From 465019bec4c136bf964c6d6ca8628397ebebbb22 Mon Sep 17 00:00:00 2001 From: Michal Hajas Date: Thu, 2 Mar 2023 11:11:13 +0100 Subject: [PATCH] Extract attachDevice outside of storage layer Closes #17336 --- .../InfinispanUserSessionProvider.java | 15 ++++-------- .../userSession/MapUserSessionProvider.java | 11 --------- .../keycloak/models/UserSessionProvider.java | 23 +++++++++++++++++- .../AuthenticationProcessor.java | 3 ++- .../admin/PolicyEvaluationService.java | 3 ++- .../AuthorizationTokenService.java | 3 ++- .../oidc/DefaultTokenExchangeProvider.java | 7 +++--- .../oidc/endpoints/TokenEndpoint.java | 3 ++- .../oidc/endpoints/UserInfoEndpoint.java | 3 ++- .../services/managers/UserSessionManager.java | 20 ++++++++++++++++ .../admin/ClientScopeEvaluateResource.java | 3 ++- .../resources/admin/UserResource.java | 2 +- .../login/LoginTimeoutValidationTest.java | 6 ++--- .../testsuite/model/OwnerReplacementTest.java | 2 +- .../model/UserSessionProviderOfflineTest.java | 12 +++++----- .../model/UserSessionProviderTest.java | 24 +++++++++---------- .../session/SessionTimeoutValidationTest.java | 8 +++---- .../testsuite/model/KeycloakModelTest.java | 2 -- ...rSessionClientSessionRelationshipTest.java | 2 +- .../OfflineSessionPersistenceTest.java | 2 +- .../session/UserSessionConcurrencyTest.java | 2 +- .../session/UserSessionExpirationTest.java | 3 ++- .../session/UserSessionInitializerTest.java | 3 +-- .../UserSessionPersisterProviderTest.java | 14 +++++------ .../session/UserSessionProviderModelTest.java | 2 +- .../UserSessionProviderOfflineModelTest.java | 4 ++-- .../util/cli/AbstractSessionCacheCommand.java | 5 +++- .../util/cli/PersistSessionsCommand.java | 4 +++- 28 files changed, 112 insertions(+), 79 deletions(-) diff --git a/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java b/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java index bcd5daf77c..bf919b30c6 100755 --- a/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java +++ b/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java @@ -213,15 +213,13 @@ public class InfinispanUserSessionProvider implements UserSessionProvider { return adapter; } - @Override - public UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) { - final String userSessionId = keyGenerator.generateKeyString(session, sessionCache); - return createUserSession(userSessionId, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT); - } - @Override public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, UserSessionModel.SessionPersistenceState persistenceState) { + if (id == null) { + id = keyGenerator.generateKeyString(session, sessionCache); + } + UserSessionEntity entity = new UserSessionEntity(); entity.setId(id); updateSessionEntity(entity, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId); @@ -231,11 +229,6 @@ public class InfinispanUserSessionProvider implements UserSessionProvider { UserSessionAdapter adapter = wrap(realm, entity, false); adapter.setPersistenceState(persistenceState); - - if (adapter != null) { - DeviceActivityManager.attachDevice(adapter, session); - } - return adapter; } diff --git a/model/map/src/main/java/org/keycloak/models/map/userSession/MapUserSessionProvider.java b/model/map/src/main/java/org/keycloak/models/map/userSession/MapUserSessionProvider.java index 49e49cba06..38befe0270 100644 --- a/model/map/src/main/java/org/keycloak/models/map/userSession/MapUserSessionProvider.java +++ b/model/map/src/main/java/org/keycloak/models/map/userSession/MapUserSessionProvider.java @@ -146,13 +146,6 @@ public class MapUserSessionProvider implements UserSessionProvider { return userSession.getAuthenticatedClientSessionByClient(client.getId()); } - @Override - public UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, - String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) { - return createUserSession(null, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, - brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT); - } - @Override public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, @@ -178,10 +171,6 @@ public class MapUserSessionProvider implements UserSessionProvider { setUserSessionExpiration(entity, realm); UserSessionModel userSession = userEntityToAdapterFunc(realm).apply(entity); - if (userSession != null) { - DeviceActivityManager.attachDevice(userSession, session); - } - return userSession; } diff --git a/server-spi/src/main/java/org/keycloak/models/UserSessionProvider.java b/server-spi/src/main/java/org/keycloak/models/UserSessionProvider.java index 738edf8447..2138d5c258 100755 --- a/server-spi/src/main/java/org/keycloak/models/UserSessionProvider.java +++ b/server-spi/src/main/java/org/keycloak/models/UserSessionProvider.java @@ -47,8 +47,29 @@ public interface UserSessionProvider extends Provider { } AuthenticatedClientSessionModel getClientSession(UserSessionModel userSession, ClientModel client, String clientSessionId, boolean offline); - UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId); + /** + * @deprecated Use {@link #createUserSession(String, RealmModel, UserModel, String, String, String, boolean, String, String, UserSessionModel.SessionPersistenceState)} instead. + */ + default UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) { + return createUserSession(null, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, + brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT); + } + /** + * Creates a new user session with the given parameters. + * + * @param id identifier. Is generated if {@code null} + * @param realm the realm + * @param user user associated with the created user session + * @param loginUsername + * @param ipAddress + * @param authMethod + * @param rememberMe + * @param brokerSessionId + * @param brokerUserId + * @param persistenceState + * @return Model of the created user session + */ UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, UserSessionModel.SessionPersistenceState persistenceState); diff --git a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java index fb4edea365..d57102c123 100755 --- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java +++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java @@ -49,6 +49,7 @@ import org.keycloak.services.ServicesLogger; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.BruteForceProtector; import org.keycloak.services.managers.ClientSessionCode; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.messages.Messages; import org.keycloak.services.resources.LoginActionsService; import org.keycloak.services.util.CacheControlUtil; @@ -1065,7 +1066,7 @@ public class AuthenticationProcessor { if (userSession == null) { UserSessionModel.SessionPersistenceState persistenceState = UserSessionModel.SessionPersistenceState.fromString(authSession.getClientNote(AuthenticationManager.USER_SESSION_PERSISTENT_STATE)); - userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol() + userSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol() , remember, brokerSessionId, brokerUserId, persistenceState); } else if (userSession.getUser() == null || !AuthenticationManager.isSessionValid(realm, userSession)) { userSession.restartSession(realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol() diff --git a/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java b/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java index 65f37db603..ce0891302d 100644 --- a/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java +++ b/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java @@ -70,6 +70,7 @@ import org.keycloak.representations.idm.authorization.ScopeRepresentation; import org.keycloak.services.ErrorResponseException; import org.keycloak.services.Urls; import org.keycloak.services.managers.AuthenticationManager; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator; import org.keycloak.sessions.AuthenticationSessionModel; @@ -263,7 +264,7 @@ public class PolicyEvaluationService { .createAuthenticationSession(clientModel); authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); authSession.setAuthenticatedUser(userModel); - userSession = keycloakSession.sessions().createUserSession(authSession.getParentSession().getId(), realm, userModel, + userSession = new UserSessionManager(keycloakSession).createUserSession(authSession.getParentSession().getId(), realm, userModel, userModel.getUsername(), "127.0.0.1", "passwd", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); AuthenticationManager.setClientScopesInSession(authSession); diff --git a/services/src/main/java/org/keycloak/authorization/authorization/AuthorizationTokenService.java b/services/src/main/java/org/keycloak/authorization/authorization/AuthorizationTokenService.java index adbe1ff01a..9b065347d6 100644 --- a/services/src/main/java/org/keycloak/authorization/authorization/AuthorizationTokenService.java +++ b/services/src/main/java/org/keycloak/authorization/authorization/AuthorizationTokenService.java @@ -89,6 +89,7 @@ import org.keycloak.services.ErrorResponseException; import org.keycloak.services.Urls; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationSessionManager; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.resources.Cors; import org.keycloak.sessions.AuthenticationSessionModel; import org.keycloak.sessions.RootAuthenticationSessionModel; @@ -310,7 +311,7 @@ public class AuthorizationTokenService { if (accessToken.getSessionState() == null) { // Create temporary (request-scoped) transient session UserModel user = TokenManager.lookupUserFromStatelessToken(keycloakSession, realm, accessToken); - userSessionModel = sessions.createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), request.getClientConnection().getRemoteAddr(), + userSessionModel = new UserSessionManager(keycloakSession).createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), request.getClientConnection().getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT); } else { userSessionModel = lockUserSessionsForModification(keycloakSession, () -> sessions.getUserSession(realm, accessToken.getSessionState())); diff --git a/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java b/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java index 56534f4423..65ace626b8 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java @@ -60,6 +60,7 @@ import org.keycloak.services.Urls; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationSessionManager; import org.keycloak.services.managers.BruteForceProtector; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.resources.Cors; import org.keycloak.services.resources.IdentityBrokerService; import org.keycloak.services.resources.admin.AdminAuth; @@ -225,7 +226,7 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider { disallowOnHolderOfTokenMismatch = false; } - tokenSession = session.sessions().createUserSession(realm, requestedUser, requestedUser.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null); + tokenSession = new UserSessionManager(session).createUserSession(realm, requestedUser, requestedUser.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null); if (tokenUser != null) { tokenSession.setNote(IMPERSONATOR_ID.toString(), tokenUser.getId()); tokenSession.setNote(IMPERSONATOR_USERNAME.toString(), tokenUser.getUsername()); @@ -374,7 +375,7 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider { if (targetUserSession == null) { // if no session is associated with a subject_token, a stateless session is created to only allow building a token to the audience - targetUserSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, targetUser, targetUser.getUsername(), + targetUserSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, targetUser, targetUser.getUsername(), clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); } @@ -505,7 +506,7 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider { UserModel user = importUserFromExternalIdentity(context); - UserSessionModel userSession = session.sessions().createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "external-exchange", false, null, null); + UserSessionModel userSession = new UserSessionManager(session).createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "external-exchange", false, null, null); externalIdp.get().exchangeExternalComplete(userSession, context, formParams); // this must exist so that we can obtain access token from user session if idp's store tokens is off diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java index a9e7392852..e1f4011922 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java @@ -90,6 +90,7 @@ import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationSessionManager; import org.keycloak.services.managers.ClientManager; import org.keycloak.services.managers.RealmManager; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.resources.Cors; import org.keycloak.services.util.AuthorizationContextUtil; import org.keycloak.services.util.DefaultClientSessionContext; @@ -739,7 +740,7 @@ public class TokenEndpoint { sessionPersistenceState = UserSessionModel.SessionPersistenceState.TRANSIENT; } - UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, clientUser, clientUsername, + UserSessionModel userSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, clientUser, clientUsername, clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, sessionPersistenceState); event.session(userSession); diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java index 3c2367b70c..d2c9342147 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java @@ -59,6 +59,7 @@ import org.keycloak.services.clientpolicy.context.UserInfoRequestContext; import org.keycloak.services.managers.AppAuthManager; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.UserSessionCrossDCManager; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.resources.Cors; import org.keycloak.services.util.DefaultClientSessionContext; import org.keycloak.services.util.MtlsHoKTokenUtil; @@ -336,7 +337,7 @@ public class UserInfoEndpoint { if (user == null) { throw error.invalidToken("User not found"); } - UserSessionModel userSession = session.sessions().createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(), + UserSessionModel userSession = new UserSessionManager(session).createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT); // attach an auth session for the client RootAuthenticationSessionModel rootAuthSession = session.authenticationSessions().createRootAuthenticationSession(realm); diff --git a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java index b9aab05e48..280b5a7a11 100644 --- a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java +++ b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java @@ -18,6 +18,7 @@ package org.keycloak.services.managers; import org.jboss.logging.Logger; import org.keycloak.common.util.Time; +import org.keycloak.device.DeviceActivityManager; import org.keycloak.models.AuthenticatedClientSessionModel; import org.keycloak.models.ClientModel; import org.keycloak.models.ClientSessionContext; @@ -160,4 +161,23 @@ public class UserSessionManager { } kcSession.sessions().removeOfflineUserSession(realm, userSession); } + + public UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, + String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) { + return createUserSession(null, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT); + } + + public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress, + String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, + UserSessionModel.SessionPersistenceState persistenceState) { + // Create user session in store + UserSessionModel userSession = kcSession.sessions().createUserSession(id, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId, persistenceState); + + // Attach device info into user session notes + if (userSession != null) { + DeviceActivityManager.attachDevice(userSession, kcSession); + } + + return userSession; + } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeEvaluateResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeEvaluateResource.java index 3a784487c4..cb9dc9873d 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeEvaluateResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientScopeEvaluateResource.java @@ -53,6 +53,7 @@ import org.keycloak.representations.IDToken; import org.keycloak.services.Urls; import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationSessionManager; +import org.keycloak.services.managers.UserSessionManager; import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator; import org.keycloak.sessions.AuthenticationSessionModel; import org.keycloak.sessions.RootAuthenticationSessionModel; @@ -233,7 +234,7 @@ public class ClientScopeEvaluateResource { authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName())); authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scopeParam); - UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, user, user.getUsername(), + UserSessionModel userSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "example-auth", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT); AuthenticationManager.setClientScopesInSession(authSession); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java index 6158751054..f86d3aff75 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java @@ -337,7 +337,7 @@ public class UserResource { } EventBuilder event = new EventBuilder(realm, session, clientConnection); - UserSessionModel userSession = session.sessions().createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null); + UserSessionModel userSession = new UserSessionManager(session).createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null); UserModel adminUser = auth.adminAuth().getUser(); String impersonatorId = adminUser.getId(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/login/LoginTimeoutValidationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/login/LoginTimeoutValidationTest.java index 789fcf3e97..ddcc066cd9 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/login/LoginTimeoutValidationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/login/LoginTimeoutValidationTest.java @@ -72,10 +72,10 @@ public class LoginTimeoutValidationTest extends AbstractTestRealmKeycloakTest { RealmModel realm = keycloakSession.realms().getRealmByName("test"); UserSessionModel userSession = keycloakSession.sessions().createUserSession( - realm, + null, realm, keycloakSession.users().getUserByUsername(realm, "user1"), - "user1", "127.0.0.1", "form", true, null, null - ); + "user1", "127.0.0.1", "form", true, null, null, + UserSessionModel.SessionPersistenceState.PERSISTENT); ClientModel client = realm.getClientByClientId("account"); AuthenticationSessionModel authSession = keycloakSession.authenticationSessions().createRootAuthenticationSession(realm) .createAuthenticationSession(client); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/OwnerReplacementTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/OwnerReplacementTest.java index 3778f811fd..7adf70aff1 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/OwnerReplacementTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/OwnerReplacementTest.java @@ -425,7 +425,7 @@ public class OwnerReplacementTest extends AbstractKeycloakTest { ((session, realm1) -> { UserModel user = session.users().getUserByUsername(realm1, "test-user@localhost"); - UserSessionModel userSession = session.sessions().createUserSession(realm1, user, user.getUsername(), "1.2.3.4", "bar", false, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm1, user, user.getUsername(), "1.2.3.4", "bar", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); return userSession.getId(); }), diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java index 64dfbf0ce9..73ff50d697 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java @@ -217,7 +217,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes fooRealm.addClient("foo-app"); currentSession.users().addUser(fooRealm, "user3"); - UserSessionModel userSession = currentSession.sessions().createUserSession(fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = currentSession.sessions().createUserSession(null, fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userSessionID.set(userSession.getId()); createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); @@ -288,7 +288,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes fooRealm.addClient("bar-app"); currentSession.users().addUser(fooRealm, "user3"); - UserSessionModel userSession = currentSession.sessions().createUserSession(fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = currentSession.sessions().createUserSession(null, fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userSessionID.set(userSession.getId()); createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); @@ -384,7 +384,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes fooRealm.addClient("foo-app"); currentSession.users().addUser(fooRealm, "user3"); - UserSessionModel userSession = currentSession.sessions().createUserSession(fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = currentSession.sessions().createUserSession(null, fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userSessionID.set(userSession.getId()); createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); @@ -475,7 +475,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes private static UserSessionModel[] createSessions(KeycloakSession session) { UserSessionModel[] sessions = new UserSessionModel[3]; - sessions[0] = session.sessions().createUserSession(realm, currentSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + sessions[0] = session.sessions().createUserSession(null, realm, currentSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); Set roles = new HashSet(); roles.add("one"); @@ -488,10 +488,10 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes createClientSession(session, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state"); createClientSession(session, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state"); - sessions[1] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); + sessions[1] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state"); - sessions[2] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null); + sessions[2] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state"); return sessions; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java index 9a2c3296b9..aea879dd57 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java @@ -373,7 +373,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { // create an user session that is older than the max lifespan timeout. KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> { Time.setOffset(-(realm.getSsoSessionMaxLifespan() + 1)); - UserSessionModel userSession = session1.sessions().createUserSession(realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null); + UserSessionModel userSession = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); expiredUserSessions.add(userSession.getId()); AuthenticatedClientSessionModel clientSession = session1.sessions().createClientSession(realm, client, userSession); assertEquals(userSession, clientSession.getUserSession()); @@ -382,7 +382,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { // create an user session whose last refresh exceeds the max session idle timeout. KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> { Time.setOffset(-(realm.getSsoSessionIdleTimeout() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1)); - UserSessionModel s = session1.sessions().createUserSession(realm, session1.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", false, null, null); + UserSessionModel s = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); // no need to explicitly set the last refresh time - it is the same as the creation time. expiredUserSessions.add(s.getId()); }); @@ -390,7 +390,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { // create an user session and associated client session that conforms to the max lifespan and max idle timeouts. Time.setOffset(0); KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> { - UserSessionModel userSession = session1.sessions().createUserSession(realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null); + UserSessionModel userSession = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); validUserSessions.add(userSession.getId()); validClientSessions.add(session1.sessions().createClientSession(realm, client, userSession).getId()); }); @@ -481,7 +481,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { RealmModel realm = kcSession.realms().getRealmByName("test"); Time.setOffset(-(realm.getSsoSessionMaxLifespan() * 2)); - UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, client, userSession); assertEquals(userSession, clientSession.getUserSession()); Time.setOffset(-(realm.getSsoSessionIdleTimeout() * 2)); @@ -495,7 +495,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { RealmModel realm = kcSession.realms().getRealmByName("test"); Time.setOffset(-(realm.getSsoSessionMaxLifespanRememberMe() + 1)); - UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); expiredUserSessions.add(userSession.getId()); }); @@ -503,7 +503,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { RealmModel realm = kcSession.realms().getRealmByName("test"); Time.setOffset(-(realm.getSsoSessionIdleTimeoutRememberMe() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1)); - UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); // no need to explicitly set the last refresh time - it is the same as the creation time. expiredUserSessions.add(userSession.getId()); }); @@ -582,7 +582,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { try { for (int i = 0; i < 25; i++) { Time.setOffset(i); - UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0." + i, "form", false, null, null); + UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0." + i, "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, realm.getClientByClientId("test-app"), userSession); assertNotNull(clientSession); clientSession.setRedirectUri("http://redirect"); @@ -609,7 +609,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { public void testCreateAndGetInSameTransaction(KeycloakSession session) { RealmModel realm = session.realms().getRealmByName("test"); ClientModel client = realm.getClientByClientId("test-app"); - UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); AuthenticatedClientSessionModel clientSession = createClientSession(session, client, userSession, "http://redirect", "state"); UserSessionModel userSessionLoaded = session.sessions().getUserSession(realm, userSession.getId()); @@ -627,7 +627,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { RealmModel realm = session.realms().getRealmByName("test"); realm.setSsoSessionIdleTimeout(1800); realm.setSsoSessionMaxLifespan(36000); - UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); ClientModel client1 = realm.getClientByClientId("test-app"); ClientModel client2 = realm.getClientByClientId("third-party"); @@ -803,15 +803,15 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { RealmModel realm = kcSession.realms().getRealmByName("test"); - sessions[0] = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + sessions[0] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state"); createClientSession(kcSession, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state"); - sessions[1] = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); + sessions[1] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state"); - sessions[2] = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null); + sessions[2] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state"); }); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/session/SessionTimeoutValidationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/session/SessionTimeoutValidationTest.java index 9f1989c0cf..3d900ee966 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/session/SessionTimeoutValidationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/session/SessionTimeoutValidationTest.java @@ -73,10 +73,10 @@ public class SessionTimeoutValidationTest extends AbstractTestRealmKeycloakTest int ssoSessionMaxLifespanOrig = realm.getSsoSessionMaxLifespan(); UserSessionModel userSessionModel = session.sessions().createUserSession( - realm, - session.users().getUserByUsername(realm, "user1"), - "user1", "127.0.0.1", "form", true, null, null - ); + null, realm, + session.users().getUserByUsername(realm, "user1"), + "user1", "127.0.0.1", "form", true, null, null, + UserSessionModel.SessionPersistenceState.PERSISTENT); realm.setSsoSessionIdleTimeout(Integer.MAX_VALUE); Assert.assertTrue("Session validataion with large SsoSessionIdleTimeout failed", diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/KeycloakModelTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/KeycloakModelTest.java index 876ff9324d..1efab6bf2e 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/KeycloakModelTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/KeycloakModelTest.java @@ -254,7 +254,6 @@ public abstract class KeycloakModelTest { .add(UserSessionSpi.class) .add(UserSpi.class) .add(DatastoreSpi.class) - .add(DeviceRepresentationSpi.class) .build(); private static final Set> ALLOWED_FACTORIES = ImmutableSet.>builder() @@ -264,7 +263,6 @@ public abstract class KeycloakModelTest { .add(DefaultExecutorsProviderFactory.class) .add(DeploymentStateProviderFactory.class) .add(DatastoreProviderFactory.class) - .add(DeviceRepresentationProviderFactoryImpl.class) .build(); protected static final List MODEL_PARAMETERS; diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/HotRodUserSessionClientSessionRelationshipTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/HotRodUserSessionClientSessionRelationshipTest.java index 1c2e3137e2..290325cdfb 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/HotRodUserSessionClientSessionRelationshipTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/HotRodUserSessionClientSessionRelationshipTest.java @@ -125,7 +125,7 @@ public class HotRodUserSessionClientSessionRelationshipTest extends KeycloakMode private void prepareSessions(AtomicReference uSessionId, AtomicReference cSessionId) { withRealm(realmId, (session, realm) -> { - UserSessionModel uSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + UserSessionModel uSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); ClientModel client = realm.getClientByClientId(CLIENT0_CLIENT_ID); AuthenticatedClientSessionModel cSession = session.sessions().createClientSession(realm, client, uSession); diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/OfflineSessionPersistenceTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/OfflineSessionPersistenceTest.java index 1cbee44798..debd012df5 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/OfflineSessionPersistenceTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/OfflineSessionPersistenceTest.java @@ -419,7 +419,7 @@ public class OfflineSessionPersistenceTest extends KeycloakModelTest { private UserSessionModel createOfflineSession(KeycloakSession session, RealmModel realm, String userId, int sessionIndex) { final UserModel user = session.users().getUserById(realm, userId); - UserSessionModel us = session.sessions().createUserSession(realm, user, "un" + sessionIndex, "ip1", "auth", false, null, null); + UserSessionModel us = session.sessions().createUserSession(null, realm, user, "un" + sessionIndex, "ip1", "auth", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); return session.sessions().createOfflineUserSession(us); } diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionConcurrencyTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionConcurrencyTest.java index b29f67f79c..e5ee8de6f9 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionConcurrencyTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionConcurrencyTest.java @@ -99,7 +99,7 @@ public class UserSessionConcurrencyTest extends KeycloakModelTest { (evMapStorageProvider == null || FileMapStorageProviderFactory.PROVIDER_ID.equals(evMapStorageProvider))); // Create user session - String uId = withRealm(this.realmId, (session, realm) -> session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null)).getId(); + String uId = withRealm(this.realmId, (session, realm) -> session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT)).getId(); // Create/Update client session's notes concurrently CountDownLatch cdl = new CountDownLatch(200 * CLIENTS_COUNT); diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionExpirationTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionExpirationTest.java index 743b5e81c5..c64a13d61c 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionExpirationTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionExpirationTest.java @@ -22,6 +22,7 @@ import org.keycloak.models.Constants; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.RealmProvider; +import org.keycloak.models.UserSessionModel; import org.keycloak.models.UserSessionProvider; import org.keycloak.models.map.userSession.MapUserSessionProviderFactory; import org.keycloak.testsuite.model.KeycloakModelTest; @@ -62,7 +63,7 @@ public class UserSessionExpirationTest extends KeycloakModelTest { return null; }); - String uSId= withRealm(realmId, (session, realm) -> session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null).getId()); + String uSId= withRealm(realmId, (session, realm) -> session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT).getId()); assertThat(withRealm(realmId, (session, realm) -> session.sessions().getUserSession(realm, uSId)), notNullValue()); diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionInitializerTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionInitializerTest.java index 6661dcb88a..a96c044132 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionInitializerTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionInitializerTest.java @@ -38,7 +38,6 @@ import org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFact import java.util.LinkedList; import java.util.List; import java.util.Optional; -import java.util.concurrent.CountDownLatch; import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicReference; import java.util.stream.Collectors; @@ -172,7 +171,7 @@ public class UserSessionInitializerTest extends KeycloakModelTest { // create a user session in the first node UserSessionModel userSessionModel = withRealm(realmId, (session, realm) -> { final UserModel user = session.users().getUserByUsername(realm, "user1"); - return session.sessions().createUserSession(realm, user, "un1", "ip1", "auth", false, null, null); + return session.sessions().createUserSession(null, realm, user, "un1", "ip1", "auth", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); }); userSessionId.set(userSessionModel.getId()); } else { diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionPersisterProviderTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionPersisterProviderTest.java index dfacce2553..b5a96cf8cc 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionPersisterProviderTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionPersisterProviderTest.java @@ -259,7 +259,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest { fooRealm.addClient("foo-app"); session.users().addUser(fooRealm, "user3"); - UserSessionModel userSession = session.sessions().createUserSession(fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userSessionID.set(userSession.getId()); createClientSession(session, realmId, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); @@ -300,7 +300,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest { fooRealm.addClient("bar-app"); session.users().addUser(fooRealm, "user3"); - UserSessionModel userSession = session.sessions().createUserSession(fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userSessionID.set(userSession.getId()); createClientSession(session, realmId, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); @@ -434,7 +434,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest { // Having different offsets for each session (to ensure that lastSessionRefresh is also different) setTimeOffset(i); - UserSessionModel userSession = session.sessions().createUserSession(realm, user, "user1", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm, user, "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state"); userSessionsInner.add(userSession.getId()); } @@ -528,7 +528,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest { // Create session in infinispan RealmModel realm = session.realms().getRealm(realmId); - UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("external-storage-client"), userSession, "http://redirect", "state"); @@ -587,15 +587,15 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest { protected static UserSessionModel[] createSessions(KeycloakSession session, String realmId) { RealmModel realm = session.realms().getRealm(realmId); UserSessionModel[] sessions = new UserSessionModel[3]; - sessions[0] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); + sessions[0] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state"); - sessions[1] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); + sessions[1] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state"); - sessions[2] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null); + sessions[2] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state"); return sessions; diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderModelTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderModelTest.java index ebc511238f..661f75a486 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderModelTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderModelTest.java @@ -301,7 +301,7 @@ public class UserSessionProviderModelTest extends KeycloakModelTest { inIndependentFactories(4, 30, () -> { withRealm(realmId, (session, realm) -> { UserModel user = session.users().getUserByUsername(realm, "user1"); - UserSessionModel userSession = session.sessions().createUserSession(realm, user, "user1", "", "", false, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm, user, "user1", "", "", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userSessionIds.add(userSession.getId()); latch.countDown(); diff --git a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderOfflineModelTest.java b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderOfflineModelTest.java index 3d0b299404..047f3d4c13 100644 --- a/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderOfflineModelTest.java +++ b/testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderOfflineModelTest.java @@ -288,7 +288,7 @@ public class UserSessionProviderOfflineModelTest extends KeycloakModelTest { Assert.assertEquals(0, persister.getUserSessionsCount(true)); // create two offline user sessions - UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "ip1", null, false, null, null); + UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "ip1", null, false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); session.sessions().createOfflineUserSession(userSession); session.sessions().createOfflineUserSession(origSessions[0]); @@ -392,7 +392,7 @@ public class UserSessionProviderOfflineModelTest extends KeycloakModelTest { ClientModel thirdPartyClient = realm.getClientByClientId("third-party"); IntStream.range(0, sessionsPerUser) - .mapToObj(index -> session.sessions().createUserSession(realm, user, username + index, "ip" + index, "auth", false, null, null)) + .mapToObj(index -> session.sessions().createUserSession(null, realm, user, username + index, "ip" + index, "auth", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT)) .forEach(userSession -> { AuthenticatedClientSessionModel testAppClientSession = session.sessions().createClientSession(realm, testAppClient, userSession); AuthenticatedClientSessionModel thirdPartyClientSession = session.sessions().createClientSession(realm, thirdPartyClient, userSession); diff --git a/testsuite/utils/src/main/java/org/keycloak/testsuite/util/cli/AbstractSessionCacheCommand.java b/testsuite/utils/src/main/java/org/keycloak/testsuite/util/cli/AbstractSessionCacheCommand.java index b9be729398..c77d7ba9f9 100644 --- a/testsuite/utils/src/main/java/org/keycloak/testsuite/util/cli/AbstractSessionCacheCommand.java +++ b/testsuite/utils/src/main/java/org/keycloak/testsuite/util/cli/AbstractSessionCacheCommand.java @@ -31,6 +31,8 @@ import org.keycloak.models.sessions.infinispan.changes.SessionEntityWrapper; import org.keycloak.models.sessions.infinispan.entities.SessionEntity; import org.keycloak.models.sessions.infinispan.entities.UserSessionEntity; import org.keycloak.models.utils.KeycloakModelUtils; +import org.keycloak.services.managers.UserSessionManager; + import java.util.Arrays; import java.util.Set; import java.util.TreeSet; @@ -337,8 +339,9 @@ public abstract class AbstractSessionCacheCommand extends AbstractCommand { ClientModel client = realm.getClientByClientId(clientId); UserModel user = batchSession.users().getUserByUsername(realm, username); + UserSessionManager userSessionManager = new UserSessionManager(session); for (int i=0 ; i