commit
663f12d5e6
31 changed files with 119 additions and 64 deletions
|
@ -13,13 +13,13 @@
|
|||
<includes>
|
||||
<include>org/bouncycastle/**</include>
|
||||
<include>net/iharder/base64/**</include>
|
||||
<include>org/apache/httpcomponents/**</include>
|
||||
<include>org/keycloak/keycloak-core/**</include>
|
||||
<include>org/keycloak/keycloak-adapter-core/**</include>
|
||||
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
|
||||
<include>org/keycloak/keycloak-as7-adapter/**</include>
|
||||
<include>org/keycloak/keycloak-as7-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
|
||||
</includes>
|
||||
<excludes>
|
||||
<exclude>**/*.war</exclude>
|
||||
|
|
|
@ -38,12 +38,6 @@
|
|||
|
||||
<!-- server min dependencies -->
|
||||
|
||||
<module-def name="org.apache.httpcomponents" slot="4.3">
|
||||
<maven-resource group="org.apache.httpcomponents" artifact="httpclient"/>
|
||||
<maven-resource group="org.apache.httpcomponents" artifact="httpcore"/>
|
||||
<maven-resource group="org.apache.httpcomponents" artifact="httpmime"/>
|
||||
</module-def>
|
||||
|
||||
<module-def name="org.keycloak.keycloak-core">
|
||||
<maven-resource group="org.keycloak" artifact="keycloak-core"/>
|
||||
</module-def>
|
||||
|
@ -76,6 +70,10 @@
|
|||
<maven-resource group="org.keycloak" artifact="keycloak-as7-subsystem"/>
|
||||
</module-def>
|
||||
|
||||
<module-def name="org.keycloak.keycloak-servlet-oauth-client">
|
||||
<maven-resource group="org.keycloak" artifact="keycloak-servlet-oauth-client"/>
|
||||
</module-def>
|
||||
|
||||
</target>
|
||||
|
||||
<target name="clean-target">
|
||||
|
|
|
@ -42,12 +42,8 @@
|
|||
<artifactId>keycloak-as7-subsystem</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpmime</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpcore</artifactId>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-servlet-oauth-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>net.iharder</groupId>
|
||||
|
|
|
@ -1,14 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<module xmlns="urn:jboss:module:1.1" name="org.apache.httpcomponents" slot="4.3">
|
||||
<resources>
|
||||
<!-- Insert resources here -->
|
||||
</resources>
|
||||
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="org.apache.commons.codec"/>
|
||||
<module name="org.apache.commons.logging"/>
|
||||
<module name="org.apache.james.mime4j"/>
|
||||
</dependencies>
|
||||
</module>
|
|
@ -11,7 +11,7 @@
|
|||
<module name="org.codehaus.jackson.jackson-core-asl"/>
|
||||
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
|
||||
<module name="org.codehaus.jackson.jackson-xc"/>
|
||||
<module name="org.apache.httpcomponents" slot="4.3" />
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
<module name="net.iharder.base64"/>
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
<module name="org.codehaus.jackson.jackson-core-asl"/>
|
||||
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
|
||||
<module name="org.codehaus.jackson.jackson-xc"/>
|
||||
<module name="org.apache.httpcomponents" slot="4.3" />
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="javax.servlet.api"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.jboss.as.security"/>
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-servlet-oauth-client">
|
||||
<resources>
|
||||
<!-- Insert resources here -->
|
||||
</resources>
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.servlet.api"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.picketbox"/>
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.keycloak.keycloak-adapter-core"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
</dependencies>
|
||||
|
||||
</module>
|
|
@ -13,13 +13,13 @@
|
|||
<includes>
|
||||
<include>org/bouncycastle/**</include>
|
||||
<include>net/iharder/base64/**</include>
|
||||
<include>org/apache/httpcomponents/**</include>
|
||||
<include>org/keycloak/keycloak-core/**</include>
|
||||
<include>org/keycloak/keycloak-adapter-core/**</include>
|
||||
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
|
||||
<include>org/keycloak/keycloak-as7-adapter/**</include>
|
||||
<include>org/keycloak/keycloak-as7-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
|
||||
</includes>
|
||||
<excludes>
|
||||
<exclude>**/*.war</exclude>
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
|
||||
<include>org/keycloak/keycloak-wf8-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
|
||||
</includes>
|
||||
<excludes>
|
||||
<exclude>**/*.war</exclude>
|
||||
|
|
|
@ -69,6 +69,10 @@
|
|||
<maven-resource group="org.keycloak" artifact="keycloak-wf8-subsystem"/>
|
||||
</module-def>
|
||||
|
||||
<module-def name="org.keycloak.keycloak-servlet-oauth-client">
|
||||
<maven-resource group="org.keycloak" artifact="keycloak-servlet-oauth-client"/>
|
||||
</module-def>
|
||||
|
||||
<module-def name="org.apache.httpcomponents" slot="4.3">
|
||||
<maven-resource group="org.apache.httpcomponents" artifact="httpclient"/>
|
||||
<maven-resource group="org.apache.httpcomponents" artifact="httpcore"/>
|
||||
|
|
|
@ -41,6 +41,10 @@
|
|||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wf8-subsystem</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-servlet-oauth-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpmime</artifactId>
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-servlet-oauth-client">
|
||||
<resources>
|
||||
<!-- Insert resources here -->
|
||||
</resources>
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.servlet.api"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.picketbox"/>
|
||||
<module name="org.apache.httpcomponents" slot="4.3"/>
|
||||
<module name="org.keycloak.keycloak-adapter-core"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
</dependencies>
|
||||
|
||||
</module>
|
|
@ -19,6 +19,7 @@
|
|||
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
|
||||
<include>org/keycloak/keycloak-wf9-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
|
||||
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
|
||||
</includes>
|
||||
<excludes>
|
||||
<exclude>**/*.war</exclude>
|
||||
|
|
|
@ -69,6 +69,10 @@
|
|||
<maven-resource group="org.keycloak" artifact="keycloak-wf9-subsystem"/>
|
||||
</module-def>
|
||||
|
||||
<module-def name="org.keycloak.keycloak-servlet-oauth-client">
|
||||
<maven-resource group="org.keycloak" artifact="keycloak-servlet-oauth-client"/>
|
||||
</module-def>
|
||||
|
||||
</target>
|
||||
|
||||
<target name="clean-target">
|
||||
|
|
|
@ -41,6 +41,10 @@
|
|||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-wf9-subsystem</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-servlet-oauth-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpmime</artifactId>
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-servlet-oauth-client">
|
||||
<resources>
|
||||
<!-- Insert resources here -->
|
||||
</resources>
|
||||
<dependencies>
|
||||
<module name="javax.api"/>
|
||||
<module name="javax.servlet.api"/>
|
||||
<module name="org.jboss.logging"/>
|
||||
<module name="org.picketbox"/>
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.keycloak.keycloak-adapter-core"/>
|
||||
<module name="org.keycloak.keycloak-core"/>
|
||||
</dependencies>
|
||||
|
||||
</module>
|
|
@ -12,7 +12,7 @@
|
|||
<relativePath>../../../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>keycloak-eap6-server-modules</artifactId>
|
||||
<artifactId>keycloak-server-modules-eap6</artifactId>
|
||||
|
||||
<name>Keycloak EAP 6 Server Modules</name>
|
||||
<packaging>pom</packaging>
|
||||
|
|
|
@ -8,15 +8,15 @@
|
|||
<relativePath>../../../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>keycloak-eap6-server-overlay</artifactId>
|
||||
<artifactId>keycloak-server-overlay-eap6</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>Keycloak EAP 6 Server Overlay Distribution</name>
|
||||
<name>Keycloak Server Overlay EAP 6 Distribution</name>
|
||||
<description/>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-eap6-server-modules</artifactId>
|
||||
<artifactId>keycloak-server-modules-eap6</artifactId>
|
||||
<type>zip</type>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
@ -39,7 +39,7 @@
|
|||
<artifactItems>
|
||||
<artifactItem>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-eap6-server-modules</artifactId>
|
||||
<artifactId>keycloak-server-modules-eap6</artifactId>
|
||||
<type>zip</type>
|
||||
<outputDirectory>${project.build.directory}/unpacked/modules</outputDirectory>
|
||||
</artifactItem>
|
||||
|
|
|
@ -8,9 +8,9 @@
|
|||
<relativePath>../../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>keycloak-eap6-server-overlay-parent</artifactId>
|
||||
<artifactId>keycloak-server-overlay-eap6-parent</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>Keycloak EAP 6 Server Overlay</name>
|
||||
<name>Keycloak Server Overlay EAP 6</name>
|
||||
<description/>
|
||||
|
||||
|
||||
|
|
|
@ -122,6 +122,10 @@
|
|||
</itemizedlist>
|
||||
Make sure you grab the correct one.
|
||||
</para>
|
||||
<para>
|
||||
You also need to update standalone.xml as the extension module and subsystem definition has changed.
|
||||
See <link linkend="jboss-adapter-installation">Adapter Installation</link> for details.
|
||||
</para>
|
||||
</simplesect>
|
||||
</section>
|
||||
<section>
|
||||
|
|
|
@ -53,12 +53,12 @@ $ unzip keycloak-as7-adapter-dist.zip
|
|||
<server xmlns="urn:jboss:domain:1.4">
|
||||
|
||||
<extensions>
|
||||
<extension module="org.keycloak.keycloak-subsystem"/>
|
||||
<extension module="org.keycloak.keycloak-adapter-subsystem"/>
|
||||
...
|
||||
</extensions>
|
||||
|
||||
<profile>
|
||||
<subsystem xmlns="urn:jboss:domain:keycloak:1.0"/>
|
||||
<subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
|
||||
...
|
||||
</profile>
|
||||
]]>
|
||||
|
|
|
@ -52,6 +52,7 @@
|
|||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-servlet-oauth-client</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
|
|
|
@ -41,6 +41,7 @@ public class AppContextListener implements ServletContextListener {
|
|||
}
|
||||
ServletOAuthClientBuilder.build(is, oauthClient);
|
||||
logger.info("OAuth client configured and started");
|
||||
oauthClient.start();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -4,7 +4,10 @@ import org.apache.http.HttpEntity;
|
|||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.impl.client.DefaultHttpClient;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.KeycloakSecurityContext;
|
||||
import org.keycloak.adapters.AdapterUtils;
|
||||
import org.keycloak.servlet.ServletOAuthClient;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
import org.keycloak.util.UriUtils;
|
||||
|
@ -69,7 +72,7 @@ public class DatabaseClient {
|
|||
}
|
||||
|
||||
protected List<String> sendRequestToDBApplication(String dbUri) {
|
||||
HttpClient client = oauthClient.getClient();
|
||||
HttpClient client = new DefaultHttpClient();
|
||||
HttpGet get = new HttpGet(dbUri);
|
||||
try {
|
||||
|
||||
|
@ -103,18 +106,8 @@ public class DatabaseClient {
|
|||
}
|
||||
|
||||
public String getBaseUrl() {
|
||||
switch (oauthClient.getRelativeUrlsUsed()) {
|
||||
case ALL_REQUESTS:
|
||||
// Resolve baseURI from the request
|
||||
return UriUtils.getOrigin(request.getRequestURL().toString());
|
||||
case BROWSER_ONLY:
|
||||
// Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
|
||||
return UriUtils.getOrigin(oauthClient.getTokenUrl());
|
||||
case NEVER:
|
||||
return "";
|
||||
default:
|
||||
return "";
|
||||
}
|
||||
KeycloakSecurityContext session = (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
|
||||
return AdapterUtils.getOriginForRestCalls(request.getRequestURL().toString(), session);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
<!-- the Demo code uses classes in these modules. These are optional to import if you are not using
|
||||
Apache Http Client or the HttpClientBuilder that comes with the adapter core -->
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.keycloak.keycloak-servlet-oauth-client"/>
|
||||
</dependencies>
|
||||
</deployment>
|
||||
</jboss-deployment-structure>
|
1
examples/demo-template/third-party/pom.xml
vendored
1
examples/demo-template/third-party/pom.xml
vendored
|
@ -34,6 +34,7 @@
|
|||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-servlet-oauth-client</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
|
|
|
@ -4,6 +4,9 @@ import org.apache.http.HttpEntity;
|
|||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.impl.client.DefaultHttpClient;
|
||||
import org.keycloak.KeycloakSecurityContext;
|
||||
import org.keycloak.adapters.AdapterUtils;
|
||||
import org.keycloak.adapters.ServerRequest;
|
||||
import org.keycloak.representations.AccessTokenResponse;
|
||||
import org.keycloak.servlet.ServletOAuthClient;
|
||||
|
@ -70,15 +73,17 @@ public class ProductDatabaseClient {
|
|||
}
|
||||
|
||||
public static List<String> getProducts(HttpServletRequest request, String accessToken) throws Failure {
|
||||
KeycloakSecurityContext session = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
|
||||
|
||||
// The ServletOAuthClient is obtained by getting a context attribute
|
||||
// that is set in the Bootstrap context listener in this project.
|
||||
// You really should come up with a better way to initialize
|
||||
// and obtain the ServletOAuthClient. I actually suggest downloading the ServletOAuthClient code
|
||||
// and take a look how it works. You can also take a look at third-party-cdi example
|
||||
ServletOAuthClient oAuthClient = (ServletOAuthClient) request.getServletContext().getAttribute(ServletOAuthClient.class.getName());
|
||||
HttpClient client = oAuthClient.getClient();
|
||||
HttpClient client = new DefaultHttpClient();
|
||||
|
||||
HttpGet get = new HttpGet(getBaseUrl(oAuthClient, request) + "/database/products");
|
||||
HttpGet get = new HttpGet(AdapterUtils.getOriginForRestCalls(request.getRequestURL().toString(), session) + "/database/products");
|
||||
get.addHeader("Authorization", "Bearer " + accessToken);
|
||||
try {
|
||||
HttpResponse response = client.execute(get);
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
<!-- the Demo code uses classes in these modules. These are optional to import if you are not using
|
||||
Apache Http Client or the HttpClientBuilder that comes with the adapter core -->
|
||||
<module name="org.apache.httpcomponents"/>
|
||||
<module name="org.keycloak.keycloak-servlet-oauth-client"/>
|
||||
</dependencies>
|
||||
</deployment>
|
||||
</jboss-deployment-structure>
|
|
@ -3,10 +3,12 @@ package org.keycloak.servlet;
|
|||
import org.apache.http.client.HttpClient;
|
||||
import org.keycloak.AbstractOAuthClient;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.adapters.HttpClientBuilder;
|
||||
import org.keycloak.adapters.ServerRequest;
|
||||
import org.keycloak.jose.jws.JWSInput;
|
||||
import org.keycloak.representations.AccessTokenResponse;
|
||||
import org.keycloak.representations.IDToken;
|
||||
import org.keycloak.representations.adapters.config.AdapterConfig;
|
||||
import org.keycloak.util.KeycloakUriBuilder;
|
||||
import org.keycloak.util.UriUtils;
|
||||
|
||||
|
@ -22,8 +24,10 @@ import java.net.URI;
|
|||
*/
|
||||
public class ServletOAuthClient extends AbstractOAuthClient {
|
||||
protected HttpClient client;
|
||||
protected AdapterConfig adapterConfig;
|
||||
|
||||
public void start() {
|
||||
client = new HttpClientBuilder().build(adapterConfig);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -32,13 +36,6 @@ public class ServletOAuthClient extends AbstractOAuthClient {
|
|||
public void stop() {
|
||||
client.getConnectionManager().shutdown();
|
||||
}
|
||||
public HttpClient getClient() {
|
||||
return client;
|
||||
}
|
||||
|
||||
public void setClient(HttpClient client) {
|
||||
this.client = client;
|
||||
}
|
||||
|
||||
private AccessTokenResponse resolveBearerToken(HttpServletRequest request, String redirectUri, String code) throws IOException, ServerRequest.HttpFailure {
|
||||
// Don't send sessionId in oauth clients for now
|
||||
|
@ -171,4 +168,7 @@ public class ServletOAuthClient extends AbstractOAuthClient {
|
|||
}
|
||||
}
|
||||
|
||||
public void setAdapterConfig(AdapterConfig adapterConfig) {
|
||||
this.adapterConfig = adapterConfig;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -42,8 +42,7 @@ public class ServletOAuthClientBuilder {
|
|||
|
||||
|
||||
public static void build(AdapterConfig adapterConfig, ServletOAuthClient oauthClient) {
|
||||
HttpClient client = new HttpClientBuilder().build(adapterConfig);
|
||||
oauthClient.setClient(client);
|
||||
oauthClient.setAdapterConfig(adapterConfig);
|
||||
oauthClient.setClientId(adapterConfig.getResource());
|
||||
oauthClient.setPublicClient(adapterConfig.isPublicClient());
|
||||
oauthClient.setCredentials(adapterConfig.getCredentials());
|
||||
|
|
2
pom.xml
2
pom.xml
|
@ -1077,7 +1077,7 @@
|
|||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-eap6-server-modules</artifactId>
|
||||
<artifactId>keycloak-server-modules-eap6</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<type>zip</type>
|
||||
</dependency>
|
||||
|
|
Loading…
Reference in a new issue