Moving ClientStorageProvider to the legacy modules

This prepares the move of CachedObject and CacheableStorageProviderModel

Closes #12531

fixup! Moving ClientStorageProvider to the legacy modules

distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-legacy-services/main/module.xml

@@ -39,6 +39,9 @@
         <module name="org.keycloak.keycloak-services" services="import"/>
         <module name="org.keycloak.keycloak-wildfly-extensions" export="true" services="import"/>
 
+        <!-- Openshift Client Storage -->
+        <module name="com.openshift.openshift-restclient-java" services="import"/>
+
         <module name="com.googlecode.owasp-java-html-sanitizer"/>
         <module name="com.google.guava"/>
         <module name="org.freemarker"/>

distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-services/main/module.xml

@@ -48,9 +48,6 @@
         <!-- Authorization -->
         <module name="org.keycloak.keycloak-authz-policy-common" services="import"/>
 
-        <!-- Openshift Client Storage -->
-        <module name="com.openshift.openshift-restclient-java" services="import"/>
-
         <module name="com.googlecode.owasp-java-html-sanitizer"/>
         <module name="com.google.guava"/>
         <module name="org.freemarker"/>

distribution/galleon-feature-packs/server-galleon-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-legacy-services/main/module.xml

@@ -39,6 +39,9 @@
         <module name="org.keycloak.keycloak-services" services="import"/>
         <module name="org.keycloak.keycloak-wildfly-extensions" export="true" services="import"/>
 
+        <!-- Openshift Client Storage -->
+        <module name="com.openshift.openshift-restclient-java" services="import"/>
+
         <module name="com.googlecode.owasp-java-html-sanitizer"/>
         <module name="com.google.guava"/>
         <module name="org.freemarker"/>

distribution/galleon-feature-packs/server-galleon-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-services/main/module.xml

@@ -48,9 +48,6 @@
         <!-- Authorization -->
         <module name="org.keycloak.keycloak-authz-policy-common" services="import"/>
 
-        <!-- Openshift Client Storage -->
-        <module name="com.openshift.openshift-restclient-java" services="import"/>
-
         <module name="com.googlecode.owasp-java-html-sanitizer"/>
         <module name="com.google.guava"/>
         <module name="org.freemarker"/>

model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java

@@ -43,7 +43,7 @@ import static org.keycloak.utils.StreamsUtil.closing;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class RealmAdapter implements RealmModel, JpaModel<RealmEntity> {
+public class RealmAdapter implements LegacyRealmModel, JpaModel<RealmEntity> {
     protected static final Logger logger = Logger.getLogger(RealmAdapter.class);
     protected RealmEntity realm;
     protected EntityManager em;

model/legacy-private/src/main/java/org/keycloak/models/cache/CachedRealmModel.java

@@ -17,6 +17,7 @@
 package org.keycloak.models.cache;
 
 import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.LegacyRealmModel;
 import org.keycloak.models.RealmModel;
 import org.keycloak.provider.ProviderEvent;
 
@@ -28,7 +29,7 @@ import java.util.concurrent.ConcurrentHashMap;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public interface CachedRealmModel extends RealmModel {
+public interface CachedRealmModel extends LegacyRealmModel {
 
     interface RealmCachedEvent extends ProviderEvent {
         CachedRealmModel getRealm();

model/legacy-private/src/main/java/org/keycloak/storage/ClientStorageManager.java

@@ -23,6 +23,7 @@ import org.keycloak.component.ComponentModel;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.ClientProvider;
 import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.LegacyRealmModel;
 import org.keycloak.models.ModelException;
 import org.keycloak.models.RealmModel;
 import org.keycloak.storage.client.ClientLookupProvider;
@@ -78,7 +79,7 @@ public class ClientStorageManager implements ClientProvider {
 
 
     private static <T> Stream<ClientStorageProviderModel> getStorageProviders(RealmModel realm, KeycloakSession session, Class<T> type) {
-        return realm.getClientStorageProvidersStream()
+        return ((LegacyRealmModel) realm).getClientStorageProvidersStream()
                 .filter(model -> {
                     ClientStorageProviderFactory factory = getClientStorageProviderFactory(model, session);
                     if (factory == null) {

model/legacy-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi

@@ -17,3 +17,4 @@
 
 org.keycloak.models.cache.CacheUserProviderSpi
 org.keycloak.models.cache.CacheRealmProviderSpi
+org.keycloak.storage.client.ClientStorageProviderSpi

model/legacy/src/main/java/org/keycloak/models/LegacyRealmModel.java

@@ -0,0 +1,50 @@
+/*
+ * Copyright 2022 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.models;
+
+import org.keycloak.models.RealmModel;
+import org.keycloak.storage.client.ClientStorageProvider;
+import org.keycloak.storage.client.ClientStorageProviderModel;
+
+import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+/**
+ * @author Alexander Schwartz
+ */
+public interface LegacyRealmModel extends RealmModel {
+    /**
+     * @deprecated Use {@link #getClientStorageProvidersStream() getClientStorageProvidersStream} instead.
+     */
+    @Deprecated
+    default List<ClientStorageProviderModel> getClientStorageProviders() {
+        return getClientStorageProvidersStream().collect(Collectors.toList());
+    }
+
+    /**
+     * Returns sorted {@link ClientStorageProviderModel ClientStorageProviderModel} as a stream.
+     * It should be used with forEachOrdered if the ordering is required.
+     * @return Sorted stream of {@link ClientStorageProviderModel}. Never returns {@code null}.
+     */
+    default Stream<ClientStorageProviderModel> getClientStorageProvidersStream() {
+        return getComponentsStream(getId(), ClientStorageProvider.class.getName())
+                .map(ClientStorageProviderModel::new)
+                .sorted(ClientStorageProviderModel.comparator);
+    }
+}

model/map/src/main/java/org/keycloak/models/map/user/MapUserProvider.java

@@ -54,8 +54,6 @@ import org.keycloak.models.map.storage.MapStorage;
 import org.keycloak.models.map.storage.ModelCriteriaBuilder.Operator;
 import org.keycloak.models.map.storage.criteria.DefaultModelCriteria;
 import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.storage.StorageId;
-import org.keycloak.storage.client.ClientStorageProvider;
 
 import java.util.Collection;
 import java.util.EnumMap;
@@ -66,7 +64,6 @@ import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;
 import java.util.Set;
-import java.util.function.Consumer;
 import java.util.function.Function;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
@@ -465,33 +462,6 @@ public class MapUserProvider implements UserProvider.Streams {
 
     @Override
     public void preRemove(RealmModel realm, ComponentModel component) {
-        String componentId = component.getId();
-        LOG.tracef("preRemove[ComponentModel](%s, %s)%s", realm, componentId, getShortStackTrace());
-        if (component.getProviderType().equals(ClientStorageProvider.class.getName())) {
-            DefaultModelCriteria<UserModel> mcb = criteria();
-            mcb = mcb.compare(SearchableFields.REALM_ID, Operator.EQ, realm.getId())
-              .compare(SearchableFields.CONSENT_CLIENT_FEDERATION_LINK, Operator.EQ, componentId);
-
-            try (Stream<MapUserEntity> s = tx.read(withCriteria(mcb))) {
-                String providerIdS = new StorageId(componentId, "").getId();
-                s.forEach(removeConsentsForExternalClient(providerIdS));
-            }
-        }
-    }
-
-    private Consumer<MapUserEntity> removeConsentsForExternalClient(String idPrefix) {
-        return userEntity -> {
-            Set<MapUserConsentEntity> userConsents = userEntity.getUserConsents();
-            if (userConsents == null || userConsents.isEmpty()) return;
-            List<String> consentClientIds = userConsents.stream()
-              .map(MapUserConsentEntity::getClientId)
-              .filter(clientId -> clientId != null && clientId.startsWith(idPrefix))
-              .collect(Collectors.toList());
-
-            if (! consentClientIds.isEmpty()) {
-                consentClientIds.forEach(userEntity::removeUserConsent);
-            }
-        };
     }
 
     @Override

server-spi-private/src/main/resources/META-INF/services/org.keycloak.provider.Spi

@@ -78,7 +78,6 @@ org.keycloak.credential.CredentialSpi
 org.keycloak.keys.PublicKeyStorageSpi
 org.keycloak.keys.KeySpi
 org.keycloak.storage.DatastoreSpi
-org.keycloak.storage.client.ClientStorageProviderSpi
 org.keycloak.storage.clientscope.ClientScopeStorageProviderSpi
 org.keycloak.storage.role.RoleStorageProviderSpi
 org.keycloak.storage.group.GroupStorageProviderSpi

server-spi/src/main/java/org/keycloak/models/RealmModel.java

@@ -20,12 +20,9 @@ package org.keycloak.models;
 import java.util.Comparator;
 import org.keycloak.common.enums.SslRequired;
 import org.keycloak.component.ComponentModel;
-import org.keycloak.credential.CredentialInput;
 import org.keycloak.provider.Provider;
 import org.keycloak.provider.ProviderEvent;
 import org.keycloak.storage.SearchableModelField;
-import org.keycloak.storage.client.ClientStorageProvider;
-import org.keycloak.storage.client.ClientStorageProviderModel;
 import org.keycloak.storage.role.RoleStorageProvider;
 import org.keycloak.storage.role.RoleStorageProviderModel;
 
@@ -661,25 +658,6 @@ public interface RealmModel extends RoleContainerModel {
 
     ComponentModel getComponent(String id);
 
-    /**
-     * @deprecated Use {@link #getClientStorageProvidersStream() getClientStorageProvidersStream} instead.
-     */
-    @Deprecated
-    default List<ClientStorageProviderModel> getClientStorageProviders() {
-        return getClientStorageProvidersStream().collect(Collectors.toList());
-    }
-
-    /**
-     * Returns sorted {@link ClientStorageProviderModel ClientStorageProviderModel} as a stream.
-     * It should be used with forEachOrdered if the ordering is required.
-     * @return Sorted stream of {@link ClientStorageProviderModel}. Never returns {@code null}.
-     */
-    default Stream<ClientStorageProviderModel> getClientStorageProvidersStream() {
-        return getComponentsStream(getId(), ClientStorageProvider.class.getName())
-                .map(ClientStorageProviderModel::new)
-                .sorted(ClientStorageProviderModel.comparator);
-    }
-
     /**
      * @deprecated Use {@link #getRoleStorageProvidersStream() getRoleStorageProvidersStream} instead.
      */

services/pom.xml

@@ -183,10 +183,6 @@
                 </exclusion>
             </exclusions>
         </dependency>
-        <dependency>
-            <groupId>com.openshift</groupId>
-            <artifactId>openshift-restclient-java</artifactId>
-        </dependency>
         <dependency>
             <groupId>com.webauthn4j</groupId>
             <artifactId>webauthn4j-core</artifactId>

services/src/main/java/org/keycloak/social/facebook/FacebookIdentityProviderConfig.java

@@ -2,10 +2,8 @@ package org.keycloak.social.facebook;
 
 import java.util.Optional;
 
-import org.apache.commons.lang.StringUtils;
 import org.keycloak.broker.oidc.OIDCIdentityProviderConfig;
 import org.keycloak.models.IdentityProviderModel;
-import org.keycloak.saml.common.util.StringUtil;
 
 public class FacebookIdentityProviderConfig extends OIDCIdentityProviderConfig {
 

services/src/test/java/org/keycloak/connections/httpclient/DefaultHttpClientFactoryTest.java

@@ -30,7 +30,6 @@ import java.util.Properties;
 
 import javax.net.ssl.SSLPeerUnverifiedException;
 
-import org.apache.commons.lang.StringUtils;
 import org.apache.http.HttpStatus;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
@@ -95,7 +94,7 @@ public class DefaultHttpClientFactoryTest {
 
 		StringBuilder sb = new StringBuilder();
 		sb.append("{");
-		sb.append(StringUtils.join(params, ','));
+		sb.append(String.join(",", params));
 		sb.append("}");
 		
 		return sb.toString();