task: remove usage of resteasy-core-spi (#27387)
closes: #27242 Signed-off-by: Steve Hawkins <shawkins@redhat.com>
This commit is contained in:
parent
bf1248d062
commit
35b9d8aa49
52 changed files with 326 additions and 250 deletions
|
@ -32,7 +32,6 @@ import org.jboss.logging.Logger;
|
||||||
import org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider;
|
import org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider;
|
||||||
import org.keycloak.connections.jpa.updater.liquibase.ThreadLocalSessionContext;
|
import org.keycloak.connections.jpa.updater.liquibase.ThreadLocalSessionContext;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
|
||||||
|
|
||||||
import java.sql.Connection;
|
import java.sql.Connection;
|
||||||
import java.sql.ResultSet;
|
import java.sql.ResultSet;
|
||||||
|
@ -45,8 +44,6 @@ import java.util.List;
|
||||||
*/
|
*/
|
||||||
public abstract class CustomKeycloakTask implements CustomSqlChange {
|
public abstract class CustomKeycloakTask implements CustomSqlChange {
|
||||||
|
|
||||||
private final Logger logger = Logger.getLogger(getClass());
|
|
||||||
|
|
||||||
protected KeycloakSession kcSession;
|
protected KeycloakSession kcSession;
|
||||||
|
|
||||||
protected Database database;
|
protected Database database;
|
||||||
|
@ -73,18 +70,8 @@ public abstract class CustomKeycloakTask implements CustomSqlChange {
|
||||||
@Override
|
@Override
|
||||||
public void setUp() throws SetupException {
|
public void setUp() throws SetupException {
|
||||||
this.kcSession = ThreadLocalSessionContext.getCurrentSession();
|
this.kcSession = ThreadLocalSessionContext.getCurrentSession();
|
||||||
|
|
||||||
if (this.kcSession == null) {
|
if (this.kcSession == null) {
|
||||||
// Probably running Liquibase from maven plugin. Try to create kcSession programmatically
|
throw new SetupException("Thread bound session is null");
|
||||||
logger.info("No KeycloakSession provided in ThreadLocal. Initializing KeycloakSessionFactory");
|
|
||||||
|
|
||||||
try {
|
|
||||||
DefaultKeycloakSessionFactory factory = new DefaultKeycloakSessionFactory();
|
|
||||||
factory.init();
|
|
||||||
this.kcSession = factory.create();
|
|
||||||
} catch (Exception e) {
|
|
||||||
throw new SetupException("Exception when initializing factory", e);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
6
pom.xml
6
pom.xml
|
@ -1313,6 +1313,12 @@
|
||||||
<artifactId>keycloak-services</artifactId>
|
<artifactId>keycloak-services</artifactId>
|
||||||
<version>${project.version}</version>
|
<version>${project.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-services</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<type>test-jar</type>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- Authorization -->
|
<!-- Authorization -->
|
||||||
<dependency>
|
<dependency>
|
||||||
|
|
|
@ -103,7 +103,6 @@ import org.keycloak.representations.provider.ScriptProviderMetadata;
|
||||||
import org.keycloak.representations.userprofile.config.UPConfig;
|
import org.keycloak.representations.userprofile.config.UPConfig;
|
||||||
import org.keycloak.services.ServicesLogger;
|
import org.keycloak.services.ServicesLogger;
|
||||||
import org.keycloak.services.resources.JsResource;
|
import org.keycloak.services.resources.JsResource;
|
||||||
import org.keycloak.services.resources.KeycloakApplication;
|
|
||||||
import org.keycloak.services.resources.LoadBalancerResource;
|
import org.keycloak.services.resources.LoadBalancerResource;
|
||||||
import org.keycloak.services.resources.admin.AdminRoot;
|
import org.keycloak.services.resources.admin.AdminRoot;
|
||||||
import org.keycloak.theme.ClasspathThemeProviderFactory;
|
import org.keycloak.theme.ClasspathThemeProviderFactory;
|
||||||
|
@ -623,9 +622,6 @@ class KeycloakProcessor {
|
||||||
void configureResteasy(CombinedIndexBuildItem index,
|
void configureResteasy(CombinedIndexBuildItem index,
|
||||||
BuildProducer<BuildTimeConditionBuildItem> buildTimeConditionBuildItemBuildProducer,
|
BuildProducer<BuildTimeConditionBuildItem> buildTimeConditionBuildItemBuildProducer,
|
||||||
BuildProducer<MethodScannerBuildItem> scanner) {
|
BuildProducer<MethodScannerBuildItem> scanner) {
|
||||||
buildTimeConditionBuildItemBuildProducer.produce(new BuildTimeConditionBuildItem(index.getIndex().getClassByName(DotName.createSimple(
|
|
||||||
KeycloakApplication.class.getName())), false));
|
|
||||||
|
|
||||||
if (!Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
if (!Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
||||||
buildTimeConditionBuildItemBuildProducer.produce(new BuildTimeConditionBuildItem(index.getIndex().getClassByName(DotName.createSimple(
|
buildTimeConditionBuildItemBuildProducer.produce(new BuildTimeConditionBuildItem(index.getIndex().getClassByName(DotName.createSimple(
|
||||||
AdminRoot.class.getName())), false));
|
AdminRoot.class.getName())), false));
|
||||||
|
|
|
@ -548,10 +548,6 @@
|
||||||
</exclusion>
|
</exclusion>
|
||||||
</exclusions>
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
|
||||||
<artifactId>resteasy-core-spi</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.apache.commons</groupId>
|
<groupId>org.apache.commons</groupId>
|
||||||
<artifactId>commons-lang3</artifactId>
|
<artifactId>commons-lang3</artifactId>
|
||||||
|
|
|
@ -27,8 +27,6 @@ import org.keycloak.quarkus.runtime.integration.QuarkusKeycloakSessionFactory;
|
||||||
import org.keycloak.quarkus.runtime.integration.QuarkusPlatform;
|
import org.keycloak.quarkus.runtime.integration.QuarkusPlatform;
|
||||||
import org.keycloak.services.resources.KeycloakApplication;
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
|
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
import jakarta.enterprise.event.Observes;
|
import jakarta.enterprise.event.Observes;
|
||||||
import jakarta.ws.rs.ApplicationPath;
|
import jakarta.ws.rs.ApplicationPath;
|
||||||
|
|
||||||
|
@ -59,13 +57,4 @@ public class QuarkusKeycloakApplication extends KeycloakApplication {
|
||||||
// no need to load config provider because we force quarkus impl
|
// no need to load config provider because we force quarkus impl
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<Object> getSingletons() {
|
|
||||||
return Set.of();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<Class<?>> getClasses() {
|
|
||||||
return Set.of();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,6 +4,7 @@ import static org.keycloak.utils.StreamsUtil.throwIfEmpty;
|
||||||
|
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.Path;
|
import jakarta.ws.rs.Path;
|
||||||
import jakarta.ws.rs.Produces;
|
import jakarta.ws.rs.Produces;
|
||||||
|
@ -17,7 +18,6 @@ import org.jboss.resteasy.reactive.NoCache;
|
||||||
import org.keycloak.admin.ui.rest.model.RealmNameRepresentation;
|
import org.keycloak.admin.ui.rest.model.RealmNameRepresentation;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
||||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||||
import org.keycloak.services.resources.admin.permissions.RealmsPermissionEvaluator;
|
import org.keycloak.services.resources.admin.permissions.RealmsPermissionEvaluator;
|
||||||
|
|
|
@ -137,6 +137,7 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
<artifactId>resteasy-core-spi</artifactId>
|
<artifactId>resteasy-core-spi</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
|
<groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
|
||||||
|
@ -249,6 +250,16 @@
|
||||||
</compilerArgument>
|
</compilerArgument>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<artifactId>maven-jar-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<goals>
|
||||||
|
<goal>test-jar</goal>
|
||||||
|
</goals>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,8 @@ package org.keycloak.authentication.requiredactions;
|
||||||
|
|
||||||
import java.util.Objects;
|
import java.util.Objects;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
import org.keycloak.authentication.AuthenticationProcessor;
|
import org.keycloak.authentication.AuthenticationProcessor;
|
||||||
|
@ -39,7 +41,6 @@ import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserManager;
|
import org.keycloak.models.UserManager;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.managers.AuthenticationManager;
|
import org.keycloak.services.managers.AuthenticationManager;
|
||||||
import org.keycloak.services.messages.Messages;
|
import org.keycloak.services.messages.Messages;
|
||||||
|
|
||||||
|
|
|
@ -22,7 +22,6 @@ import java.util.Map;
|
||||||
|
|
||||||
import jakarta.ws.rs.Path;
|
import jakarta.ws.rs.Path;
|
||||||
|
|
||||||
import org.jboss.resteasy.spi.ResteasyProviderFactory;
|
|
||||||
import org.keycloak.authorization.AuthorizationProvider;
|
import org.keycloak.authorization.AuthorizationProvider;
|
||||||
import org.keycloak.authorization.model.Policy;
|
import org.keycloak.authorization.model.Policy;
|
||||||
import org.keycloak.authorization.model.ResourceServer;
|
import org.keycloak.authorization.model.ResourceServer;
|
||||||
|
|
|
@ -40,7 +40,7 @@ import java.util.Map;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
*/
|
*/
|
||||||
public class DefaultKeycloakContext implements KeycloakContext {
|
public abstract class DefaultKeycloakContext implements KeycloakContext {
|
||||||
|
|
||||||
private RealmModel realm;
|
private RealmModel realm;
|
||||||
|
|
||||||
|
@ -170,13 +170,9 @@ public class DefaultKeycloakContext implements KeycloakContext {
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected HttpRequest createHttpRequest() {
|
protected abstract HttpRequest createHttpRequest();
|
||||||
return new HttpRequestImpl(getContextObject(org.jboss.resteasy.spi.HttpRequest.class));
|
|
||||||
}
|
|
||||||
|
|
||||||
protected HttpResponse createHttpResponse() {
|
protected abstract HttpResponse createHttpResponse();
|
||||||
return new HttpResponseImpl(getContextObject(org.jboss.resteasy.spi.HttpResponse.class));
|
|
||||||
}
|
|
||||||
|
|
||||||
protected KeycloakSession getSession() {
|
protected KeycloakSession getSession() {
|
||||||
return session;
|
return session;
|
||||||
|
|
|
@ -67,7 +67,7 @@ import java.util.stream.Collectors;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
*/
|
*/
|
||||||
public class DefaultKeycloakSession implements KeycloakSession {
|
public abstract class DefaultKeycloakSession implements KeycloakSession {
|
||||||
|
|
||||||
private final DefaultKeycloakSessionFactory factory;
|
private final DefaultKeycloakSessionFactory factory;
|
||||||
private final Map<Integer, Provider> providers = new HashMap<>();
|
private final Map<Integer, Provider> providers = new HashMap<>();
|
||||||
|
@ -253,6 +253,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
|
||||||
return provider;
|
return provider;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public <T extends Provider> Set<String> listProviderIds(Class<T> clazz) {
|
public <T extends Provider> Set<String> listProviderIds(Class<T> clazz) {
|
||||||
return factory.getAllProviderIds(clazz);
|
return factory.getAllProviderIds(clazz);
|
||||||
}
|
}
|
||||||
|
@ -418,9 +419,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
|
||||||
return String.format("session @ %08x", System.identityHashCode(this));
|
return String.format("session @ %08x", System.identityHashCode(this));
|
||||||
}
|
}
|
||||||
|
|
||||||
protected DefaultKeycloakContext createKeycloakContext(KeycloakSession session) {
|
protected abstract DefaultKeycloakContext createKeycloakContext(KeycloakSession session);
|
||||||
return new DefaultKeycloakContext(session);
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean isClosed() {
|
public boolean isClosed() {
|
||||||
return closed;
|
return closed;
|
||||||
|
|
|
@ -52,7 +52,7 @@ import java.util.concurrent.CopyOnWriteArrayList;
|
||||||
import java.util.function.Function;
|
import java.util.function.Function;
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
|
|
||||||
public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, ProviderManagerDeployer {
|
public abstract class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, ProviderManagerDeployer {
|
||||||
|
|
||||||
private static final Logger logger = Logger.getLogger(DefaultKeycloakSessionFactory.class);
|
private static final Logger logger = Logger.getLogger(DefaultKeycloakSessionFactory.class);
|
||||||
|
|
||||||
|
@ -318,11 +318,6 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
public KeycloakSession create() {
|
|
||||||
KeycloakSession session = new DefaultKeycloakSession(this);
|
|
||||||
return session;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Set<Spi> getSpis() {
|
public Set<Spi> getSpis() {
|
||||||
return spis;
|
return spis;
|
||||||
|
@ -396,6 +391,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void close() {
|
public void close() {
|
||||||
ProviderManagerRegistry.SINGLETON.setDeployer(null);
|
ProviderManagerRegistry.SINGLETON.setDeployer(null);
|
||||||
for (Map<String, ProviderFactory> factories : factoriesMap.values()) {
|
for (Map<String, ProviderFactory> factories : factoriesMap.values()) {
|
||||||
|
|
|
@ -1,65 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
* and other contributors as indicated by the @author tags.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.keycloak.services;
|
|
||||||
|
|
||||||
import org.jboss.resteasy.spi.LoggableFailure;
|
|
||||||
|
|
||||||
import jakarta.ws.rs.core.Response;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* To provide a typed exception for Forbidden (This doesn't exist in Resteasy 2.3.7)
|
|
||||||
*/
|
|
||||||
public class ForbiddenException extends LoggableFailure
|
|
||||||
{
|
|
||||||
public ForbiddenException()
|
|
||||||
{
|
|
||||||
super(403);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ForbiddenException(String s)
|
|
||||||
{
|
|
||||||
super(s, 403);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ForbiddenException(String s, Response response)
|
|
||||||
{
|
|
||||||
super(s, response);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ForbiddenException(String s, Throwable throwable, Response response)
|
|
||||||
{
|
|
||||||
super(s, throwable, response);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ForbiddenException(String s, Throwable throwable)
|
|
||||||
{
|
|
||||||
super(s, throwable, 403);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ForbiddenException(Throwable throwable)
|
|
||||||
{
|
|
||||||
super(throwable, 403);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ForbiddenException(Throwable throwable, Response response)
|
|
||||||
{
|
|
||||||
super(throwable, response);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
|
@ -40,7 +40,6 @@ import org.keycloak.models.utils.RepresentationToModel;
|
||||||
import org.keycloak.representations.idm.ClientRepresentation;
|
import org.keycloak.representations.idm.ClientRepresentation;
|
||||||
import org.keycloak.representations.oidc.OIDCClientRepresentation;
|
import org.keycloak.representations.oidc.OIDCClientRepresentation;
|
||||||
import org.keycloak.services.ErrorResponseException;
|
import org.keycloak.services.ErrorResponseException;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.clientpolicy.ClientPolicyException;
|
import org.keycloak.services.clientpolicy.ClientPolicyException;
|
||||||
import org.keycloak.services.clientpolicy.context.DynamicClientRegisteredContext;
|
import org.keycloak.services.clientpolicy.context.DynamicClientRegisteredContext;
|
||||||
import org.keycloak.services.clientpolicy.context.DynamicClientUpdatedContext;
|
import org.keycloak.services.clientpolicy.context.DynamicClientUpdatedContext;
|
||||||
|
@ -50,6 +49,7 @@ import org.keycloak.services.managers.ClientManager;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.validation.ValidationUtil;
|
import org.keycloak.validation.ValidationUtil;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.core.Response;
|
import jakarta.ws.rs.core.Response;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -17,7 +17,6 @@
|
||||||
|
|
||||||
package org.keycloak.services.clientregistration;
|
package org.keycloak.services.clientregistration;
|
||||||
|
|
||||||
import org.jboss.resteasy.spi.Failure;
|
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
import org.keycloak.OAuthErrorException;
|
import org.keycloak.OAuthErrorException;
|
||||||
import org.keycloak.authentication.AuthenticationProcessor;
|
import org.keycloak.authentication.AuthenticationProcessor;
|
||||||
|
@ -46,6 +45,7 @@ import org.keycloak.services.clientregistration.policy.ClientRegistrationPolicyM
|
||||||
import org.keycloak.services.clientregistration.policy.RegistrationAuth;
|
import org.keycloak.services.clientregistration.policy.RegistrationAuth;
|
||||||
import org.keycloak.util.TokenUtil;
|
import org.keycloak.util.TokenUtil;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.WebApplicationException;
|
||||||
import jakarta.ws.rs.core.HttpHeaders;
|
import jakarta.ws.rs.core.HttpHeaders;
|
||||||
import jakarta.ws.rs.core.Response;
|
import jakarta.ws.rs.core.Response;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -380,21 +380,21 @@ public class ClientRegistrationAuth {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
private Failure unauthorized(String errorDescription) {
|
private WebApplicationException unauthorized(String errorDescription) {
|
||||||
event.detail(Details.REASON, errorDescription).error(Errors.INVALID_TOKEN);
|
event.detail(Details.REASON, errorDescription).error(Errors.INVALID_TOKEN);
|
||||||
throw new ErrorResponseException(OAuthErrorException.INVALID_TOKEN, errorDescription, Response.Status.UNAUTHORIZED);
|
throw new ErrorResponseException(OAuthErrorException.INVALID_TOKEN, errorDescription, Response.Status.UNAUTHORIZED);
|
||||||
}
|
}
|
||||||
|
|
||||||
private Failure forbidden() {
|
private WebApplicationException forbidden() {
|
||||||
return forbidden("Forbidden");
|
return forbidden("Forbidden");
|
||||||
}
|
}
|
||||||
|
|
||||||
private Failure forbidden(String errorDescription) {
|
private WebApplicationException forbidden(String errorDescription) {
|
||||||
event.error(Errors.NOT_ALLOWED);
|
event.error(Errors.NOT_ALLOWED);
|
||||||
throw new ErrorResponseException(OAuthErrorException.INSUFFICIENT_SCOPE, errorDescription, Response.Status.FORBIDDEN);
|
throw new ErrorResponseException(OAuthErrorException.INSUFFICIENT_SCOPE, errorDescription, Response.Status.FORBIDDEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
private Failure notFound() {
|
private WebApplicationException notFound() {
|
||||||
event.error(Errors.CLIENT_NOT_FOUND);
|
event.error(Errors.CLIENT_NOT_FOUND);
|
||||||
throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Client not found", Response.Status.NOT_FOUND);
|
throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Client not found", Response.Status.NOT_FOUND);
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,6 @@ import static org.keycloak.services.resources.KeycloakApplication.getSessionFact
|
||||||
import com.fasterxml.jackson.core.JsonParseException;
|
import com.fasterxml.jackson.core.JsonParseException;
|
||||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.spi.Failure;
|
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
import org.keycloak.OAuthErrorException;
|
import org.keycloak.OAuthErrorException;
|
||||||
import org.keycloak.forms.login.freemarker.model.UrlBean;
|
import org.keycloak.forms.login.freemarker.model.UrlBean;
|
||||||
|
@ -122,10 +121,6 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
|
||||||
WebApplicationException ex = (WebApplicationException) throwable;
|
WebApplicationException ex = (WebApplicationException) throwable;
|
||||||
status = ex.getResponse().getStatus();
|
status = ex.getResponse().getStatus();
|
||||||
}
|
}
|
||||||
if (throwable instanceof Failure) {
|
|
||||||
Failure f = (Failure) throwable;
|
|
||||||
status = f.getErrorCode();
|
|
||||||
}
|
|
||||||
if (throwable instanceof JsonProcessingException) {
|
if (throwable instanceof JsonProcessingException) {
|
||||||
status = Response.Status.BAD_REQUEST.getStatusCode();
|
status = Response.Status.BAD_REQUEST.getStatusCode();
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,7 +23,8 @@ import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.UserSessionModel;
|
import org.keycloak.models.UserSessionModel;
|
||||||
import org.keycloak.representations.AccessToken;
|
import org.keycloak.representations.AccessToken;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
|
|
|
@ -17,7 +17,6 @@
|
||||||
package org.keycloak.services.resources;
|
package org.keycloak.services.resources;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.spi.BadRequestException;
|
|
||||||
import org.keycloak.http.HttpRequest;
|
import org.keycloak.http.HttpRequest;
|
||||||
import org.keycloak.AbstractOAuthClient;
|
import org.keycloak.AbstractOAuthClient;
|
||||||
import org.keycloak.OAuth2Constants;
|
import org.keycloak.OAuth2Constants;
|
||||||
|
@ -29,11 +28,12 @@ import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.managers.Auth;
|
import org.keycloak.services.managers.Auth;
|
||||||
import org.keycloak.services.messages.Messages;
|
import org.keycloak.services.messages.Messages;
|
||||||
import org.keycloak.util.TokenUtil;
|
import org.keycloak.util.TokenUtil;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.BadRequestException;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.Path;
|
import jakarta.ws.rs.Path;
|
||||||
import jakarta.ws.rs.QueryParam;
|
import jakarta.ws.rs.QueryParam;
|
||||||
|
|
|
@ -17,7 +17,6 @@
|
||||||
package org.keycloak.services.resources;
|
package org.keycloak.services.resources;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.spi.BadRequestException;
|
|
||||||
import org.keycloak.http.HttpRequest;
|
import org.keycloak.http.HttpRequest;
|
||||||
import jakarta.ws.rs.NotAuthorizedException;
|
import jakarta.ws.rs.NotAuthorizedException;
|
||||||
import org.keycloak.OAuthErrorException;
|
import org.keycloak.OAuthErrorException;
|
||||||
|
@ -33,8 +32,9 @@ import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil;
|
import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil;
|
||||||
import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
|
import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
|
|
||||||
|
import jakarta.ws.rs.BadRequestException;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.HeaderParam;
|
import jakarta.ws.rs.HeaderParam;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
import jakarta.ws.rs.Path;
|
import jakarta.ws.rs.Path;
|
||||||
|
|
|
@ -16,10 +16,8 @@
|
||||||
*/
|
*/
|
||||||
package org.keycloak.services.resources;
|
package org.keycloak.services.resources;
|
||||||
|
|
||||||
import com.fasterxml.jackson.core.type.TypeReference;
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
import org.keycloak.common.Profile;
|
|
||||||
import org.keycloak.common.crypto.CryptoIntegration;
|
import org.keycloak.common.crypto.CryptoIntegration;
|
||||||
import org.keycloak.common.util.Resteasy;
|
import org.keycloak.common.util.Resteasy;
|
||||||
import org.keycloak.config.ConfigProviderFactory;
|
import org.keycloak.config.ConfigProviderFactory;
|
||||||
|
@ -42,51 +40,39 @@ import org.keycloak.platform.Platform;
|
||||||
import org.keycloak.platform.PlatformProvider;
|
import org.keycloak.platform.PlatformProvider;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
|
||||||
import org.keycloak.services.ServicesLogger;
|
import org.keycloak.services.ServicesLogger;
|
||||||
import org.keycloak.services.error.KeycloakErrorHandler;
|
|
||||||
import org.keycloak.services.error.KcUnrecognizedPropertyExceptionHandler;
|
|
||||||
import org.keycloak.services.error.KeycloakMismatchedInputExceptionHandler;
|
|
||||||
import org.keycloak.services.filters.KeycloakSecurityHeadersFilter;
|
|
||||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.services.resources.admin.AdminRoot;
|
|
||||||
import org.keycloak.services.util.ObjectMapperResolver;
|
|
||||||
import org.keycloak.transaction.JtaTransactionManagerLookup;
|
import org.keycloak.transaction.JtaTransactionManagerLookup;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.NoSuchElementException;
|
||||||
|
import java.util.ServiceLoader;
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.core.type.TypeReference;
|
||||||
|
|
||||||
import jakarta.transaction.SystemException;
|
import jakarta.transaction.SystemException;
|
||||||
import jakarta.transaction.Transaction;
|
import jakarta.transaction.Transaction;
|
||||||
import jakarta.ws.rs.core.Application;
|
import jakarta.ws.rs.core.Application;
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.FileInputStream;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.NoSuchElementException;
|
|
||||||
import java.util.ServiceLoader;
|
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*
|
*
|
||||||
* Note: the classes and singletons are not used by Quarkus - see the KeycloakProcessor to do exclusions
|
|
||||||
*/
|
*/
|
||||||
public class KeycloakApplication extends Application {
|
public abstract class KeycloakApplication extends Application {
|
||||||
|
|
||||||
private static final Logger logger = Logger.getLogger(KeycloakApplication.class);
|
private static final Logger logger = Logger.getLogger(KeycloakApplication.class);
|
||||||
|
|
||||||
protected final PlatformProvider platform = Platform.getPlatform();
|
protected final PlatformProvider platform = Platform.getPlatform();
|
||||||
|
|
||||||
protected Set<Object> singletons = new HashSet<>();
|
|
||||||
protected Set<Class<?>> classes = new HashSet<>();
|
|
||||||
|
|
||||||
private static KeycloakSessionFactory sessionFactory;
|
private static KeycloakSessionFactory sessionFactory;
|
||||||
|
|
||||||
public KeycloakApplication() {
|
public KeycloakApplication() {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
logger.debugv("PlatformProvider: {0}", platform.getClass().getName());
|
logger.debugv("PlatformProvider: {0}", platform.getClass().getName());
|
||||||
|
@ -94,38 +80,12 @@ public class KeycloakApplication extends Application {
|
||||||
|
|
||||||
loadConfig();
|
loadConfig();
|
||||||
|
|
||||||
classes.add(RobotsResource.class);
|
|
||||||
classes.add(RealmsResource.class);
|
|
||||||
if (Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
|
||||||
classes.add(AdminRoot.class);
|
|
||||||
}
|
|
||||||
classes.add(ThemeResource.class);
|
|
||||||
|
|
||||||
if (Profile.isFeatureEnabled(Profile.Feature.JS_ADAPTER)) {
|
|
||||||
classes.add(JsResource.class);
|
|
||||||
}
|
|
||||||
|
|
||||||
classes.add(KeycloakSecurityHeadersFilter.class);
|
|
||||||
classes.add(KeycloakErrorHandler.class);
|
|
||||||
classes.add(KcUnrecognizedPropertyExceptionHandler.class);
|
|
||||||
classes.add(KeycloakMismatchedInputExceptionHandler.class);
|
|
||||||
|
|
||||||
singletons.add(new ObjectMapperResolver());
|
|
||||||
classes.add(WelcomeResource.class);
|
|
||||||
|
|
||||||
if (Profile.isFeatureEnabled(Profile.Feature.MULTI_SITE)) {
|
|
||||||
// If we are running in multi-site mode, we need to add a resource which to expose
|
|
||||||
// an endpoint for the load balancer to gather information whether this site should receive requests or not.
|
|
||||||
classes.add(LoadBalancerResource.class);
|
|
||||||
}
|
|
||||||
|
|
||||||
platform.onStartup(this::startup);
|
platform.onStartup(this::startup);
|
||||||
platform.onShutdown(this::shutdown);
|
platform.onShutdown(this::shutdown);
|
||||||
|
|
||||||
} catch (Throwable t) {
|
} catch (Throwable t) {
|
||||||
platform.exit(t);
|
platform.exit(t);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void startup() {
|
protected void startup() {
|
||||||
|
@ -225,26 +185,12 @@ public class KeycloakApplication extends Application {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
protected KeycloakSessionFactory createSessionFactory() {
|
protected abstract KeycloakSessionFactory createSessionFactory();
|
||||||
DefaultKeycloakSessionFactory factory = new DefaultKeycloakSessionFactory();
|
|
||||||
factory.init();
|
|
||||||
return factory;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static KeycloakSessionFactory getSessionFactory() {
|
public static KeycloakSessionFactory getSessionFactory() {
|
||||||
return sessionFactory;
|
return sessionFactory;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<Class<?>> getClasses() {
|
|
||||||
return classes;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<Object> getSingletons() {
|
|
||||||
return singletons;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void importRealms(ExportImportManager exportImportManager) {
|
public void importRealms(ExportImportManager exportImportManager) {
|
||||||
String dir = System.getProperty("keycloak.import");
|
String dir = System.getProperty("keycloak.import");
|
||||||
if (dir != null) {
|
if (dir != null) {
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
package org.keycloak.services.resources;
|
package org.keycloak.services.resources;
|
||||||
|
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
import jakarta.ws.rs.Path;
|
import jakarta.ws.rs.Path;
|
||||||
|
@ -42,7 +43,6 @@ import org.keycloak.cookie.CookieProvider;
|
||||||
import org.keycloak.cookie.CookieType;
|
import org.keycloak.cookie.CookieType;
|
||||||
import org.keycloak.http.HttpRequest;
|
import org.keycloak.http.HttpRequest;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.ServicesLogger;
|
import org.keycloak.services.ServicesLogger;
|
||||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||||
import org.keycloak.services.util.CacheControlUtil;
|
import org.keycloak.services.util.CacheControlUtil;
|
||||||
|
|
|
@ -29,7 +29,6 @@ import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.protocol.oidc.TokenManager;
|
import org.keycloak.protocol.oidc.TokenManager;
|
||||||
import org.keycloak.representations.AccessToken;
|
import org.keycloak.representations.AccessToken;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.cors.Cors;
|
import org.keycloak.services.cors.Cors;
|
||||||
import org.keycloak.services.managers.AppAuthManager;
|
import org.keycloak.services.managers.AppAuthManager;
|
||||||
import org.keycloak.services.managers.AuthenticationManager;
|
import org.keycloak.services.managers.AuthenticationManager;
|
||||||
|
@ -39,6 +38,7 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissions;
|
||||||
import org.keycloak.theme.Theme;
|
import org.keycloak.theme.Theme;
|
||||||
import org.keycloak.urls.UrlType;
|
import org.keycloak.urls.UrlType;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.HttpMethod;
|
import jakarta.ws.rs.HttpMethod;
|
||||||
import jakarta.ws.rs.OPTIONS;
|
import jakarta.ws.rs.OPTIONS;
|
||||||
|
|
|
@ -24,7 +24,6 @@ import jakarta.ws.rs.core.Response.Status;
|
||||||
import org.eclipse.microprofile.openapi.annotations.tags.Tag;
|
import org.eclipse.microprofile.openapi.annotations.tags.Tag;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.reactive.NoCache;
|
import org.jboss.resteasy.reactive.NoCache;
|
||||||
import org.jboss.resteasy.spi.BadRequestException;
|
|
||||||
import org.keycloak.OAuthErrorException;
|
import org.keycloak.OAuthErrorException;
|
||||||
import org.keycloak.authorization.admin.AuthorizationService;
|
import org.keycloak.authorization.admin.AuthorizationService;
|
||||||
import org.keycloak.common.ClientConnection;
|
import org.keycloak.common.ClientConnection;
|
||||||
|
@ -78,6 +77,7 @@ import org.keycloak.utils.ProfileHelper;
|
||||||
import org.keycloak.utils.ReservedCharValidator;
|
import org.keycloak.utils.ReservedCharValidator;
|
||||||
import org.keycloak.validation.ValidationUtil;
|
import org.keycloak.validation.ValidationUtil;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.BadRequestException;
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
import jakarta.ws.rs.DELETE;
|
import jakarta.ws.rs.DELETE;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
|
|
|
@ -38,7 +38,6 @@ import org.keycloak.representations.idm.ClientRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
|
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
|
||||||
import org.keycloak.services.ErrorResponse;
|
import org.keycloak.services.ErrorResponse;
|
||||||
import org.keycloak.services.ErrorResponseException;
|
import org.keycloak.services.ErrorResponseException;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.clientpolicy.ClientPolicyException;
|
import org.keycloak.services.clientpolicy.ClientPolicyException;
|
||||||
import org.keycloak.services.clientpolicy.context.AdminClientRegisterContext;
|
import org.keycloak.services.clientpolicy.context.AdminClientRegisterContext;
|
||||||
import org.keycloak.services.clientpolicy.context.AdminClientRegisteredContext;
|
import org.keycloak.services.clientpolicy.context.AdminClientRegisteredContext;
|
||||||
|
@ -51,6 +50,7 @@ import org.keycloak.validation.ValidationUtil;
|
||||||
|
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
import jakarta.ws.rs.DefaultValue;
|
import jakarta.ws.rs.DefaultValue;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.NotFoundException;
|
import jakarta.ws.rs.NotFoundException;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
|
|
|
@ -27,7 +27,6 @@ import org.keycloak.http.FormPartValue;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.ModelDuplicateException;
|
import org.keycloak.models.ModelDuplicateException;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.resources.KeycloakOpenAPI;
|
import org.keycloak.services.resources.KeycloakOpenAPI;
|
||||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||||
|
|
||||||
|
@ -40,6 +39,7 @@ import java.util.stream.Stream;
|
||||||
import jakarta.ws.rs.BadRequestException;
|
import jakarta.ws.rs.BadRequestException;
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
import jakarta.ws.rs.DELETE;
|
import jakarta.ws.rs.DELETE;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.NotFoundException;
|
import jakarta.ws.rs.NotFoundException;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
|
|
|
@ -38,7 +38,6 @@ import org.keycloak.policy.PasswordPolicyNotMetException;
|
||||||
import org.keycloak.protocol.oidc.TokenManager;
|
import org.keycloak.protocol.oidc.TokenManager;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.services.ErrorResponse;
|
import org.keycloak.services.ErrorResponse;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.services.resources.KeycloakOpenAPI;
|
import org.keycloak.services.resources.KeycloakOpenAPI;
|
||||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||||
|
@ -48,6 +47,7 @@ import org.keycloak.storage.ExportImportManager;
|
||||||
|
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
import jakarta.ws.rs.DefaultValue;
|
import jakarta.ws.rs.DefaultValue;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.NotFoundException;
|
import jakarta.ws.rs.NotFoundException;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
|
|
|
@ -71,7 +71,6 @@ import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.representations.idm.UserSessionRepresentation;
|
import org.keycloak.representations.idm.UserSessionRepresentation;
|
||||||
import org.keycloak.services.ErrorResponse;
|
import org.keycloak.services.ErrorResponse;
|
||||||
import org.keycloak.services.ErrorResponseException;
|
import org.keycloak.services.ErrorResponseException;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.ServicesLogger;
|
import org.keycloak.services.ServicesLogger;
|
||||||
import org.keycloak.services.Urls;
|
import org.keycloak.services.Urls;
|
||||||
import org.keycloak.services.managers.AuthenticationManager;
|
import org.keycloak.services.managers.AuthenticationManager;
|
||||||
|
@ -93,6 +92,7 @@ import jakarta.ws.rs.BadRequestException;
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
import jakarta.ws.rs.DELETE;
|
import jakarta.ws.rs.DELETE;
|
||||||
import jakarta.ws.rs.DefaultValue;
|
import jakarta.ws.rs.DefaultValue;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.NotFoundException;
|
import jakarta.ws.rs.NotFoundException;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
|
|
|
@ -40,7 +40,6 @@ import org.keycloak.models.utils.RepresentationToModel;
|
||||||
import org.keycloak.policy.PasswordPolicyNotMetException;
|
import org.keycloak.policy.PasswordPolicyNotMetException;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.services.ErrorResponse;
|
import org.keycloak.services.ErrorResponse;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.resources.KeycloakOpenAPI;
|
import org.keycloak.services.resources.KeycloakOpenAPI;
|
||||||
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
|
||||||
import org.keycloak.services.resources.admin.permissions.UserPermissionEvaluator;
|
import org.keycloak.services.resources.admin.permissions.UserPermissionEvaluator;
|
||||||
|
@ -49,6 +48,7 @@ import org.keycloak.userprofile.UserProfileProvider;
|
||||||
import org.keycloak.utils.SearchQueryUtils;
|
import org.keycloak.utils.SearchQueryUtils;
|
||||||
|
|
||||||
import jakarta.ws.rs.Consumes;
|
import jakarta.ws.rs.Consumes;
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
import jakarta.ws.rs.GET;
|
import jakarta.ws.rs.GET;
|
||||||
import jakarta.ws.rs.NotFoundException;
|
import jakarta.ws.rs.NotFoundException;
|
||||||
import jakarta.ws.rs.POST;
|
import jakarta.ws.rs.POST;
|
||||||
|
|
|
@ -33,7 +33,6 @@ import org.keycloak.models.ClientScopeModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.representations.idm.authorization.Permission;
|
import org.keycloak.representations.idm.authorization.Permission;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.storage.StorageId;
|
import org.keycloak.storage.StorageId;
|
||||||
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
|
@ -45,6 +44,8 @@ import java.util.LinkedHashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
import static org.keycloak.services.resources.admin.permissions.AdminPermissionManagement.TOKEN_EXCHANGE;
|
import static org.keycloak.services.resources.admin.permissions.AdminPermissionManagement.TOKEN_EXCHANGE;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -28,7 +28,6 @@ import org.keycloak.authorization.store.ResourceStore;
|
||||||
import org.keycloak.models.AdminRoles;
|
import org.keycloak.models.AdminRoles;
|
||||||
import org.keycloak.models.GroupModel;
|
import org.keycloak.models.GroupModel;
|
||||||
import org.keycloak.representations.idm.authorization.Permission;
|
import org.keycloak.representations.idm.authorization.Permission;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
|
@ -40,6 +39,8 @@ import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
|
|
|
@ -37,7 +37,6 @@ import org.keycloak.models.KeycloakSessionFactory;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.representations.idm.authorization.Permission;
|
import org.keycloak.representations.idm.authorization.Permission;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.services.resources.admin.AdminAuth;
|
import org.keycloak.services.resources.admin.AdminAuth;
|
||||||
|
|
||||||
|
@ -45,6 +44,8 @@ import java.util.Arrays;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
|
|
|
@ -20,9 +20,10 @@ package org.keycloak.services.resources.admin.permissions;
|
||||||
import org.keycloak.models.AdminRoles;
|
import org.keycloak.models.AdminRoles;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.ImpersonationConstants;
|
import org.keycloak.models.ImpersonationConstants;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
import org.keycloak.services.resources.admin.AdminAuth;
|
import org.keycloak.services.resources.admin.AdminAuth;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
|
|
|
@ -21,7 +21,8 @@ import org.keycloak.authorization.AuthorizationProvider;
|
||||||
import org.keycloak.models.AdminRoles;
|
import org.keycloak.models.AdminRoles;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Manages default policies for all users.
|
* Manages default policies for all users.
|
||||||
|
|
|
@ -34,7 +34,6 @@ import org.keycloak.models.RoleContainerModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
||||||
import org.keycloak.representations.idm.authorization.Permission;
|
import org.keycloak.representations.idm.authorization.Permission;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
|
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
@ -43,6 +42,8 @@ import java.util.LinkedHashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
|
|
|
@ -36,7 +36,6 @@ import org.keycloak.models.ImpersonationConstants;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.representations.idm.authorization.Permission;
|
import org.keycloak.representations.idm.authorization.Permission;
|
||||||
import org.keycloak.services.ForbiddenException;
|
|
||||||
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
|
@ -49,6 +48,8 @@ import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.function.Predicate;
|
import java.util.function.Predicate;
|
||||||
|
|
||||||
|
import jakarta.ws.rs.ForbiddenException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Manages default policies for all users.
|
* Manages default policies for all users.
|
||||||
*
|
*
|
||||||
|
|
|
@ -35,8 +35,8 @@ import org.apache.http.impl.client.CloseableHttpClient;
|
||||||
import org.junit.Assume;
|
import org.junit.Assume;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSession;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||||
import org.keycloak.utils.ScopeUtil;
|
import org.keycloak.utils.ScopeUtil;
|
||||||
|
|
||||||
public class DefaultHttpClientFactoryTest {
|
public class DefaultHttpClientFactoryTest {
|
||||||
|
@ -49,7 +49,7 @@ public class DefaultHttpClientFactoryTest {
|
||||||
values.put(DISABLE_TRUST_MANAGER_PROPERTY, "true");
|
values.put(DISABLE_TRUST_MANAGER_PROPERTY, "true");
|
||||||
DefaultHttpClientFactory factory = new DefaultHttpClientFactory();
|
DefaultHttpClientFactory factory = new DefaultHttpClientFactory();
|
||||||
factory.init(ScopeUtil.createScope(values));
|
factory.init(ScopeUtil.createScope(values));
|
||||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||||
HttpClientProvider provider = factory.create(session);
|
HttpClientProvider provider = factory.create(session);
|
||||||
Optional<String> testURL = getTestURL();
|
Optional<String> testURL = getTestURL();
|
||||||
Assume.assumeTrue( "Could not get test url for domain", testURL.isPresent() );
|
Assume.assumeTrue( "Could not get test url for domain", testURL.isPresent() );
|
||||||
|
@ -63,7 +63,7 @@ public class DefaultHttpClientFactoryTest {
|
||||||
public void createHttpClientProviderWithUnvailableURL() throws IOException {
|
public void createHttpClientProviderWithUnvailableURL() throws IOException {
|
||||||
DefaultHttpClientFactory factory = new DefaultHttpClientFactory();
|
DefaultHttpClientFactory factory = new DefaultHttpClientFactory();
|
||||||
factory.init(ScopeUtil.createScope(new HashMap<>()));
|
factory.init(ScopeUtil.createScope(new HashMap<>()));
|
||||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||||
HttpClientProvider provider = factory.create(session);
|
HttpClientProvider provider = factory.create(session);
|
||||||
try (CloseableHttpClient httpClient = provider.getHttpClient()) {
|
try (CloseableHttpClient httpClient = provider.getHttpClient()) {
|
||||||
Optional<String> testURL = getTestURL();
|
Optional<String> testURL = getTestURL();
|
||||||
|
|
|
@ -30,9 +30,9 @@ import org.keycloak.common.crypto.CryptoIntegration;
|
||||||
import org.keycloak.common.crypto.CryptoProvider;
|
import org.keycloak.common.crypto.CryptoProvider;
|
||||||
import org.keycloak.http.HttpRequest;
|
import org.keycloak.http.HttpRequest;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSession;
|
import org.keycloak.services.resteasy.HttpRequestImpl;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||||
import org.keycloak.services.HttpRequestImpl;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* <p>Little test class for RedirectUtils methods.</p>
|
* <p>Little test class for RedirectUtils methods.</p>
|
||||||
|
@ -49,9 +49,9 @@ public class RedirectUtilsTest {
|
||||||
ResteasyContext.getContextDataMap().put(HttpRequest.class, httpRequest);
|
ResteasyContext.getContextDataMap().put(HttpRequest.class, httpRequest);
|
||||||
Profile.defaults();
|
Profile.defaults();
|
||||||
CryptoIntegration.init(CryptoProvider.class.getClassLoader());
|
CryptoIntegration.init(CryptoProvider.class.getClassLoader());
|
||||||
DefaultKeycloakSessionFactory sessionFactory = new DefaultKeycloakSessionFactory();
|
ResteasyKeycloakSessionFactory sessionFactory = new ResteasyKeycloakSessionFactory();
|
||||||
sessionFactory.init();
|
sessionFactory.init();
|
||||||
session = new DefaultKeycloakSession(sessionFactory);
|
session = new ResteasyKeycloakSession(sessionFactory);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
@ -47,8 +47,8 @@ import org.keycloak.saml.common.util.DocumentUtil;
|
||||||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||||
import org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil;
|
import org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil;
|
||||||
import org.keycloak.saml.processing.core.util.XMLEncryptionUtil;
|
import org.keycloak.saml.processing.core.util.XMLEncryptionUtil;
|
||||||
import org.keycloak.services.DefaultKeycloakSession;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||||
import org.w3c.dom.Document;
|
import org.w3c.dom.Document;
|
||||||
import org.w3c.dom.Element;
|
import org.w3c.dom.Element;
|
||||||
import org.w3c.dom.NodeList;
|
import org.w3c.dom.NodeList;
|
||||||
|
@ -118,7 +118,7 @@ public class SamlEncryptionTest {
|
||||||
.nameIdentifier(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.get(), "nameId");
|
.nameIdentifier(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.get(), "nameId");
|
||||||
ResponseType samlModel = builder.buildModel();
|
ResponseType samlModel = builder.buildModel();
|
||||||
|
|
||||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||||
JaxrsSAML2BindingBuilder bindingBuilder = new JaxrsSAML2BindingBuilder(session);
|
JaxrsSAML2BindingBuilder bindingBuilder = new JaxrsSAML2BindingBuilder(session);
|
||||||
if (alg != null) {
|
if (alg != null) {
|
||||||
bindingBuilder.encryptionAlgorithm(alg);
|
bindingBuilder.encryptionAlgorithm(alg);
|
||||||
|
|
|
@ -51,8 +51,8 @@ import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
|
||||||
import org.keycloak.saml.common.exceptions.ConfigurationException;
|
import org.keycloak.saml.common.exceptions.ConfigurationException;
|
||||||
import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request;
|
import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request;
|
||||||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||||
import org.keycloak.services.DefaultKeycloakSession;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||||
import org.keycloak.utils.ScopeUtil;
|
import org.keycloak.utils.ScopeUtil;
|
||||||
import org.w3c.dom.Document;
|
import org.w3c.dom.Document;
|
||||||
|
|
||||||
|
@ -112,9 +112,9 @@ public class SoapTest {
|
||||||
Document doc = SAML2Request.convert(request);
|
Document doc = SAML2Request.convert(request);
|
||||||
Profile.defaults();
|
Profile.defaults();
|
||||||
CryptoIntegration.init(CryptoProvider.class.getClassLoader());
|
CryptoIntegration.init(CryptoProvider.class.getClassLoader());
|
||||||
DefaultKeycloakSessionFactory sessionFactory = new DefaultKeycloakSessionFactory();
|
ResteasyKeycloakSessionFactory sessionFactory = new ResteasyKeycloakSessionFactory();
|
||||||
sessionFactory.init();
|
sessionFactory.init();
|
||||||
KeycloakSession session = new DefaultKeycloakSession(sessionFactory);
|
KeycloakSession session = new ResteasyKeycloakSession(sessionFactory);
|
||||||
|
|
||||||
SOAPMessage soapResponse = Soap.createMessage()
|
SOAPMessage soapResponse = Soap.createMessage()
|
||||||
.addMimeHeader("SOAPAction", "http://www.oasis-open.org/committees/security")
|
.addMimeHeader("SOAPAction", "http://www.oasis-open.org/committees/security")
|
||||||
|
@ -154,9 +154,9 @@ public class SoapTest {
|
||||||
return ScopeUtil.createScope(new HashMap<>());
|
return ScopeUtil.createScope(new HashMap<>());
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
DefaultKeycloakSessionFactory sessionFactory = new DefaultKeycloakSessionFactory();
|
ResteasyKeycloakSessionFactory sessionFactory = new ResteasyKeycloakSessionFactory();
|
||||||
sessionFactory.init();
|
sessionFactory.init();
|
||||||
KeycloakSession session = new DefaultKeycloakSession(sessionFactory);
|
KeycloakSession session = new ResteasyKeycloakSession(sessionFactory);
|
||||||
|
|
||||||
SOAPException ex = Assert.assertThrows(SOAPException.class, () -> {
|
SOAPException ex = Assert.assertThrows(SOAPException.class, () -> {
|
||||||
Soap.createMessage()
|
Soap.createMessage()
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package org.keycloak.services;
|
package org.keycloak.services.resteasy;
|
||||||
|
|
||||||
import static jakarta.ws.rs.core.MediaType.MULTIPART_FORM_DATA_TYPE;
|
import static jakarta.ws.rs.core.MediaType.MULTIPART_FORM_DATA_TYPE;
|
||||||
|
|
||||||
|
@ -36,6 +36,7 @@ import org.jboss.resteasy.reactive.server.multipart.MultipartFormDataInput;
|
||||||
import org.keycloak.common.util.Resteasy;
|
import org.keycloak.common.util.Resteasy;
|
||||||
import org.keycloak.http.FormPartValue;
|
import org.keycloak.http.FormPartValue;
|
||||||
import org.keycloak.http.HttpRequest;
|
import org.keycloak.http.HttpRequest;
|
||||||
|
import org.keycloak.services.FormPartValueImpl;
|
||||||
|
|
||||||
public class HttpRequestImpl implements HttpRequest {
|
public class HttpRequestImpl implements HttpRequest {
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package org.keycloak.services;
|
package org.keycloak.services.resteasy;
|
||||||
|
|
||||||
import jakarta.ws.rs.core.NewCookie;
|
import jakarta.ws.rs.core.NewCookie;
|
||||||
import org.keycloak.http.HttpResponse;
|
import org.keycloak.http.HttpResponse;
|
|
@ -0,0 +1,88 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.services.resteasy;
|
||||||
|
|
||||||
|
import org.keycloak.common.Profile;
|
||||||
|
import org.keycloak.models.KeycloakSessionFactory;
|
||||||
|
import org.keycloak.services.error.KcUnrecognizedPropertyExceptionHandler;
|
||||||
|
import org.keycloak.services.error.KeycloakErrorHandler;
|
||||||
|
import org.keycloak.services.error.KeycloakMismatchedInputExceptionHandler;
|
||||||
|
import org.keycloak.services.filters.KeycloakSecurityHeadersFilter;
|
||||||
|
import org.keycloak.services.resources.JsResource;
|
||||||
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
|
import org.keycloak.services.resources.LoadBalancerResource;
|
||||||
|
import org.keycloak.services.resources.RealmsResource;
|
||||||
|
import org.keycloak.services.resources.RobotsResource;
|
||||||
|
import org.keycloak.services.resources.ThemeResource;
|
||||||
|
import org.keycloak.services.resources.WelcomeResource;
|
||||||
|
import org.keycloak.services.resources.admin.AdminRoot;
|
||||||
|
import org.keycloak.services.util.ObjectMapperResolver;
|
||||||
|
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
public class ResteasyKeycloakApplication extends KeycloakApplication {
|
||||||
|
|
||||||
|
protected Set<Object> singletons = new HashSet<>();
|
||||||
|
protected Set<Class<?>> classes = new HashSet<>();
|
||||||
|
|
||||||
|
public ResteasyKeycloakApplication() {
|
||||||
|
classes.add(RobotsResource.class);
|
||||||
|
classes.add(RealmsResource.class);
|
||||||
|
if (Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
|
||||||
|
classes.add(AdminRoot.class);
|
||||||
|
}
|
||||||
|
classes.add(ThemeResource.class);
|
||||||
|
|
||||||
|
if (Profile.isFeatureEnabled(Profile.Feature.JS_ADAPTER)) {
|
||||||
|
classes.add(JsResource.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
classes.add(KeycloakSecurityHeadersFilter.class);
|
||||||
|
classes.add(KeycloakErrorHandler.class);
|
||||||
|
classes.add(KcUnrecognizedPropertyExceptionHandler.class);
|
||||||
|
classes.add(KeycloakMismatchedInputExceptionHandler.class);
|
||||||
|
|
||||||
|
singletons.add(new ObjectMapperResolver());
|
||||||
|
classes.add(WelcomeResource.class);
|
||||||
|
|
||||||
|
if (Profile.isFeatureEnabled(Profile.Feature.MULTI_SITE)) {
|
||||||
|
// If we are running in multi-site mode, we need to add a resource which to expose
|
||||||
|
// an endpoint for the load balancer to gather information whether this site should receive requests or not.
|
||||||
|
classes.add(LoadBalancerResource.class);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Set<Class<?>> getClasses() {
|
||||||
|
return classes;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Set<Object> getSingletons() {
|
||||||
|
return singletons;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected KeycloakSessionFactory createSessionFactory() {
|
||||||
|
ResteasyKeycloakSessionFactory factory = new ResteasyKeycloakSessionFactory();
|
||||||
|
factory.init();
|
||||||
|
return factory;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,41 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.services.resteasy;
|
||||||
|
|
||||||
|
import org.keycloak.http.HttpRequest;
|
||||||
|
import org.keycloak.http.HttpResponse;
|
||||||
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
import org.keycloak.services.DefaultKeycloakContext;
|
||||||
|
|
||||||
|
public class ResteasyKeycloakContext extends DefaultKeycloakContext {
|
||||||
|
|
||||||
|
public ResteasyKeycloakContext(KeycloakSession session) {
|
||||||
|
super(session);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected HttpRequest createHttpRequest() {
|
||||||
|
return new HttpRequestImpl(getContextObject(org.jboss.resteasy.spi.HttpRequest.class));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected HttpResponse createHttpResponse() {
|
||||||
|
return new HttpResponseImpl(getContextObject(org.jboss.resteasy.spi.HttpResponse.class));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,36 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.services.resteasy;
|
||||||
|
|
||||||
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
import org.keycloak.services.DefaultKeycloakContext;
|
||||||
|
import org.keycloak.services.DefaultKeycloakSession;
|
||||||
|
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||||
|
|
||||||
|
public class ResteasyKeycloakSession extends DefaultKeycloakSession {
|
||||||
|
|
||||||
|
public ResteasyKeycloakSession(DefaultKeycloakSessionFactory factory) {
|
||||||
|
super(factory);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected DefaultKeycloakContext createKeycloakContext(KeycloakSession session) {
|
||||||
|
return new ResteasyKeycloakContext(session);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,30 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.services.resteasy;
|
||||||
|
|
||||||
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||||
|
|
||||||
|
public class ResteasyKeycloakSessionFactory extends DefaultKeycloakSessionFactory {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public KeycloakSession create() {
|
||||||
|
return new ResteasyKeycloakSession(this);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -5,8 +5,8 @@ import org.junit.Test;
|
||||||
import org.junit.rules.ExpectedException;
|
import org.junit.rules.ExpectedException;
|
||||||
import org.keycloak.Config;
|
import org.keycloak.Config;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSession;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||||
|
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
import static org.junit.Assert.assertNull;
|
import static org.junit.Assert.assertNull;
|
||||||
|
@ -27,7 +27,7 @@ public class PlainTextVaultProviderFactoryTest {
|
||||||
public void shouldInitializeVaultCorrectly() {
|
public void shouldInitializeVaultCorrectly() {
|
||||||
//given
|
//given
|
||||||
VaultConfig config = new VaultConfig(Scenario.EXISTING.getAbsolutePathAsString());
|
VaultConfig config = new VaultConfig(Scenario.EXISTING.getAbsolutePathAsString());
|
||||||
KeycloakSession session = new DefaultKeycloakSession(new DefaultKeycloakSessionFactory());
|
KeycloakSession session = new ResteasyKeycloakSession(new ResteasyKeycloakSessionFactory());
|
||||||
FilesPlainTextVaultProviderFactory factory = new FilesPlainTextVaultProviderFactory() {
|
FilesPlainTextVaultProviderFactory factory = new FilesPlainTextVaultProviderFactory() {
|
||||||
@Override
|
@Override
|
||||||
protected String getRealmName(KeycloakSession session) {
|
protected String getRealmName(KeycloakSession session) {
|
||||||
|
|
|
@ -79,6 +79,12 @@
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-jakarta-servlet-filter-adapter</artifactId>
|
<artifactId>keycloak-jakarta-servlet-filter-adapter</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-services</artifactId>
|
||||||
|
<type>test-jar</type>
|
||||||
|
<scope>compile</scope>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>commons-io</groupId>
|
<groupId>commons-io</groupId>
|
||||||
<artifactId>commons-io</artifactId>
|
<artifactId>commons-io</artifactId>
|
||||||
|
|
|
@ -51,6 +51,7 @@ import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||||
import org.keycloak.services.resources.KeycloakApplication;
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
|
import org.keycloak.services.resteasy.ResteasyKeycloakApplication;
|
||||||
import org.keycloak.testsuite.JsonConfigProviderFactory;
|
import org.keycloak.testsuite.JsonConfigProviderFactory;
|
||||||
import org.keycloak.testsuite.KeycloakServer;
|
import org.keycloak.testsuite.KeycloakServer;
|
||||||
import org.keycloak.testsuite.UndertowRequestFilter;
|
import org.keycloak.testsuite.UndertowRequestFilter;
|
||||||
|
@ -83,7 +84,7 @@ public class KeycloakOnUndertow implements DeployableContainer<KeycloakOnUnderto
|
||||||
|
|
||||||
private DeploymentInfo createAuthServerDeploymentInfo() {
|
private DeploymentInfo createAuthServerDeploymentInfo() {
|
||||||
ResteasyDeployment deployment = new ResteasyDeploymentImpl();
|
ResteasyDeployment deployment = new ResteasyDeploymentImpl();
|
||||||
deployment.setApplicationClass(KeycloakApplication.class.getName());
|
deployment.setApplicationClass(ResteasyKeycloakApplication.class.getName());
|
||||||
|
|
||||||
// RESTEASY-2034
|
// RESTEASY-2034
|
||||||
deployment.setProperty(ResteasyContextParameters.RESTEASY_DISABLE_HTML_SANITIZER, true);
|
deployment.setProperty(ResteasyContextParameters.RESTEASY_DISABLE_HTML_SANITIZER, true);
|
||||||
|
|
|
@ -64,6 +64,12 @@
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-services</artifactId>
|
<artifactId>keycloak-services</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-services</artifactId>
|
||||||
|
<type>test-jar</type>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-server-spi-private</artifactId>
|
<artifactId>keycloak-server-spi-private</artifactId>
|
||||||
|
|
|
@ -53,6 +53,7 @@ import org.keycloak.provider.ProviderManager;
|
||||||
import org.keycloak.provider.Spi;
|
import org.keycloak.provider.Spi;
|
||||||
import org.keycloak.services.DefaultComponentFactoryProviderFactory;
|
import org.keycloak.services.DefaultComponentFactoryProviderFactory;
|
||||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||||
|
import org.keycloak.services.resteasy.ResteasyKeycloakSessionFactory;
|
||||||
import org.keycloak.storage.DatastoreProviderFactory;
|
import org.keycloak.storage.DatastoreProviderFactory;
|
||||||
import org.keycloak.storage.DatastoreSpi;
|
import org.keycloak.storage.DatastoreSpi;
|
||||||
import org.keycloak.timer.TimerSpi;
|
import org.keycloak.timer.TimerSpi;
|
||||||
|
@ -304,7 +305,7 @@ public abstract class KeycloakModelTest {
|
||||||
|
|
||||||
LOG.debugf("Creating factory %d in %s using the following configuration:\n %s", factoryIndex, threadName, CONFIG);
|
LOG.debugf("Creating factory %d in %s using the following configuration:\n %s", factoryIndex, threadName, CONFIG);
|
||||||
|
|
||||||
DefaultKeycloakSessionFactory res = new DefaultKeycloakSessionFactory() {
|
DefaultKeycloakSessionFactory res = new ResteasyKeycloakSessionFactory() {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void init() {
|
public void init() {
|
||||||
|
|
|
@ -56,6 +56,11 @@
|
||||||
<artifactId>keycloak-dependencies-server-all</artifactId>
|
<artifactId>keycloak-dependencies-server-all</artifactId>
|
||||||
<type>pom</type>
|
<type>pom</type>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-services</artifactId>
|
||||||
|
<type>test-jar</type>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-rest-admin-ui-ext</artifactId>
|
<artifactId>keycloak-rest-admin-ui-ext</artifactId>
|
||||||
|
|
|
@ -52,6 +52,7 @@ import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.services.resources.KeycloakApplication;
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
|
import org.keycloak.services.resteasy.ResteasyKeycloakApplication;
|
||||||
import org.keycloak.testsuite.util.cli.TestsuiteCLI;
|
import org.keycloak.testsuite.util.cli.TestsuiteCLI;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
import io.undertow.servlet.api.InstanceHandle;
|
import io.undertow.servlet.api.InstanceHandle;
|
||||||
|
@ -408,7 +409,7 @@ public class KeycloakServer {
|
||||||
|
|
||||||
ResteasyDeployment deployment = new ResteasyDeploymentImpl();
|
ResteasyDeployment deployment = new ResteasyDeploymentImpl();
|
||||||
|
|
||||||
deployment.setApplicationClass(KeycloakApplication.class.getName());
|
deployment.setApplicationClass(ResteasyKeycloakApplication.class.getName());
|
||||||
|
|
||||||
Builder builder = Undertow.builder()
|
Builder builder = Undertow.builder()
|
||||||
.addHttpListener(config.getPort(), config.getHost())
|
.addHttpListener(config.getPort(), config.getHost())
|
||||||
|
|
Loading…
Reference in a new issue