libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Extract attachDevice outside of storage layer

Browse source 
Closes #17336
This commit is contained in:
Michal Hajas 2023-03-02 11:11:13 +01:00 committed by Marek Posolda
parent fb5a7f654b
commit 465019bec4
28 changed files with 112 additions and 79 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java
View file

@ -213,15 +213,13 @@ public class InfinispanUserSessionProvider implements UserSessionProvider {
return adapter; return adapter;
} }
@Override
public UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) {
final String userSessionId = keyGenerator.generateKeyString(session, sessionCache);
return createUserSession(userSessionId, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT);
}
@Override @Override
public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress, public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress,
String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, UserSessionModel.SessionPersistenceState persistenceState) { String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, UserSessionModel.SessionPersistenceState persistenceState) {
if (id == null) {
id = keyGenerator.generateKeyString(session, sessionCache);
}
UserSessionEntity entity = new UserSessionEntity(); UserSessionEntity entity = new UserSessionEntity();
entity.setId(id); entity.setId(id);
updateSessionEntity(entity, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId); updateSessionEntity(entity, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId);
@ -231,11 +229,6 @@ public class InfinispanUserSessionProvider implements UserSessionProvider {
UserSessionAdapter adapter = wrap(realm, entity, false); UserSessionAdapter adapter = wrap(realm, entity, false);
adapter.setPersistenceState(persistenceState); adapter.setPersistenceState(persistenceState);
if (adapter != null) {
DeviceActivityManager.attachDevice(adapter, session);
}
return adapter; return adapter;
} }

11
model/map/src/main/java/org/keycloak/models/map/userSession/MapUserSessionProvider.java
View file

@ -146,13 +146,6 @@ public class MapUserSessionProvider implements UserSessionProvider {
return userSession.getAuthenticatedClientSessionByClient(client.getId()); return userSession.getAuthenticatedClientSessionByClient(client.getId());
} }
@Override
public UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress,
String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) {
return createUserSession(null, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId,
brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT);
}
@Override @Override
public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername,
String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId,
@ -178,10 +171,6 @@ public class MapUserSessionProvider implements UserSessionProvider {
setUserSessionExpiration(entity, realm); setUserSessionExpiration(entity, realm);
UserSessionModel userSession = userEntityToAdapterFunc(realm).apply(entity); UserSessionModel userSession = userEntityToAdapterFunc(realm).apply(entity);
if (userSession != null) {
DeviceActivityManager.attachDevice(userSession, session);
}
return userSession; return userSession;
} }

23
server-spi/src/main/java/org/keycloak/models/UserSessionProvider.java
View file

@ -47,8 +47,29 @@ public interface UserSessionProvider extends Provider {
} }
AuthenticatedClientSessionModel getClientSession(UserSessionModel userSession, ClientModel client, String clientSessionId, boolean offline); AuthenticatedClientSessionModel getClientSession(UserSessionModel userSession, ClientModel client, String clientSessionId, boolean offline);
UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId); /**
* @deprecated Use {@link #createUserSession(String, RealmModel, UserModel, String, String, String, boolean, String, String, UserSessionModel.SessionPersistenceState)} instead.
*/
default UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) {
return createUserSession(null, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId,
brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT);
}
/**
* Creates a new user session with the given parameters.
*
* @param id identifier. Is generated if {@code null}
* @param realm the realm
* @param user user associated with the created user session
* @param loginUsername
* @param ipAddress
* @param authMethod
* @param rememberMe
* @param brokerSessionId
* @param brokerUserId
* @param persistenceState
* @return Model of the created user session
*/
UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress, UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress,
String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, UserSessionModel.SessionPersistenceState persistenceState); String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId, UserSessionModel.SessionPersistenceState persistenceState);

3
services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
View file

@ -49,6 +49,7 @@ import org.keycloak.services.ServicesLogger;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.BruteForceProtector; import org.keycloak.services.managers.BruteForceProtector;
import org.keycloak.services.managers.ClientSessionCode; import org.keycloak.services.managers.ClientSessionCode;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.messages.Messages; import org.keycloak.services.messages.Messages;
import org.keycloak.services.resources.LoginActionsService; import org.keycloak.services.resources.LoginActionsService;
import org.keycloak.services.util.CacheControlUtil; import org.keycloak.services.util.CacheControlUtil;
@ -1065,7 +1066,7 @@ public class AuthenticationProcessor {
if (userSession == null) { if (userSession == null) {
UserSessionModel.SessionPersistenceState persistenceState = UserSessionModel.SessionPersistenceState.fromString(authSession.getClientNote(AuthenticationManager.USER_SESSION_PERSISTENT_STATE)); UserSessionModel.SessionPersistenceState persistenceState = UserSessionModel.SessionPersistenceState.fromString(authSession.getClientNote(AuthenticationManager.USER_SESSION_PERSISTENT_STATE));
userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol() userSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol()
, remember, brokerSessionId, brokerUserId, persistenceState); , remember, brokerSessionId, brokerUserId, persistenceState);
} else if (userSession.getUser() == null || !AuthenticationManager.isSessionValid(realm, userSession)) { } else if (userSession.getUser() == null || !AuthenticationManager.isSessionValid(realm, userSession)) {
userSession.restartSession(realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol() userSession.restartSession(realm, authSession.getAuthenticatedUser(), username, connection.getRemoteAddr(), authSession.getProtocol()

