commit
68b5afed06
11 changed files with 50 additions and 112 deletions
|
@ -29,12 +29,12 @@ import org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator;
|
||||||
import org.keycloak.models.CredentialValidationOutput;
|
import org.keycloak.models.CredentialValidationOutput;
|
||||||
import org.keycloak.models.GroupModel;
|
import org.keycloak.models.GroupModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserCredentialModel;
|
import org.keycloak.models.UserCredentialModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.UserManager;
|
import org.keycloak.models.UserManager;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
import org.keycloak.storage.UserStorageProviderModel;
|
||||||
import org.keycloak.storage.user.ImportedUserValidation;
|
import org.keycloak.storage.user.ImportedUserValidation;
|
||||||
|
@ -134,7 +134,7 @@ public class KerberosFederationProvider implements UserStorageProvider,
|
||||||
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
||||||
if (!(input instanceof UserCredentialModel) || !CredentialModel.PASSWORD.equals(input.getType())) return false;
|
if (!(input instanceof UserCredentialModel) || !CredentialModel.PASSWORD.equals(input.getType())) return false;
|
||||||
if (kerberosConfig.getEditMode() == EditMode.READ_ONLY) {
|
if (kerberosConfig.getEditMode() == EditMode.READ_ONLY) {
|
||||||
throw new ModelReadOnlyException("Can't change password in Keycloak database. Change password with your Kerberos server");
|
throw new ReadOnlyException("Can't change password in Keycloak database. Change password with your Kerberos server");
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,7 +33,6 @@ import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.LDAPConstants;
|
import org.keycloak.models.LDAPConstants;
|
||||||
import org.keycloak.models.ModelDuplicateException;
|
import org.keycloak.models.ModelDuplicateException;
|
||||||
import org.keycloak.models.ModelException;
|
import org.keycloak.models.ModelException;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.utils.ReadOnlyUserModelDelegate;
|
import org.keycloak.models.utils.ReadOnlyUserModelDelegate;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
|
@ -42,6 +41,7 @@ import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.UserManager;
|
import org.keycloak.models.UserManager;
|
||||||
import org.keycloak.models.cache.UserCache;
|
import org.keycloak.models.cache.UserCache;
|
||||||
import org.keycloak.models.credential.PasswordUserCredentialModel;
|
import org.keycloak.models.credential.PasswordUserCredentialModel;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
import org.keycloak.storage.StorageId;
|
import org.keycloak.storage.StorageId;
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
import org.keycloak.storage.UserStorageProviderModel;
|
||||||
|
@ -567,7 +567,7 @@ public class LDAPStorageProvider implements UserStorageProvider,
|
||||||
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
|
||||||
if (!CredentialModel.PASSWORD.equals(input.getType()) || ! (input instanceof PasswordUserCredentialModel)) return false;
|
if (!CredentialModel.PASSWORD.equals(input.getType()) || ! (input instanceof PasswordUserCredentialModel)) return false;
|
||||||
if (editMode == UserStorageProvider.EditMode.READ_ONLY) {
|
if (editMode == UserStorageProvider.EditMode.READ_ONLY) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
|
|
||||||
} else if (editMode == UserStorageProvider.EditMode.WRITABLE) {
|
} else if (editMode == UserStorageProvider.EditMode.WRITABLE) {
|
||||||
LDAPIdentityStore ldapIdentityStore = getLdapIdentityStore();
|
LDAPIdentityStore ldapIdentityStore = getLdapIdentityStore();
|
||||||
|
|
|
@ -17,9 +17,9 @@
|
||||||
|
|
||||||
package org.keycloak.storage.ldap;
|
package org.keycloak.storage.ldap;
|
||||||
|
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.utils.UserModelDelegate;
|
import org.keycloak.models.utils.UserModelDelegate;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||||
|
@ -36,22 +36,22 @@ public class ReadonlyLDAPUserModelDelegate extends UserModelDelegate implements
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setUsername(String username) {
|
public void setUsername(String username) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setLastName(String lastName) {
|
public void setLastName(String lastName) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setFirstName(String first) {
|
public void setFirstName(String first) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setEmail(String email) {
|
public void setEmail(String email) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,9 +17,9 @@
|
||||||
|
|
||||||
package org.keycloak.federation.sssd;
|
package org.keycloak.federation.sssd;
|
||||||
|
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.utils.UserModelDelegate;
|
import org.keycloak.models.utils.UserModelDelegate;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Readonly proxy for a SSSD UserModel that prevents attributes from being updated.
