_NAME, element.getValue());
@Override
protected String getSubsystemXml() throws IOException {
return readResource("keycloak-1.0.xml");
}
/**
* Test that the model created from the xml looks as expected
*/
@Test
public void testInstallIntoController() throws Exception {
//Parse the subsystem xml and install into the controller
String subsystemXml =
"<subsystem xmlns=\"" + KeycloakExtension.NAMESPACE + "\">" +
"</subsystem>";
KernelServices services = super.installInController(subsystemXml);
//Read the whole model and make sure it looks as expected
ModelNode model = services.readWholeModel();
Assert.assertTrue(model.get(SUBSYSTEM).hasDefined(KeycloakExtension.SUBSYSTEM_NAME));
@Override
protected String getSubsystemXsdPath() throws Exception {
return "schema/wildfly-keycloak_1_0.xsd";
}
/**
* Starts a controller with a given subsystem xml and then checks that a second
* controller started with the xml marshalled from the first one results in the same model
*/
@Test
public void testParseAndMarshalModel() throws Exception {
//Parse the subsystem xml and install into the first controller
//TODO: Figure out why this fails
String subsystemXml =
"<subsystem xmlns=\"" + KeycloakExtension.NAMESPACE + "\">" +
"</subsystem>";
KernelServices servicesA = super.installInController(subsystemXml);
//Get the model and the persisted xml from the first controller
ModelNode modelA = servicesA.readWholeModel();
String marshalled = servicesA.getPersistedSubsystemXml();
//Install the persisted xml from the first controller into a second controller
KernelServices servicesB = super.installInController(marshalled);
ModelNode modelB = servicesB.readWholeModel();
//Make sure the models from the two controllers are identical
super.compare(modelA, modelB);
}
/**
* Starts a controller with the given subsystem xml and then checks that a second
* controller started with the operations from its describe action results in the same model
*/
@Test
public void testDescribeHandler() throws Exception {
//Parse the subsystem xml and install into the first controller
String subsystemXml =
"<subsystem xmlns=\"" + KeycloakExtension.NAMESPACE + "\">" +
"</subsystem>";
KernelServices servicesA = super.installInController(subsystemXml);
//Get the model and the describe operations from the first controller
ModelNode modelA = servicesA.readWholeModel();
ModelNode describeOp = new ModelNode();
describeOp.get(OP).set(DESCRIBE);
describeOp.get(OP_ADDR).set(
PathAddress.pathAddress(
PathElement.pathElement(SUBSYSTEM, KeycloakExtension.SUBSYSTEM_NAME)).toModelNode());
List<ModelNode> operations = super.checkResultAndGetContents(servicesA.executeOperation(describeOp)).asList();
//Install the describe options from the first controller into a second controller
KernelServices servicesB = super.installInController(operations);
ModelNode modelB = servicesB.readWholeModel();
//Make sure the models from the two controllers are identical
super.compare(modelA, modelB);
}
/**
* Tests that the subsystem can be removed
*/
@Test
public void testSubsystemRemoval() throws Exception {
//Parse the subsystem xml and install into the first controller
String subsystemXml =
"<subsystem xmlns=\"" + KeycloakExtension.NAMESPACE + "\">" +
"</subsystem>";
KernelServices services = super.installInController(subsystemXml);
//Checks that the subsystem was removed from the model
super.assertRemoveSubsystemResources(services);
//TODO Chek that any services that were installed were removed here
@Override
protected String[] getSubsystemTemplatePaths() throws IOException {
return new String[]{
"/subsystem-templates/keycloak.xml"
};
}
}

24
integration/keycloak-subsystem/src/test/resources/org/keycloak/subsystem/extension/keycloak-1.0.xml Normal file
View file

@ -0,0 +1,24 @@
<subsystem xmlns="urn:jboss:domain:keycloak:1.0">
<secure-deployment name="web-console">
<realm>master</realm>
<resource>web-console</resource>
<use-resource-role-mappings>true</use-resource-role-mappings>
<realm-public-key>
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4siLKUew0WYxdtq6/rwk4Uj/4amGFFnE/yzIxQVU0PUqz3QBRVkUWpDj0K6ZnS5nzJV/y6DHLEy7hjZTdRDphyF1sq09aDOYnVpzu8o2sIlMM8q5RnUyEfIyUZqwo8pSZDJ90fS0s+IDUJNCSIrAKO3w1lqZDHL6E/YFHXyzkvQIDAQAB
</realm-public-key>
<auth-server-url>http://localhost:8080/auth</auth-server-url>
<ssl-required>EXTERNAL</ssl-required>
<credential name="secret">0aa31d98-e0aa-404c-b6e0-e771dba1e798</credential>
</secure-deployment>
<secure-deployment name="http-endpoint">
<realm>master</realm>
<resource>http-endpoint</resource>
<use-resource-role-mappings>true</use-resource-role-mappings>
<realm-public-key>
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4siLKUew0WYxdtq6/rwk4Uj/4amGFFnE/yzIxQVU0PUqz3QBRVkUWpDj0K6ZnS5nzJV/y6DHLEy7hjZTdRDphyF1sq09aDOYnVpzu8o2sIlMM8q5RnUyEfIyUZqwo8pSZDJ90fS0s+IDUJNCSIrAKO3w1lqZDHL6E/YFHXyzkvQIDAQAB
</realm-public-key>
<auth-server-url>http://localhost:8080/auth</auth-server-url>
<ssl-required>EXTERNAL</ssl-required>
<credential name="secret">2769a4a2-5be0-454f-838f-f33b7755b667</credential>
</secure-deployment>
</subsystem>