federation iteration 2
This commit is contained in:
parent
a6b38397ea
commit
3bb0842eae
17 changed files with 274 additions and 258 deletions
|
@ -18,8 +18,11 @@ import org.picketlink.idm.credential.Password;
|
||||||
import org.picketlink.idm.credential.UsernamePasswordCredentials;
|
import org.picketlink.idm.credential.UsernamePasswordCredentials;
|
||||||
import org.picketlink.idm.model.basic.BasicModel;
|
import org.picketlink.idm.model.basic.BasicModel;
|
||||||
import org.picketlink.idm.model.basic.User;
|
import org.picketlink.idm.model.basic.User;
|
||||||
|
import org.picketlink.idm.query.IdentityQuery;
|
||||||
|
|
||||||
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -30,6 +33,7 @@ import java.util.Set;
|
||||||
*/
|
*/
|
||||||
public class LDAPFederationProvider implements UserFederationProvider {
|
public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
private static final Logger logger = Logger.getLogger(LDAPFederationProvider.class);
|
private static final Logger logger = Logger.getLogger(LDAPFederationProvider.class);
|
||||||
|
public static final String LDAP_ID = "LDAP_ID";
|
||||||
|
|
||||||
protected KeycloakSession session;
|
protected KeycloakSession session;
|
||||||
protected UserFederationProviderModel model;
|
protected UserFederationProviderModel model;
|
||||||
|
@ -82,7 +86,12 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserModel addUser(RealmModel realm, UserModel user) {
|
public boolean isRegistrationSupported() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public UserModel register(RealmModel realm, UserModel user) {
|
||||||
IdentityManager identityManager = getIdentityManager();
|
IdentityManager identityManager = getIdentityManager();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
@ -95,6 +104,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
} catch (IdentityManagementException ie) {
|
} catch (IdentityManagementException ie) {
|
||||||
throw convertIDMException(ie);
|
throw convertIDMException(ie);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -114,48 +124,59 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getAdminPage() {
|
public List<UserModel> searchByAttributes(Map<String, String> attributes, RealmModel realm) {
|
||||||
return null;
|
IdentityManager identityManager = getIdentityManager();
|
||||||
|
List<UserModel> searchResults =new LinkedList<UserModel>();
|
||||||
|
try {
|
||||||
|
Map<String, User> results = new HashMap<String, User>();
|
||||||
|
if (attributes.containsKey(USERNAME)) {
|
||||||
|
User user = BasicModel.getUser(identityManager, attributes.get(USERNAME));
|
||||||
|
if (user != null) results.put(user.getLoginName(), user);
|
||||||
|
} else if (attributes.containsKey(EMAIL)) {
|
||||||
|
User user = queryByEmail(identityManager, attributes.get(EMAIL));
|
||||||
|
if (user != null) results.put(user.getLoginName(), user);
|
||||||
|
} else if (attributes.containsKey(FIRST_NAME) || attributes.containsKey(LAST_NAME)) {
|
||||||
|
IdentityQuery<User> query = identityManager.createIdentityQuery(User.class);
|
||||||
|
if (attributes.containsKey(FIRST_NAME)) {
|
||||||
|
query.setParameter(User.FIRST_NAME, attributes.get(FIRST_NAME));
|
||||||
|
}
|
||||||
|
if (attributes.containsKey(LAST_NAME)) {
|
||||||
|
query.setParameter(User.LAST_NAME, attributes.get(LAST_NAME));
|
||||||
|
}
|
||||||
|
List<User> agents = query.getResultList();
|
||||||
|
for (User user : agents) {
|
||||||
|
results.put(user.getLoginName(), user);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
for (User user : results.values()) {
|
||||||
|
if (session.userStorage().getUserByUsername(user.getLoginName(), realm) == null) {
|
||||||
|
UserModel imported = importUserFromPicketlink(realm, user);
|
||||||
|
searchResults.add(imported);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch (IdentityManagementException ie) {
|
||||||
|
throw convertIDMException(ie);
|
||||||
|
}
|
||||||
|
return searchResults;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Class getAdminClass() {
|
public boolean isValid(UserModel local) {
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
IdentityManager identityManager = getIdentityManager();
|
||||||
|
|
||||||
|
try {
|
||||||
|
User picketlinkUser = BasicModel.getUser(identityManager, local.getUsername());
|
||||||
|
if (picketlinkUser == null) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return picketlinkUser.getId().equals(local.getAttribute(LDAP_ID));
|
||||||
|
} catch (IdentityManagementException ie) {
|
||||||
|
throw convertIDMException(ie);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles) {
|
public UserModel getUserByUsername(RealmModel realm, String username) {
|
||||||
throw new IllegalAccessError("Not allowed to call this");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public UserModel addUser(RealmModel realm, String username) {
|
|
||||||
throw new IllegalAccessError("Not allowed to call this");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean removeUser(RealmModel realm, String name) {
|
|
||||||
throw new IllegalAccessError("Not allowed to call this");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void addSocialLink(RealmModel realm, UserModel user, SocialLinkModel socialLink) {
|
|
||||||
session.userStorage().addSocialLink(realm, user, socialLink);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean removeSocialLink(RealmModel realm, UserModel user, String socialProvider) {
|
|
||||||