3
services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java
View file

@ -70,6 +70,7 @@ import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.services.ErrorResponseException; import org.keycloak.services.ErrorResponseException;
import org.keycloak.services.Urls; import org.keycloak.services.Urls;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator; import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.sessions.AuthenticationSessionModel; import org.keycloak.sessions.AuthenticationSessionModel;
@ -263,7 +264,7 @@ public class PolicyEvaluationService {
.createAuthenticationSession(clientModel); .createAuthenticationSession(clientModel);
authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); authSession.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
authSession.setAuthenticatedUser(userModel); authSession.setAuthenticatedUser(userModel);
userSession = keycloakSession.sessions().createUserSession(authSession.getParentSession().getId(), realm, userModel, userSession = new UserSessionManager(keycloakSession).createUserSession(authSession.getParentSession().getId(), realm, userModel,
userModel.getUsername(), "127.0.0.1", "passwd", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); userModel.getUsername(), "127.0.0.1", "passwd", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
AuthenticationManager.setClientScopesInSession(authSession); AuthenticationManager.setClientScopesInSession(authSession);

3
services/src/main/java/org/keycloak/authorization/authorization/AuthorizationTokenService.java
View file

@ -89,6 +89,7 @@ import org.keycloak.services.ErrorResponseException;
import org.keycloak.services.Urls; import org.keycloak.services.Urls;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.AuthenticationSessionManager; import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.resources.Cors; import org.keycloak.services.resources.Cors;
import org.keycloak.sessions.AuthenticationSessionModel; import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.RootAuthenticationSessionModel; import org.keycloak.sessions.RootAuthenticationSessionModel;
@ -310,7 +311,7 @@ public class AuthorizationTokenService {
if (accessToken.getSessionState() == null) { if (accessToken.getSessionState() == null) {
// Create temporary (request-scoped) transient session // Create temporary (request-scoped) transient session
UserModel user = TokenManager.lookupUserFromStatelessToken(keycloakSession, realm, accessToken); UserModel user = TokenManager.lookupUserFromStatelessToken(keycloakSession, realm, accessToken);
userSessionModel = sessions.createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), request.getClientConnection().getRemoteAddr(), userSessionModel = new UserSessionManager(keycloakSession).createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), request.getClientConnection().getRemoteAddr(),
ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT); ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
} else { } else {
userSessionModel = lockUserSessionsForModification(keycloakSession, () -> sessions.getUserSession(realm, accessToken.getSessionState())); userSessionModel = lockUserSessionsForModification(keycloakSession, () -> sessions.getUserSession(realm, accessToken.getSessionState()));

7
services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java
View file

@ -60,6 +60,7 @@ import org.keycloak.services.Urls;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.AuthenticationSessionManager; import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.services.managers.BruteForceProtector; import org.keycloak.services.managers.BruteForceProtector;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.resources.Cors; import org.keycloak.services.resources.Cors;
import org.keycloak.services.resources.IdentityBrokerService; import org.keycloak.services.resources.IdentityBrokerService;
import org.keycloak.services.resources.admin.AdminAuth; import org.keycloak.services.resources.admin.AdminAuth;
@ -225,7 +226,7 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider {
disallowOnHolderOfTokenMismatch = false; disallowOnHolderOfTokenMismatch = false;
} }
tokenSession = session.sessions().createUserSession(realm, requestedUser, requestedUser.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null); tokenSession = new UserSessionManager(session).createUserSession(realm, requestedUser, requestedUser.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null);
if (tokenUser != null) { if (tokenUser != null) {
tokenSession.setNote(IMPERSONATOR_ID.toString(), tokenUser.getId()); tokenSession.setNote(IMPERSONATOR_ID.toString(), tokenUser.getId());
tokenSession.setNote(IMPERSONATOR_USERNAME.toString(), tokenUser.getUsername()); tokenSession.setNote(IMPERSONATOR_USERNAME.toString(), tokenUser.getUsername());
@ -374,7 +375,7 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider {
if (targetUserSession == null) { if (targetUserSession == null) {
// if no session is associated with a subject_token, a stateless session is created to only allow building a token to the audience // if no session is associated with a subject_token, a stateless session is created to only allow building a token to the audience
targetUserSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, targetUser, targetUser.getUsername(), targetUserSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, targetUser, targetUser.getUsername(),
clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT); clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
} }
@ -505,7 +506,7 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider {
UserModel user = importUserFromExternalIdentity(context); UserModel user = importUserFromExternalIdentity(context);
UserSessionModel userSession = session.sessions().createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "external-exchange", false, null, null); UserSessionModel userSession = new UserSessionManager(session).createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "external-exchange", false, null, null);
externalIdp.get().exchangeExternalComplete(userSession, context, formParams); externalIdp.get().exchangeExternalComplete(userSession, context, formParams);
// this must exist so that we can obtain access token from user session if idp's store tokens is off // this must exist so that we can obtain access token from user session if idp's store tokens is off

3
services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
View file

@ -90,6 +90,7 @@ import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.AuthenticationSessionManager; import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.services.managers.ClientManager; import org.keycloak.services.managers.ClientManager;
import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.resources.Cors; import org.keycloak.services.resources.Cors;
import org.keycloak.services.util.AuthorizationContextUtil; import org.keycloak.services.util.AuthorizationContextUtil;
import org.keycloak.services.util.DefaultClientSessionContext; import org.keycloak.services.util.DefaultClientSessionContext;
@ -739,7 +740,7 @@ public class TokenEndpoint {
sessionPersistenceState = UserSessionModel.SessionPersistenceState.TRANSIENT; sessionPersistenceState = UserSessionModel.SessionPersistenceState.TRANSIENT;
} }
UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, clientUser, clientUsername, UserSessionModel userSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, clientUser, clientUsername,
clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, sessionPersistenceState); clientConnection.getRemoteAddr(), ServiceAccountConstants.CLIENT_AUTH, false, null, null, sessionPersistenceState);
event.session(userSession); event.session(userSession);

3
services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java
View file

@ -59,6 +59,7 @@ import org.keycloak.services.clientpolicy.context.UserInfoRequestContext;
import org.keycloak.services.managers.AppAuthManager; import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.UserSessionCrossDCManager; import org.keycloak.services.managers.UserSessionCrossDCManager;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.resources.Cors; import org.keycloak.services.resources.Cors;
import org.keycloak.services.util.DefaultClientSessionContext; import org.keycloak.services.util.DefaultClientSessionContext;
import org.keycloak.services.util.MtlsHoKTokenUtil; import org.keycloak.services.util.MtlsHoKTokenUtil;
@ -336,7 +337,7 @@ public class UserInfoEndpoint {
if (user == null) { if (user == null) {
throw error.invalidToken("User not found"); throw error.invalidToken("User not found");
} }
UserSessionModel userSession = session.sessions().createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(), UserSessionModel userSession = new UserSessionManager(session).createUserSession(KeycloakModelUtils.generateId(), realm, user, user.getUsername(), clientConnection.getRemoteAddr(),
ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT); ServiceAccountConstants.CLIENT_AUTH, false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
// attach an auth session for the client // attach an auth session for the client
RootAuthenticationSessionModel rootAuthSession = session.authenticationSessions().createRootAuthenticationSession(realm); RootAuthenticationSessionModel rootAuthSession = session.authenticationSessions().createRootAuthenticationSession(realm);

20
services/src/main/java/org/keycloak/services/managers/UserSessionManager.java
View file

@ -18,6 +18,7 @@ package org.keycloak.services.managers;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.keycloak.common.util.Time; import org.keycloak.common.util.Time;
import org.keycloak.device.DeviceActivityManager;
import org.keycloak.models.AuthenticatedClientSessionModel; import org.keycloak.models.AuthenticatedClientSessionModel;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientSessionContext; import org.keycloak.models.ClientSessionContext;
@ -160,4 +161,23 @@ public class UserSessionManager {
} }
kcSession.sessions().removeOfflineUserSession(realm, userSession); kcSession.sessions().removeOfflineUserSession(realm, userSession);
} }
public UserSessionModel createUserSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress,
String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId) {
return createUserSession(null, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId, UserSessionModel.SessionPersistenceState.PERSISTENT);
}
public UserSessionModel createUserSession(String id, RealmModel realm, UserModel user, String loginUsername, String ipAddress,
String authMethod, boolean rememberMe, String brokerSessionId, String brokerUserId,
UserSessionModel.SessionPersistenceState persistenceState) {
// Create user session in store
UserSessionModel userSession = kcSession.sessions().createUserSession(id, realm, user, loginUsername, ipAddress, authMethod, rememberMe, brokerSessionId, brokerUserId, persistenceState);
// Attach device info into user session notes
if (userSession != null) {
DeviceActivityManager.attachDevice(userSession, kcSession);
}
return userSession;
}
} }

3
services/src/main/java/org/keycloak/services/resources/admin/ClientScopeEvaluateResource.java
View file

@ -53,6 +53,7 @@ import org.keycloak.representations.IDToken;
import org.keycloak.services.Urls; import org.keycloak.services.Urls;
import org.keycloak.services.managers.AuthenticationManager; import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.AuthenticationSessionManager; import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.services.managers.UserSessionManager;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator; import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.sessions.AuthenticationSessionModel; import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.RootAuthenticationSessionModel; import org.keycloak.sessions.RootAuthenticationSessionModel;
@ -233,7 +234,7 @@ public class ClientScopeEvaluateResource {
authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName())); authSession.setClientNote(OIDCLoginProtocol.ISSUER, Urls.realmIssuer(uriInfo.getBaseUri(), realm.getName()));
authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scopeParam); authSession.setClientNote(OIDCLoginProtocol.SCOPE_PARAM, scopeParam);
UserSessionModel userSession = session.sessions().createUserSession(authSession.getParentSession().getId(), realm, user, user.getUsername(), UserSessionModel userSession = new UserSessionManager(session).createUserSession(authSession.getParentSession().getId(), realm, user, user.getUsername(),
clientConnection.getRemoteAddr(), "example-auth", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT); clientConnection.getRemoteAddr(), "example-auth", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
AuthenticationManager.setClientScopesInSession(authSession); AuthenticationManager.setClientScopesInSession(authSession);

2
services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
View file

@ -337,7 +337,7 @@ public class UserResource {
} }
EventBuilder event = new EventBuilder(realm, session, clientConnection); EventBuilder event = new EventBuilder(realm, session, clientConnection);
UserSessionModel userSession = session.sessions().createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null); UserSessionModel userSession = new UserSessionManager(session).createUserSession(realm, user, user.getUsername(), clientConnection.getRemoteAddr(), "impersonate", false, null, null);
UserModel adminUser = auth.adminAuth().getUser(); UserModel adminUser = auth.adminAuth().getUser();
String impersonatorId = adminUser.getId(); String impersonatorId = adminUser.getId();

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/login/LoginTimeoutValidationTest.java
View file

@ -72,10 +72,10 @@ public class LoginTimeoutValidationTest extends AbstractTestRealmKeycloakTest {
RealmModel realm = keycloakSession.realms().getRealmByName("test"); RealmModel realm = keycloakSession.realms().getRealmByName("test");
UserSessionModel userSession = UserSessionModel userSession =
keycloakSession.sessions().createUserSession( keycloakSession.sessions().createUserSession(
realm, null, realm,
keycloakSession.users().getUserByUsername(realm, "user1"), keycloakSession.users().getUserByUsername(realm, "user1"),
"user1", "127.0.0.1", "form", true, null, null "user1", "127.0.0.1", "form", true, null, null,
); UserSessionModel.SessionPersistenceState.PERSISTENT);
ClientModel client = realm.getClientByClientId("account"); ClientModel client = realm.getClientByClientId("account");
AuthenticationSessionModel authSession = keycloakSession.authenticationSessions().createRootAuthenticationSession(realm) AuthenticationSessionModel authSession = keycloakSession.authenticationSessions().createRootAuthenticationSession(realm)
.createAuthenticationSession(client); .createAuthenticationSession(client);

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/OwnerReplacementTest.java
View file

@ -425,7 +425,7 @@ public class OwnerReplacementTest extends AbstractKeycloakTest {
((session, realm1) -> { ((session, realm1) -> {
UserModel user = session.users().getUserByUsername(realm1, "test-user@localhost"); UserModel user = session.users().getUserByUsername(realm1, "test-user@localhost");
UserSessionModel userSession = session.sessions().createUserSession(realm1, user, user.getUsername(), "1.2.3.4", "bar", false, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm1, user, user.getUsername(), "1.2.3.4", "bar", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
return userSession.getId(); return userSession.getId();
}), }),

12
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderOfflineTest.java
View file

@ -217,7 +217,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes
fooRealm.addClient("foo-app"); fooRealm.addClient("foo-app");
currentSession.users().addUser(fooRealm, "user3"); currentSession.users().addUser(fooRealm, "user3");
UserSessionModel userSession = currentSession.sessions().createUserSession(fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = currentSession.sessions().createUserSession(null, fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
userSessionID.set(userSession.getId()); userSessionID.set(userSession.getId());
createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state");
@ -288,7 +288,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes
fooRealm.addClient("bar-app"); fooRealm.addClient("bar-app");
currentSession.users().addUser(fooRealm, "user3"); currentSession.users().addUser(fooRealm, "user3");
UserSessionModel userSession = currentSession.sessions().createUserSession(fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = currentSession.sessions().createUserSession(null, fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
userSessionID.set(userSession.getId()); userSessionID.set(userSession.getId());
createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state");
@ -384,7 +384,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes
fooRealm.addClient("foo-app"); fooRealm.addClient("foo-app");
currentSession.users().addUser(fooRealm, "user3"); currentSession.users().addUser(fooRealm, "user3");
UserSessionModel userSession = currentSession.sessions().createUserSession(fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = currentSession.sessions().createUserSession(null, fooRealm, currentSession.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
userSessionID.set(userSession.getId()); userSessionID.set(userSession.getId());
createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); createClientSession(currentSession, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state");
@ -475,7 +475,7 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes
private static UserSessionModel[] createSessions(KeycloakSession session) { private static UserSessionModel[] createSessions(KeycloakSession session) {
UserSessionModel[] sessions = new UserSessionModel[3]; UserSessionModel[] sessions = new UserSessionModel[3];
sessions[0] = session.sessions().createUserSession(realm, currentSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); sessions[0] = session.sessions().createUserSession(null, realm, currentSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
Set<String> roles = new HashSet<String>(); Set<String> roles = new HashSet<String>();
roles.add("one"); roles.add("one");
@ -488,10 +488,10 @@ public class UserSessionProviderOfflineTest extends AbstractTestRealmKeycloakTes
createClientSession(session, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state"); createClientSession(session, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state");
createClientSession(session, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state"); createClientSession(session, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state");
sessions[1] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); sessions[1] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state"); createClientSession(session, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state");
sessions[2] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null); sessions[2] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state"); createClientSession(session, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state");
return sessions; return sessions;

