fix: accounting for the possibility of null flows from existing realms
closes: #23980 Signed-off-by: Steve Hawkins <shawkins@redhat.com>
This commit is contained in:
parent
7695532011
commit
4091baf4c2
5 changed files with 64 additions and 35 deletions
|
@ -1288,10 +1288,7 @@ public class DefaultExportImportManager implements ExportImportManager {
|
|||
}
|
||||
public static Map<String, String> importAuthenticationFlows(KeycloakSession session, RealmModel newRealm, RealmRepresentation rep) {
|
||||
Map<String, String> mappedFlows = new HashMap<>();
|
||||
if (rep.getAuthenticationFlows() == null) {
|
||||
// assume this is an old version being imported
|
||||
DefaultAuthenticationFlows.migrateFlows(newRealm);
|
||||
} else {
|
||||
|
||||
if (rep.getAuthenticatorConfig() != null) {
|
||||
for (AuthenticatorConfigRepresentation configRep : rep.getAuthenticatorConfig()) {
|
||||
if (configRep.getAlias() == null) {
|
||||
|
@ -1319,7 +1316,7 @@ public class DefaultExportImportManager implements ExportImportManager {
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
DefaultAuthenticationFlows.migrateFlows(newRealm);
|
||||
if (rep.getBrowserFlow() == null) {
|
||||
AuthenticationFlowModel defaultFlow = newRealm.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW);
|
||||
if (defaultFlow != null) {
|
||||
|
|
|
@ -43,7 +43,7 @@ public class AuthenticationMapper {
|
|||
|
||||
final List<String> useAsDefault = Stream.of(realm.getBrowserFlow(), realm.getRegistrationFlow(), realm.getDirectGrantFlow(),
|
||||
realm.getResetCredentialsFlow(), realm.getClientAuthenticationFlow(), realm.getDockerAuthenticationFlow(), realm.getFirstBrokerLoginFlow())
|
||||
.filter(f -> flow.getAlias().equals(f.getAlias())).map(AuthenticationFlowModel::getAlias).collect(Collectors.toList());
|
||||
.filter(f -> f != null && flow.getAlias().equals(f.getAlias())).map(AuthenticationFlowModel::getAlias).collect(Collectors.toList());
|
||||
|
||||
if (!useAsDefault.isEmpty()) {
|
||||
authentication.setUsedBy(new UsedBy(UsedBy.UsedByType.DEFAULT, useAsDefault));
|
||||
|
|
|
@ -605,6 +605,7 @@ public class DefaultAuthenticationFlows {
|
|||
if (browserFlow == null) {
|
||||
browserFlow = realm.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW);
|
||||
}
|
||||
if (browserFlow != null) {
|
||||
List<AuthenticationExecutionModel> browserExecutions = new LinkedList<>();
|
||||
KeycloakModelUtils.deepFindAuthenticationExecutions(realm, browserFlow, browserExecutions);
|
||||
for (AuthenticationExecutionModel browserExecution : browserExecutions) {
|
||||
|
@ -616,6 +617,7 @@ public class DefaultAuthenticationFlows {
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
execution.setFlowId(conditionalOTP.getId());
|
||||
execution.setPriority(20);
|
||||
execution.setAuthenticatorFlow(true);
|
||||
|
|
|
@ -257,6 +257,13 @@ public class ExportImportTest extends AbstractKeycloakTest {
|
|||
addTestRealmToTestRealmReps("import-without-clients");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testImportFromRealmWithPartialAuthenticationFlows() {
|
||||
// import a realm with no built-in authentication flows
|
||||
importRealmFromFile("/import/partial-authentication-flows-import.json");
|
||||
Assert.assertTrue("Imported realm hasn't been found!", isRealmPresent("partial-authentication-flows-import"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testImportWithNullAuthenticatorConfigAndNoDefaultBrowserFlow() {
|
||||
importRealmFromFile("/import/testrealm-authenticator-config-null.json");
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
{
|
||||
"enabled": true,
|
||||
"realm": "partial-authentication-flows-import",
|
||||
"authenticationFlows": [
|
||||
{
|
||||
"alias": "X.509 browser",
|
||||
"description": "Browser-based authentication",
|
||||
"providerId": "basic-flow",
|
||||
"topLevel": true,
|
||||
"builtIn": false,
|
||||
"authenticationExecutions": [
|
||||
{
|
||||
"requirement": "ALTERNATIVE",
|
||||
"priority": 10,
|
||||
"authenticator": "auth-cookie",
|
||||
"authenticatorFlow": false,
|
||||
"autheticatorFlow": false,
|
||||
"userSetupAllowed": false
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
Loading…
Reference in a new issue