return session.userStorage().removeSocialLink(realm, user, socialProvider);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public UserModel getUserById(String id, RealmModel realm) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public UserModel getUserByUsername(String username, RealmModel realm) {
|
|
||||||
IdentityManager identityManager = getIdentityManager();
|
IdentityManager identityManager = getIdentityManager();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
@ -182,6 +203,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
imported.setFirstName(picketlinkUser.getFirstName());
|
imported.setFirstName(picketlinkUser.getFirstName());
|
||||||
imported.setLastName(picketlinkUser.getLastName());
|
imported.setLastName(picketlinkUser.getLastName());
|
||||||
imported.setFederationLink(model.getId());
|
imported.setFederationLink(model.getId());
|
||||||
|
imported.setAttribute(LDAP_ID, picketlinkUser.getId());
|
||||||
return proxy(imported);
|
return proxy(imported);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -200,7 +222,7 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserModel getUserByEmail(String email, RealmModel realm) {
|
public UserModel getUserByEmail(RealmModel realm, String email) {
|
||||||
IdentityManager identityManager = getIdentityManager();
|
IdentityManager identityManager = getIdentityManager();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
@ -208,63 +230,12 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
if (picketlinkUser == null) {
|
if (picketlinkUser == null) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
return importUserFromPicketlink(realm, picketlinkUser);
|
return importUserFromPicketlink(realm, picketlinkUser);
|
||||||
} catch (IdentityManagementException ie) {
|
} catch (IdentityManagementException ie) {
|
||||||
throw convertIDMException(ie);
|
throw convertIDMException(ie);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public UserModel getUserBySocialLink(SocialLinkModel socialLink, RealmModel realm) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<UserModel> getUsers(RealmModel realm) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public int getUsersCount(RealmModel realm) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<UserModel> getUsers(RealmModel realm, int firstResult, int maxResults) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<UserModel> searchForUser(String search, RealmModel realm) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<UserModel> searchForUser(String search, RealmModel realm, int firstResult, int maxResults) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<UserModel> searchForUserByAttributes(Map<String, String> attributes, RealmModel realm) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<UserModel> searchForUserByAttributes(Map<String, String> attributes, RealmModel realm, int firstResult, int maxResults) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Set<SocialLinkModel> getSocialLinks(UserModel user, RealmModel realm) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public SocialLinkModel getSocialLink(UserModel user, String socialProvider, RealmModel realm) {
|
|
||||||
return null; //To change body of implemented methods use File | Settings | File Templates.
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preRemove(RealmModel realm) {
|
public void preRemove(RealmModel realm) {
|
||||||
// complete Don't think we have to do anything
|
// complete Don't think we have to do anything
|
||||||
|
|
|
@ -2,6 +2,7 @@ package org.keycloak.models;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -22,7 +23,9 @@ public class UserFederationManager implements UserProvider {
|
||||||
UserModel user = session.userStorage().addUser(realm, id, username, addDefaultRoles);
|
UserModel user = session.userStorage().addUser(realm, id, username, addDefaultRoles);
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
||||||
UserFederationProvider fed = session.getProvider(UserFederationProvider.class, federation.getProviderName());
|
UserFederationProvider fed = session.getProvider(UserFederationProvider.class, federation.getProviderName());
|
||||||
return fed.addUser(realm, user);
|
if (fed.isRegistrationSupported()) {
|
||||||
|
return fed.register(realm, user);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
@ -38,7 +41,9 @@ public class UserFederationManager implements UserProvider {
|
||||||
UserModel user = session.userStorage().addUser(realm, username);
|
UserModel user = session.userStorage().addUser(realm, username);
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
UserFederationProvider fed = getFederationProvider(federation);
|
||||||
return fed.addUser(realm, user);
|
if (fed.isRegistrationSupported()) {
|
||||||
|
return fed.register(realm, user);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
@ -54,34 +59,67 @@ public class UserFederationManager implements UserProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeUser(RealmModel realm, String name) {
|
public boolean removeUser(RealmModel realm, UserModel user) {
|
||||||
UserModel user = session.userStorage().getUserByUsername(name, realm);
|
|
||||||
if (user == null) return false;
|
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
UserFederationProvider link = getFederationLink(realm, user);
|
||||||
if (link != null) {
|
if (link != null) {
|
||||||
return link.removeUser(realm, user);
|
return link.removeUser(realm, user);
|
||||||
}
|
}
|
||||||
return session.userStorage().removeUser(realm, name);
|
return session.userStorage().removeUser(realm, user);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected void validateUser(RealmModel realm, UserModel user) {
|
||||||
|
UserFederationProvider link = getFederationLink(realm, user);
|
||||||
|
if (link != null && !link.isValid(user)) {
|
||||||
|
deleteInvalidUser(realm, user);
|
||||||
|
throw new IllegalStateException("Federated user no longer valid");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
protected void deleteInvalidUser(RealmModel realm, UserModel user) {
|
||||||
|
KeycloakSession tx = session.getKeycloakSessionFactory().create();
|
||||||
|
try {
|
||||||
|
tx.getTransaction().begin();
|
||||||
|
RealmModel realmModel = tx.realms().getRealm(realm.getId());
|
||||||
|
UserModel deletedUser = tx.userStorage().getUserById(user.getId(), realmModel);
|
||||||
|
tx.userStorage().removeUser(realmModel, deletedUser);
|
||||||
|
tx.getTransaction().commit();
|
||||||
|
} finally {
|
||||||
|
tx.close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
protected boolean isValid(RealmModel realm, UserModel user) {
|
||||||
|
UserFederationProvider link = getFederationLink(realm, user);
|
||||||
|
if (link != null) return link.isValid(user);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
protected UserModel validateAndProxyUser(RealmModel realm, UserModel user) {
|
||||||
|
UserFederationProvider link = getFederationLink(realm, user);
|
||||||
|
if (link != null) {
|
||||||
|
if (isValid(realm, user)) {
|
||||||
|
return link.proxy(user);
|
||||||
|
} else {
|
||||||
|
deleteInvalidUser(realm, user);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return user;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addSocialLink(RealmModel realm, UserModel user, SocialLinkModel socialLink) {
|
public void addSocialLink(RealmModel realm, UserModel user, SocialLinkModel socialLink) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
validateUser(realm, user);
|
||||||
if (link != null) {
|
|
||||||
link.addSocialLink(realm, user, socialLink);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
session.userStorage().addSocialLink(realm, user, socialLink);
|
session.userStorage().addSocialLink(realm, user, socialLink);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeSocialLink(RealmModel realm, UserModel user, String socialProvider) {
|
public boolean removeSocialLink(RealmModel realm, UserModel user, String socialProvider) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
validateUser(realm, user);
|
||||||
if (link != null) {
|
if (user == null) throw new IllegalStateException("Federated user no longer valid");
|
||||||
return link.removeSocialLink(realm, user, socialProvider);
|
|
||||||
}
|
|
||||||
return session.userStorage().removeSocialLink(realm, user, socialProvider);
|
return session.userStorage().removeSocialLink(realm, user, socialProvider);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -89,16 +127,7 @@ public class UserFederationManager implements UserProvider {
|
||||||
public UserModel getUserById(String id, RealmModel realm) {
|
public UserModel getUserById(String id, RealmModel realm) {
|
||||||
UserModel user = session.userStorage().getUserById(id, realm);
|
UserModel user = session.userStorage().getUserById(id, realm);
|
||||||
if (user != null) {
|
if (user != null) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
user = validateAndProxyUser(realm, user);
|
||||||
if (link != null) {
|
|
||||||
return link.proxy(user);
|
|
||||||
}
|
|
||||||
return user;
|
|
||||||
}
|
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
|
||||||
user = fed.getUserById(id, realm);
|
|
||||||
if (user != null) return user;
|
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
@ -107,15 +136,12 @@ public class UserFederationManager implements UserProvider {
|
||||||
public UserModel getUserByUsername(String username, RealmModel realm) {
|
public UserModel getUserByUsername(String username, RealmModel realm) {
|
||||||
UserModel user = session.userStorage().getUserByUsername(username, realm);
|
UserModel user = session.userStorage().getUserByUsername(username, realm);
|
||||||
if (user != null) {
|
if (user != null) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
user = validateAndProxyUser(realm, user);
|
||||||
if (link != null) {
|
if (user != null) return user;
|
||||||
return link.proxy(user);
|
|
||||||
}
|
|
||||||
return user;
|
|
||||||
}
|
}
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
UserFederationProvider fed = getFederationProvider(federation);
|
||||||
user = fed.getUserByUsername(username, realm);
|
user = fed.getUserByUsername(realm, username);
|
||||||
if (user != null) return user;
|
if (user != null) return user;
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
|
@ -125,15 +151,12 @@ public class UserFederationManager implements UserProvider {
|
||||||
public UserModel getUserByEmail(String email, RealmModel realm) {
|
public UserModel getUserByEmail(String email, RealmModel realm) {
|
||||||
UserModel user = session.userStorage().getUserByEmail(email, realm);
|
UserModel user = session.userStorage().getUserByEmail(email, realm);
|
||||||
if (user != null) {
|
if (user != null) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
user = validateAndProxyUser(realm, user);
|
||||||
if (link != null) {
|
if (user != null) return user;
|
||||||
return link.proxy(user);
|
|
||||||
}
|
|
||||||
return user;
|
|
||||||
}
|
}
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
UserFederationProvider fed = getFederationProvider(federation);
|
||||||
user = fed.getUserByEmail(email, realm);
|
user = fed.getUserByEmail(realm, email);
|
||||||
if (user != null) return user;
|
if (user != null) return user;
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
|
@ -143,16 +166,7 @@ public class UserFederationManager implements UserProvider {
|
||||||
public UserModel getUserBySocialLink(SocialLinkModel socialLink, RealmModel realm) {
|
public UserModel getUserBySocialLink(SocialLinkModel socialLink, RealmModel realm) {
|
||||||
UserModel user = session.userStorage().getUserBySocialLink(socialLink, realm);
|
UserModel user = session.userStorage().getUserBySocialLink(socialLink, realm);
|
||||||
if (user != null) {
|
if (user != null) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
user = validateAndProxyUser(realm, user);
|
||||||
if (link != null) {
|
|
||||||
return link.proxy(user);
|
|
||||||
}
|
|
||||||
return user;
|
|
||||||
}
|
|
||||||
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
|
||||||
user = fed.getUserBySocialLink(socialLink, realm);
|
|
||||||
if (user != null) return user;
|
|
||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
@ -168,33 +182,40 @@ public class UserFederationManager implements UserProvider {
|
||||||
return session.userStorage().getUsersCount(realm);
|
return session.userStorage().getUsersCount(realm);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
interface PaginatedQuery {
|
||||||
|
List<UserModel> query(RealmModel realm, int first, int max);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected List<UserModel> query(PaginatedQuery pagedQuery, RealmModel realm, int firstResult, int maxResults) {
|
||||||
|
List<UserModel> results = new LinkedList<UserModel>();
|
||||||
|
if (maxResults <= 0) return results;
|
||||||
|
int first = firstResult;
|
||||||
|
int max = maxResults;
|
||||||
|
do {
|
||||||
|
List<UserModel> query = pagedQuery.query(realm, first, max);
|
||||||
|
if (query == null || query.size() == 0) return results;
|
||||||
|
int added = 0;
|
||||||
|
for (UserModel user : query) {
|
||||||
|
user = validateAndProxyUser(realm, user);
|
||||||
|
if (user == null) continue;
|
||||||
|
results.add(user);
|
||||||
|
added++;
|
||||||
|
}
|
||||||
|
if (results.size() == maxResults) return results;
|
||||||
|
if (query.size() < max) return results;
|
||||||
|
first = query.size();
|
||||||
|
max -= added;
|
||||||
|
} while (true);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<UserModel> getUsers(RealmModel realm, int firstResult, int maxResults) {
|
public List<UserModel> getUsers(RealmModel realm, int firstResult, int maxResults) {
|
||||||
Map<String, UserModel> users = new HashMap<String, UserModel>();
|
return query(new PaginatedQuery() {
|
||||||
List<UserModel> query = session.userStorage().getUsers(realm, firstResult, maxResults);
|
@Override
|
||||||
for (UserModel user : query) {
|
public List<UserModel> query(RealmModel realm, int first, int max) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
return session.userStorage().getUsers(realm, first, max);
|
||||||
if (link != null) {
|
|
||||||
users.put(user.getUsername(), link.proxy(user));
|
|
||||||
} else {
|
|
||||||
users.put(user.getUsername(), user);
|
|
||||||
}
|
}
|
||||||
}
|
}, realm, firstResult, maxResults);
|
||||||
if (users.size() >= maxResults) {
|
|
||||||
List<UserModel> results = new ArrayList<UserModel>(users.size());
|
|
||||||
results.addAll(users.values());
|
|
||||||
return results;
|
|
||||||
}
|
|
||||||
List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
|
|
||||||
for (int i = federationProviders.size() - 1; i >= 0; i--) {
|
|
||||||
UserFederationProviderModel federation = federationProviders.get(i);
|
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
|
||||||
query = fed.getUsers(realm, firstResult, maxResults);
|
|
||||||
for (UserModel user : query) users.put(user.getUsername(), user);
|
|
||||||
}
|
|
||||||
List<UserModel> results = new ArrayList<UserModel>(users.size());
|
|
||||||
results.addAll(users.values());
|
|
||||||
return results;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -202,33 +223,36 @@ public class UserFederationManager implements UserProvider {
|
||||||
return searchForUser(search, realm, 0, Integer.MAX_VALUE);
|
return searchForUser(search, realm, 0, Integer.MAX_VALUE);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
void federationLoad(RealmModel realm, Map<String, String> attributes) {
|
||||||
public List<UserModel> searchForUser(String search, RealmModel realm, int firstResult, int maxResults) {
|
for (UserFederationProviderModel federation : realm.getUserFederationProviders()) {
|
||||||
Map<String, UserModel> users = new HashMap<String, UserModel>();
|
|
||||||
List<UserModel> query = session.userStorage().searchForUser(search, realm, firstResult, maxResults);
|
|
||||||
for (UserModel user : query) {
|
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
|
||||||
if (link != null) {
|
|
||||||
users.put(user.getUsername(), link.proxy(user));
|
|
||||||
} else {
|
|
||||||
users.put(user.getUsername(), user);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (users.size() >= maxResults) {
|
|
||||||
List<UserModel> results = new ArrayList<UserModel>(users.size());
|
|
||||||
results.addAll(users.values());
|
|
||||||
return results;
|
|
||||||
}
|
|
||||||
List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
|
|
||||||
for (int i = federationProviders.size() - 1; i >= 0; i--) {
|
|
||||||
UserFederationProviderModel federation = federationProviders.get(i);
|
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
UserFederationProvider fed = getFederationProvider(federation);
|
||||||
query = fed.searchForUser(search, realm, firstResult, maxResults);
|
fed.searchByAttributes(attributes, realm);
|
||||||
for (UserModel user : query) users.put(user.getUsername(), user);
|
|
||||||
}
|
}
|
||||||
List<UserModel> results = new ArrayList<UserModel>(users.size());
|
}
|
||||||
results.addAll(users.values());
|
|
||||||
return results;
|
@Override
|
||||||
|
public List<UserModel> searchForUser(final String search, RealmModel realm, int firstResult, int maxResults) {
|
||||||
|
Map<String, String> attributes = new HashMap<String, String>();
|
||||||
|
int spaceIndex = search.lastIndexOf(' ');
|
||||||
|
if (spaceIndex > -1) {
|
||||||
|
String firstName = search.substring(0, spaceIndex).trim();
|
||||||
|
String lastName = search.substring(spaceIndex).trim();
|
||||||
|
attributes.put(UserModel.FIRST_NAME, firstName);
|
||||||
|
attributes.put(UserModel.LAST_NAME, lastName);
|
||||||
|
} else if (search.indexOf('@') > -1) {
|
||||||
|
attributes.put(UserModel.USERNAME, search.trim());
|
||||||
|
attributes.put(UserModel.EMAIL, search.trim());
|
||||||
|
} else {
|
||||||
|
attributes.put(UserModel.LAST_NAME, search.trim());
|
||||||
|
attributes.put(UserModel.USERNAME, search.trim());
|
||||||
|
}
|
||||||
|
federationLoad(realm, attributes);
|
||||||
|
return query(new PaginatedQuery() {
|
||||||
|
@Override
|
||||||
|
public List<UserModel> query(RealmModel realm, int first, int max) {
|
||||||
|
return session.userStorage().searchForUser(search, realm, first, max);
|
||||||
|
}
|
||||||
|
}, realm, firstResult, maxResults);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -237,49 +261,27 @@ public class UserFederationManager implements UserProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<UserModel> searchForUserByAttributes(Map<String, String> attributes, RealmModel realm, int firstResult, int maxResults) {
|
public List<UserModel> searchForUserByAttributes(final Map<String, String> attributes, RealmModel realm, int firstResult, int maxResults) {
|
||||||
Map<String, UserModel> users = new HashMap<String, UserModel>();
|
federationLoad(realm, attributes);
|
||||||
List<UserModel> query = session.userStorage().searchForUserByAttributes(attributes, realm, firstResult, maxResults);
|
return query(new PaginatedQuery() {
|
||||||
for (UserModel user : query) {
|
@Override
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
public List<UserModel> query(RealmModel realm, int first, int max) {
|
||||||
if (link != null) {
|
return session.userStorage().searchForUserByAttributes(attributes, realm, first, max);
|
||||||
users.put(user.getUsername(), link.proxy(user));
|
|
||||||
} else {
|
|
||||||
users.put(user.getUsername(), user);
|
|
||||||
}
|
}
|
||||||
}
|
}, realm, firstResult, maxResults);
|
||||||
if (users.size() >= maxResults) {
|
|
||||||
List<UserModel> results = new ArrayList<UserModel>(users.size());
|
|
||||||
results.addAll(users.values());
|
|
||||||
return results;
|
|
||||||
}
|
|
||||||
List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
|
|
||||||
for (int i = federationProviders.size() - 1; i >= 0; i--) {
|
|
||||||
UserFederationProviderModel federation = federationProviders.get(i);
|
|
||||||
UserFederationProvider fed = getFederationProvider(federation);
|
|
||||||
query = fed.searchForUserByAttributes(attributes, realm, firstResult, maxResults);
|
|
||||||
for (UserModel user : query) users.put(user.getUsername(), user);
|
|
||||||
}
|
|
||||||
List<UserModel> results = new ArrayList<UserModel>(users.size());
|
|
||||||
results.addAll(users.values());
|
|
||||||
return results;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Set<SocialLinkModel> getSocialLinks(UserModel user, RealmModel realm) {
|
public Set<SocialLinkModel> getSocialLinks(UserModel user, RealmModel realm) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
validateUser(realm, user);
|
||||||
if (link != null) {
|
if (user == null) throw new IllegalStateException("Federated user no longer valid");
|
||||||
return link.getSocialLinks(user, realm);
|
|
||||||
}
|
|
||||||
return session.userStorage().getSocialLinks(user, realm);
|
return session.userStorage().getSocialLinks(user, realm);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public SocialLinkModel getSocialLink(UserModel user, String socialProvider, RealmModel realm) {
|
public SocialLinkModel getSocialLink(UserModel user, String socialProvider, RealmModel realm) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
validateUser(realm, user);
|
||||||
if (link != null) {
|
if (user == null) throw new IllegalStateException("Federated user no longer valid");
|
||||||
return link.getSocialLink(user, socialProvider, realm);
|
|
||||||
}
|
|
||||||
return session.userStorage().getSocialLink(user, socialProvider, realm);
|
return session.userStorage().getSocialLink(user, socialProvider, realm);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -305,6 +307,7 @@ public class UserFederationManager implements UserProvider {
|
||||||
public boolean validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input) {
|
public boolean validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
UserFederationProvider link = getFederationLink(realm, user);
|
||||||
if (link != null) {
|
if (link != null) {
|
||||||
|
validateUser(realm, user);
|
||||||
if (link.getSupportedCredentialTypes().size() > 0) {
|
if (link.getSupportedCredentialTypes().size() > 0) {
|
||||||
List<UserCredentialModel> fedCreds = new ArrayList<UserCredentialModel>();
|
List<UserCredentialModel> fedCreds = new ArrayList<UserCredentialModel>();
|
||||||
List<UserCredentialModel> localCreds = new ArrayList<UserCredentialModel>();
|
List<UserCredentialModel> localCreds = new ArrayList<UserCredentialModel>();
|
||||||
|
@ -328,6 +331,7 @@ public class UserFederationManager implements UserProvider {
|
||||||
public boolean validCredentials(RealmModel realm, UserModel user, UserCredentialModel... input) {
|
public boolean validCredentials(RealmModel realm, UserModel user, UserCredentialModel... input) {
|
||||||
UserFederationProvider link = getFederationLink(realm, user);
|
UserFederationProvider link = getFederationLink(realm, user);
|
||||||
if (link != null) {
|
if (link != null) {
|
||||||
|
validateUser(realm, user);
|
||||||
Set<String> supportedCredentialTypes = link.getSupportedCredentialTypes();
|
Set<String> supportedCredentialTypes = link.getSupportedCredentialTypes();
|
||||||
if (supportedCredentialTypes.size() > 0) {
|
if (supportedCredentialTypes.size() > 0) {
|
||||||
List<UserCredentialModel> fedCreds = new ArrayList<UserCredentialModel>();
|
List<UserCredentialModel> fedCreds = new ArrayList<UserCredentialModel>();
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
package org.keycloak.models;
|
package org.keycloak.models;
|
||||||
|
|
||||||
|
import org.keycloak.provider.Provider;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -7,11 +11,51 @@ import java.util.Set;
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
public interface UserFederationProvider extends UserProvider {
|
public interface UserFederationProvider extends Provider {
|
||||||
|
|
||||||
|
public static final String USERNAME = UserModel.USERNAME;
|
||||||
|
public static final String EMAIL = UserModel.EMAIL;
|
||||||
|
public static final String FIRST_NAME = UserModel.EMAIL;
|
||||||
|
public static final String LAST_NAME = UserModel.LAST_NAME;
|
||||||
|
|
||||||
UserModel proxy(UserModel local);
|
UserModel proxy(UserModel local);
|
||||||
UserModel addUser(RealmModel realm, UserModel user);
|
boolean isRegistrationSupported();
|
||||||
|
UserModel register(RealmModel realm, UserModel user);
|
||||||
boolean removeUser(RealmModel realm, UserModel user);
|
boolean removeUser(RealmModel realm, UserModel user);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Required to import into local storage any user found.
|
||||||
|
*
|
||||||
|
* @param realm
|
||||||
|
* @param username
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
UserModel getUserByUsername(RealmModel realm, String username);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Required to import into local storage any user found.
|
||||||
|
*
|
||||||
|
* @param realm
|
||||||
|
* @param email
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
UserModel getUserByEmail(RealmModel realm, String email);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Required to import into local storage any user found. Must not import if user already exists in KeycloakSession.userStorage()!
|
||||||
|
* Currently only attributes USERNAME, EMAIL, FIRST_NAME and LAST_NAME will be used.
|
||||||
|
*
|
||||||
|
* @param attributes
|
||||||
|
* @param realm
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
List<UserModel> searchByAttributes(Map<String, String> attributes, RealmModel realm);
|
||||||
|
|
||||||
|
void preRemove(RealmModel realm);
|
||||||
|
void preRemove(RealmModel realm, RoleModel role);
|
||||||
|
|
||||||
|
boolean isValid(UserModel local);
|
||||||
Set<String> getSupportedCredentialTypes();
|
Set<String> getSupportedCredentialTypes();
|
||||||
String getAdminPage();
|
boolean validCredentials(RealmModel realm, UserModel user, List<UserCredentialModel> input);
|
||||||
Class getAdminClass();
|
boolean validCredentials(RealmModel realm, UserModel user, UserCredentialModel... input);
|
||||||
}
|
void close();}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import java.util.Set;
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
public interface UserModel {
|
public interface UserModel {
|
||||||
public static final String LOGIN_NAME = "username";
|
public static final String USERNAME = "username";
|
||||||
public static final String LAST_NAME = "lastName";
|
public static final String LAST_NAME = "lastName";
|
||||||
public static final String FIRST_NAME = "firstName";
|
public static final String FIRST_NAME = "firstName";
|
||||||
public static final String EMAIL = "email";
|
public static final String EMAIL = "email";
|
||||||
|
|
|
@ -15,7 +15,7 @@ public interface UserProvider extends Provider {
|
||||||
|
|
||||||
UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles);
|
UserModel addUser(RealmModel realm, String id, String username, boolean addDefaultRoles);
|
||||||
UserModel addUser(RealmModel realm, String username);
|
UserModel addUser(RealmModel realm, String username);
|
||||||
boolean removeUser(RealmModel realm, String name);
|
boolean removeUser(RealmModel realm, UserModel user);
|
||||||
|
|
||||||
public void addSocialLink(RealmModel realm, UserModel user, SocialLinkModel socialLink);
|
public void addSocialLink(RealmModel realm, UserModel user, SocialLinkModel socialLink);
|
||||||
public boolean removeSocialLink(RealmModel realm, UserModel user, String socialProvider);
|
public boolean removeSocialLink(RealmModel realm, UserModel user, String socialProvider);
|
||||||
|
|
|
@ -248,12 +248,10 @@ public class DefaultCacheUserProvider implements CacheUserProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeUser(RealmModel realm, String name) {
|
public boolean removeUser(RealmModel realm, UserModel user) {
|
||||||
if (!cache.isEnabled()) return getDelegate().removeUser(realm, name);
|
if (!cache.isEnabled()) return getDelegate().removeUser(realm, user);
|
||||||
UserModel user = getUserByUsername(name, realm);
|
|
||||||
if (user == null) return false;
|
|
||||||
registerUserInvalidation(realm, user.getId());
|
registerUserInvalidation(realm, user.getId());
|
||||||
return getDelegate().removeUser(realm, name);
|
return getDelegate().removeUser(realm, user);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -125,8 +125,8 @@ public class NoCacheUserProvider implements CacheUserProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeUser(RealmModel realm, String name) {
|
public boolean removeUser(RealmModel realm, UserModel user) {
|
||||||
return getDelegate().removeUser(realm, name);
|
return getDelegate().removeUser(realm, user);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -15,7 +15,6 @@ import org.keycloak.models.utils.CredentialValidation;
|
||||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||||
|
|
||||||
import javax.persistence.EntityManager;
|
import javax.persistence.EntityManager;
|
||||||
import javax.persistence.Query;
|
|
||||||
import javax.persistence.TypedQuery;
|
import javax.persistence.TypedQuery;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
@ -71,13 +70,10 @@ public class JpaUserProvider implements UserProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeUser(RealmModel realm, String name) {
|
public boolean removeUser(RealmModel realm, UserModel user) {
|
||||||
TypedQuery<UserEntity> query = em.createNamedQuery("getRealmUserByUsername", UserEntity.class);
|
UserEntity userEntity = em.find(UserEntity.class, user.getId());
|
||||||
query.setParameter("username", name);
|
if (userEntity == null) return false;
|
||||||
query.setParameter("realmId", realm.getId());
|
removeUser(userEntity);
|
||||||
List<UserEntity> results = query.getResultList();
|
|
||||||
if (results.size() == 0) return false;
|
|
||||||
removeUser(results.get(0));
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -256,7 +252,7 @@ public class JpaUserProvider implements UserProvider {
|
||||||
boolean first = true;
|
boolean first = true;
|
||||||
for (Map.Entry<String, String> entry : attributes.entrySet()) {
|
for (Map.Entry<String, String> entry : attributes.entrySet()) {
|
||||||
String attribute = null;
|
String attribute = null;
|
||||||
if (entry.getKey().equals(UserModel.LOGIN_NAME)) {
|
if (entry.getKey().equals(UserModel.USERNAME)) {
|
||||||
attribute = "lower(username)";
|
attribute = "lower(username)";
|
||||||
} else if (entry.getKey().equalsIgnoreCase(UserModel.FIRST_NAME)) {
|
} else if (entry.getKey().equalsIgnoreCase(UserModel.FIRST_NAME)) {
|
||||||
attribute = "lower(firstName)";
|
attribute = "lower(firstName)";
|
||||||
|
|
|
@ -192,7 +192,7 @@ public class MongoUserProvider implements UserProvider {
|
||||||
.and("realmId").is(realm.getId());
|
.and("realmId").is(realm.getId());
|
||||||
|
|
||||||
for (Map.Entry<String, String> entry : attributes.entrySet()) {
|
for (Map.Entry<String, String> entry : attributes.entrySet()) {
|
||||||
if (entry.getKey().equals(UserModel.LOGIN_NAME)) {
|
if (entry.getKey().equals(UserModel.USERNAME)) {
|
||||||
queryBuilder.and("username").regex(Pattern.compile("(?i:" + entry.getValue() + "$)"));
|
queryBuilder.and("username").regex(Pattern.compile("(?i:" + entry.getValue() + "$)"));
|
||||||
} else if (entry.getKey().equalsIgnoreCase(UserModel.FIRST_NAME)) {
|
} else if (entry.getKey().equalsIgnoreCase(UserModel.FIRST_NAME)) {
|
||||||
queryBuilder.and(UserModel.FIRST_NAME).regex(Pattern.compile("(?i:" + entry.getValue() + "$)"));
|
queryBuilder.and(UserModel.FIRST_NAME).regex(Pattern.compile("(?i:" + entry.getValue() + "$)"));
|
||||||
|
@ -285,9 +285,9 @@ public class MongoUserProvider implements UserProvider {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeUser(RealmModel realm, String name) {
|
public boolean removeUser(RealmModel realm, UserModel user) {
|
||||||
DBObject query = new QueryBuilder()
|
DBObject query = new QueryBuilder()
|
||||||
.and("username").is(name)
|
.and("id").is(user.getId())
|
||||||
.and("realmId").is(realm.getId())
|
.and("realmId").is(realm.getId())
|
||||||
.get();
|
.get();
|
||||||
return getMongoStore().removeEntities(MongoUserEntity.class, query, invocationContext);
|
return getMongoStore().removeEntities(MongoUserEntity.class, query, invocationContext);
|
||||||
|
|
|
@ -31,7 +31,7 @@ public class UpsSecurityApplication extends KeycloakApplication {
|
||||||
RealmManager manager = new RealmManager(session);
|
RealmManager manager = new RealmManager(session);
|
||||||
RealmModel master = manager.getKeycloakAdminstrationRealm();
|
RealmModel master = manager.getKeycloakAdminstrationRealm();
|
||||||
UserModel admin = session.users().getUserByUsername("admin", master);
|
UserModel admin = session.users().getUserByUsername("admin", master);
|
||||||
if (admin != null) session.users().removeUser(master, admin.getUsername());
|
if (admin != null) session.users().removeUser(master, admin);
|
||||||
session.getTransaction().commit();
|
session.getTransaction().commit();
|
||||||
} finally {
|
} finally {
|
||||||
session.close();
|
session.close();
|
||||||
|
|
|
@ -17,7 +17,7 @@ public class UserManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean removeUser(RealmModel realm, UserModel user) {
|
public boolean removeUser(RealmModel realm, UserModel user) {
|
||||||
if (session.users().removeUser(realm, user.getUsername())) {
|
if (session.users().removeUser(realm, user)) {
|
||||||
UserSessionProvider sessions = session.sessions();
|
UserSessionProvider sessions = session.sessions();
|
||||||
if (sessions != null) {
|
if (sessions != null) {
|
||||||
sessions.onUserRemoved(realm, user);
|
sessions.onUserRemoved(realm, user);
|
||||||
|
|
|
@ -341,7 +341,7 @@ public class UsersResource {
|
||||||
attributes.put(UserModel.EMAIL, email);
|
attributes.put(UserModel.EMAIL, email);
|
||||||
}
|
}
|
||||||
if (username != null) {
|
if (username != null) {
|
||||||
attributes.put(UserModel.LOGIN_NAME, username);
|
attributes.put(UserModel.USERNAME, username);
|
||||||
}
|
}
|
||||||
userModels = session.users().searchForUserByAttributes(attributes, realm, firstResult, maxResults);
|
userModels = session.users().searchForUserByAttributes(attributes, realm, firstResult, maxResults);
|
||||||
for (UserModel user : userModels) {
|
for (UserModel user : userModels) {
|
||||||
|
|
|
@ -213,7 +213,8 @@ public class ExportImportTest {
|
||||||
Assert.assertEquals(1, realmProvider.getRealms().size());
|
Assert.assertEquals(1, realmProvider.getRealms().size());
|
||||||
|
|
||||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||||
session.users().removeUser(master, "admin2");
|
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||||
|
session.users().removeUser(master, admin2);
|
||||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||||
|
@ -263,7 +264,8 @@ public class ExportImportTest {
|
||||||
Assert.assertEquals(1, realmProvider.getRealms().size());
|
Assert.assertEquals(1, realmProvider.getRealms().size());
|
||||||
|
|
||||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||||
session.users().removeUser(master, "admin2");
|
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||||
|
session.users().removeUser(master, admin2);
|
||||||
|
|
||||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||||
|
|
|
@ -181,8 +181,7 @@ public class AdapterTest extends AbstractModelTest {
|
||||||
commit();
|
commit();
|
||||||
|
|
||||||
realmModel = model.getRealm("JUGGLER");
|
realmModel = model.getRealm("JUGGLER");
|
||||||
Assert.assertTrue(realmManager.getSession().users().removeUser(realmModel, "bburke"));
|
Assert.assertTrue(realmManager.getSession().users().removeUser(realmModel, user));
|
||||||
Assert.assertFalse(realmManager.getSession().users().removeUser(realmModel, "bburke"));
|
|
||||||
assertNull(realmManager.getSession().users().getUserByUsername("bburke", realmModel));
|
assertNull(realmManager.getSession().users().getUserByUsername("bburke", realmModel));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -52,8 +52,9 @@ public class MultipleRealmsTest extends AbstractModelTest {
|
||||||
realm1 = model.getRealm("id1");
|
realm1 = model.getRealm("id1");
|
||||||
realm2 = model.getRealm("id2");
|
realm2 = model.getRealm("id2");
|
||||||
|
|
||||||
session.users().removeUser(realm1, "user1");
|
session.users().removeUser(realm1, r1user1);
|
||||||
session.users().removeUser(realm1, "user2");
|
UserModel user2 = session.users().getUserByUsername("user2", realm1);
|
||||||
|
session.users().removeUser(realm1, user2);
|
||||||
Assert.assertEquals(0, session.users().searchForUser("user", realm1).size());
|
Assert.assertEquals(0, session.users().searchForUser("user", realm1).size());
|
||||||
Assert.assertEquals(2, session.users().searchForUser("user", realm2).size());
|
Assert.assertEquals(2, session.users().searchForUser("user", realm2).size());
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,8 +45,10 @@ public class UserSessionProviderTest {
|
||||||
public void after() {
|
public void after() {
|
||||||
resetSession();
|
resetSession();
|
||||||
session.sessions().removeUserSessions(realm);
|
session.sessions().removeUserSessions(realm);
|
||||||
session.users().removeUser(realm, "user1");
|
UserModel user1 = session.users().getUserByUsername("user1", realm);
|
||||||
session.users().removeUser(realm, "user2");
|
UserModel user2 = session.users().getUserByUsername("user2", realm);
|
||||||
|
session.users().removeUser(realm, user1);
|
||||||
|
session.users().removeUser(realm, user2);
|
||||||
kc.stopSession(session, true);
|
kc.stopSession(session, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,6 @@ public class DeleteUsersJob extends UsersJob {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void runIteration(KeycloakSession session, RealmModel realm, Map<String, ApplicationModel> apps, Set<RoleModel> realmRoles, Map<String, Set<RoleModel>> appRoles, int counter) {
|
protected void runIteration(KeycloakSession session, RealmModel realm, Map<String, ApplicationModel> apps, Set<RoleModel> realmRoles, Map<String, Set<RoleModel>> appRoles, int counter) {
|
||||||
String username = users.next().getUsername();
|
session.users().removeUser(realm, users.next());
|
||||||
session.users().removeUser(realm, username);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue