Merge pull request #3580 from abstractj/KEYCLOAK-3970

[KEYCLOAK-3970] - SSSD testsuite is broken
This commit is contained in:
Bill Burke 2016-12-03 13:37:48 -05:00 committed by GitHub
commit 3bc721720f
2 changed files with 45 additions and 42 deletions

View file

@ -20,22 +20,19 @@ package org.keycloak.federation.sssd;
import org.freedesktop.dbus.Variant;
import org.jboss.logging.Logger;
import org.keycloak.credential.CredentialInput;
import org.keycloak.credential.CredentialInputUpdater;
import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.credential.CredentialModel;
import org.keycloak.federation.sssd.api.Sssd;
import org.keycloak.federation.sssd.impl.PAMAuthenticator;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.*;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.UserManager;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.user.ImportedUserValidation;
import org.keycloak.storage.user.UserLookupProvider;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
@ -47,7 +44,11 @@ import java.util.Set;
* @author <a href="mailto:bruno@abstractj.org">Bruno Oliveira</a>
* @version $Revision: 1 $
*/
public class SSSDFederationProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator {
public class SSSDFederationProvider implements UserStorageProvider,
UserLookupProvider,
CredentialInputUpdater,
CredentialInputValidator,
ImportedUserValidation {
private static final Logger logger = Logger.getLogger(SSSDFederationProvider.class);
@ -72,13 +73,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
return findOrCreateAuthenticatedUser(realm, username);
}
/**
* Called after successful authentication
*
* @param realm realm
* @param username username without realm prefix
* @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
*/
@Override
public UserModel validate(RealmModel realm, UserModel user) {
return validateAndProxy(realm, user);
}
/**
* Called after successful authentication
*
* @param realm realm
* @param username username without realm prefix
* @return user if found or successfully created. Null if user with same username already exists, but is not linked to this provider
*/
protected UserModel findOrCreateAuthenticatedUser(RealmModel realm, String username) {
UserModel user = session.userLocalStorage().getUserByUsername(username, realm);
if (user != null) {
@ -187,4 +193,18 @@ public class SSSDFederationProvider implements UserStorageProvider, UserLookupPr
public void close() {
Sssd.disconnect();
}
@Override
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
throw new IllegalStateException("You can't update your password as your account is read only.");
}
@Override
public void disableCredentialType(RealmModel realm, UserModel user, String credentialType) {
}
@Override
public Set<String> getDisableableCredentialTypes(RealmModel realm, UserModel user) {
return Collections.EMPTY_SET;
}
}

View file

@ -21,7 +21,6 @@ import org.freedesktop.dbus.DBusConnection;
import org.freedesktop.dbus.Variant;
import org.freedesktop.dbus.exceptions.DBusException;
import org.freedesktop.sssd.infopipe.InfoPipe;
import org.freedesktop.sssd.infopipe.User;
import org.jboss.logging.Logger;
import java.nio.file.Files;
@ -38,17 +37,10 @@ import java.util.Vector;
*/
public class Sssd {
public static User user() {
return SingletonHolder.USER_OBJECT;
}
public static InfoPipe infopipe() {
return SingletonHolder.INFOPIPE_OBJECT;
}
private static DBusConnection dBusConnection;
public static void disconnect() {
SingletonHolder.DBUS_CONNECTION.disconnect();
dBusConnection.disconnect();
}
private String username;
@ -59,22 +51,12 @@ public class Sssd {
public Sssd(String username) {
this.username = username;
}
private static final class SingletonHolder {
private static InfoPipe INFOPIPE_OBJECT;
private static User USER_OBJECT;
private static DBusConnection DBUS_CONNECTION;
static {
try {
DBUS_CONNECTION = DBusConnection.getConnection(DBusConnection.SYSTEM);
INFOPIPE_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
USER_OBJECT = DBUS_CONNECTION.getRemoteObject(InfoPipe.BUSNAME, User.OBJECTPATH, User.class);
} catch (DBusException e) {
logger.error("Failed to obtain D-Bus connection", e);
}
try {
dBusConnection = DBusConnection.getConnection(DBusConnection.SYSTEM);
} catch (DBusException e) {
e.printStackTrace();
}
}
public static String getRawAttribute(Variant variant) {
@ -91,7 +73,7 @@ public class Sssd {
String[] attr = {"mail", "givenname", "sn", "telephoneNumber"};
Map<String, Variant> attributes = null;
try {
InfoPipe infoPipe = infopipe();
InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
attributes = infoPipe.getUserAttributes(username, Arrays.asList(attr));
} catch (Exception e) {
throw new SSSDException("Failed to retrieve user's attributes. Check if SSSD service is active.");
@ -103,7 +85,7 @@ public class Sssd {
public List<String> getUserGroups() {
List<String> userGroups;
try {
InfoPipe infoPipe = Sssd.infopipe();
InfoPipe infoPipe = dBusConnection.getRemoteObject(InfoPipe.BUSNAME, InfoPipe.OBJECTPATH, InfoPipe.class);
userGroups = infoPipe.getUserGroups(username);
} catch (Exception e) {
throw new SSSDException("Failed to retrieve user's groups from SSSD. Check if SSSD service is active.");
@ -125,4 +107,5 @@ public class Sssd {
}
return sssdAvailable;
}
}