Merge pull request #3580 from abstractj/KEYCLOAK-3970

[KEYCLOAK-3970] - SSSD testsuite is broken

federation/sssd/src/main/java/org/keycloak/federation/sssd/SSSDFederationProvider.java

@@ -20,22 +20,19 @@ package org.keycloak.federation.sssd;
 import org.freedesktop.dbus.Variant;
 import org.jboss.logging.Logger;
 import org.keycloak.credential.CredentialInput;
+import org.keycloak.credential.CredentialInputUpdater;
 import org.keycloak.credential.CredentialInputValidator;
 import org.keycloak.credential.CredentialModel;
 import org.keycloak.federation.sssd.api.Sssd;
 import org.keycloak.federation.sssd.impl.PAMAuthenticator;
-import org.keycloak.models.GroupModel;
+import org.keycloak.models.*;
-import org.keycloak.models.KeycloakSession;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserCredentialModel;
-import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.models.UserManager;
 import org.keycloak.storage.UserStorageProvider;
 import org.keycloak.storage.UserStorageProviderModel;
+import org.keycloak.storage.user.ImportedUserValidation;
 import org.keycloak.storage.user.UserLookupProvider;
 
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
@@ -47,7 +44,11 @@ import java.util.Set;
  * @author <a href="mailto:bruno@abstractj.org">Bruno Oliveira</a>
  * @version $Revision: 1 $
  */
-public class SSSDFederationProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator {
+public class SSSDFederationProvider implements UserStorageProvider,
+        UserLookupProvider,
+        CredentialInputUpdater,
+        CredentialInputValidator,
+        ImportedUserValidation {
 
     private static final Logger logger = Logger.getLogger(SSSDFederationProvider.class);
 
@@ -72,13 +73,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
         return findOrCreateAuthenticatedUser(realm, username);
     }
 
-    /**
+    @Override
-     * Called after successful authentication
+    public UserModel validate(RealmModel realm, UserModel user) {
-     *
+        return validateAndProxy(realm, user);
-     * @param realm    realm
+    }
-     * @param username username without realm prefix
+
-     * @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
+        /**
-     */
+         * Called after successful authentication
+         *
+         * @param realm    realm
+         * @param username username without realm prefix
+         * @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
+         */
     protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) {
         UserModel user = session.userLocalStorage().getUserByUsername(username, realm);
         if (user != null) {
@@ -187,4 +193,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
     public void close() {
         Sssd.disconnect();
     }
+
+    @Override
+    public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
+        throw new IllegalStateException("You can't update your password as your account is read only.");
+    }
+
+    @Override
+    public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
+    }
+
+    @Override
+    public Set<String> getDisableableCredentialTypes(RealmModel realm, UserModel user) {
+        return Collections.EMPTY_SET;
+    }
 }

federation/sssd/src/main/java/org/keycloak/federation/sssd/api/Sssd.java

@@ -21,7 +21,6 @@ import org.freedesktop.dbus.DBusConnection;
 import org.freedesktop.dbus.Variant;
 import org.freedesktop.dbus.exceptions.DBusException;
 import org.freedesktop.sssd.infopipe.InfoPipe;
-import org.freedesktop.sssd.infopipe.User;
 import org.jboss.logging.Logger;
 
 import java.nio.file.Files;
@@ -38,17 +37,10 @@ import java.util.Vector;
  */
 public class Sssd {
 
-    public static User user() {
+    private static DBusConnection dBusConnection;
-        return SingletonHolder.USER_OBJECT;
-    }
-
-    public static InfoPipe infopipe() {
-        return SingletonHolder.INFOPIPE_OBJECT;
-    }
-
 
     public static void disconnect() {
-        SingletonHolder.DBUS_CONNECTION.disconnect();
+        dBusConnection.disconnect();
     }
 
     private String username;
@@ -59,22 +51,12 @@ public class Sssd {
 
     public Sssd(String username) {
         this.username = username;
-    }
+        try {
-
+            dBusConnection = DBusConnection.getConnection(DBusConnection.SYSTEM);
-    private static final class SingletonHolder {
+        } catch (DBusException e) {
-        private static InfoPipe INFOPIPE_OBJECT;
+            e.printStackTrace();
-        private static User USER_OBJECT;
-        private static DBusConnection DBUS_CONNECTION;
-
-        static {
-            try {
-                DBUS_CONNECTION = DBusConnection.getConnection(DBusConnection.SYSTEM);
-                INFOPIPE_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
-                USER_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, User.OBJECTPATH, User.class);
-            } catch (DBusException e) {
-                logger.error("Failed to obtain D-Bus connection", e);
-            }
         }
+
     }
 
     public static String getRawAttribute(Variant variant) {
@@ -91,7 +73,7 @@ public class Sssd {
         String[] attr = {"mail", "givenname", "sn", "telephoneNumber"};
         Map<String, Variant> attributes = null;
         try {
-            InfoPipe infoPipe = infopipe();
+            InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
             attributes = infoPipe.getUserAttributes(username, Arrays.asList(attr));
         } catch (Exception e) {
             throw new SSSDException("Failed to retrieve user's attributes. Check if SSSD service is active.");
@@ -103,7 +85,7 @@ public class Sssd {
     public List<String> getUserGroups() {
         List<String> userGroups;
         try {
-            InfoPipe infoPipe = Sssd.infopipe();
+            InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
             userGroups = infoPipe.getUserGroups(username);
         } catch (Exception e) {
             throw new SSSDException("Failed to retrieve user's groups from SSSD. Check if SSSD service is active.");
@@ -125,4 +107,5 @@ public class Sssd {
         }
         return sssdAvailable;
     }
+
 }