Merge pull request #3580 from abstractj/KEYCLOAK-3970
[KEYCLOAK-3970] - SSSD testsuite is broken
This commit is contained in:
commit
3bc721720f
2 changed files with 45 additions and 42 deletions
|
@ -20,22 +20,19 @@ package org.keycloak.federation.sssd;
|
|||
import org.freedesktop.dbus.Variant;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.credential.CredentialInput;
|
||||
import org.keycloak.credential.CredentialInputUpdater;
|
||||
import org.keycloak.credential.CredentialInputValidator;
|
||||
import org.keycloak.credential.CredentialModel;
|
||||
import org.keycloak.federation.sssd.api.Sssd;
|
||||
import org.keycloak.federation.sssd.impl.PAMAuthenticator;
|
||||
import org.keycloak.models.GroupModel;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.UserCredentialModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.*;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.models.UserManager;
|
||||
import org.keycloak.storage.UserStorageProvider;
|
||||
import org.keycloak.storage.UserStorageProviderModel;
|
||||
import org.keycloak.storage.user.ImportedUserValidation;
|
||||
import org.keycloak.storage.user.UserLookupProvider;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
@ -47,7 +44,11 @@ import java.util.Set;
|
|||
* @author <a href="mailto:bruno@abstractj.org">Bruno Oliveira</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class SSSDFederationProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator {
|
||||
public class SSSDFederationProvider implements UserStorageProvider,
|
||||
UserLookupProvider,
|
||||
CredentialInputUpdater,
|
||||
CredentialInputValidator,
|
||||
ImportedUserValidation {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(SSSDFederationProvider.class);
|
||||
|
||||
|
@ -72,13 +73,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
|
|||
return findOrCreateAuthenticatedUser(realm, username);
|
||||
}
|
||||
|
||||
/**
|
||||
* Called after successful authentication
|
||||
*
|
||||
* @param realm realm
|
||||
* @param username username without realm prefix
|
||||
* @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
|
||||
*/
|
||||
@Override
|
||||
public UserModel validate(RealmModel realm, UserModel user) {
|
||||
return validateAndProxy(realm, user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Called after successful authentication
|
||||
*
|
||||
* @param realm realm
|
||||
* @param username username without realm prefix
|
||||
* @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
|
||||
*/
|
||||
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) {
|
||||
UserModel user = session.userLocalStorage().getUserByUsername(username, realm);
|
||||
if (user != null) {
|
||||
|
@ -187,4 +193,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
|
|||
public void close() {
|
||||
Sssd.disconnect();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
||||
throw new IllegalStateException("You can't update your password as your account is read only.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getDisableableCredentialTypes(RealmModel realm, UserModel user) {
|
||||
return Collections.EMPTY_SET;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -21,7 +21,6 @@ import org.freedesktop.dbus.DBusConnection;
|
|||
import org.freedesktop.dbus.Variant;
|
||||
import org.freedesktop.dbus.exceptions.DBusException;
|
||||
import org.freedesktop.sssd.infopipe.InfoPipe;
|
||||
import org.freedesktop.sssd.infopipe.User;
|
||||
import org.jboss.logging.Logger;
|
||||
|
||||
import java.nio.file.Files;
|
||||
|
@ -38,17 +37,10 @@ import java.util.Vector;
|
|||
*/
|
||||
public class Sssd {
|
||||
|
||||
public static User user() {
|
||||
return SingletonHolder.USER_OBJECT;
|
||||
}
|
||||
|
||||
public static InfoPipe infopipe() {
|
||||
return SingletonHolder.INFOPIPE_OBJECT;
|
||||
}
|
||||
|
||||
private static DBusConnection dBusConnection;
|
||||
|
||||
public static void disconnect() {
|
||||
SingletonHolder.DBUS_CONNECTION.disconnect();
|
||||
dBusConnection.disconnect();
|
||||
}
|
||||
|
||||
private String username;
|
||||
|
@ -59,22 +51,12 @@ public class Sssd {
|
|||
|
||||
public Sssd(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
private static final class SingletonHolder {
|
||||
private static InfoPipe INFOPIPE_OBJECT;
|
||||
private static User USER_OBJECT;
|
||||
private static DBusConnection DBUS_CONNECTION;
|
||||
|
||||
static {
|
||||
try {
|
||||
DBUS_CONNECTION = DBusConnection.getConnection(DBusConnection.SYSTEM);
|
||||
INFOPIPE_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
|
||||
USER_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, User.OBJECTPATH, User.class);
|
||||
} catch (DBusException e) {
|
||||
logger.error("Failed to obtain D-Bus connection", e);
|
||||
}
|
||||
try {
|
||||
dBusConnection = DBusConnection.getConnection(DBusConnection.SYSTEM);
|
||||
} catch (DBusException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static String getRawAttribute(Variant variant) {
|
||||
|
@ -91,7 +73,7 @@ public class Sssd {
|
|||
String[] attr = {"mail", "givenname", "sn", "telephoneNumber"};
|
||||
Map<String, Variant> attributes = null;
|
||||
try {
|
||||
InfoPipe infoPipe = infopipe();
|
||||
InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
|
||||
attributes = infoPipe.getUserAttributes(username, Arrays.asList(attr));
|
||||
} catch (Exception e) {
|
||||
throw new SSSDException("Failed to retrieve user's attributes. Check if SSSD service is active.");
|
||||
|
@ -103,7 +85,7 @@ public class Sssd {
|
|||
public List<String> getUserGroups() {
|
||||
List<String> userGroups;
|
||||
try {
|
||||
InfoPipe infoPipe = Sssd.infopipe();
|
||||
InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
|
||||
userGroups = infoPipe.getUserGroups(username);
|
||||
} catch (Exception e) {
|
||||
throw new SSSDException("Failed to retrieve user's groups from SSSD. Check if SSSD service is active.");
|
||||
|
@ -125,4 +107,5 @@ public class Sssd {
|
|||
}
|
||||
return sssdAvailable;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue