auth-server-url and Realm/App name changes

admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js

@@ -26,13 +26,12 @@ module.controller('HomeCtrl', function(Realm, $location) {
         if (realms.length == 1) {
             realm = realms[0].realm;
         } else if (realms.length == 2) {
-            if (realms[0].realm == 'Keycloak Administration') {
+            if (realms[0].realm == 'keycloak-admin') {
                 realm = realms[1].realm;
-            } else if (realms[1].realm == 'Keycloak Administration') {
+            } else if (realms[1].realm == 'keycloak-admin') {
                 realm = realms[0].realm;
             }
         }
-        console.log("****** HomeCtrl ******");
         if (realm) {
             $location.url('/realms/' + realm);
         } else {

admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html

@@ -11,7 +11,7 @@
                     <a href="#" class="dropdown-toggle" data-toggle="dropdown">
                         <span class="icon-user">Icon: user</span>{{auth.user.displayName}}<i class="caret"></i></a>
                     <ul class="dropdown-menu">
-                        <li><a href="/auth/rest/realms/Keycloak Administration/account">Manage Account</a></li>
+                        <li><a href="/auth/rest/realms/keycloak-admin/account">Manage Account</a></li>
                         <li class="separator"><a href="/auth/rest/admin/logout">Sign Out</a></li>
                     </ul>
                 </li>

core/src/main/java/org/keycloak/ServiceUrlConstants.java

@@ -0,0 +1,11 @@
+package org.keycloak;
+
+/**
+ * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
+ * @version $Revision: 1 $
+ */
+public interface ServiceUrlConstants {
+
+    public static final String TOKEN_SERVICE_LOGIN_PATH = "/rest/realms/{realm-name}/tokens/login";
+    public static final String TOKEN_SERVICE_ACCESS_CODE_PATH = "/rest/realms/{realm-name}/tokens/access/codes";
+}

core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java

@@ -9,7 +9,7 @@ import org.codehaus.jackson.annotate.JsonPropertyOrder;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-@JsonPropertyOrder({"realm", "realm-public-key", "auth-url", "code-url", "ssl-not-required",
+@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-not-required",
         "resource", "credentials",
         "use-resource-role-mappings",
         "enable-cors", "cors-max-age", "cors-allowed-methods",

core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java

@@ -13,7 +13,7 @@ import java.util.Map;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-@JsonPropertyOrder({"realm", "realm-public-key", "auth-url", "code-url", "ssl-not-required",
+@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-not-required",
         "resource", "credentials",
         "use-resource-role-mappings",
         "enable-cors", "cors-max-age", "cors-allowed-methods",

core/src/main/java/org/keycloak/representations/adapters/config/BaseRealmConfig.java

@@ -9,16 +9,14 @@ import org.codehaus.jackson.annotate.JsonPropertyOrder;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-@JsonPropertyOrder({"realm", "realm-public-key", "auth-url", "code-url", "ssl-not-required"})
+@JsonPropertyOrder({"realm", "realm-public-key", "auth-server-url", "ssl-not-required"})
 public class BaseRealmConfig {
     @JsonProperty("realm")
     protected String realm;
     @JsonProperty("realm-public-key")
     protected String realmKey;
-    @JsonProperty("auth-url")
-    protected String authUrl;
-    @JsonProperty("code-url")
-    protected String codeUrl;
+    @JsonProperty("auth-server-url")
+    protected String authServerUrl;
     @JsonProperty("ssl-not-required")
     protected boolean sslNotRequired;
 
@@ -46,19 +44,11 @@ public class BaseRealmConfig {
         this.realmKey = realmKey;
     }
 
-    public String getAuthUrl() {
-        return authUrl;
+    public String getAuthServerUrl() {
+        return authServerUrl;
     }
 
-    public void setAuthUrl(String authUrl) {
-        this.authUrl = authUrl;
-    }
-
-    public String getCodeUrl() {
-        return codeUrl;
-    }
-
-    public void setCodeUrl(String codeUrl) {
-        this.codeUrl = codeUrl;
+    public void setAuthServerUrl(String authServerUrl) {
+        this.authServerUrl = authServerUrl;
     }
 }

examples/as7-eap-demo/customer-app/src/main/webapp/WEB-INF/keycloak.json

@@ -2,8 +2,7 @@
   "realm" : "demo",
   "resource" : "customer-portal",
   "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
   "expose-token" : true,
    "credentials" : {

examples/as7-eap-demo/product-app/src/main/webapp/WEB-INF/keycloak.json

@@ -2,8 +2,7 @@
   "realm" : "demo",
   "resource" : "product-portal",
   "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
    "credentials" : {
       "password" : "password"

examples/as7-eap-demo/testrealm.json

@@ -96,7 +96,7 @@
         }
     ],
     "applicationRoleMappings": {
-        "Account": [
+        "account": [
             {
                 "username": "bburke@redhat.com",
                 "roles": ["manage-account"]

examples/as7-eap-demo/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json

@@ -1,7 +1,6 @@
 {
   "resource" : "third-party",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
    "credentials" : {
       "password" : "password"

examples/as7-eap-demo/third-party/src/main/webapp/WEB-INF/keycloak.json

@@ -1,7 +1,6 @@
 {
   "resource" : "third-party",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
    "credentials" : {
       "password" : "password"

examples/wildfly-demo/customer-app/src/main/webapp/WEB-INF/keycloak.json

@@ -2,8 +2,7 @@
   "realm" : "demo",
   "resource" : "customer-portal",
   "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
   "expose-token" : true,
    "credentials" : {

examples/wildfly-demo/product-app/src/main/webapp/WEB-INF/keycloak.json

@@ -2,8 +2,7 @@
   "realm" : "demo",
   "resource" : "product-portal",
   "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
   "credentials" : {
       "password" : "password"

examples/wildfly-demo/testrealm.json

@@ -96,7 +96,7 @@
         }
     ],
     "applicationRoleMappings": {
-        "Account": [
+        "account": [
             {
                 "username": "bburke@redhat.com",
                 "roles": ["manage-account"]

examples/wildfly-demo/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json

@@ -1,7 +1,7 @@
 {
+  "realm" : "demo",
   "resource" : "third-party",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
    "credentials" : {
       "password" : "password"

examples/wildfly-demo/third-party/src/main/webapp/WEB-INF/keycloak.json

@@ -1,7 +1,7 @@
 {
+  "realm" : "demo",
   "resource" : "third-party",
-  "auth-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/login",
-  "code-url" : "http://localhost:8080/auth/rest/realms/demo/tokens/access/codes",
+  "auth-server-url" : "http://localhost:8080/auth",
   "ssl-not-required" : true,
    "credentials" : {
       "password" : "password"

integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java

@@ -3,6 +3,8 @@ package org.keycloak.adapters.config;
 import java.io.InputStream;
 
 import org.keycloak.AbstractOAuthClient;
+import org.keycloak.ServiceUrlConstants;
+import org.keycloak.util.KeycloakUriBuilder;
 
 /**
  * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@@ -27,8 +29,14 @@ public abstract class OAuthClientConfigLoader extends RealmConfigurationLoader {
     public void configureOAuthClient(AbstractOAuthClient oauthClient) {
         oauthClient.setClientId(adapterConfig.getResource());
         oauthClient.setPassword(adapterConfig.getCredentials().get("password"));
-        oauthClient.setAuthUrl(adapterConfig.getAuthUrl());
-        oauthClient.setCodeUrl(adapterConfig.getCodeUrl());
+        if (adapterConfig.getAuthServerUrl() == null) {
+            throw new RuntimeException("You must specify auth-url");
+        }
+        KeycloakUriBuilder serverBuilder = KeycloakUriBuilder.fromUri(adapterConfig.getAuthServerUrl());
+        String authUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_LOGIN_PATH).build(adapterConfig.getRealm()).toString();
+        String tokenUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_ACCESS_CODE_PATH).build(adapterConfig.getRealm()).toString();
+        oauthClient.setAuthUrl(authUrl);
+        oauthClient.setCodeUrl(tokenUrl);
         oauthClient.setTruststore(truststore);
         if (adapterConfig.getScope() != null) {
             String scope = encodeScope(adapterConfig.getScope());

integration/adapter-core/src/main/java/org/keycloak/adapters/config/RealmConfigurationLoader.java

@@ -1,6 +1,7 @@
 package org.keycloak.adapters.config;
 
 import org.apache.http.client.HttpClient;
+import org.keycloak.ServiceUrlConstants;
 import org.keycloak.adapters.HttpClientBuilder;
 import org.keycloak.util.KeycloakUriBuilder;
 
@@ -30,14 +31,13 @@ public class RealmConfigurationLoader extends AdapterConfigLoader {
         if (!setupClient || adapterConfig.isBearerOnly()) return;
         initClient();
         realmConfiguration = new RealmConfiguration();
-        String authUrl = adapterConfig.getAuthUrl();
-        if (authUrl == null) {
+        if (adapterConfig.getAuthServerUrl() == null) {
             throw new RuntimeException("You must specify auth-url");
         }
-        String tokenUrl = adapterConfig.getCodeUrl();
-        if (tokenUrl == null) {
-            throw new RuntimeException("You mut specify code-url");
-        }
+        KeycloakUriBuilder serverBuilder = KeycloakUriBuilder.fromUri(adapterConfig.getAuthServerUrl());
+        String authUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_LOGIN_PATH).build(adapterConfig.getRealm()).toString();
+        String tokenUrl = serverBuilder.clone().path(ServiceUrlConstants.TOKEN_SERVICE_ACCESS_CODE_PATH).build(adapterConfig.getRealm()).toString();
+
         realmConfiguration.setMetadata(resourceMetadata);
         realmConfiguration.setSslRequired(!adapterConfig.isSslNotRequired());
         realmConfiguration.setResourceCredentials(adapterConfig.getCredentials());

model/api/src/main/java/org/keycloak/models/Constants.java

@@ -6,13 +6,13 @@ package org.keycloak.models;
  */
 public interface Constants {
     String INTERNAL_ROLE = "KEYCLOAK_";
-    String ADMIN_REALM = "Keycloak Administration";
-    String ADMIN_CONSOLE_APPLICATION = "Admin Console";
+    String ADMIN_REALM = "keycloak-admin";
+    String ADMIN_CONSOLE_APPLICATION = "admin-console";
     String ADMIN_CONSOLE_ADMIN_ROLE = "admin";
     String APPLICATION_ROLE = INTERNAL_ROLE + "_APPLICATION";
     String IDENTITY_REQUESTER_ROLE = INTERNAL_ROLE + "_IDENTITY_REQUESTER";
 
-    String ACCOUNT_APPLICATION = "Account";
+    String ACCOUNT_APPLICATION = "account";
     String ACCOUNT_PROFILE_ROLE = "view-profile";
     String ACCOUNT_MANAGE_ROLE = "manage-account";
 }

services/src/main/java/org/keycloak/services/managers/ApplicationManager.java

@@ -181,8 +181,7 @@ public class ApplicationManager {
         rep.setRealmKey(realmModel.getPublicKeyPem());
         rep.setSslNotRequired(realmModel.isSslNotRequired());
 
-        rep.setAuthUrl(Urls.realmLoginPage(baseUri, realmModel.getName()).toString());
-        rep.setCodeUrl(Urls.realmCode(baseUri, realmModel.getName()).toString());
+        rep.setAuthServerUrl(baseUri.toString());
         rep.setUseResourceRoleMappings(applicationModel.getRoles().size() > 0);
 
         rep.setResource(applicationModel.getName());

services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java

@@ -88,9 +88,7 @@ public class OAuthClientManager {
         rep.setRealm(realmModel.getName());
         rep.setRealmKey(realmModel.getPublicKeyPem());
         rep.setSslNotRequired(realmModel.isSslNotRequired());
-
-        rep.setAuthUrl(Urls.realmLoginPage(baseUri, realmModel.getName()).toString());
-        rep.setCodeUrl(Urls.realmCode(baseUri, realmModel.getName()).toString());
+        rep.setAuthServerUrl(baseUri.toString());
         rep.setUseResourceRoleMappings(false);
 
         rep.setResource(model.getOAuthAgent().getLoginName());

services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java

@@ -12,6 +12,8 @@ import org.keycloak.services.resources.admin.AdminService;
 import javax.servlet.ServletContext;
 import javax.ws.rs.core.Application;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.UriInfo;
+import java.net.URI;
 import java.util.HashSet;
 import java.util.ServiceLoader;
 import java.util.Set;
@@ -31,10 +33,11 @@ public class KeycloakApplication extends Application {
     protected Set<Class<?>> classes = new HashSet<Class<?>>();
 
     protected KeycloakSessionFactory factory;
+    protected String contextPath;
 
     public KeycloakApplication(@Context ServletContext context) {
         this.factory = createSessionFactory();
-
+        this.contextPath = context.getContextPath();
         context.setAttribute(KeycloakSessionFactory.class.getName(), factory);
         //classes.add(KeycloakSessionCleanupFilter.class);
 
@@ -49,6 +52,20 @@ public class KeycloakApplication extends Application {
         setupDefaultRealm();
     }
 
+    public String getContextPath() {
+        return contextPath;
+    }
+
+    /**
+     * Get base URI of WAR distribution, not JAX-RS
+     *
+     * @param uriInfo
+     * @return
+     */
+    public URI getBaseUri(UriInfo uriInfo) {
+        return uriInfo.getBaseUriBuilder().replacePath(getContextPath()).build();
+    }
+
     protected void setupDefaultRealm() {
         new ApplianceBootstrap().bootstrap(factory);
     }

services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java

@@ -11,6 +11,7 @@ import org.keycloak.representations.idm.ApplicationRepresentation;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.services.managers.ApplicationManager;
 import org.keycloak.services.managers.RealmManager;
+import org.keycloak.services.resources.KeycloakApplication;
 import org.keycloak.util.JsonSerialization;
 
 import javax.ws.rs.Consumes;
@@ -19,6 +20,7 @@ import javax.ws.rs.GET;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
+import javax.ws.rs.core.Application;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.UriInfo;
@@ -38,6 +40,13 @@ public class ApplicationResource extends RoleContainerResource {
     @Context
     protected UriInfo uriInfo;
 
+    @Context
+    protected Application keycloak;
+
+    protected KeycloakApplication getKeycloakApplication() {
+        return (KeycloakApplication)keycloak;
+    }
+
     public ApplicationResource(RealmModel realm, ApplicationModel applicationModel, KeycloakSession session) {
         super(applicationModel);
         this.realm = realm;
@@ -68,7 +77,7 @@ public class ApplicationResource extends RoleContainerResource {
     @Produces(MediaType.APPLICATION_JSON)
     public String getInstallation() throws IOException {
         ApplicationManager applicationManager = new ApplicationManager(new RealmManager(session));
-        BaseAdapterConfig rep = applicationManager.toInstallationRepresentation(realm, application, uriInfo.getBaseUri());
+        BaseAdapterConfig rep = applicationManager.toInstallationRepresentation(realm, application, getKeycloakApplication().getBaseUri(uriInfo));
 
         // TODO Temporary solution to pretty-print
         return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);

services/src/main/java/org/keycloak/services/resources/admin/OAuthClientResource.java

@@ -12,6 +12,7 @@ import org.keycloak.representations.idm.OAuthClientRepresentation;
 import org.keycloak.services.managers.ApplicationManager;
 import org.keycloak.services.managers.OAuthClientManager;
 import org.keycloak.services.managers.RealmManager;
+import org.keycloak.services.resources.KeycloakApplication;
 import org.keycloak.util.JsonSerialization;
 
 import javax.ws.rs.Consumes;
@@ -20,6 +21,7 @@ import javax.ws.rs.GET;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
+import javax.ws.rs.core.Application;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.UriInfo;
@@ -38,6 +40,13 @@ public class OAuthClientResource  {
     @Context
     protected UriInfo uriInfo;
 
+    @Context
+    protected Application application;
+
+    protected KeycloakApplication getApplication() {
+        return (KeycloakApplication)application;
+    }
+
     public OAuthClientResource(RealmModel realm, OAuthClientModel oauthClient, KeycloakSession session) {
         this.realm = realm;
         this.oauthClient = oauthClient;
@@ -65,7 +74,7 @@ public class OAuthClientResource  {
     @Produces(MediaType.APPLICATION_JSON)
     public String getInstallation() throws IOException {
         OAuthClientManager manager = new OAuthClientManager(realm);
-        BaseAdapterConfig rep = manager.toInstallationRepresentation(realm, oauthClient, uriInfo.getBaseUri());
+        BaseAdapterConfig rep = manager.toInstallationRepresentation(realm, oauthClient, getApplication().getBaseUri(uriInfo));
 
         // TODO Temporary solution to pretty-print
         return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep);