Ensure realm attributes import happens before client import

Fixes #32799

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
This commit is contained in:
Thomas Darimont 2024-09-11 12:44:42 +02:00 committed by Alexander Schwartz
parent 126f0dec88
commit 445a7da902
3 changed files with 2540 additions and 9 deletions

View file

@ -364,6 +364,14 @@ public class DefaultExportImportManager implements ExportImportManager {
} }
} }
// import attributes
if (rep.getAttributes() != null) {
for (Map.Entry<String, String> attr : rep.getAttributes().entrySet()) {
newRealm.setAttribute(attr.getKey(), attr.getValue());
}
}
Map<String, ClientModel> createdClients = new HashMap<>(); Map<String, ClientModel> createdClients = new HashMap<>();
if (rep.getClients() != null) { if (rep.getClients() != null) {
createdClients = createClients(session, rep, newRealm, mappedFlows); createdClients = createClients(session, rep, newRealm, mappedFlows);
@ -456,14 +464,6 @@ public class DefaultExportImportManager implements ExportImportManager {
newRealm.setDefaultLocale(rep.getDefaultLocale()); newRealm.setDefaultLocale(rep.getDefaultLocale());
} }
// import attributes
if (rep.getAttributes() != null) {
for (Map.Entry<String, String> attr : rep.getAttributes().entrySet()) {
newRealm.setAttribute(attr.getKey(), attr.getValue());
}
}
if (newRealm.getComponentsStream(newRealm.getId(), KeyProvider.class.getName()).count() == 0) { if (newRealm.getComponentsStream(newRealm.getId(), KeyProvider.class.getName()).count() == 0) {
if (rep.getPrivateKey() != null) { if (rep.getPrivateKey() != null) {
DefaultKeyProviders.createProviders(newRealm, rep.getPrivateKey(), rep.getCertificate()); DefaultKeyProviders.createProviders(newRealm, rep.getPrivateKey(), rep.getCertificate());

View file

@ -31,6 +31,7 @@ import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants; import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.utils.AcrUtils;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
@ -46,6 +47,7 @@ import org.keycloak.util.JsonSerialization;
import java.io.IOException; import java.io.IOException;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.util.Collection; import java.util.Collection;
import java.util.Map;
import java.util.Objects; import java.util.Objects;
import java.util.concurrent.atomic.AtomicReference; import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@ -138,6 +140,21 @@ public class ImportTest extends AbstractTestRealmKeycloakTest {
}); });
} }
// https://github.com/keycloak/keycloak/issues/32799
@Test
public void importAcrToLoaMappingWithDefaultAcrValues() {
RealmRepresentation testRealm = loadJson(getClass().getResourceAsStream("/model/acr-values-import-bug.json"), RealmRepresentation.class);
adminClient.realms().create(testRealm);
testingClient.server().run(session -> {
RealmModel realm = session.realms().getRealmByName("acr-import-bug");
Map<String, Integer> acrLoaMap = AcrUtils.getAcrLoaMap(realm);
Assert.assertNotNull(acrLoaMap);
ClientModel clientSilverAcr = realm.getClientByClientId("client-silver");
Assert.assertEquals("silver", clientSilverAcr.getAttribute("default.acr.values"));
});
}
@Test @Test
public void importUserProfile() throws Exception { public void importUserProfile() throws Exception {
final String realmString = IOUtils.toString(getClass().getResourceAsStream("/model/import-userprofile.json"), StandardCharsets.UTF_8); final String realmString = IOUtils.toString(getClass().getResourceAsStream("/model/import-userprofile.json"), StandardCharsets.UTF_8);