|
* Readonly proxy for a SSSD UserModel that prevents attributes from being updated.
|
||||||
|
@ -39,21 +39,21 @@ public class ReadonlySSSDUserModelDelegate extends UserModelDelegate implements
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setUsername(String username) {
|
public void setUsername(String username) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setLastName(String lastName) {
|
public void setLastName(String lastName) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setFirstName(String first) {
|
public void setFirstName(String first) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setEmail(String email) {
|
public void setEmail(String email) {
|
||||||
throw new ModelReadOnlyException("Federated storage is not writable");
|
throw new ReadOnlyException("Federated storage is not writable");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,39 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
* and other contributors as indicated by the @author tags.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.keycloak.models;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
|
||||||
*/
|
|
||||||
public class ModelReadOnlyException extends ModelException {
|
|
||||||
|
|
||||||
public ModelReadOnlyException() {
|
|
||||||
}
|
|
||||||
|
|
||||||
public ModelReadOnlyException(String message) {
|
|
||||||
super(message);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ModelReadOnlyException(String message, Throwable cause) {
|
|
||||||
super(message, cause);
|
|
||||||
}
|
|
||||||
|
|
||||||
public ModelReadOnlyException(Throwable cause) {
|
|
||||||
super(cause);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -17,7 +17,6 @@
|
||||||
package org.keycloak.models.utils;
|
package org.keycloak.models.utils;
|
||||||
|
|
||||||
import org.keycloak.models.GroupModel;
|
import org.keycloak.models.GroupModel;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.utils.UserModelDelegate;
|
import org.keycloak.models.utils.UserModelDelegate;
|
||||||
|
@ -36,101 +35,101 @@ public class ReadOnlyUserModelDelegate extends UserModelDelegate {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setUsername(String username) {
|
public void setUsername(String username) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setEnabled(boolean enabled) {
|
public void setEnabled(boolean enabled) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setSingleAttribute(String name, String value) {
|
public void setSingleAttribute(String name, String value) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setAttribute(String name, List<String> values) {
|
public void setAttribute(String name, List<String> values) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void removeAttribute(String name) {
|
public void removeAttribute(String name) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addRequiredAction(String action) {
|
public void addRequiredAction(String action) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void removeRequiredAction(String action) {
|
public void removeRequiredAction(String action) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addRequiredAction(RequiredAction action) {
|
public void addRequiredAction(RequiredAction action) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void removeRequiredAction(RequiredAction action) {
|
public void removeRequiredAction(RequiredAction action) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setFirstName(String firstName) {
|
public void setFirstName(String firstName) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setLastName(String lastName) {
|
public void setLastName(String lastName) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setEmail(String email) {
|
public void setEmail(String email) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setEmailVerified(boolean verified) {
|
public void setEmailVerified(boolean verified) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void deleteRoleMapping(RoleModel role) {
|
public void deleteRoleMapping(RoleModel role) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setFederationLink(String link) {
|
public void setFederationLink(String link) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setServiceAccountClientLink(String clientInternalId) {
|
public void setServiceAccountClientLink(String clientInternalId) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setCreatedTimestamp(Long timestamp) {
|
public void setCreatedTimestamp(Long timestamp) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void joinGroup(GroupModel group) {
|
public void joinGroup(GroupModel group) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void leaveGroup(GroupModel group) {
|
public void leaveGroup(GroupModel group) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void grantRole(RoleModel role) {
|
public void grantRole(RoleModel role) {
|
||||||
throw new ModelReadOnlyException();
|
throw new ReadOnlyException();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -36,7 +36,6 @@ import org.keycloak.models.IdentityProviderModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.ModelDuplicateException;
|
import org.keycloak.models.ModelDuplicateException;
|
||||||
import org.keycloak.models.ModelException;
|
import org.keycloak.models.ModelException;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserCredentialModel;
|
import org.keycloak.models.UserCredentialModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
|
@ -58,6 +57,7 @@ import org.keycloak.services.managers.UserSessionManager;
|
||||||
import org.keycloak.services.messages.Messages;
|
import org.keycloak.services.messages.Messages;
|
||||||
import org.keycloak.services.util.ResolveRelative;
|
import org.keycloak.services.util.ResolveRelative;
|
||||||
import org.keycloak.services.validation.Validation;
|
import org.keycloak.services.validation.Validation;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
|
@ -430,7 +430,7 @@ public class AccountService extends AbstractSecuredLocalService {
|
||||||
|
|
||||||
setReferrerOnPage();
|
setReferrerOnPage();
|
||||||
return account.setSuccess(Messages.ACCOUNT_UPDATED).createResponse(AccountPages.ACCOUNT);
|
return account.setSuccess(Messages.ACCOUNT_UPDATED).createResponse(AccountPages.ACCOUNT);
|
||||||
} catch (ModelReadOnlyException roe) {
|
} catch (ReadOnlyException roe) {
|
||||||
setReferrerOnPage();
|
setReferrerOnPage();
|
||||||
return account.setError(Messages.READ_ONLY_USER).setProfileFormData(formData).createResponse(AccountPages.ACCOUNT);
|
return account.setError(Messages.READ_ONLY_USER).setProfileFormData(formData).createResponse(AccountPages.ACCOUNT);
|
||||||
} catch (ModelDuplicateException mde) {
|
} catch (ModelDuplicateException mde) {
|
||||||
|
@ -651,7 +651,7 @@ public class AccountService extends AbstractSecuredLocalService {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
session.userCredentialManager().updateCredential(realm, user, UserCredentialModel.password(passwordNew, false));
|
session.userCredentialManager().updateCredential(realm, user, UserCredentialModel.password(passwordNew, false));
|
||||||
} catch (ModelReadOnlyException mre) {
|
} catch (ReadOnlyException mre) {
|
||||||
setReferrerOnPage();
|
setReferrerOnPage();
|
||||||
errorEvent.error(Errors.NOT_ALLOWED);
|
errorEvent.error(Errors.NOT_ALLOWED);
|
||||||
return account.setError(Messages.READ_ONLY_PASSWORD).createResponse(AccountPages.PASSWORD);
|
return account.setError(Messages.READ_ONLY_PASSWORD).createResponse(AccountPages.PASSWORD);
|
||||||
|
|
|
@ -42,7 +42,6 @@ import org.keycloak.models.IdentityProviderModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.ModelDuplicateException;
|
import org.keycloak.models.ModelDuplicateException;
|
||||||
import org.keycloak.models.ModelException;
|
import org.keycloak.models.ModelException;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserConsentModel;
|
import org.keycloak.models.UserConsentModel;
|
||||||
import org.keycloak.models.UserCredentialModel;
|
import org.keycloak.models.UserCredentialModel;
|
||||||
|
@ -72,6 +71,7 @@ import org.keycloak.models.UserManager;
|
||||||
import org.keycloak.services.managers.UserSessionManager;
|
import org.keycloak.services.managers.UserSessionManager;
|
||||||
import org.keycloak.services.resources.AccountService;
|
import org.keycloak.services.resources.AccountService;
|
||||||
import org.keycloak.services.validation.Validation;
|
import org.keycloak.services.validation.Validation;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
import org.keycloak.utils.ProfileHelper;
|
import org.keycloak.utils.ProfileHelper;
|
||||||
|
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
|
@ -182,7 +182,7 @@ public class UsersResource {
|
||||||
return Response.noContent().build();
|
return Response.noContent().build();
|
||||||
} catch (ModelDuplicateException e) {
|
} catch (ModelDuplicateException e) {
|
||||||
return ErrorResponse.exists("User exists with same username or email");
|
return ErrorResponse.exists("User exists with same username or email");
|
||||||
} catch (ModelReadOnlyException re) {
|
} catch (ReadOnlyException re) {
|
||||||
return ErrorResponse.exists("User is read only!");
|
return ErrorResponse.exists("User is read only!");
|
||||||
} catch (ModelException me) {
|
} catch (ModelException me) {
|
||||||
logger.warn("Could not update user!", me);
|
logger.warn("Could not update user!", me);
|
||||||
|
@ -782,7 +782,7 @@ public class UsersResource {
|
||||||
session.userCredentialManager().updateCredential(realm, user, cred);
|
session.userCredentialManager().updateCredential(realm, user, cred);
|
||||||
} catch (IllegalStateException ise) {
|
} catch (IllegalStateException ise) {
|
||||||
throw new BadRequestException("Resetting to N old passwords is not allowed.");
|
throw new BadRequestException("Resetting to N old passwords is not allowed.");
|
||||||
} catch (ModelReadOnlyException mre) {
|
} catch (ReadOnlyException mre) {
|
||||||
throw new BadRequestException("Can't reset password as account is read only");
|
throw new BadRequestException("Can't reset password as account is read only");
|
||||||
} catch (ModelException e) {
|
} catch (ModelException e) {
|
||||||
Properties messages = AdminRoot.getMessages(session, realm, auth.getAuth().getToken().getLocale());
|
Properties messages = AdminRoot.getMessages(session, realm, auth.getAuth().getToken().getLocale());
|
||||||
|
|
|
@ -26,34 +26,15 @@ import org.junit.rules.RuleChain;
|
||||||
import org.junit.rules.TestRule;
|
import org.junit.rules.TestRule;
|
||||||
import org.junit.runners.MethodSorters;
|
import org.junit.runners.MethodSorters;
|
||||||
import org.keycloak.OAuth2Constants;
|
import org.keycloak.OAuth2Constants;
|
||||||
import org.keycloak.common.util.MultivaluedHashMap;
|
|
||||||
import org.keycloak.component.ComponentModel;
|
import org.keycloak.component.ComponentModel;
|
||||||
import org.keycloak.credential.CredentialModel;
|
|
||||||
import org.keycloak.models.KeycloakSession;
|
|
||||||
import org.keycloak.models.LDAPConstants;
|
import org.keycloak.models.LDAPConstants;
|
||||||
import org.keycloak.models.ModelException;
|
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
|
||||||
import org.keycloak.models.UserCredentialModel;
|
|
||||||
import org.keycloak.models.UserModel;
|
|
||||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
|
||||||
import org.keycloak.models.utils.RepresentationToModel;
|
import org.keycloak.models.utils.RepresentationToModel;
|
||||||
import org.keycloak.representations.AccessToken;
|
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
|
||||||
import org.keycloak.storage.ldap.LDAPConfig;
|
|
||||||
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
import org.keycloak.storage.ldap.LDAPStorageProvider;
|
||||||
import org.keycloak.storage.ldap.LDAPStorageProviderFactory;
|
|
||||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||||
import org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapper;
|
|
||||||
import org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapperFactory;
|
|
||||||
import org.keycloak.storage.ldap.mappers.HardcodedLDAPRoleStorageMapper;
|
|
||||||
import org.keycloak.storage.ldap.mappers.HardcodedLDAPRoleStorageMapperFactory;
|
|
||||||
import org.keycloak.storage.ldap.mappers.LDAPStorageMapper;
|
|
||||||
import org.keycloak.storage.ldap.mappers.UserAttributeLDAPStorageMapper;
|
|
||||||
import org.keycloak.testsuite.OAuthClient;
|
import org.keycloak.testsuite.OAuthClient;
|
||||||
import org.keycloak.testsuite.pages.AccountPasswordPage;
|
import org.keycloak.testsuite.pages.AccountPasswordPage;
|
||||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||||
|
@ -68,11 +49,8 @@ import org.keycloak.util.JsonSerialization;
|
||||||
import org.openqa.selenium.WebDriver;
|
import org.openqa.selenium.WebDriver;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import static org.junit.Assert.assertEquals;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests that legacy UserFederationProvider json export is converted to ComponentModel
|
* Tests that legacy UserFederationProvider json export is converted to ComponentModel
|
||||||
*
|
*
|
||||||
|
|
|
@ -36,6 +36,7 @@ import org.keycloak.common.util.MultivaluedHashMap;
|
||||||
import org.keycloak.component.ComponentModel;
|
import org.keycloak.component.ComponentModel;
|
||||||
import org.keycloak.credential.CredentialModel;
|
import org.keycloak.credential.CredentialModel;
|
||||||
import org.keycloak.models.Constants;
|
import org.keycloak.models.Constants;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
import org.keycloak.storage.UserStorageProviderModel;
|
||||||
import org.keycloak.storage.ldap.LDAPConfig;
|
import org.keycloak.storage.ldap.LDAPConfig;
|
||||||
|
@ -45,7 +46,6 @@ import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.LDAPConstants;
|
import org.keycloak.models.LDAPConstants;
|
||||||
import org.keycloak.models.ModelException;
|
import org.keycloak.models.ModelException;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserCredentialModel;
|
import org.keycloak.models.UserCredentialModel;
|
||||||
|
@ -776,26 +776,26 @@ public class LDAPProvidersIntegrationTest {
|
||||||
try {
|
try {
|
||||||
user.setEmail("error@error.com");
|
user.setEmail("error@error.com");
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
user.setLastName("Berk");
|
user.setLastName("Berk");
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
user.setFirstName("Bilbo");
|
user.setFirstName("Bilbo");
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
UserCredentialModel cred = UserCredentialModel.password("PoopyPoop1", true);
|
UserCredentialModel cred = UserCredentialModel.password("PoopyPoop1", true);
|
||||||
session.userCredentialManager().updateCredential(appRealm, user, cred);
|
session.userCredentialManager().updateCredential(appRealm, user, cred);
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,6 @@ import org.keycloak.credential.CredentialModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.LDAPConstants;
|
import org.keycloak.models.LDAPConstants;
|
||||||
import org.keycloak.models.ModelException;
|
import org.keycloak.models.ModelException;
|
||||||
import org.keycloak.models.ModelReadOnlyException;
|
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserCredentialModel;
|
import org.keycloak.models.UserCredentialModel;
|
||||||
|
@ -41,6 +40,7 @@ import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||||
import org.keycloak.representations.AccessToken;
|
import org.keycloak.representations.AccessToken;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
|
import org.keycloak.storage.ReadOnlyException;
|
||||||
import org.keycloak.storage.StorageId;
|
import org.keycloak.storage.StorageId;
|
||||||
import org.keycloak.storage.UserStorageProvider;
|
import org.keycloak.storage.UserStorageProvider;
|
||||||
import org.keycloak.storage.UserStorageProviderModel;
|
import org.keycloak.storage.UserStorageProviderModel;
|
||||||
|
@ -703,26 +703,26 @@ public class LDAPProvidersIntegrationNoImportTest {
|
||||||
try {
|
try {
|
||||||
user.setEmail("error@error.com");
|
user.setEmail("error@error.com");
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
user.setLastName("Berk");
|
user.setLastName("Berk");
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
user.setFirstName("Bilbo");
|
user.setFirstName("Bilbo");
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
UserCredentialModel cred = UserCredentialModel.password("PoopyPoop1", true);
|
UserCredentialModel cred = UserCredentialModel.password("PoopyPoop1", true);
|
||||||
session.userCredentialManager().updateCredential(appRealm, user, cred);
|
session.userCredentialManager().updateCredential(appRealm, user, cred);
|
||||||
Assert.fail("should fail");
|
Assert.fail("should fail");
|
||||||
} catch (ModelReadOnlyException e) {
|
} catch (ReadOnlyException e) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue