Merge pull request #1376 from stianst/master

Fixes
This commit is contained in:
Stian Thorgersen 2015-06-15 14:00:09 +01:00
commit 663f12d5e6
31 changed files with 119 additions and 64 deletions

View file

@ -13,13 +13,13 @@
<includes>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>

View file

@ -38,12 +38,6 @@
<!-- server min dependencies -->
<module-def name="org.apache.httpcomponents" slot="4.3">
<maven-resource group="org.apache.httpcomponents" artifact="httpclient"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpcore"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpmime"/>
</module-def>
<module-def name="org.keycloak.keycloak-core">
<maven-resource group="org.keycloak" artifact="keycloak-core"/>
</module-def>
@ -76,6 +70,10 @@
<maven-resource group="org.keycloak" artifact="keycloak-as7-subsystem"/>
</module-def>
<module-def name="org.keycloak.keycloak-servlet-oauth-client">
<maven-resource group="org.keycloak" artifact="keycloak-servlet-oauth-client"/>
</module-def>
</target>
<target name="clean-target">

View file

@ -42,12 +42,8 @@
<artifactId>keycloak-as7-subsystem</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-servlet-oauth-client</artifactId>
</dependency>
<dependency>
<groupId>net.iharder</groupId>

View file

@ -1,14 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.apache.httpcomponents" slot="4.3">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="org.apache.commons.codec"/>
<module name="org.apache.commons.logging"/>
<module name="org.apache.james.mime4j"/>
</dependencies>
</module>

View file

@ -11,7 +11,7 @@
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.apache.httpcomponents"/>
<module name="org.jboss.logging"/>
<module name="org.keycloak.keycloak-core"/>
<module name="net.iharder.base64"/>

View file

@ -12,7 +12,7 @@
<module name="org.codehaus.jackson.jackson-core-asl"/>
<module name="org.codehaus.jackson.jackson-mapper-asl"/>
<module name="org.codehaus.jackson.jackson-xc"/>
<module name="org.apache.httpcomponents" slot="4.3" />
<module name="org.apache.httpcomponents"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.jboss.as.security"/>

View file

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-servlet-oauth-client">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.picketbox"/>
<module name="org.apache.httpcomponents"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -13,13 +13,13 @@
<includes>
<include>org/bouncycastle/**</include>
<include>net/iharder/base64/**</include>
<include>org/apache/httpcomponents/**</include>
<include>org/keycloak/keycloak-core/**</include>
<include>org/keycloak/keycloak-adapter-core/**</include>
<include>org/keycloak/keycloak-jboss-adapter-core/**</include>
<include>org/keycloak/keycloak-as7-adapter/**</include>
<include>org/keycloak/keycloak-as7-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>

View file

@ -20,6 +20,7 @@
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
<include>org/keycloak/keycloak-wf8-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>

View file

@ -69,6 +69,10 @@
<maven-resource group="org.keycloak" artifact="keycloak-wf8-subsystem"/>
</module-def>
<module-def name="org.keycloak.keycloak-servlet-oauth-client">
<maven-resource group="org.keycloak" artifact="keycloak-servlet-oauth-client"/>
</module-def>
<module-def name="org.apache.httpcomponents" slot="4.3">
<maven-resource group="org.apache.httpcomponents" artifact="httpclient"/>
<maven-resource group="org.apache.httpcomponents" artifact="httpcore"/>

View file

@ -41,6 +41,10 @@
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf8-subsystem</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-servlet-oauth-client</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>

View file

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-servlet-oauth-client">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.picketbox"/>
<module name="org.apache.httpcomponents" slot="4.3"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -19,6 +19,7 @@
<include>org/keycloak/keycloak-wildfly-adapter/**</include>
<include>org/keycloak/keycloak-wf9-subsystem/**</include>
<include>org/keycloak/keycloak-adapter-subsystem/**</include>
<include>org/keycloak/keycloak-servlet-oauth-client/**</include>
</includes>
<excludes>
<exclude>**/*.war</exclude>

View file

@ -69,6 +69,10 @@
<maven-resource group="org.keycloak" artifact="keycloak-wf9-subsystem"/>
</module-def>
<module-def name="org.keycloak.keycloak-servlet-oauth-client">
<maven-resource group="org.keycloak" artifact="keycloak-servlet-oauth-client"/>
</module-def>
</target>
<target name="clean-target">

View file

@ -41,6 +41,10 @@
<groupId>org.keycloak</groupId>
<artifactId>keycloak-wf9-subsystem</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-servlet-oauth-client</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>

View file

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="org.keycloak.keycloak-servlet-oauth-client">
<resources>
<!-- Insert resources here -->
</resources>
<dependencies>
<module name="javax.api"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.logging"/>
<module name="org.picketbox"/>
<module name="org.apache.httpcomponents"/>
<module name="org.keycloak.keycloak-adapter-core"/>
<module name="org.keycloak.keycloak-core"/>
</dependencies>
</module>

View file

@ -12,7 +12,7 @@
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-eap6-server-modules</artifactId>
<artifactId>keycloak-server-modules-eap6</artifactId>
<name>Keycloak EAP 6 Server Modules</name>
<packaging>pom</packaging>

View file

@ -8,15 +8,15 @@
<relativePath>../../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-eap6-server-overlay</artifactId>
<artifactId>keycloak-server-overlay-eap6</artifactId>
<packaging>pom</packaging>
<name>Keycloak EAP 6 Server Overlay Distribution</name>
<name>Keycloak Server Overlay EAP 6 Distribution</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-eap6-server-modules</artifactId>
<artifactId>keycloak-server-modules-eap6</artifactId>
<type>zip</type>
</dependency>
</dependencies>
@ -39,7 +39,7 @@
<artifactItems>
<artifactItem>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-eap6-server-modules</artifactId>
<artifactId>keycloak-server-modules-eap6</artifactId>
<type>zip</type>
<outputDirectory>${project.build.directory}/unpacked/modules</outputDirectory>
</artifactItem>

View file

@ -8,9 +8,9 @@
<relativePath>../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-eap6-server-overlay-parent</artifactId>
<artifactId>keycloak-server-overlay-eap6-parent</artifactId>
<packaging>pom</packaging>
<name>Keycloak EAP 6 Server Overlay</name>
<name>Keycloak Server Overlay EAP 6</name>
<description/>

View file

@ -122,6 +122,10 @@
</itemizedlist>
Make sure you grab the correct one.
</para>
<para>
You also need to update standalone.xml as the extension module and subsystem definition has changed.
See <link linkend="jboss-adapter-installation">Adapter Installation</link> for details.
</para>
</simplesect>
</section>
<section>

View file

@ -53,12 +53,12 @@ $ unzip keycloak-as7-adapter-dist.zip
<server xmlns="urn:jboss:domain:1.4">
<extensions>
<extension module="org.keycloak.keycloak-subsystem"/>
<extension module="org.keycloak.keycloak-adapter-subsystem"/>
...
</extensions>
<profile>
<subsystem xmlns="urn:jboss:domain:keycloak:1.0"/>
<subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
...
</profile>
]]>

View file

@ -52,6 +52,7 @@
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-servlet-oauth-client</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>

View file

@ -41,6 +41,7 @@ public class AppContextListener implements ServletContextListener {
}
ServletOAuthClientBuilder.build(is, oauthClient);
logger.info("OAuth client configured and started");
oauthClient.start();
}
@Override

View file

@ -4,7 +4,10 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.jboss.logging.Logger;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterUtils;
import org.keycloak.servlet.ServletOAuthClient;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.UriUtils;
@ -69,7 +72,7 @@ public class DatabaseClient {
}
protected List<String> sendRequestToDBApplication(String dbUri) {
HttpClient client = oauthClient.getClient();
HttpClient client = new DefaultHttpClient();
HttpGet get = new HttpGet(dbUri);
try {
@ -103,18 +106,8 @@ public class DatabaseClient {
}
public String getBaseUrl() {
switch (oauthClient.getRelativeUrlsUsed()) {
case ALL_REQUESTS:
// Resolve baseURI from the request
return UriUtils.getOrigin(request.getRequestURL().toString());
case BROWSER_ONLY:
// Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
return UriUtils.getOrigin(oauthClient.getTokenUrl());
case NEVER:
return "";
default:
return "";
}
KeycloakSecurityContext session = (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
return AdapterUtils.getOriginForRestCalls(request.getRequestURL().toString(), session);
}
}

View file

@ -4,6 +4,7 @@
<!-- the Demo code uses classes in these modules. These are optional to import if you are not using
Apache Http Client or the HttpClientBuilder that comes with the adapter core -->
<module name="org.apache.httpcomponents"/>
<module name="org.keycloak.keycloak-servlet-oauth-client"/>
</dependencies>
</deployment>
</jboss-deployment-structure>

View file

@ -34,6 +34,7 @@
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-servlet-oauth-client</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>

View file

@ -4,6 +4,9 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.ServerRequest;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.servlet.ServletOAuthClient;
@ -70,15 +73,17 @@ public class ProductDatabaseClient {
}
public static List<String> getProducts(HttpServletRequest request, String accessToken) throws Failure {
KeycloakSecurityContext session = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
// The ServletOAuthClient is obtained by getting a context attribute
// that is set in the Bootstrap context listener in this project.
// You really should come up with a better way to initialize
// and obtain the ServletOAuthClient. I actually suggest downloading the ServletOAuthClient code
// and take a look how it works. You can also take a look at third-party-cdi example
ServletOAuthClient oAuthClient = (ServletOAuthClient) request.getServletContext().getAttribute(ServletOAuthClient.class.getName());
HttpClient client = oAuthClient.getClient();
HttpClient client = new DefaultHttpClient();
HttpGet get = new HttpGet(getBaseUrl(oAuthClient, request) + "/database/products");
HttpGet get = new HttpGet(AdapterUtils.getOriginForRestCalls(request.getRequestURL().toString(), session) + "/database/products");
get.addHeader("Authorization", "Bearer " + accessToken);
try {
HttpResponse response = client.execute(get);

View file

@ -4,6 +4,7 @@
<!-- the Demo code uses classes in these modules. These are optional to import if you are not using
Apache Http Client or the HttpClientBuilder that comes with the adapter core -->
<module name="org.apache.httpcomponents"/>
<module name="org.keycloak.keycloak-servlet-oauth-client"/>
</dependencies>
</deployment>
</jboss-deployment-structure>

View file

@ -3,10 +3,12 @@ package org.keycloak.servlet;
import org.apache.http.client.HttpClient;
import org.keycloak.AbstractOAuthClient;
import org.keycloak.OAuth2Constants;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.adapters.ServerRequest;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.IDToken;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.util.KeycloakUriBuilder;
import org.keycloak.util.UriUtils;
@ -22,8 +24,10 @@ import java.net.URI;
*/
public class ServletOAuthClient extends AbstractOAuthClient {
protected HttpClient client;
protected AdapterConfig adapterConfig;
public void start() {
client = new HttpClientBuilder().build(adapterConfig);
}
/**
@ -32,13 +36,6 @@ public class ServletOAuthClient extends AbstractOAuthClient {
public void stop() {
client.getConnectionManager().shutdown();
}
public HttpClient getClient() {
return client;
}
public void setClient(HttpClient client) {
this.client = client;
}
private AccessTokenResponse resolveBearerToken(HttpServletRequest request, String redirectUri, String code) throws IOException, ServerRequest.HttpFailure {
// Don't send sessionId in oauth clients for now
@ -171,4 +168,7 @@ public class ServletOAuthClient extends AbstractOAuthClient {
}
}
public void setAdapterConfig(AdapterConfig adapterConfig) {
this.adapterConfig = adapterConfig;
}
}

View file

@ -42,8 +42,7 @@ public class ServletOAuthClientBuilder {
public static void build(AdapterConfig adapterConfig, ServletOAuthClient oauthClient) {
HttpClient client = new HttpClientBuilder().build(adapterConfig);
oauthClient.setClient(client);
oauthClient.setAdapterConfig(adapterConfig);
oauthClient.setClientId(adapterConfig.getResource());
oauthClient.setPublicClient(adapterConfig.isPublicClient());
oauthClient.setCredentials(adapterConfig.getCredentials());

View file

@ -1077,7 +1077,7 @@
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-eap6-server-modules</artifactId>
<artifactId>keycloak-server-modules-eap6</artifactId>
<version>${project.version}</version>
<type>zip</type>
</dependency>