24
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java
View file

@ -373,7 +373,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
// create an user session that is older than the max lifespan timeout. // create an user session that is older than the max lifespan timeout.
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
Time.setOffset(-(realm.getSsoSessionMaxLifespan() + 1)); Time.setOffset(-(realm.getSsoSessionMaxLifespan() + 1));
UserSessionModel userSession = session1.sessions().createUserSession(realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null); UserSessionModel userSession = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
expiredUserSessions.add(userSession.getId()); expiredUserSessions.add(userSession.getId());
AuthenticatedClientSessionModel clientSession = session1.sessions().createClientSession(realm, client, userSession); AuthenticatedClientSessionModel clientSession = session1.sessions().createClientSession(realm, client, userSession);
assertEquals(userSession, clientSession.getUserSession()); assertEquals(userSession, clientSession.getUserSession());
@ -382,7 +382,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
// create an user session whose last refresh exceeds the max session idle timeout. // create an user session whose last refresh exceeds the max session idle timeout.
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
Time.setOffset(-(realm.getSsoSessionIdleTimeout() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1)); Time.setOffset(-(realm.getSsoSessionIdleTimeout() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1));
UserSessionModel s = session1.sessions().createUserSession(realm, session1.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", false, null, null); UserSessionModel s = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
// no need to explicitly set the last refresh time - it is the same as the creation time. // no need to explicitly set the last refresh time - it is the same as the creation time.
expiredUserSessions.add(s.getId()); expiredUserSessions.add(s.getId());
}); });
@ -390,7 +390,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
// create an user session and associated client session that conforms to the max lifespan and max idle timeouts. // create an user session and associated client session that conforms to the max lifespan and max idle timeouts.
Time.setOffset(0); Time.setOffset(0);
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
UserSessionModel userSession = session1.sessions().createUserSession(realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null); UserSessionModel userSession = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
validUserSessions.add(userSession.getId()); validUserSessions.add(userSession.getId());
validClientSessions.add(session1.sessions().createClientSession(realm, client, userSession).getId()); validClientSessions.add(session1.sessions().createClientSession(realm, client, userSession).getId());
}); });
@ -481,7 +481,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
RealmModel realm = kcSession.realms().getRealmByName("test"); RealmModel realm = kcSession.realms().getRealmByName("test");
Time.setOffset(-(realm.getSsoSessionMaxLifespan() * 2)); Time.setOffset(-(realm.getSsoSessionMaxLifespan() * 2));
UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, client, userSession); AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, client, userSession);
assertEquals(userSession, clientSession.getUserSession()); assertEquals(userSession, clientSession.getUserSession());
Time.setOffset(-(realm.getSsoSessionIdleTimeout() * 2)); Time.setOffset(-(realm.getSsoSessionIdleTimeout() * 2));
@ -495,7 +495,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
RealmModel realm = kcSession.realms().getRealmByName("test"); RealmModel realm = kcSession.realms().getRealmByName("test");
Time.setOffset(-(realm.getSsoSessionMaxLifespanRememberMe() + 1)); Time.setOffset(-(realm.getSsoSessionMaxLifespanRememberMe() + 1));
UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
expiredUserSessions.add(userSession.getId()); expiredUserSessions.add(userSession.getId());
}); });
@ -503,7 +503,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
RealmModel realm = kcSession.realms().getRealmByName("test"); RealmModel realm = kcSession.realms().getRealmByName("test");
Time.setOffset(-(realm.getSsoSessionIdleTimeoutRememberMe() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1)); Time.setOffset(-(realm.getSsoSessionIdleTimeoutRememberMe() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1));
UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
// no need to explicitly set the last refresh time - it is the same as the creation time. // no need to explicitly set the last refresh time - it is the same as the creation time.
expiredUserSessions.add(userSession.getId()); expiredUserSessions.add(userSession.getId());
}); });
@ -582,7 +582,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
try { try {
for (int i = 0; i < 25; i++) { for (int i = 0; i < 25; i++) {
Time.setOffset(i); Time.setOffset(i);
UserSessionModel userSession = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0." + i, "form", false, null, null); UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0." + i, "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, realm.getClientByClientId("test-app"), userSession); AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, realm.getClientByClientId("test-app"), userSession);
assertNotNull(clientSession); assertNotNull(clientSession);
clientSession.setRedirectUri("http://redirect"); clientSession.setRedirectUri("http://redirect");
@ -609,7 +609,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
public void testCreateAndGetInSameTransaction(KeycloakSession session) { public void testCreateAndGetInSameTransaction(KeycloakSession session) {
RealmModel realm = session.realms().getRealmByName("test"); RealmModel realm = session.realms().getRealmByName("test");
ClientModel client = realm.getClientByClientId("test-app"); ClientModel client = realm.getClientByClientId("test-app");
UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
AuthenticatedClientSessionModel clientSession = createClientSession(session, client, userSession, "http://redirect", "state"); AuthenticatedClientSessionModel clientSession = createClientSession(session, client, userSession, "http://redirect", "state");
UserSessionModel userSessionLoaded = session.sessions().getUserSession(realm, userSession.getId()); UserSessionModel userSessionLoaded = session.sessions().getUserSession(realm, userSession.getId());
@ -627,7 +627,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
RealmModel realm = session.realms().getRealmByName("test"); RealmModel realm = session.realms().getRealmByName("test");
realm.setSsoSessionIdleTimeout(1800); realm.setSsoSessionIdleTimeout(1800);
realm.setSsoSessionMaxLifespan(36000); realm.setSsoSessionMaxLifespan(36000);
UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
ClientModel client1 = realm.getClientByClientId("test-app"); ClientModel client1 = realm.getClientByClientId("test-app");
ClientModel client2 = realm.getClientByClientId("third-party"); ClientModel client2 = realm.getClientByClientId("third-party");
@ -803,15 +803,15 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> { KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
RealmModel realm = kcSession.realms().getRealmByName("test"); RealmModel realm = kcSession.realms().getRealmByName("test");
sessions[0] = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); sessions[0] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state"); createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state");
createClientSession(kcSession, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state"); createClientSession(kcSession, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state");
sessions[1] = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); sessions[1] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state"); createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state");
sessions[2] = kcSession.sessions().createUserSession(realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null); sessions[2] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state"); createClientSession(kcSession, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state");
}); });

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/session/SessionTimeoutValidationTest.java
View file

@ -73,10 +73,10 @@ public class SessionTimeoutValidationTest extends AbstractTestRealmKeycloakTest
int ssoSessionMaxLifespanOrig = realm.getSsoSessionMaxLifespan(); int ssoSessionMaxLifespanOrig = realm.getSsoSessionMaxLifespan();
UserSessionModel userSessionModel = UserSessionModel userSessionModel =
session.sessions().createUserSession( session.sessions().createUserSession(
realm, null, realm,
session.users().getUserByUsername(realm, "user1"), session.users().getUserByUsername(realm, "user1"),
"user1", "127.0.0.1", "form", true, null, null "user1", "127.0.0.1", "form", true, null, null,
); UserSessionModel.SessionPersistenceState.PERSISTENT);
realm.setSsoSessionIdleTimeout(Integer.MAX_VALUE); realm.setSsoSessionIdleTimeout(Integer.MAX_VALUE);
Assert.assertTrue("Session validataion with large SsoSessionIdleTimeout failed", Assert.assertTrue("Session validataion with large SsoSessionIdleTimeout failed",

2
testsuite/model/src/test/java/org/keycloak/testsuite/model/KeycloakModelTest.java
View file

@ -254,7 +254,6 @@ public abstract class KeycloakModelTest {
.add(UserSessionSpi.class) .add(UserSessionSpi.class)
.add(UserSpi.class) .add(UserSpi.class)
.add(DatastoreSpi.class) .add(DatastoreSpi.class)
.add(DeviceRepresentationSpi.class)
.build(); .build();
private static final Set<Class<? extends ProviderFactory>> ALLOWED_FACTORIES = ImmutableSet.<Class<? extends ProviderFactory>>builder() private static final Set<Class<? extends ProviderFactory>> ALLOWED_FACTORIES = ImmutableSet.<Class<? extends ProviderFactory>>builder()
@ -264,7 +263,6 @@ public abstract class KeycloakModelTest {
.add(DefaultExecutorsProviderFactory.class) .add(DefaultExecutorsProviderFactory.class)
.add(DeploymentStateProviderFactory.class) .add(DeploymentStateProviderFactory.class)
.add(DatastoreProviderFactory.class) .add(DatastoreProviderFactory.class)
.add(DeviceRepresentationProviderFactoryImpl.class)
.build(); .build();
protected static final List<KeycloakModelParameters> MODEL_PARAMETERS; protected static final List<KeycloakModelParameters> MODEL_PARAMETERS;

2
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/HotRodUserSessionClientSessionRelationshipTest.java
View file

@ -125,7 +125,7 @@ public class HotRodUserSessionClientSessionRelationshipTest extends KeycloakMode
private void prepareSessions(AtomicReference<String> uSessionId, AtomicReference<String> cSessionId) { private void prepareSessions(AtomicReference<String> uSessionId, AtomicReference<String> cSessionId) {
withRealm(realmId, (session, realm) -> { withRealm(realmId, (session, realm) -> {
UserSessionModel uSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); UserSessionModel uSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
ClientModel client = realm.getClientByClientId(CLIENT0_CLIENT_ID); ClientModel client = realm.getClientByClientId(CLIENT0_CLIENT_ID);
AuthenticatedClientSessionModel cSession = session.sessions().createClientSession(realm, client, uSession); AuthenticatedClientSessionModel cSession = session.sessions().createClientSession(realm, client, uSession);

2
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/OfflineSessionPersistenceTest.java
View file

@ -419,7 +419,7 @@ public class OfflineSessionPersistenceTest extends KeycloakModelTest {
private UserSessionModel createOfflineSession(KeycloakSession session, RealmModel realm, String userId, int sessionIndex) { private UserSessionModel createOfflineSession(KeycloakSession session, RealmModel realm, String userId, int sessionIndex) {
final UserModel user = session.users().getUserById(realm, userId); final UserModel user = session.users().getUserById(realm, userId);
UserSessionModel us = session.sessions().createUserSession(realm, user, "un" + sessionIndex, "ip1", "auth", false, null, null); UserSessionModel us = session.sessions().createUserSession(null, realm, user, "un" + sessionIndex, "ip1", "auth", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
return session.sessions().createOfflineUserSession(us); return session.sessions().createOfflineUserSession(us);
} }

2
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionConcurrencyTest.java
View file

@ -99,7 +99,7 @@ public class UserSessionConcurrencyTest extends KeycloakModelTest {
(evMapStorageProvider == null || FileMapStorageProviderFactory.PROVIDER_ID.equals(evMapStorageProvider))); (evMapStorageProvider == null || FileMapStorageProviderFactory.PROVIDER_ID.equals(evMapStorageProvider)));
// Create user session // Create user session
String uId = withRealm(this.realmId, (session, realm) -> session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null)).getId(); String uId = withRealm(this.realmId, (session, realm) -> session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT)).getId();
// Create/Update client session's notes concurrently // Create/Update client session's notes concurrently
CountDownLatch cdl = new CountDownLatch(200 * CLIENTS_COUNT); CountDownLatch cdl = new CountDownLatch(200 * CLIENTS_COUNT);

3
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionExpirationTest.java
View file

@ -22,6 +22,7 @@ import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RealmProvider; import org.keycloak.models.RealmProvider;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.UserSessionProvider; import org.keycloak.models.UserSessionProvider;
import org.keycloak.models.map.userSession.MapUserSessionProviderFactory; import org.keycloak.models.map.userSession.MapUserSessionProviderFactory;
import org.keycloak.testsuite.model.KeycloakModelTest; import org.keycloak.testsuite.model.KeycloakModelTest;
@ -62,7 +63,7 @@ public class UserSessionExpirationTest extends KeycloakModelTest {
return null; return null;
}); });
String uSId= withRealm(realmId, (session, realm) -> session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null).getId()); String uSId= withRealm(realmId, (session, realm) -> session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT).getId());
assertThat(withRealm(realmId, (session, realm) -> session.sessions().getUserSession(realm, uSId)), notNullValue()); assertThat(withRealm(realmId, (session, realm) -> session.sessions().getUserSession(realm, uSId)), notNullValue());

3
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionInitializerTest.java
View file

@ -38,7 +38,6 @@ import org.keycloak.models.sessions.infinispan.InfinispanUserSessionProviderFact
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.Optional; import java.util.Optional;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicReference; import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@ -172,7 +171,7 @@ public class UserSessionInitializerTest extends KeycloakModelTest {
// create a user session in the first node // create a user session in the first node
UserSessionModel userSessionModel = withRealm(realmId, (session, realm) -> { UserSessionModel userSessionModel = withRealm(realmId, (session, realm) -> {
final UserModel user = session.users().getUserByUsername(realm, "user1"); final UserModel user = session.users().getUserByUsername(realm, "user1");
return session.sessions().createUserSession(realm, user, "un1", "ip1", "auth", false, null, null); return session.sessions().createUserSession(null, realm, user, "un1", "ip1", "auth", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
}); });
userSessionId.set(userSessionModel.getId()); userSessionId.set(userSessionModel.getId());
} else { } else {

14
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionPersisterProviderTest.java
View file

@ -259,7 +259,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
fooRealm.addClient("foo-app"); fooRealm.addClient("foo-app");
session.users().addUser(fooRealm, "user3"); session.users().addUser(fooRealm, "user3");
UserSessionModel userSession = session.sessions().createUserSession(fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
userSessionID.set(userSession.getId()); userSessionID.set(userSession.getId());
createClientSession(session, realmId, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); createClientSession(session, realmId, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state");
@ -300,7 +300,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
fooRealm.addClient("bar-app"); fooRealm.addClient("bar-app");
session.users().addUser(fooRealm, "user3"); session.users().addUser(fooRealm, "user3");
UserSessionModel userSession = session.sessions().createUserSession(fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, fooRealm, session.users().getUserByUsername(fooRealm, "user3"), "user3", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
userSessionID.set(userSession.getId()); userSessionID.set(userSession.getId());
createClientSession(session, realmId, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state"); createClientSession(session, realmId, fooRealm.getClientByClientId("foo-app"), userSession, "http://redirect", "state");
@ -434,7 +434,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
// Having different offsets for each session (to ensure that lastSessionRefresh is also different) // Having different offsets for each session (to ensure that lastSessionRefresh is also different)
setTimeOffset(i); setTimeOffset(i);
UserSessionModel userSession = session.sessions().createUserSession(realm, user, "user1", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm, user, "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state");
userSessionsInner.add(userSession.getId()); userSessionsInner.add(userSession.getId());
} }
@ -528,7 +528,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
// Create session in infinispan // Create session in infinispan
RealmModel realm = session.realms().getRealm(realmId); RealmModel realm = session.realms().getRealm(realmId);
UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state");
createClientSession(session, realmId, realm.getClientByClientId("external-storage-client"), userSession, "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("external-storage-client"), userSession, "http://redirect", "state");
@ -587,15 +587,15 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
protected static UserSessionModel[] createSessions(KeycloakSession session, String realmId) { protected static UserSessionModel[] createSessions(KeycloakSession session, String realmId) {
RealmModel realm = session.realms().getRealm(realmId); RealmModel realm = session.realms().getRealm(realmId);
UserSessionModel[] sessions = new UserSessionModel[3]; UserSessionModel[] sessions = new UserSessionModel[3];
sessions[0] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null); sessions[0] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[0], "http://redirect", "state");
createClientSession(session, realmId, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("third-party"), sessions[0], "http://redirect", "state");
sessions[1] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null); sessions[1] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[1], "http://redirect", "state");
sessions[2] = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null); sessions[2] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.3", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state"); createClientSession(session, realmId, realm.getClientByClientId("test-app"), sessions[2], "http://redirect", "state");
return sessions; return sessions;

2
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderModelTest.java
View file

@ -301,7 +301,7 @@ public class UserSessionProviderModelTest extends KeycloakModelTest {
inIndependentFactories(4, 30, () -> { inIndependentFactories(4, 30, () -> {
withRealm(realmId, (session, realm) -> { withRealm(realmId, (session, realm) -> {
UserModel user = session.users().getUserByUsername(realm, "user1"); UserModel user = session.users().getUserByUsername(realm, "user1");
UserSessionModel userSession = session.sessions().createUserSession(realm, user, "user1", "", "", false, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm, user, "user1", "", "", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
userSessionIds.add(userSession.getId()); userSessionIds.add(userSession.getId());
latch.countDown(); latch.countDown();

4
testsuite/model/src/test/java/org/keycloak/testsuite/model/session/UserSessionProviderOfflineModelTest.java
View file

@ -288,7 +288,7 @@ public class UserSessionProviderOfflineModelTest extends KeycloakModelTest {
Assert.assertEquals(0, persister.getUserSessionsCount(true)); Assert.assertEquals(0, persister.getUserSessionsCount(true));
// create two offline user sessions // create two offline user sessions
UserSessionModel userSession = session.sessions().createUserSession(realm, session.users().getUserByUsername(realm, "user1"), "user1", "ip1", null, false, null, null); UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "ip1", null, false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
session.sessions().createOfflineUserSession(userSession); session.sessions().createOfflineUserSession(userSession);
session.sessions().createOfflineUserSession(origSessions[0]); session.sessions().createOfflineUserSession(origSessions[0]);
@ -392,7 +392,7 @@ public class UserSessionProviderOfflineModelTest extends KeycloakModelTest {
ClientModel thirdPartyClient = realm.getClientByClientId("third-party"); ClientModel thirdPartyClient = realm.getClientByClientId("third-party");
IntStream.range(0, sessionsPerUser) IntStream.range(0, sessionsPerUser)
.mapToObj(index -> session.sessions().createUserSession(realm, user, username + index, "ip" + index, "auth", false, null, null)) .mapToObj(index -> session.sessions().createUserSession(null, realm, user, username + index, "ip" + index, "auth", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT))
.forEach(userSession -> { .forEach(userSession -> {
AuthenticatedClientSessionModel testAppClientSession = session.sessions().createClientSession(realm, testAppClient, userSession); AuthenticatedClientSessionModel testAppClientSession = session.sessions().createClientSession(realm, testAppClient, userSession);
AuthenticatedClientSessionModel thirdPartyClientSession = session.sessions().createClientSession(realm, thirdPartyClient, userSession); AuthenticatedClientSessionModel thirdPartyClientSession = session.sessions().createClientSession(realm, thirdPartyClient, userSession);

5
testsuite/utils/src/main/java/org/keycloak/testsuite/util/cli/AbstractSessionCacheCommand.java
View file

@ -31,6 +31,8 @@ import org.keycloak.models.sessions.infinispan.changes.SessionEntityWrapper;
import org.keycloak.models.sessions.infinispan.entities.SessionEntity; import org.keycloak.models.sessions.infinispan.entities.SessionEntity;
import org.keycloak.models.sessions.infinispan.entities.UserSessionEntity; import org.keycloak.models.sessions.infinispan.entities.UserSessionEntity;
import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.services.managers.UserSessionManager;
import java.util.Arrays; import java.util.Arrays;
import java.util.Set; import java.util.Set;
import java.util.TreeSet; import java.util.TreeSet;
@ -337,8 +339,9 @@ public abstract class AbstractSessionCacheCommand extends AbstractCommand {
ClientModel client = realm.getClientByClientId(clientId); ClientModel client = realm.getClientByClientId(clientId);
UserModel user = batchSession.users().getUserByUsername(realm, username); UserModel user = batchSession.users().getUserByUsername(realm, username);
UserSessionManager userSessionManager = new UserSessionManager(session);
for (int i=0 ; i<countInIteration ; i++) { for (int i=0 ; i<countInIteration ; i++) {
UserSessionModel userSession = session.sessions().createUserSession(realm, user, username, "127.0.0.1", "form", false, null, null); UserSessionModel userSession = userSessionManager.createUserSession(realm, user, username, "127.0.0.1", "form", false, null, null);
session.sessions().createClientSession(userSession.getRealm(), client, userSession); session.sessions().createClientSession(userSession.getRealm(), client, userSession);
} }

4
testsuite/utils/src/main/java/org/keycloak/testsuite/util/cli/PersistSessionsCommand.java
View file

@ -30,6 +30,7 @@ import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel; import org.keycloak.models.UserSessionModel;
import org.keycloak.models.session.UserSessionPersisterProvider; import org.keycloak.models.session.UserSessionPersisterProvider;
import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.services.managers.UserSessionManager;
/** /**
@ -81,6 +82,7 @@ public class PersistSessionsCommand extends AbstractCommand {
ClientModel testApp = realm.getClientByClientId("security-admin-console"); ClientModel testApp = realm.getClientByClientId("security-admin-console");
UserSessionPersisterProvider persister = session.getProvider(UserSessionPersisterProvider.class); UserSessionPersisterProvider persister = session.getProvider(UserSessionPersisterProvider.class);
UserSessionManager userSessionManager = new UserSessionManager(session);
for (int i = 0; i < countInThisBatch; i++) { for (int i = 0; i < countInThisBatch; i++) {
String username = "john-" + userCounter.incrementAndGet(); String username = "john-" + userCounter.incrementAndGet();
@ -89,7 +91,7 @@ public class PersistSessionsCommand extends AbstractCommand {
john = session.users().addUser(realm, username); john = session.users().addUser(realm, username);
} }
UserSessionModel userSession = session.sessions().createUserSession(realm, john, username, "127.0.0.2", "form", true, null, null); UserSessionModel userSession = userSessionManager.createUserSession(realm, john, username, "127.0.0.2", "form", true, null, null);
AuthenticatedClientSessionModel clientSession = session.sessions().createClientSession(realm, testApp, userSession); AuthenticatedClientSessionModel clientSession = session.sessions().createClientSession(realm, testApp, userSession);
clientSession.setRedirectUri("http://redirect"); clientSession.setRedirectUri("http://redirect");
clientSession.setNote("foo", "bar-" + i); clientSession.setNote("foo", "bar-" + i);