Fix JPA UserSession provider and MySQL
This commit is contained in:
mposolda
parent
86de481ba1
commit
5203373047
5 changed files with 62 additions and 8 deletions
|
|
@ -102,7 +102,7 @@
|
||||||
<column name="NAME" type="VARCHAR(255)">
|
<column name="NAME" type="VARCHAR(255)">
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
<column name="VALUE" type="VARCHAR(255)"/>
|
<column name="VALUE" type="VARCHAR(2048)"/>
|
||||||
<column name="CLIENT_SESSION" type="VARCHAR(36)">
|
<column name="CLIENT_SESSION" type="VARCHAR(36)">
|
||||||
<constraints nullable="false"/>
|
<constraints nullable="false"/>
|
||||||
</column>
|
</column>
|
||||||
|
|
|
||||||
|
|
@ -301,6 +301,12 @@ public class LDAPFederationProvider implements UserFederationProvider {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check here if user already exists
|
||||||
|
String ldapUsername = LDAPUtils.getUsername(ldapUser, ldapIdentityStore.getConfig());
|
||||||
|
if (session.userStorage().getUserByUsername(ldapUsername, realm) != null) {
|
||||||
|
throw new ModelDuplicateException("User with username '" + ldapUsername + "' already exists in Keycloak. It conflicts with LDAP user with email '" + email + "'");
|
||||||
|
}
|
||||||
|
|
||||||
return importUserFromLDAP(session, realm, ldapUser);
|
return importUserFromLDAP(session, realm, ldapUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -278,12 +278,22 @@ public class ClientSessionAdapter implements ClientSessionModel {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setExecutionStatus(String authenticator, ExecutionStatus status) {
|
public void setExecutionStatus(String authenticator, ExecutionStatus status) {
|
||||||
ClientSessionAuthStatusEntity authStatus = new ClientSessionAuthStatusEntity();
|
boolean exists = false;
|
||||||
authStatus.setAuthenticator(authenticator);
|
for (ClientSessionAuthStatusEntity authStatus : entity.getAuthanticatorStatus()) {
|
||||||
authStatus.setClientSession(entity);
|
if (authStatus.getAuthenticator().equals(authenticator)) {
|
||||||
authStatus.setStatus(status);
|
authStatus.setStatus(status);
|
||||||
em.persist(authStatus);
|
exists = true;
|
||||||
entity.getAuthanticatorStatus().add(authStatus);
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!exists) {
|
||||||
|
ClientSessionAuthStatusEntity authStatus = new ClientSessionAuthStatusEntity();
|
||||||
|
authStatus.setAuthenticator(authenticator);
|
||||||
|
authStatus.setClientSession(entity);
|
||||||
|
authStatus.setStatus(status);
|
||||||
|
em.persist(authStatus);
|
||||||
|
entity.getAuthanticatorStatus().add(authStatus);
|
||||||
|
}
|
||||||
em.flush();
|
em.flush();
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -238,6 +238,14 @@ public class JpaUserSessionProvider implements UserSessionProvider {
|
||||||
.setParameter("realmId", realm.getId())
|
.setParameter("realmId", realm.getId())
|
||||||
.setParameter("userId", user.getId())
|
.setParameter("userId", user.getId())
|
||||||
.executeUpdate();
|
.executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientSessionAuthStatusByUser")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("userId", user.getId())
|
||||||
|
.executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientUserSessionNoteByUser")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("userId", user.getId())
|
||||||
|
.executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionByUser")
|
em.createNamedQuery("removeClientSessionByUser")
|
||||||
.setParameter("realmId", realm.getId())
|
.setParameter("realmId", realm.getId())
|
||||||
.setParameter("userId", user.getId())
|
.setParameter("userId", user.getId())
|
||||||
|
|
@ -270,6 +278,14 @@ public class JpaUserSessionProvider implements UserSessionProvider {
|
||||||
.setParameter("realmId", realm.getId())
|
.setParameter("realmId", realm.getId())
|
||||||
.setParameter("maxTime", dettachedClientSessionExpired)
|
.setParameter("maxTime", dettachedClientSessionExpired)
|
||||||
.executeUpdate();
|
.executeUpdate();
|
||||||
|
em.createNamedQuery("removeDetachedClientSessionAuthStatusByExpired")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("maxTime", dettachedClientSessionExpired)
|
||||||
|
.executeUpdate();
|
||||||
|
em.createNamedQuery("removeDetachedUserClientSessionNoteByExpired")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("maxTime", dettachedClientSessionExpired)
|
||||||
|
.executeUpdate();
|
||||||
em.createNamedQuery("removeDetachedClientSessionByExpired")
|
em.createNamedQuery("removeDetachedClientSessionByExpired")
|
||||||
.setParameter("realmId", realm.getId())
|
.setParameter("realmId", realm.getId())
|
||||||
.setParameter("maxTime", dettachedClientSessionExpired)
|
.setParameter("maxTime", dettachedClientSessionExpired)
|
||||||
|
|
@ -289,6 +305,16 @@ public class JpaUserSessionProvider implements UserSessionProvider {
|
||||||
.setParameter("maxTime", maxTime)
|
.setParameter("maxTime", maxTime)
|
||||||
.setParameter("idleTime", idleTime)
|
.setParameter("idleTime", idleTime)
|
||||||
.executeUpdate();
|
.executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientSessionAuthStatusByExpired")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("maxTime", maxTime)
|
||||||
|
.setParameter("idleTime", idleTime)
|
||||||
|
.executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientUserSessionNoteByExpired")
|
||||||
|
.setParameter("realmId", realm.getId())
|
||||||
|
.setParameter("maxTime", maxTime)
|
||||||
|
.setParameter("idleTime", idleTime)
|
||||||
|
.executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionByExpired")
|
em.createNamedQuery("removeClientSessionByExpired")
|
||||||
.setParameter("realmId", realm.getId())
|
.setParameter("realmId", realm.getId())
|
||||||
.setParameter("maxTime", maxTime)
|
.setParameter("maxTime", maxTime)
|
||||||
|
|
@ -311,6 +337,8 @@ public class JpaUserSessionProvider implements UserSessionProvider {
|
||||||
em.createNamedQuery("removeClientSessionNoteByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionNoteByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionRoleByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionRoleByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionProtMapperByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionProtMapperByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientSessionAuthStatusByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientUserSessionNoteByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeUserSessionNoteByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
em.createNamedQuery("removeUserSessionNoteByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeUserSessionByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
em.createNamedQuery("removeUserSessionByRealm").setParameter("realmId", realm.getId()).executeUpdate();
|
||||||
|
|
@ -327,6 +355,8 @@ public class JpaUserSessionProvider implements UserSessionProvider {
|
||||||
em.createNamedQuery("removeClientSessionNoteByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionNoteByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionRoleByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionRoleByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionProtMapperByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionProtMapperByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientSessionAuthStatusByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
||||||
|
em.createNamedQuery("removeClientUserSessionNoteByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
||||||
em.createNamedQuery("removeClientSessionByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
em.createNamedQuery("removeClientSessionByClient").setParameter("realmId", realm.getId()).setParameter("clientId", client.getId()).executeUpdate();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -211,10 +211,18 @@ public class SyncProvidersTest {
|
||||||
// Assert user successfully synced now
|
// Assert user successfully synced now
|
||||||
result = new UsersSyncManager().syncAllUsers(session.getKeycloakSessionFactory(), "test", ldapModel);
|
result = new UsersSyncManager().syncAllUsers(session.getKeycloakSessionFactory(), "test", ldapModel);
|
||||||
Assert.assertEquals(0, result.getFailed());
|
Assert.assertEquals(0, result.getFailed());
|
||||||
FederationTestUtils.assertUserImported(session.userStorage(), testRealm, "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126");
|
|
||||||
} finally {
|
} finally {
|
||||||
keycloakRule.stopSession(session, true);
|
keycloakRule.stopSession(session, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Assert user imported in another transaction
|
||||||
|
session = keycloakRule.startSession();
|
||||||
|
try {
|
||||||
|
RealmModel testRealm = session.realms().getRealm("test");
|
||||||
|
FederationTestUtils.assertUserImported(session.userStorage(), testRealm, "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126");
|
||||||
|
} finally {
|
||||||
|
keycloakRule.stopSession(session, false);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// KEYCLOAK-1571
|
// KEYCLOAK-1571
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue