Merge pull request #3580 from abstractj/KEYCLOAK-3970
[KEYCLOAK-3970] - SSSD testsuite is broken
This commit is contained in:
commit
3bc721720f
2 changed files with 45 additions and 42 deletions
|
@ -20,22 +20,19 @@ package org.keycloak.federation.sssd;
|
||||||
import org.freedesktop.dbus.Variant;
|
import org.freedesktop.dbus.Variant;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.credential.CredentialInput;
|
import org.keycloak.credential.CredentialInput;
|
||||||
|
import org.keycloak.credential.CredentialInputUpdater;
|
||||||
import org.keycloak.credential.CredentialInputValidator;
|
import org.keycloak.credential.CredentialInputValidator;
|
||||||
import org.keycloak.credential.CredentialModel;
|
import org.keycloak.credential.CredentialModel;
|
||||||
import org.keycloak.federation.sssd.api.Sssd;
|
import org.keycloak.federation.sssd.api.Sssd;
|
||||||
import org.keycloak.federation.sssd.impl.PAMAuthenticator;
|
import org.keycloak.federation.sssd.impl.PAMAuthenticator;
|
||||||
import org.keycloak.models.GroupModel;
|
import org.keycloak.models.*;
|
||||||
import org.keycloak.models.KeycloakSession;
|
|
||||||
import org.keycloak.models.RealmModel;
|
|
||||||
import org.keycloak.models.RoleModel;
|
|
||||||
import org.keycloak.models.UserCredentialModel;
|
|
||||||
import org.keycloak.models.UserModel;
|
|
||||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||||
import org.keycloak.models.UserManager;
|
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
import org.keycloak.storage.UserStorageProviderModel;
|
||||||
|
import org.keycloak.storage.user.ImportedUserValidation;
|
||||||
import org.keycloak.storage.user.UserLookupProvider;
|
import org.keycloak.storage.user.UserLookupProvider;
|
||||||
|
|
||||||
|
import java.util.Collections;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -47,7 +44,11 @@ import java.util.Set;
|
||||||
* @author <a href="mailto:bruno@abstractj.org">Bruno Oliveira</a>
|
* @author <a href="mailto:bruno@abstractj.org">Bruno Oliveira</a>
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
public class SSSDFederationProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator {
|
public class SSSDFederationProvider implements UserStorageProvider,
|
||||||
|
UserLookupProvider,
|
||||||
|
CredentialInputUpdater,
|
||||||
|
CredentialInputValidator,
|
||||||
|
ImportedUserValidation {
|
||||||
|
|
||||||
private static final Logger logger = Logger.getLogger(SSSDFederationProvider.class);
|
private static final Logger logger = Logger.getLogger(SSSDFederationProvider.class);
|
||||||
|
|
||||||
|
@ -72,6 +73,11 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
|
||||||
return findOrCreateAuthenticatedUser(realm, username);
|
return findOrCreateAuthenticatedUser(realm, username);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public UserModel validate(RealmModel realm, UserModel user) {
|
||||||
|
return validateAndProxy(realm, user);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Called after successful authentication
|
* Called after successful authentication
|
||||||
*
|
*
|
||||||
|
@ -187,4 +193,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
|
||||||
public void close() {
|
public void close() {
|
||||||
Sssd.disconnect();
|
Sssd.disconnect();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
||||||
|
throw new IllegalStateException("You can't update your password as your account is read only.");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Set<String> getDisableableCredentialTypes(RealmModel realm, UserModel user) {
|
||||||
|
return Collections.EMPTY_SET;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,7 +21,6 @@ import org.freedesktop.dbus.DBusConnection;
|
||||||
import org.freedesktop.dbus.Variant;
|
import org.freedesktop.dbus.Variant;
|
||||||
import org.freedesktop.dbus.exceptions.DBusException;
|
import org.freedesktop.dbus.exceptions.DBusException;
|
||||||
import org.freedesktop.sssd.infopipe.InfoPipe;
|
import org.freedesktop.sssd.infopipe.InfoPipe;
|
||||||
import org.freedesktop.sssd.infopipe.User;
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
|
|
||||||
import java.nio.file.Files;
|
import java.nio.file.Files;
|
||||||
|
@ -38,17 +37,10 @@ import java.util.Vector;
|
||||||
*/
|
*/
|
||||||
public class Sssd {
|
public class Sssd {
|
||||||
|
|
||||||
public static User user() {
|
private static DBusConnection dBusConnection;
|
||||||
return SingletonHolder.USER_OBJECT;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static InfoPipe infopipe() {
|
|
||||||
return SingletonHolder.INFOPIPE_OBJECT;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
public static void disconnect() {
|
public static void disconnect() {
|
||||||
SingletonHolder.DBUS_CONNECTION.disconnect();
|
dBusConnection.disconnect();
|
||||||
}
|
}
|
||||||
|
|
||||||
private String username;
|
private String username;
|
||||||
|
@ -59,22 +51,12 @@ public class Sssd {
|
||||||
|
|
||||||
public Sssd(String username) {
|
public Sssd(String username) {
|
||||||
this.username = username;
|
this.username = username;
|
||||||
}
|
|
||||||
|
|
||||||
private static final class SingletonHolder {
|
|
||||||
private static InfoPipe INFOPIPE_OBJECT;
|
|
||||||
private static User USER_OBJECT;
|
|
||||||
private static DBusConnection DBUS_CONNECTION;
|
|
||||||
|
|
||||||
static {
|
|
||||||
try {
|
try {
|
||||||
DBUS_CONNECTION = DBusConnection.getConnection(DBusConnection.SYSTEM);
|
dBusConnection = DBusConnection.getConnection(DBusConnection.SYSTEM);
|
||||||
INFOPIPE_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
|
|
||||||
USER_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, User.OBJECTPATH, User.class);
|
|
||||||
} catch (DBusException e) {
|
} catch (DBusException e) {
|
||||||
logger.error("Failed to obtain D-Bus connection", e);
|
e.printStackTrace();
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static String getRawAttribute(Variant variant) {
|
public static String getRawAttribute(Variant variant) {
|
||||||
|
@ -91,7 +73,7 @@ public class Sssd {
|
||||||
String[] attr = {"mail", "givenname", "sn", "telephoneNumber"};
|
String[] attr = {"mail", "givenname", "sn", "telephoneNumber"};
|
||||||
Map<String, Variant> attributes = null;
|
Map<String, Variant> attributes = null;
|
||||||
try {
|
try {
|
||||||
InfoPipe infoPipe = infopipe();
|
InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
|
||||||
attributes = infoPipe.getUserAttributes(username, Arrays.asList(attr));
|
attributes = infoPipe.getUserAttributes(username, Arrays.asList(attr));
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new SSSDException("Failed to retrieve user's attributes. Check if SSSD service is active.");
|
throw new SSSDException("Failed to retrieve user's attributes. Check if SSSD service is active.");
|
||||||
|
@ -103,7 +85,7 @@ public class Sssd {
|
||||||
public List<String> getUserGroups() {
|
public List<String> getUserGroups() {
|
||||||
List<String> userGroups;
|
List<String> userGroups;
|
||||||
try {
|
try {
|
||||||
InfoPipe infoPipe = Sssd.infopipe();
|
InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
|
||||||
userGroups = infoPipe.getUserGroups(username);
|
userGroups = infoPipe.getUserGroups(username);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new SSSDException("Failed to retrieve user's groups from SSSD. Check if SSSD service is active.");
|
throw new SSSDException("Failed to retrieve user's groups from SSSD. Check if SSSD service is active.");
|
||||||
|
@ -125,4 +107,5 @@ public class Sssd {
|
||||||
}
|
}
|
||||||
return sssdAvailable;
|
return sssdAvailable;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue