Merge pull request #29 from mposolda/social
KEYCLOAK-42: Typo in RealmModel.importRealm causing that bad required credential type could be imported
This commit is contained in:
commit
5434b66b3a
5 changed files with 28 additions and 12 deletions
|
@ -122,13 +122,13 @@ public class RealmManager {
|
|||
}
|
||||
|
||||
if (rep.getRequiredApplicationCredentials() != null) {
|
||||
for (String requiredCred : rep.getRequiredCredentials()) {
|
||||
for (String requiredCred : rep.getRequiredApplicationCredentials()) {
|
||||
addResourceRequiredCredential(newRealm, requiredCred);
|
||||
}
|
||||
}
|
||||
|
||||
if (rep.getRequiredOAuthClientCredentials() != null) {
|
||||
for (String requiredCred : rep.getRequiredCredentials()) {
|
||||
for (String requiredCred : rep.getRequiredOAuthClientCredentials()) {
|
||||
addOAuthClientRequiredCredential(newRealm, requiredCred);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -154,6 +154,7 @@ public class ApplicationAdapter implements ApplicationModel {
|
|||
ScopeRelationship scope = new ScopeRelationship();
|
||||
scope.setClient(((UserAdapter)agent).getUser());
|
||||
scope.setScope(((RoleAdapter)role).getRole());
|
||||
getRelationshipManager().add(scope);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -87,6 +87,13 @@ public class ImportTest {
|
|||
List<RealmModel> realms = identitySession.getRealms(admin);
|
||||
Assert.assertEquals(1, realms.size());
|
||||
|
||||
// Test scope relationship
|
||||
ApplicationModel application = realm.getResourceNameMap().get("Application");
|
||||
UserModel oauthClient = realm.getUser("oauthclient");
|
||||
Assert.assertNotNull(application);
|
||||
Assert.assertNotNull(oauthClient);
|
||||
Set<String> appScopes = application.getScope(oauthClient);
|
||||
Assert.assertTrue(appScopes.contains("user"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -109,10 +116,15 @@ public class ImportTest {
|
|||
RealmModel realm = manager.createRealm("demo", rep.getRealm());
|
||||
manager.importRealm(rep, realm);
|
||||
realm.addRealmAdmin(admin);
|
||||
|
||||
verifyRequiredCredentials(realm.getRequiredCredentials(), "password");
|
||||
verifyRequiredCredentials(realm.getRequiredApplicationCredentials(), "totp");
|
||||
verifyRequiredCredentials(realm.getRequiredOAuthClientCredentials(), "cert");
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
private void verifyRequiredCredentials(List<RequiredCredentialModel> requiredCreds, String expectedType) {
|
||||
Assert.assertEquals(1, requiredCreds.size());
|
||||
Assert.assertEquals(expectedType, requiredCreds.get(0).getType());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
||||
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"requiredCredentials": [ "password" ],
|
||||
"requiredApplicationCredentials": [ "password" ],
|
||||
"requiredOAuthClientCredentials": [ "password" ],
|
||||
"requiredApplicationCredentials": [ "totp" ],
|
||||
"requiredOAuthClientCredentials": [ "cert" ],
|
||||
"users" : [
|
||||
{
|
||||
"username" : "bburke@redhat.com",
|
||||
|
@ -65,8 +65,9 @@
|
|||
"useRealmMappings": true,
|
||||
"credentials": [
|
||||
{
|
||||
"type": "password",
|
||||
"value": "password"
|
||||
"type": "totp",
|
||||
"value": "12345",
|
||||
"device": "67890"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -77,8 +78,9 @@
|
|||
"useRealmMappings": true,
|
||||
"credentials": [
|
||||
{
|
||||
"type": "password",
|
||||
"value": "password"
|
||||
"type": "totp",
|
||||
"value": "12345",
|
||||
"device": "67890"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -59,10 +59,11 @@ public class SocialRequestManager {
|
|||
}
|
||||
|
||||
private void pruneExpired() {
|
||||
long currentTime = System.currentTimeMillis();
|
||||
Iterator<Entry<String, Long>> itr = expires.entrySet().iterator();
|
||||
while (itr.hasNext()) {
|
||||
Entry<String, Long> e = itr.next();
|
||||
if (e.getValue() < System.currentTimeMillis()) {
|
||||
if (e.getValue() < currentTime) {
|
||||
itr.remove();
|
||||
map.remove(e.getKey());
|
||||
} else {
|
||||
|
|
Loading…
Reference in a new issue