[KEYCLOAK-18878] Register the subsystem parser for older versions of the OIDC adapter schemas

adapters/oidc/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakExtension.java

@@ -37,7 +37,9 @@ import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUB
 public class KeycloakExtension implements Extension {
 
     public static final String SUBSYSTEM_NAME = "keycloak";
-    public static final String NAMESPACE = "urn:jboss:domain:keycloak:1.2";
+    public static final String NAMESPACE_1_1 = "urn:jboss:domain:keycloak:1.1";
+    public static final String NAMESPACE_1_2 = "urn:jboss:domain:keycloak:1.2";
+    public static final String CURRENT_NAMESPACE = NAMESPACE_1_2;
     private static final KeycloakSubsystemParser PARSER = new KeycloakSubsystemParser();
     static final PathElement PATH_SUBSYSTEM = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
     private static final String RESOURCE_NAME = KeycloakExtension.class.getPackage().getName() + ".LocalDescriptions";
@@ -63,7 +65,8 @@ public class KeycloakExtension implements Extension {
      */
     @Override
     public void initializeParsers(final ExtensionParsingContext context) {
-        context.setSubsystemXmlMapping(SUBSYSTEM_NAME, KeycloakExtension.NAMESPACE, PARSER);
+        context.setSubsystemXmlMapping(SUBSYSTEM_NAME, KeycloakExtension.NAMESPACE_1_1, PARSER);
+        context.setSubsystemXmlMapping(SUBSYSTEM_NAME, KeycloakExtension.NAMESPACE_1_2, PARSER);
     }
 
     /**

adapters/oidc/as7-eap6/as7-subsystem/src/main/java/org/keycloak/subsystem/as7/KeycloakSubsystemParser.java

@@ -194,7 +194,7 @@ class KeycloakSubsystemParser implements XMLStreamConstants, XMLElementReader<Li
      */
     @Override
     public void writeContent(final XMLExtendedStreamWriter writer, final SubsystemMarshallingContext context) throws XMLStreamException {
-        context.startSubsystemElement(KeycloakExtension.NAMESPACE, false);
+        context.startSubsystemElement(KeycloakExtension.CURRENT_NAMESPACE, false);
         writeRealms(writer, context);
         writeSecureDeployments(writer, context);
         writer.writeEndElement();

adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/KeycloakExtension.java

@@ -38,7 +38,9 @@ import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.SUB
 public class KeycloakExtension implements Extension {
 
     public static final String SUBSYSTEM_NAME = "keycloak";
-    public static final String NAMESPACE = "urn:jboss:domain:keycloak:1.2";
+    public static final String NAMESPACE_1_1 = "urn:jboss:domain:keycloak:1.1";
+    public static final String NAMESPACE_1_2 = "urn:jboss:domain:keycloak:1.2";
+    public static final String CURRENT_NAMESPACE = NAMESPACE_1_2;
     private static final KeycloakSubsystemParser PARSER = new KeycloakSubsystemParser();
     static final PathElement PATH_SUBSYSTEM = PathElement.pathElement(SUBSYSTEM, SUBSYSTEM_NAME);
     private static final String RESOURCE_NAME = KeycloakExtension.class.getPackage().getName() + ".LocalDescriptions";
@@ -64,7 +66,8 @@ public class KeycloakExtension implements Extension {
      */
     @Override
     public void initializeParsers(final ExtensionParsingContext context) {
-        context.setSubsystemXmlMapping(SUBSYSTEM_NAME, KeycloakExtension.NAMESPACE, PARSER);
+        context.setSubsystemXmlMapping(SUBSYSTEM_NAME, KeycloakExtension.NAMESPACE_1_1, PARSER);
+        context.setSubsystemXmlMapping(SUBSYSTEM_NAME, KeycloakExtension.NAMESPACE_1_2, PARSER);
     }
 
     /**

adapters/oidc/wildfly/wildfly-subsystem/src/main/java/org/keycloak/subsystem/adapter/extension/KeycloakSubsystemParser.java

@@ -244,7 +244,7 @@ class KeycloakSubsystemParser implements XMLStreamConstants, XMLElementReader<Li
      */
     @Override
     public void writeContent(final XMLExtendedStreamWriter writer, final SubsystemMarshallingContext context) throws XMLStreamException {
-        context.startSubsystemElement(KeycloakExtension.NAMESPACE, false);
+        context.startSubsystemElement(KeycloakExtension.CURRENT_NAMESPACE, false);
         writeRealms(writer, context);
         writeSecureDeployments(writer, context);
         writeSecureServers(writer, context);

adapters/oidc/wildfly/wildfly-subsystem/src/test/java/org/keycloak/subsystem/adapter/extension/SubsystemParsingTestCase.java

@@ -21,6 +21,7 @@ import org.jboss.as.controller.PathAddress;
 import org.jboss.as.controller.PathElement;
 import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
 import org.jboss.as.subsystem.test.AbstractSubsystemBaseTest;
+import org.jboss.as.subsystem.test.KernelServices;
 import org.jboss.dmr.ModelNode;
 import org.junit.Assert;
 import org.junit.Test;
@@ -115,6 +116,20 @@ public class SubsystemParsingTestCase extends AbstractSubsystemBaseTest {
         };
     }
 
+    /**
+     * Checks if the subsystem is still capable of reading a configuration that uses version 1.1 of the schema.
+     *
+     * @throws Exception if an error occurs while running the test.
+     */
+    @Test
+    public void testSubsystem1_1() throws Exception {
+        KernelServices servicesA = super.createKernelServicesBuilder(createAdditionalInitialization())
+                .setSubsystemXml(readResource("keycloak-1.1.xml")).build();
+        Assert.assertTrue("Subsystem boot failed!", servicesA.isSuccessfulBoot());
+        ModelNode modelA = servicesA.readWholeModel();
+        super.validateModel(modelA);
+    }
+
     /**
      * Tests a subsystem configuration that contains a {@code redirect-rewrite-rule}, checking that the resulting JSON
      * can be properly used to create an {@link AdapterConfig}.

adapters/oidc/wildfly/wildfly-subsystem/src/test/resources/org/keycloak/subsystem/adapter/extension/keycloak-1.1.xml

