task: remove usage of resteasy-core-spi (#27387)
closes: #27242 Signed-off-by: Steve Hawkins <shawkins@redhat.com>
This commit is contained in:
parent
bf1248d062
commit
35b9d8aa49
52 changed files with 326 additions and 250 deletions
|
@ -32,7 +32,6 @@ import org.jboss.logging.Logger;
|
|||
import org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider;
|
||||
import org.keycloak.connections.jpa.updater.liquibase.ThreadLocalSessionContext;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
|
||||
import java.sql.Connection;
|
||||
import java.sql.ResultSet;
|
||||
|
@ -45,8 +44,6 @@ import java.util.List;
|
|||
*/
|
||||
public abstract class CustomKeycloakTask implements CustomSqlChange {
|
||||
|
||||
private final Logger logger = Logger.getLogger(getClass());
|
||||
|
||||
protected KeycloakSession kcSession;
|
||||
|
||||
protected Database database;
|
||||
|
@ -73,18 +70,8 @@ public abstract class CustomKeycloakTask implements CustomSqlChange {
|
|||
@Override
|
||||
public void setUp() throws SetupException {
|
||||
this.kcSession = ThreadLocalSessionContext.getCurrentSession();
|
||||
|
||||
if (this.kcSession == null) {
|
||||
// Probably running Liquibase from maven plugin. Try to create kcSession programmatically
|
||||
logger.info("No KeycloakSession provided in ThreadLocal. Initializing KeycloakSessionFactory");
|
||||
|
||||
try {
|
||||
DefaultKeycloakSessionFactory factory = new DefaultKeycloakSessionFactory();
|
||||
factory.init();
|
||||
this.kcSession = factory.create();
|
||||
} catch (Exception e) {
|
||||
throw new SetupException("Exception when initializing factory", e);
|
||||
}
|
||||
throw new SetupException("Thread bound session is null");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
6
pom.xml
6
pom.xml
|
@ -1313,6 +1313,12 @@
|
|||
<artifactId>keycloak-services</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<type>test-jar</type>
|
||||
</dependency>
|
||||
|
||||
<!-- Authorization -->
|
||||
<dependency>
|
||||
|
|
|
@ -103,7 +103,6 @@ import org.keycloak.representations.provider.ScriptProviderMetadata;
|
|||
import org.keycloak.representations.userprofile.config.UPConfig;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
import org.keycloak.services.resources.JsResource;
|
||||
import org.keycloak.services.resources.KeycloakApplication;
|
||||
import org.keycloak.services.resources.LoadBalancerResource;
|
||||
import org.keycloak.services.resources.admin.AdminRoot;
|
||||
import org.keycloak.theme.ClasspathThemeProviderFactory;
|
||||
|
@ -623,9 +622,6 @@ class KeycloakProcessor {
|
|||
void configureResteasy(CombinedIndexBuildItem index,
|
||||
BuildProducer<BuildTimeConditionBuildItem> buildTimeConditionBuildItemBuildProducer,
|
||||
BuildProducer<MethodScannerBuildItem> scanner) {
|
||||
buildTimeConditionBuildItemBuildProducer.produce(new BuildTimeConditionBuildItem(index.getIndex().getClassByName(DotName.createSimple(
|
||||
KeycloakApplication.class.getName())), false));
|
||||
|
||||
if (!Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
||||
buildTimeConditionBuildItemBuildProducer.produce(new BuildTimeConditionBuildItem(index.getIndex().getClassByName(DotName.createSimple(
|
||||
AdminRoot.class.getName())), false));
|
||||
|
|
|
@ -548,10 +548,6 @@
|
|||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-core-spi</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.commons</groupId>
|
||||
<artifactId>commons-lang3</artifactId>
|
||||
|
|
|
@ -27,8 +27,6 @@ import org.keycloak.quarkus.runtime.integration.QuarkusKeycloakSessionFactory;
|
|||
import org.keycloak.quarkus.runtime.integration.QuarkusPlatform;
|
||||
import org.keycloak.services.resources.KeycloakApplication;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
import jakarta.enterprise.event.Observes;
|
||||
import jakarta.ws.rs.ApplicationPath;
|
||||
|
||||
|
@ -59,13 +57,4 @@ public class QuarkusKeycloakApplication extends KeycloakApplication {
|
|||
// no need to load config provider because we force quarkus impl
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Object> getSingletons() {
|
||||
return Set.of();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Class<?>> getClasses() {
|
||||
return Set.of();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,6 +4,7 @@ import static org.keycloak.utils.StreamsUtil.throwIfEmpty;
|
|||
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.Path;
|
||||
import jakarta.ws.rs.Produces;
|
||||
|
@ -17,7 +18,6 @@ import org.jboss.resteasy.reactive.NoCache;
|
|||
import org.keycloak.admin.ui.rest.model.RealmNameRepresentation;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||
import org.keycloak.services.resources.admin.permissions.RealmsPermissionEvaluator;
|
||||
|
|
|
@ -137,6 +137,7 @@
|
|||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-core-spi</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
|
||||
|
@ -249,6 +250,16 @@
|
|||
</compilerArgument>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<artifactId>maven-jar-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>test-jar</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
|
|
@ -19,6 +19,8 @@ package org.keycloak.authentication.requiredactions;
|
|||
|
||||
import java.util.Objects;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.authentication.AuthenticationProcessor;
|
||||
|
@ -39,7 +41,6 @@ import org.keycloak.models.RealmModel;
|
|||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.UserManager;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.managers.AuthenticationManager;
|
||||
import org.keycloak.services.messages.Messages;
|
||||
|
||||
|
|
|
@ -22,7 +22,6 @@ import java.util.Map;
|
|||
|
||||
import jakarta.ws.rs.Path;
|
||||
|
||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
||||
import org.keycloak.authorization.AuthorizationProvider;
|
||||
import org.keycloak.authorization.model.Policy;
|
||||
import org.keycloak.authorization.model.ResourceServer;
|
||||
|
|
|
@ -40,7 +40,7 @@ import java.util.Map;
|
|||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class DefaultKeycloakContext implements KeycloakContext {
|
||||
public abstract class DefaultKeycloakContext implements KeycloakContext {
|
||||
|
||||
private RealmModel realm;
|
||||
|
||||
|
@ -131,12 +131,12 @@ public class DefaultKeycloakContext implements KeycloakContext {
|
|||
public Locale resolveLocale(UserModel user) {
|
||||
return session.getProvider(LocaleSelectorProvider.class).resolveLocale(getRealm(), user);
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public AuthenticationSessionModel getAuthenticationSession() {
|
||||
return authenticationSession;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void setAuthenticationSession(AuthenticationSessionModel authenticationSession) {
|
||||
this.authenticationSession = authenticationSession;
|
||||
|
@ -170,13 +170,9 @@ public class DefaultKeycloakContext implements KeycloakContext {
|
|||
return response;
|
||||
}
|
||||
|
||||
protected HttpRequest createHttpRequest() {
|
||||
return new HttpRequestImpl(getContextObject(org.jboss.resteasy.spi.HttpRequest.class));
|
||||
}
|
||||
protected abstract HttpRequest createHttpRequest();
|
||||
|
||||
protected HttpResponse createHttpResponse() {
|
||||
return new HttpResponseImpl(getContextObject(org.jboss.resteasy.spi.HttpResponse.class));
|
||||
}
|
||||
protected abstract HttpResponse createHttpResponse();
|
||||
|
||||
protected KeycloakSession getSession() {
|
||||
return session;
|
||||
|
|
|
@ -67,7 +67,7 @@ import java.util.stream.Collectors;
|
|||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class DefaultKeycloakSession implements KeycloakSession {
|
||||
public abstract class DefaultKeycloakSession implements KeycloakSession {
|
||||
|
||||
private final DefaultKeycloakSessionFactory factory;
|
||||
private final Map<Integer, Provider> providers = new HashMap<>();
|
||||
|
@ -253,6 +253,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
|
|||
return provider;
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T extends Provider> Set<String> listProviderIds(Class<T> clazz) {
|
||||
return factory.getAllProviderIds(clazz);
|
||||
}
|
||||
|
@ -418,9 +419,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
|
|||
return String.format("session @ %08x", System.identityHashCode(this));
|
||||
}
|
||||
|
||||
protected DefaultKeycloakContext createKeycloakContext(KeycloakSession session) {
|
||||
return new DefaultKeycloakContext(session);
|
||||
}
|
||||
protected abstract DefaultKeycloakContext createKeycloakContext(KeycloakSession session);
|
||||
|
||||
public boolean isClosed() {
|
||||
return closed;
|
||||
|
|
|
@ -52,7 +52,7 @@ import java.util.concurrent.CopyOnWriteArrayList;
|
|||
import java.util.function.Function;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, ProviderManagerDeployer {
|
||||
public abstract class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, ProviderManagerDeployer {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(DefaultKeycloakSessionFactory.class);
|
||||
|
||||
|
@ -74,7 +74,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
|
|||
private Long roleStorageProviderTimeout;
|
||||
|
||||
protected ComponentFactoryProviderFactory componentFactoryPF;
|
||||
|
||||
|
||||
@Override
|
||||
public void register(ProviderEventListener listener) {
|
||||
listeners.add(listener);
|
||||
|
@ -318,11 +318,6 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
|
|||
return true;
|
||||
}
|
||||
|
||||
public KeycloakSession create() {
|
||||
KeycloakSession session = new DefaultKeycloakSession(this);
|
||||
return session;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Spi> getSpis() {
|
||||
return spis;
|
||||
|
@ -396,6 +391,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
|
|||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() {
|
||||
ProviderManagerRegistry.SINGLETON.setDeployer(null);
|
||||
for (Map<String, ProviderFactory> factories : factoriesMap.values()) {
|
||||
|
|
|
@ -1,65 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services;
|
||||
|
||||
import org.jboss.resteasy.spi.LoggableFailure;
|
||||
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
||||
/**
|
||||
* To provide a typed exception for Forbidden (This doesn't exist in Resteasy 2.3.7)
|
||||
*/
|
||||
public class ForbiddenException extends LoggableFailure
|
||||
{
|
||||
public ForbiddenException()
|
||||
{
|
||||
super(403);
|
||||
}
|
||||
|
||||
public ForbiddenException(String s)
|
||||
{
|
||||
super(s, 403);
|
||||
}
|
||||
|
||||
public ForbiddenException(String s, Response response)
|
||||
{
|
||||
super(s, response);
|
||||
}
|
||||
|
||||
public ForbiddenException(String s, Throwable throwable, Response response)
|
||||
{
|
||||
super(s, throwable, response);
|
||||
}
|
||||
|
||||
public ForbiddenException(String s, Throwable throwable)
|
||||
{
|
||||
super(s, throwable, 403);
|
||||
}
|
||||
|
||||
public ForbiddenException(Throwable throwable)
|
||||
{
|
||||
super(throwable, 403);
|
||||
}
|
||||
|
||||
public ForbiddenException(Throwable throwable, Response response)
|
||||
{
|
||||
super(throwable, response);
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -40,7 +40,6 @@ import org.keycloak.models.utils.RepresentationToModel;
|
|||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.oidc.OIDCClientRepresentation;
|
||||
import org.keycloak.services.ErrorResponseException;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.clientpolicy.ClientPolicyException;
|
||||
import org.keycloak.services.clientpolicy.context.DynamicClientRegisteredContext;
|
||||
import org.keycloak.services.clientpolicy.context.DynamicClientUpdatedContext;
|
||||
|
@ -50,6 +49,7 @@ import org.keycloak.services.managers.ClientManager;
|
|||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.validation.ValidationUtil;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
||||
/**
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
|
||||
package org.keycloak.services.clientregistration;
|
||||
|
||||
import org.jboss.resteasy.spi.Failure;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.authentication.AuthenticationProcessor;
|
||||
|
@ -46,6 +45,7 @@ import org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyM
|
|||
import org.keycloak.services.clientregistration.policy.RegistrationAuth;
|
||||
import org.keycloak.util.TokenUtil;
|
||||
|
||||
import jakarta.ws.rs.WebApplicationException;
|
||||
import jakarta.ws.rs.core.HttpHeaders;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import java.util.List;
|
||||
|
@ -380,21 +380,21 @@ public class ClientRegistrationAuth {
|
|||
return true;
|
||||
}
|
||||
|
||||
private Failure unauthorized(String errorDescription) {
|
||||
private WebApplicationException unauthorized(String errorDescription) {
|
||||
event.detail(Details.REASON, errorDescription).error(Errors.INVALID_TOKEN);
|
||||
throw new ErrorResponseException(OAuthErrorException.INVALID_TOKEN, errorDescription, Response.Status.UNAUTHORIZED);
|
||||
}
|
||||
|
||||
private Failure forbidden() {
|
||||
private WebApplicationException forbidden() {
|
||||
return forbidden("Forbidden");
|
||||
}
|
||||
|
||||
private Failure forbidden(String errorDescription) {
|
||||
private WebApplicationException forbidden(String errorDescription) {
|
||||
event.error(Errors.NOT_ALLOWED);
|
||||
throw new ErrorResponseException(OAuthErrorException.INSUFFICIENT_SCOPE, errorDescription, Response.Status.FORBIDDEN);
|
||||
}
|
||||
|
||||
private Failure notFound() {
|
||||
private WebApplicationException notFound() {
|
||||
event.error(Errors.CLIENT_NOT_FOUND);
|
||||
throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Client not found", Response.Status.NOT_FOUND);
|
||||
}
|
||||
|
|
|
@ -6,7 +6,6 @@ import static org.keycloak.services.resources.KeycloakApplication.getSessionFact
|
|||
import com.fasterxml.jackson.core.JsonParseException;
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.Failure;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.forms.login.freemarker.model.UrlBean;
|
||||
|
@ -122,10 +121,6 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
|
|||
WebApplicationException ex = (WebApplicationException) throwable;
|
||||
status = ex.getResponse().getStatus();
|
||||
}
|
||||
if (throwable instanceof Failure) {
|
||||
Failure f = (Failure) throwable;
|
||||
status = f.getErrorCode();
|
||||
}
|
||||
if (throwable instanceof JsonProcessingException) {
|
||||
status = Response.Status.BAD_REQUEST.getStatusCode();
|
||||
}
|
||||
|
|
|
@ -23,7 +23,8 @@ import org.keycloak.models.RealmModel;
|
|||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.UserSessionModel;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
package org.keycloak.services.resources;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.BadRequestException;
|
||||
import org.keycloak.http.HttpRequest;
|
||||
import org.keycloak.AbstractOAuthClient;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
|
@ -29,11 +28,12 @@ import org.keycloak.models.ClientModel;
|
|||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.managers.Auth;
|
||||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.util.TokenUtil;
|
||||
|
||||
import jakarta.ws.rs.BadRequestException;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.Path;
|
||||
import jakarta.ws.rs.QueryParam;
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
package org.keycloak.services.resources;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.BadRequestException;
|
||||
import org.keycloak.http.HttpRequest;
|
||||
import jakarta.ws.rs.NotAuthorizedException;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
|
@ -33,8 +32,9 @@ import org.keycloak.models.KeycloakSession;
|
|||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil;
|
||||
import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
|
||||
import jakarta.ws.rs.BadRequestException;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.HeaderParam;
|
||||
import jakarta.ws.rs.POST;
|
||||
import jakarta.ws.rs.Path;
|
||||
|
|
|
@ -16,10 +16,8 @@
|
|||
*/
|
||||
package org.keycloak.services.resources;
|
||||
|
||||
import com.fasterxml.jackson.core.type.TypeReference;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.crypto.CryptoIntegration;
|
||||
import org.keycloak.common.util.Resteasy;
|
||||
import org.keycloak.config.ConfigProviderFactory;
|
||||
|
@ -42,51 +40,39 @@ import org.keycloak.platform.Platform;
|
|||
import org.keycloak.platform.PlatformProvider;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
import org.keycloak.services.error.KeycloakErrorHandler;
|
||||
import org.keycloak.services.error.KcUnrecognizedPropertyExceptionHandler;
|
||||
import org.keycloak.services.error.KeycloakMismatchedInputExceptionHandler;
|
||||
import org.keycloak.services.filters.KeycloakSecurityHeadersFilter;
|
||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.services.resources.admin.AdminRoot;
|
||||
import org.keycloak.services.util.ObjectMapperResolver;
|
||||
import org.keycloak.transaction.JtaTransactionManagerLookup;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.NoSuchElementException;
|
||||
import java.util.ServiceLoader;
|
||||
|
||||
import com.fasterxml.jackson.core.type.TypeReference;
|
||||
|
||||
import jakarta.transaction.SystemException;
|
||||
import jakarta.transaction.Transaction;
|
||||
import jakarta.ws.rs.core.Application;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.NoSuchElementException;
|
||||
import java.util.ServiceLoader;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*
|
||||
* Note: the classes and singletons are not used by Quarkus - see the KeycloakProcessor to do exclusions
|
||||
*/
|
||||
public class KeycloakApplication extends Application {
|
||||
public abstract class KeycloakApplication extends Application {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(KeycloakApplication.class);
|
||||
|
||||
protected final PlatformProvider platform = Platform.getPlatform();
|
||||
|
||||
protected Set<Object> singletons = new HashSet<>();
|
||||
protected Set<Class<?>> classes = new HashSet<>();
|
||||
|
||||
private static KeycloakSessionFactory sessionFactory;
|
||||
|
||||
public KeycloakApplication() {
|
||||
|
||||
try {
|
||||
|
||||
logger.debugv("PlatformProvider: {0}", platform.getClass().getName());
|
||||
|
@ -94,38 +80,12 @@ public class KeycloakApplication extends Application {
|
|||
|
||||
loadConfig();
|
||||
|
||||
classes.add(RobotsResource.class);
|
||||
classes.add(RealmsResource.class);
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
||||
classes.add(AdminRoot.class);
|
||||
}
|
||||
classes.add(ThemeResource.class);
|
||||
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.JS_ADAPTER)) {
|
||||
classes.add(JsResource.class);
|
||||
}
|
||||
|
||||
classes.add(KeycloakSecurityHeadersFilter.class);
|
||||
classes.add(KeycloakErrorHandler.class);
|
||||
classes.add(KcUnrecognizedPropertyExceptionHandler.class);
|
||||
classes.add(KeycloakMismatchedInputExceptionHandler.class);
|
||||
|
||||
singletons.add(new ObjectMapperResolver());
|
||||
classes.add(WelcomeResource.class);
|
||||
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.MULTI_SITE)) {
|
||||
// If we are running in multi-site mode, we need to add a resource which to expose
|
||||
// an endpoint for the load balancer to gather information whether this site should receive requests or not.
|
||||
classes.add(LoadBalancerResource.class);
|
||||
}
|
||||
|
||||
platform.onStartup(this::startup);
|
||||
platform.onShutdown(this::shutdown);
|
||||
|
||||
} catch (Throwable t) {
|
||||
platform.exit(t);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
protected void startup() {
|
||||
|
@ -225,26 +185,12 @@ public class KeycloakApplication extends Application {
|
|||
|
||||
}
|
||||
|
||||
protected KeycloakSessionFactory createSessionFactory() {
|
||||
DefaultKeycloakSessionFactory factory = new DefaultKeycloakSessionFactory();
|
||||
factory.init();
|
||||
return factory;
|
||||
}
|
||||
protected abstract KeycloakSessionFactory createSessionFactory();
|
||||
|
||||
public static KeycloakSessionFactory getSessionFactory() {
|
||||
return sessionFactory;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Class<?>> getClasses() {
|
||||
return classes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Object> getSingletons() {
|
||||
return singletons;
|
||||
}
|
||||
|
||||
public void importRealms(ExportImportManager exportImportManager) {
|
||||
String dir = System.getProperty("keycloak.import");
|
||||
if (dir != null) {
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
package org.keycloak.services.resources;
|
||||
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.POST;
|
||||
import jakarta.ws.rs.Path;
|
||||
|
@ -42,7 +43,6 @@ import org.keycloak.cookie.CookieProvider;
|
|||
import org.keycloak.cookie.CookieType;
|
||||
import org.keycloak.http.HttpRequest;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||
import org.keycloak.services.util.CacheControlUtil;
|
||||
|
|
|
@ -29,7 +29,6 @@ import org.keycloak.models.KeycloakSession;
|
|||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.oidc.TokenManager;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.cors.Cors;
|
||||
import org.keycloak.services.managers.AppAuthManager;
|
||||
import org.keycloak.services.managers.AuthenticationManager;
|
||||
|
@ -39,6 +38,7 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
|||
import org.keycloak.theme.Theme;
|
||||
import org.keycloak.urls.UrlType;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.HttpMethod;
|
||||
import jakarta.ws.rs.OPTIONS;
|
||||
|
|
|
@ -24,7 +24,6 @@ import jakarta.ws.rs.core.Response.Status;
|
|||
import org.eclipse.microprofile.openapi.annotations.tags.Tag;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.reactive.NoCache;
|
||||
import org.jboss.resteasy.spi.BadRequestException;
|
||||
import org.keycloak.OAuthErrorException;
|
||||
import org.keycloak.authorization.admin.AuthorizationService;
|
||||
import org.keycloak.common.ClientConnection;
|
||||
|
@ -78,6 +77,7 @@ import org.keycloak.utils.ProfileHelper;
|
|||
import org.keycloak.utils.ReservedCharValidator;
|
||||
import org.keycloak.validation.ValidationUtil;
|
||||
|
||||
import jakarta.ws.rs.BadRequestException;
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.DELETE;
|
||||
import jakarta.ws.rs.GET;
|
||||
|
|
|
@ -38,7 +38,6 @@ import org.keycloak.representations.idm.ClientRepresentation;
|
|||
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
|
||||
import org.keycloak.services.ErrorResponse;
|
||||
import org.keycloak.services.ErrorResponseException;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.clientpolicy.ClientPolicyException;
|
||||
import org.keycloak.services.clientpolicy.context.AdminClientRegisterContext;
|
||||
import org.keycloak.services.clientpolicy.context.AdminClientRegisteredContext;
|
||||
|
@ -51,6 +50,7 @@ import org.keycloak.validation.ValidationUtil;
|
|||
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.DefaultValue;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.POST;
|
||||
|
|
|
@ -27,7 +27,6 @@ import org.keycloak.http.FormPartValue;
|
|||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.ModelDuplicateException;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.resources.KeycloakOpenAPI;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||
|
||||
|
@ -40,6 +39,7 @@ import java.util.stream.Stream;
|
|||
import jakarta.ws.rs.BadRequestException;
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.DELETE;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.POST;
|
||||
|
|
|
@ -38,7 +38,6 @@ import org.keycloak.policy.PasswordPolicyNotMetException;
|
|||
import org.keycloak.protocol.oidc.TokenManager;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.ErrorResponse;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.services.resources.KeycloakOpenAPI;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||
|
@ -48,6 +47,7 @@ import org.keycloak.storage.ExportImportManager;
|
|||
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.DefaultValue;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.POST;
|
||||
|
|
|
@ -71,7 +71,6 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.representations.idm.UserSessionRepresentation;
|
||||
import org.keycloak.services.ErrorResponse;
|
||||
import org.keycloak.services.ErrorResponseException;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
import org.keycloak.services.Urls;
|
||||
import org.keycloak.services.managers.AuthenticationManager;
|
||||
|
@ -93,6 +92,7 @@ import jakarta.ws.rs.BadRequestException;
|
|||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.DELETE;
|
||||
import jakarta.ws.rs.DefaultValue;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.POST;
|
||||
|
@ -160,7 +160,7 @@ public class UserResource {
|
|||
this.adminEvent = adminEvent.resource(ResourceType.USER);
|
||||
this.headers = session.getContext().getRequestHeaders();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Update the user
|
||||
*
|
||||
|
|
|
@ -40,7 +40,6 @@ import org.keycloak.models.utils.RepresentationToModel;
|
|||
import org.keycloak.policy.PasswordPolicyNotMetException;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.services.ErrorResponse;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.resources.KeycloakOpenAPI;
|
||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||
import org.keycloak.services.resources.admin.permissions.UserPermissionEvaluator;
|
||||
|
@ -49,6 +48,7 @@ import org.keycloak.userprofile.UserProfileProvider;
|
|||
import org.keycloak.utils.SearchQueryUtils;
|
||||
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.POST;
|
||||
|
|
|
@ -33,7 +33,6 @@ import org.keycloak.models.ClientScopeModel;
|
|||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.representations.idm.authorization.Permission;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.storage.StorageId;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
@ -45,6 +44,8 @@ import java.util.LinkedHashMap;
|
|||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
import static org.keycloak.services.resources.admin.permissions.AdminPermissionManagement.TOKEN_EXCHANGE;
|
||||
|
||||
/**
|
||||
|
|
|
@ -28,7 +28,6 @@ import org.keycloak.authorization.store.ResourceStore;
|
|||
import org.keycloak.models.AdminRoles;
|
||||
import org.keycloak.models.GroupModel;
|
||||
import org.keycloak.representations.idm.authorization.Permission;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
|
@ -40,6 +39,8 @@ import java.util.List;
|
|||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
|
@ -348,13 +349,13 @@ class GroupPermissions implements GroupPermissionEvaluator, GroupPermissionManag
|
|||
if (!root.isAdminSameRealm()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
ResourceServer server = root.realmResourceServer();
|
||||
if (server == null) return false;
|
||||
|
||||
return hasPermission(group, VIEW_MEMBERS_SCOPE);
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public boolean canManageMembers(GroupModel group) {
|
||||
if (root.users().canManage()) return true;
|
||||
|
@ -379,7 +380,7 @@ class GroupPermissions implements GroupPermissionEvaluator, GroupPermissionManag
|
|||
|
||||
return hasPermission(group, MANAGE_MEMBERSHIP_SCOPE);
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void requireManageMembership(GroupModel group) {
|
||||
if (!canManageMembership(group)) {
|
||||
|
|
|
@ -37,7 +37,6 @@ import org.keycloak.models.KeycloakSessionFactory;
|
|||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.representations.idm.authorization.Permission;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.services.resources.admin.AdminAuth;
|
||||
|
||||
|
@ -45,6 +44,8 @@ import java.util.Arrays;
|
|||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
|
|
|
@ -20,9 +20,10 @@ package org.keycloak.services.resources.admin.permissions;
|
|||
import org.keycloak.models.AdminRoles;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.ImpersonationConstants;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
import org.keycloak.services.resources.admin.AdminAuth;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
|
|
|
@ -21,7 +21,8 @@ import org.keycloak.authorization.AuthorizationProvider;
|
|||
import org.keycloak.models.AdminRoles;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
/**
|
||||
* Manages default policies for all users.
|
||||
|
|
|
@ -34,7 +34,6 @@ import org.keycloak.models.RoleContainerModel;
|
|||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
||||
import org.keycloak.representations.idm.authorization.Permission;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
|
@ -43,6 +42,8 @@ import java.util.LinkedHashMap;
|
|||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
|
|
|
@ -36,7 +36,6 @@ import org.keycloak.models.ImpersonationConstants;
|
|||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.representations.idm.authorization.Permission;
|
||||
import org.keycloak.services.ForbiddenException;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
|
@ -49,6 +48,8 @@ import java.util.Map;
|
|||
import java.util.Set;
|
||||
import java.util.function.Predicate;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
|
||||
/**
|
||||
* Manages default policies for all users.
|
||||
*
|
||||
|
|
|
@ -35,8 +35,8 @@ import org.apache.http.impl.client.CloseableHttpClient;
|
|||
import org.junit.Assume;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||
import org.keycloak.utils.ScopeUtil;
|
||||
|
||||
public class DefaultHttpClientFactoryTest {
|
||||
|
@ -49,7 +49,7 @@ public class DefaultHttpClientFactoryTest {
|
|||
values.put(DISABLE_TRUST_MANAGER_PROPERTY, "true");
|
||||
DefaultHttpClientFactory factory = new DefaultHttpClientFactory();
|
||||
factory.init(ScopeUtil.createScope(values));
|
||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
||||
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||
HttpClientProvider provider = factory.create(session);
|
||||
Optional<String> testURL = getTestURL();
|
||||
Assume.assumeTrue( "Could not get test url for domain", testURL.isPresent() );
|
||||
|
@ -63,7 +63,7 @@ public class DefaultHttpClientFactoryTest {
|
|||
public void createHttpClientProviderWithUnvailableURL() throws IOException {
|
||||
DefaultHttpClientFactory factory = new DefaultHttpClientFactory();
|
||||
factory.init(ScopeUtil.createScope(new HashMap<>()));
|
||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
||||
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||
HttpClientProvider provider = factory.create(session);
|
||||
try (CloseableHttpClient httpClient = provider.getHttpClient()) {
|
||||
Optional<String> testURL = getTestURL();
|
||||
|
|
|
@ -30,9 +30,9 @@ import org.keycloak.common.crypto.CryptoIntegration;
|
|||
import org.keycloak.common.crypto.CryptoProvider;
|
||||
import org.keycloak.http.HttpRequest;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.HttpRequestImpl;
|
||||
import org.keycloak.services.resteasy.HttpRequestImpl;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||
|
||||
/**
|
||||
* <p>Little test class for RedirectUtils methods.</p>
|
||||
|
@ -49,9 +49,9 @@ public class RedirectUtilsTest {
|
|||
ResteasyContext.getContextDataMap().put(HttpRequest.class, httpRequest);
|
||||
Profile.defaults();
|
||||
CryptoIntegration.init(CryptoProvider.class.getClassLoader());
|
||||
DefaultKeycloakSessionFactory sessionFactory = new DefaultKeycloakSessionFactory();
|
||||
ResteasyKeycloakSessionFactory sessionFactory = new ResteasyKeycloakSessionFactory();
|
||||
sessionFactory.init();
|
||||
session = new DefaultKeycloakSession(sessionFactory);
|
||||
session = new ResteasyKeycloakSession(sessionFactory);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -47,8 +47,8 @@ import org.keycloak.saml.common.util.DocumentUtil;
|
|||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||
import org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil;
|
||||
import org.keycloak.saml.processing.core.util.XMLEncryptionUtil;
|
||||
import org.keycloak.services.DefaultKeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||
import org.w3c.dom.Document;
|
||||
import org.w3c.dom.Element;
|
||||
import org.w3c.dom.NodeList;
|
||||
|
@ -118,7 +118,7 @@ public class SamlEncryptionTest {
|
|||
.nameIdentifier(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.get(), "nameId");
|
||||
ResponseType samlModel = builder.buildModel();
|
||||
|
||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
||||
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||
JaxrsSAML2BindingBuilder bindingBuilder = new JaxrsSAML2BindingBuilder(session);
|
||||
if (alg != null) {
|
||||
bindingBuilder.encryptionAlgorithm(alg);
|
||||
|
|
|
@ -51,8 +51,8 @@ import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
|
|||
import org.keycloak.saml.common.exceptions.ConfigurationException;
|
||||
import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request;
|
||||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||
import org.keycloak.services.DefaultKeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||
import org.keycloak.utils.ScopeUtil;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
|
@ -112,9 +112,9 @@ public class SoapTest {
|
|||
Document doc = SAML2Request.convert(request);
|
||||
Profile.defaults();
|
||||
CryptoIntegration.init(CryptoProvider.class.getClassLoader());
|
||||
DefaultKeycloakSessionFactory sessionFactory = new DefaultKeycloakSessionFactory();
|
||||
ResteasyKeycloakSessionFactory sessionFactory = new ResteasyKeycloakSessionFactory();
|
||||
sessionFactory.init();
|
||||
KeycloakSession session = new DefaultKeycloakSession(sessionFactory);
|
||||
KeycloakSession session = new ResteasyKeycloakSession(sessionFactory);
|
||||
|
||||
SOAPMessage soapResponse = Soap.createMessage()
|
||||
.addMimeHeader("SOAPAction", "http://www.oasis-open.org/committees/security")
|
||||
|
@ -154,9 +154,9 @@ public class SoapTest {
|
|||
return ScopeUtil.createScope(new HashMap<>());
|
||||
}
|
||||
});
|
||||
DefaultKeycloakSessionFactory sessionFactory = new DefaultKeycloakSessionFactory();
|
||||
ResteasyKeycloakSessionFactory sessionFactory = new ResteasyKeycloakSessionFactory();
|
||||
sessionFactory.init();
|
||||
KeycloakSession session = new DefaultKeycloakSession(sessionFactory);
|
||||
KeycloakSession session = new ResteasyKeycloakSession(sessionFactory);
|
||||
|
||||
SOAPException ex = Assert.assertThrows(SOAPException.class, () -> {
|
||||
Soap.createMessage()
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services;
|
||||
package org.keycloak.services.resteasy;
|
||||
|
||||
import static jakarta.ws.rs.core.MediaType.MULTIPART_FORM_DATA_TYPE;
|
||||
|
||||
|
@ -36,6 +36,7 @@ import org.jboss.resteasy.reactive.server.multipart.MultipartFormDataInput;
|
|||
import org.keycloak.common.util.Resteasy;
|
||||
import org.keycloak.http.FormPartValue;
|
||||
import org.keycloak.http.HttpRequest;
|
||||
import org.keycloak.services.FormPartValueImpl;
|
||||
|
||||
public class HttpRequestImpl implements HttpRequest {
|
||||
|
|
@ -15,7 +15,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services;
|
||||
package org.keycloak.services.resteasy;
|
||||
|
||||
import jakarta.ws.rs.core.NewCookie;
|
||||
import org.keycloak.http.HttpResponse;
|
|
@ -0,0 +1,88 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.resteasy;
|
||||
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
import org.keycloak.services.error.KcUnrecognizedPropertyExceptionHandler;
|
||||
import org.keycloak.services.error.KeycloakErrorHandler;
|
||||
import org.keycloak.services.error.KeycloakMismatchedInputExceptionHandler;
|
||||
import org.keycloak.services.filters.KeycloakSecurityHeadersFilter;
|
||||
import org.keycloak.services.resources.JsResource;
|
||||
import org.keycloak.services.resources.KeycloakApplication;
|
||||
import org.keycloak.services.resources.LoadBalancerResource;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.services.resources.RobotsResource;
|
||||
import org.keycloak.services.resources.ThemeResource;
|
||||
import org.keycloak.services.resources.WelcomeResource;
|
||||
import org.keycloak.services.resources.admin.AdminRoot;
|
||||
import org.keycloak.services.util.ObjectMapperResolver;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
public class ResteasyKeycloakApplication extends KeycloakApplication {
|
||||
|
||||
protected Set<Object> singletons = new HashSet<>();
|
||||
protected Set<Class<?>> classes = new HashSet<>();
|
||||
|
||||
public ResteasyKeycloakApplication() {
|
||||
classes.add(RobotsResource.class);
|
||||
classes.add(RealmsResource.class);
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
||||
classes.add(AdminRoot.class);
|
||||
}
|
||||
classes.add(ThemeResource.class);
|
||||
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.JS_ADAPTER)) {
|
||||
classes.add(JsResource.class);
|
||||
}
|
||||
|
||||
classes.add(KeycloakSecurityHeadersFilter.class);
|
||||
classes.add(KeycloakErrorHandler.class);
|
||||
classes.add(KcUnrecognizedPropertyExceptionHandler.class);
|
||||
classes.add(KeycloakMismatchedInputExceptionHandler.class);
|
||||
|
||||
singletons.add(new ObjectMapperResolver());
|
||||
classes.add(WelcomeResource.class);
|
||||
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.MULTI_SITE)) {
|
||||
// If we are running in multi-site mode, we need to add a resource which to expose
|
||||
// an endpoint for the load balancer to gather information whether this site should receive requests or not.
|
||||
classes.add(LoadBalancerResource.class);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Class<?>> getClasses() {
|
||||
return classes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Object> getSingletons() {
|
||||
return singletons;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected KeycloakSessionFactory createSessionFactory() {
|
||||
ResteasyKeycloakSessionFactory factory = new ResteasyKeycloakSessionFactory();
|
||||
factory.init();
|
||||
return factory;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,41 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.resteasy;
|
||||
|
||||
import org.keycloak.http.HttpRequest;
|
||||
import org.keycloak.http.HttpResponse;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakContext;
|
||||
|
||||
public class ResteasyKeycloakContext extends DefaultKeycloakContext {
|
||||
|
||||
public ResteasyKeycloakContext(KeycloakSession session) {
|
||||
super(session);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected HttpRequest createHttpRequest() {
|
||||
return new HttpRequestImpl(getContextObject(org.jboss.resteasy.spi.HttpRequest.class));
|
||||
}
|
||||
|
||||
@Override
|
||||
protected HttpResponse createHttpResponse() {
|
||||
return new HttpResponseImpl(getContextObject(org.jboss.resteasy.spi.HttpResponse.class));
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.resteasy;
|
||||
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakContext;
|
||||
import org.keycloak.services.DefaultKeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
|
||||
public class ResteasyKeycloakSession extends DefaultKeycloakSession {
|
||||
|
||||
public ResteasyKeycloakSession(DefaultKeycloakSessionFactory factory) {
|
||||
super(factory);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected DefaultKeycloakContext createKeycloakContext(KeycloakSession session) {
|
||||
return new ResteasyKeycloakContext(session);
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.services.resteasy;
|
||||
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
|
||||
public class ResteasyKeycloakSessionFactory extends DefaultKeycloakSessionFactory {
|
||||
|
||||
@Override
|
||||
public KeycloakSession create() {
|
||||
return new ResteasyKeycloakSession(this);
|
||||
}
|
||||
|
||||
}
|
|
@ -5,8 +5,8 @@ import org.junit.Test;
|
|||
import org.junit.rules.ExpectedException;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSession;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
|
@ -27,7 +27,7 @@ public class PlainTextVaultProviderFactoryTest {
|
|||
public void shouldInitializeVaultCorrectly() {
|
||||
//given
|
||||
VaultConfig config = new VaultConfig(Scenario.EXISTING.getAbsolutePathAsString());
|
||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
||||
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||
FilesPlainTextVaultProviderFactory factory = new FilesPlainTextVaultProviderFactory() {
|
||||
@Override
|
||||
protected String getRealmName(KeycloakSession session) {
|
||||
|
|
|
@ -79,6 +79,12 @@
|
|||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-jakarta-servlet-filter-adapter</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
<type>test-jar</type>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-io</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
|
|
|
@ -51,6 +51,7 @@ import org.keycloak.models.KeycloakSession;
|
|||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||
import org.keycloak.services.resources.KeycloakApplication;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakApplication;
|
||||
import org.keycloak.testsuite.JsonConfigProviderFactory;
|
||||
import org.keycloak.testsuite.KeycloakServer;
|
||||
import org.keycloak.testsuite.UndertowRequestFilter;
|
||||
|
@ -83,7 +84,7 @@ public class KeycloakOnUndertow implements DeployableContainer<KeycloakOnUnderto
|
|||
|
||||
private DeploymentInfo createAuthServerDeploymentInfo() {
|
||||
ResteasyDeployment deployment = new ResteasyDeploymentImpl();
|
||||
deployment.setApplicationClass(KeycloakApplication.class.getName());
|
||||
deployment.setApplicationClass(ResteasyKeycloakApplication.class.getName());
|
||||
|
||||
// RESTEASY-2034
|
||||
deployment.setProperty(ResteasyContextParameters.RESTEASY_DISABLE_HTML_SANITIZER, true);
|
||||
|
|
|
@ -64,6 +64,12 @@
|
|||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
<type>test-jar</type>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-spi-private</artifactId>
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
/*
|
||||
* Copyright 2020 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
|
@ -53,6 +53,7 @@ import org.keycloak.provider.ProviderManager;
|
|||
import org.keycloak.provider.Spi;
|
||||
import org.keycloak.services.DefaultComponentFactoryProviderFactory;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||
import org.keycloak.storage.DatastoreProviderFactory;
|
||||
import org.keycloak.storage.DatastoreSpi;
|
||||
import org.keycloak.timer.TimerSpi;
|
||||
|
@ -304,7 +305,7 @@ public abstract class KeycloakModelTest {
|
|||
|
||||
LOG.debugf("Creating factory %d in %s using the following configuration:\n %s", factoryIndex, threadName, CONFIG);
|
||||
|
||||
DefaultKeycloakSessionFactory res = new DefaultKeycloakSessionFactory() {
|
||||
DefaultKeycloakSessionFactory res = new ResteasyKeycloakSessionFactory() {
|
||||
|
||||
@Override
|
||||
public void init() {
|
||||
|
|
|
@ -56,6 +56,11 @@
|
|||
<artifactId>keycloak-dependencies-server-all</artifactId>
|
||||
<type>pom</type>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-services</artifactId>
|
||||
<type>test-jar</type>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-rest-admin-ui-ext</artifactId>
|
||||
|
|
|
@ -52,6 +52,7 @@ import org.keycloak.services.DefaultKeycloakSessionFactory;
|
|||
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.services.resources.KeycloakApplication;
|
||||
import org.keycloak.services.resteasy.ResteasyKeycloakApplication;
|
||||
import org.keycloak.testsuite.util.cli.TestsuiteCLI;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
import io.undertow.servlet.api.InstanceHandle;
|
||||
|
@ -408,7 +409,7 @@ public class KeycloakServer {
|
|||
|
||||
ResteasyDeployment deployment = new ResteasyDeploymentImpl();
|
||||
|
||||
deployment.setApplicationClass(KeycloakApplication.class.getName());
|
||||
deployment.setApplicationClass(ResteasyKeycloakApplication.class.getName());
|
||||
|
||||
Builder builder = Undertow.builder()
|
||||
.addHttpListener(config.getPort(), config.getHost())
|
||||
|
|
Loading…
Reference in a new issue