@@ -0,0 +1,99 @@
+<!--
+  ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
+  ~ and other contributors as indicated by the @author tags.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
+    <realm name="master">
+        <realm-public-key>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4siLKUew0WYxdtq6/rwk4Uj/4amGFFnE/yzIxQVU0PUqz3QBRVkUWpDj0K6ZnS5nzJV/y6DHLEy7hjZTdRDphyF1sq09aDOYnVpzu8o2sIlMM8q5RnUyEfIyUZqwo8pSZDJ90fS0s+IDUJNCSIrAKO3w1lqZDHL6E/YFHXyzkvQIDAQAB</realm-public-key>
+        <auth-server-url>http://localhost:8080/auth</auth-server-url>
+        <truststore>truststore.jks</truststore>
+        <truststore-password>secret</truststore-password>
+        <ssl-required>EXTERNAL</ssl-required>
+        <confidential-port>443</confidential-port>
+        <allow-any-hostname>false</allow-any-hostname>
+        <disable-trust-manager>true</disable-trust-manager>
+        <connection-pool-size>20</connection-pool-size>
+        <enable-cors>true</enable-cors>
+        <client-keystore>keys.jks</client-keystore>
+        <client-keystore-password>secret</client-keystore-password>
+        <client-key-password>secret</client-key-password>
+        <cors-max-age>600</cors-max-age>
+        <cors-allowed-headers>X-Custom</cors-allowed-headers>
+        <cors-allowed-methods>PUT,POST,DELETE,GET</cors-allowed-methods>
+        <expose-token>false</expose-token>
+        <auth-server-url-for-backend-requests>http://127.0.0.2:8080/auth</auth-server-url-for-backend-requests>
+        <always-refresh-token>false</always-refresh-token>
+        <register-node-at-startup>true</register-node-at-startup>
+        <register-node-period>60</register-node-period>
+        <token-store>session</token-store>
+        <principal-attribute>sub</principal-attribute>
+        <proxy-url>http://localhost:9000</proxy-url>
+    </realm>
+    <realm name="jboss-infra">
+        <realm-public-key>MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKoq+a9MgXepmsPJDmo45qswuChW9pWjanX68oIBuI4hGvhQxFHryCow230A+sr7tFdMQMt8f1l/ysmV/fYAuW29WaoY4kI4Ou1yYPuwywKSsxT6PooTs83hKyZ1h4LZMj5DkLGDDDyVRHob2WmPaYg9RGVRw3iGGsD/p+Yb+L/gnBYQnZZ7lYqmN7h36p5CkzzlgXQA1Ha8sQxL+rJNH8+sZm0vBrKsoII3Of7TqHGsm1RwFV3XCuGJ7S61AbjJMXL5DQgJl9Z5scvxGAyoRLKC294UgMnQdzyBTMPw2GybxkRKmiK2KjQKmcopmrJp/Bt6fBR6ZkGSs9qUlxGHgwIDAQAB</realm-public-key>
+        <auth-server-url>http://localhost:8180/auth</auth-server-url>
+    </realm>
+    <secure-deployment name="web-console">
+        <realm>master</realm>
+        <resource>web-console</resource>
+        <use-resource-role-mappings>true</use-resource-role-mappings>
+        <turn-off-change-session-id-on-login>false</turn-off-change-session-id-on-login>
+        <token-minimum-time-to-live>10</token-minimum-time-to-live>
+        <min-time-between-jwks-requests>20</min-time-between-jwks-requests>
+        <public-key-cache-ttl>3600</public-key-cache-ttl>
+        <realm-public-key>
+            MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4siLKUew0WYxdtq6/rwk4Uj/4amGFFnE/yzIxQVU0PUqz3QBRVkUWpDj0K6ZnS5nzJV/y6DHLEy7hjZTdRDphyF1sq09aDOYnVpzu8o2sIlMM8q5RnUyEfIyUZqwo8pSZDJ90fS0s+IDUJNCSIrAKO3w1lqZDHL6E/YFHXyzkvQIDAQAB
+        </realm-public-key>
+        <auth-server-url>http://localhost:8080/auth</auth-server-url>
+        <ssl-required>EXTERNAL</ssl-required>
+        <confidential-port>443</confidential-port>
+        <proxy-url>http://localhost:9000</proxy-url>
+        <verify-token-audience>true</verify-token-audience>
+        <credential name="secret">0aa31d98-e0aa-404c-b6e0-e771dba1e798</credential>
+        <redirect-rewrite-rule name="^/wsmaster/api/(.*)$">api/$1/</redirect-rewrite-rule>
+    </secure-deployment>
+    <secure-deployment name="http-endpoint">
+        <realm>master</realm>
+        <resource>http-endpoint</resource>
+        <use-resource-role-mappings>true</use-resource-role-mappings>
+        <adapter-state-cookie-path>/</adapter-state-cookie-path>
+        <realm-public-key>
+            MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4siLKUew0WYxdtq6/rwk4Uj/4amGFFnE/yzIxQVU0PUqz3QBRVkUWpDj0K6ZnS5nzJV/y6DHLEy7hjZTdRDphyF1sq09aDOYnVpzu8o2sIlMM8q5RnUyEfIyUZqwo8pSZDJ90fS0s+IDUJNCSIrAKO3w1lqZDHL6E/YFHXyzkvQIDAQAB
+        </realm-public-key>
+        <auth-server-url>http://localhost:8080/auth</auth-server-url>
+        <ssl-required>EXTERNAL</ssl-required>
+        <credential name="jwt">
+            <client-keystore-file>/tmp/keystore.jks</client-keystore-file>
+        </credential>
+        <redirect-rewrite-rule name="^/wsmaster/api/(.*)$">/api/$1/</redirect-rewrite-rule>
+    </secure-deployment>
+    <secure-deployment name="wildfly-management">
+        <realm>jboss-infra</realm>
+        <resource>wildfly-management</resource>
+        <bearer-only>true</bearer-only>
+        <ssl-required>EXTERNAL</ssl-required>
+        <principal-attribute>preferred_username</principal-attribute>
+    </secure-deployment>
+    <secure-server name="wildfly-console">
+        <realm>jboss-infra</realm>
+        <resource>wildfly-console</resource>
+        <public-client>true</public-client>
+        <adapter-state-cookie-path>/</adapter-state-cookie-path>
+        <ssl-required>EXTERNAL</ssl-required>
+        <confidential-port>443</confidential-port>
+        <proxy-url>http://localhost:9000</proxy-url>
+    </secure-server>
+</subsystem>